$ rpki-client -vvf rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft File: bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft (raw, json) Hash identifier: 0T5ZHuQ+dc32nNOqoEPnSffhLf8WepEt9u065ek/g9I= Subject key identifier: 66:C2:1D:CE:31:1D:B0:4A:D6:18:03:9D:A3:C4:4D:4F:E0:8F:E7:84 Authority key identifier: 6E:48:61:0A:A0:E6:B0:E2:C5:EE:D4:02:DD:07:83:3A:A7:3E:7E:A2 Certificate issuer: /CN=A91FBD28/serialNumber=6E48610AA0E6B0E2C5EED402DD07833AA73E7EA2 Certificate serial: 1B04 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/bkhhCqDmsOLF7tQC3QeDOqc-fqI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft Manifest number: 1AEE Signing time: Tue 04 Nov 2025 15:45:25 +0000 Manifest this update: Tue 04 Nov 2025 15:45:24 +0000 Manifest next update: Tue 11 Nov 2025 15:45:24 +0000 Files and hashes: 1: bkhhCqDmsOLF7tQC3QeDOqc-fqI.crl (hash: Ymv7MjdpDhKGnEMzytFielGJYjZXzFQN8wKxGPMcx8Y=) 2: D8B92776A16A11EAA517B11EC4F9AE02.roa (hash: 0/HP0DwNYOfkRXXhvxhJ7qmLcNQDOwmKr3HHIF1F5nU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.crl rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/bkhhCqDmsOLF7tQC3QeDOqc-fqI.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 15:45:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6916 (0x1b04) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FBD28, serialNumber=6E48610AA0E6B0E2C5EED402DD07833AA73E7EA2 Validity Not Before: Nov 4 15:45:24 2025 GMT Not After : Nov 11 15:45:24 2025 GMT Subject: CN=690a1f94-b17c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:80:fb:32:98:25:b0:e8:8d:6b:f1:71:0d:9d: 81:f0:cc:3a:d9:f7:1b:5d:d4:50:39:a9:37:dd:69: 80:cb:dc:2e:a8:cc:04:81:4d:1f:81:87:5b:53:03: 8b:04:9d:9a:0e:5f:80:b1:58:4d:e4:cf:80:30:03: c8:9b:6a:7e:3a:5f:70:b1:0e:4d:cb:87:3c:25:e9: 77:a7:1a:33:b6:34:8e:73:e5:53:4d:9d:48:b4:d5: b6:e0:7a:e6:cc:df:e1:18:b1:66:a7:9c:70:a3:34: 36:e6:de:53:23:30:98:60:14:15:b0:1b:b4:6d:0c: ea:18:80:19:cd:dd:4e:90:8a:83:94:1a:4f:c0:7f: 3d:94:36:3d:fa:96:5d:c2:4c:71:01:1d:d2:82:49: 1d:1b:84:4b:c1:84:04:66:d4:b8:27:7d:6e:19:5c: 14:9b:44:c5:77:9c:5c:68:a8:34:a9:c6:1c:d6:1a: bb:e3:96:b8:49:b9:2f:75:ac:dd:c1:81:74:9c:6b: 8d:04:e1:fb:89:03:b3:c9:ea:e3:42:ca:5f:9c:6a: d2:f9:68:2c:84:62:62:e8:32:86:57:39:af:f7:1c: 37:c7:c9:c7:d8:71:b4:52:92:ff:93:10:ff:b4:9e: fb:51:b6:53:13:97:10:8a:ee:42:cb:29:5a:6b:bc: 53:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:C2:1D:CE:31:1D:B0:4A:D6:18:03:9D:A3:C4:4D:4F:E0:8F:E7:84 X509v3 Authority Key Identifier: keyid:6E:48:61:0A:A0:E6:B0:E2:C5:EE:D4:02:DD:07:83:3A:A7:3E:7E:A2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/bkhhCqDmsOLF7tQC3QeDOqc-fqI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0b:93:b3:ed:a5:64:76:3d:e8:73:c8:85:b2:3f:75:2f:80:e1: dd:f3:05:e8:9e:5e:61:d0:e9:be:c6:7e:62:fd:b2:15:16:03: 3b:43:c6:50:34:05:4c:7f:f5:91:d2:1b:cf:a9:42:59:3f:9b: a3:13:c4:50:dc:90:24:90:4a:eb:d8:ad:8d:82:84:71:78:f7: 8f:8d:71:18:51:04:57:43:cb:30:49:5a:da:9d:7b:10:c4:2f: 73:77:69:78:6c:a5:1f:da:1d:31:f2:92:79:9f:31:93:f1:5f: 60:76:58:a8:68:2e:1e:a1:ab:12:5e:af:4c:6a:ea:45:ad:0e: 54:29:bb:80:bb:93:40:d0:23:d7:af:f3:98:86:23:a7:9b:cd: e3:d4:db:b2:34:aa:9d:d0:7b:5c:bd:0e:36:67:e2:35:be:3f: 08:df:17:48:c5:75:50:7d:81:e4:1b:c2:b5:ce:51:3e:5a:93: 0a:6f:8b:41:c5:0d:dd:92:6b:b6:7b:ed:38:25:38:a1:18:34: 93:85:8b:bc:13:cd:8c:74:a6:2f:88:d5:b8:1e:58:7b:fc:77: 76:0e:99:e2:0d:5e:e2:85:49:91:cf:38:4b:c8:79:52:6b:c0: 18:02:5d:99:3f:28:3a:e1:4b:0d:bc:91:e8:4e:cf:f1:d1:a8: 9c:05:ed:81 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICGwQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkJEMjgxMTAvBgNVBAUTKDZFNDg2MTBBQTBFNkIwRTJDNUVFRDQwMkREMDc4MzNB QTczRTdFQTIwHhcNMjUxMTA0MTU0NTI0WhcNMjUxMTExMTU0NTI0WjAYMRYwFAYD VQQDEw02OTBhMWY5NC1iMTdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2oD7MpglsOiNa/FxDZ2B8Mw62fcbXdRQOak33WmAy9wuqMwEgU0fgYdbUwOL BJ2aDl+AsVhN5M+AMAPIm2p+Ol9wsQ5Ny4c8Jel3pxoztjSOc+VTTZ1ItNW24Hrm zN/hGLFmp5xwozQ25t5TIzCYYBQVsBu0bQzqGIAZzd1OkIqDlBpPwH89lDY9+pZd wkxxAR3SgkkdG4RLwYQEZtS4J31uGVwUm0TFd5xcaKg0qcYc1hq745a4Sbkvdazd wYF0nGuNBOH7iQOzyerjQspfnGrS+WgshGJi6DKGVzmv9xw3x8nH2HG0UpL/kxD/ tJ77UbZTE5cQiu5Cyylaa7xT0QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGbCHc4x HbBK1hgDnaPETU/gj+eEMB8GA1UdIwQYMBaAFG5IYQqg5rDixe7UAt0HgzqnPn6i MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQkQyOC8yNjc1OEJCNDNB QjUxMUU3Qjg2MDlGMUNDNEY5QUUwMi9ia2hoQ3FEbXNPTEY3dFFDM1FlRE9xYy1m cUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL2JraGhDcURtc09MRjd0UUMzUWVET3FjLWZxSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG QkQyOC8yNjc1OEJCNDNBQjUxMUU3Qjg2MDlGMUNDNEY5QUUwMi9ia2hoQ3FEbXNP TEY3dFFDM1FlRE9xYy1mcUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQALk7PtpWR2PehzyIWyP3UvgOHd8wXonl5h0Om+xn5i/bIVFgM7Q8ZQ NAVMf/WR0hvPqUJZP5ujE8RQ3JAkkErr2K2NgoRxePePjXEYUQRXQ8swSVranXsQ xC9zd2l4bKUf2h0x8pJ5nzGT8V9gdlioaC4eoasSXq9MaupFrQ5UKbuAu5NA0CPX r/OYhiOnm83j1NuyNKqd0HtcvQ42Z+I1vj8I3xdIxXVQfYHkG8K1zlE+WpMKb4tB xQ3dkmu2e+04JTihGDSThYu8E82MdKYviNW4Hlh7/Hd2DpniDV7ihUmRzzhLyHlS a8AYAl2ZPyg64UsNvJHoTs/x0aicBe2B -----END CERTIFICATE-----Generated at Wed Nov 5 16:26:49 2025 by rpki-client