$ rpki-client -vvf rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft File: bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft (raw, json) Hash identifier: qHT9xAhq46bJKRXLwzJVNmSgNTlCDTfQUGbPQ2tGlqE= Subject key identifier: B0:32:A5:5E:4D:51:B6:C1:38:69:33:46:9E:8A:31:57:BE:7D:30:ED Authority key identifier: 6E:48:61:0A:A0:E6:B0:E2:C5:EE:D4:02:DD:07:83:3A:A7:3E:7E:A2 Certificate issuer: /CN=A91FBD28/serialNumber=6E48610AA0E6B0E2C5EED402DD07833AA73E7EA2 Certificate serial: 1A9E Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/bkhhCqDmsOLF7tQC3QeDOqc-fqI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft Manifest number: 1A89 Signing time: Thu 24 Apr 2025 15:42:46 +0000 Manifest this update: Thu 24 Apr 2025 15:42:45 +0000 Manifest next update: Thu 01 May 2025 15:42:45 +0000 Files and hashes: 1: bkhhCqDmsOLF7tQC3QeDOqc-fqI.crl (hash: 5j1236F53Pq9/PR7WFPuECHw6DhAvKDaGmpeAMtsmUQ=) 2: D8B92776A16A11EAA517B11EC4F9AE02.roa (hash: Kdp9AKQeL2FX/yJ9dKy0ocxr3Mori7J9VoVLko7H5hQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.crl rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/bkhhCqDmsOLF7tQC3QeDOqc-fqI.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 15:42:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6814 (0x1a9e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FBD28, serialNumber=6E48610AA0E6B0E2C5EED402DD07833AA73E7EA2 Validity Not Before: Apr 24 15:42:45 2025 GMT Not After : May 1 15:42:45 2025 GMT Subject: CN=680a5bf6-8ab9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:3b:93:ce:20:85:e3:93:21:c2:e0:fe:35:70: fa:0b:88:e3:40:1d:42:3e:88:32:76:3f:c5:34:5c: 8e:38:95:70:5c:89:76:26:32:b4:2a:5e:aa:be:5b: 08:41:08:46:70:d3:00:09:d3:94:55:9b:d0:67:a5: 00:9e:9a:50:75:1c:8a:09:8b:e1:2e:03:c1:d8:ca: 1e:17:8d:77:de:ea:0c:51:3f:42:d5:05:88:e8:78: 11:12:ce:dc:02:c6:74:c4:c2:7c:d7:f0:75:1c:02: cc:5e:76:e4:cf:60:d0:b9:d6:2f:22:44:d3:b0:14: e0:d6:17:52:01:f5:fe:0e:f4:7b:03:25:63:8c:e7: f8:75:68:b3:02:30:5e:1a:a6:ef:68:13:be:e1:4a: 78:8d:6a:86:bc:61:7c:4b:92:8d:77:ba:c6:93:02: 23:cc:5f:f0:cb:63:23:5d:53:c3:17:fa:25:1e:31: 0a:15:f7:12:33:14:1b:b5:85:1a:ff:07:3a:5c:56: 70:28:ec:d3:9c:49:b6:5f:51:d3:73:92:ea:28:e7: f2:77:fa:47:6a:08:07:8b:78:c6:07:24:0b:e3:21: 56:bd:3b:73:45:ed:89:4b:d9:80:ca:e6:a3:92:48: a9:b5:49:2c:c0:1b:37:fb:15:b8:88:a2:c5:d3:fb: da:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:32:A5:5E:4D:51:B6:C1:38:69:33:46:9E:8A:31:57:BE:7D:30:ED X509v3 Authority Key Identifier: keyid:6E:48:61:0A:A0:E6:B0:E2:C5:EE:D4:02:DD:07:83:3A:A7:3E:7E:A2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/bkhhCqDmsOLF7tQC3QeDOqc-fqI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption aa:0d:0e:a0:93:84:48:7f:84:99:b1:7a:80:38:9b:52:be:a3: 83:ca:b7:50:37:cf:43:a1:66:cf:22:3c:b8:87:3f:45:aa:d8: c6:69:27:22:47:62:1e:f5:5a:17:e3:68:6f:6e:17:8e:d3:09: 66:e1:79:10:13:55:b4:ec:4e:98:8d:0a:79:dc:9f:df:2b:42: 6b:6e:1f:9c:cc:ca:b4:c2:61:03:5a:4b:4b:ac:3d:0e:90:9c: 9d:13:95:0a:7a:9e:55:d9:7f:c4:7b:ea:d7:4d:75:09:7e:6f: d1:9c:44:ee:59:1d:14:6e:f3:85:59:13:1b:9c:0f:71:4d:c9: 17:90:94:5c:7e:fc:b1:d9:c5:c5:08:a6:c9:e2:a9:fe:e2:6e: ee:e3:54:be:f4:1b:a7:79:2c:29:3f:81:86:b5:70:33:0d:77: 89:43:40:dd:24:20:6b:27:95:d7:84:24:78:c8:4f:4c:c6:e3: fe:84:73:94:83:a4:e9:6c:b1:af:6c:ec:6d:2c:81:22:0f:95: 05:68:19:9f:67:db:28:82:8f:42:85:5c:0c:c9:1c:63:92:0c: e9:f9:01:e1:3f:fc:c6:4d:0d:4e:b1:13:80:8e:7b:0d:ce:3b: ca:c4:f2:42:39:7a:90:56:60:0c:cc:95:7b:bf:1d:07:bb:c3: 94:18:26:a9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICGp4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkJEMjgxMTAvBgNVBAUTKDZFNDg2MTBBQTBFNkIwRTJDNUVFRDQwMkREMDc4MzNB QTczRTdFQTIwHhcNMjUwNDI0MTU0MjQ1WhcNMjUwNTAxMTU0MjQ1WjAYMRYwFAYD VQQDEw02ODBhNWJmNi04YWI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzDuTziCF45MhwuD+NXD6C4jjQB1CPogydj/FNFyOOJVwXIl2JjK0Kl6qvlsI QQhGcNMACdOUVZvQZ6UAnppQdRyKCYvhLgPB2MoeF4133uoMUT9C1QWI6HgREs7c AsZ0xMJ81/B1HALMXnbkz2DQudYvIkTTsBTg1hdSAfX+DvR7AyVjjOf4dWizAjBe GqbvaBO+4Up4jWqGvGF8S5KNd7rGkwIjzF/wy2MjXVPDF/olHjEKFfcSMxQbtYUa /wc6XFZwKOzTnEm2X1HTc5LqKOfyd/pHaggHi3jGByQL4yFWvTtzRe2JS9mAyuaj kkiptUkswBs3+xW4iKLF0/va8QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLAypV5N UbbBOGkzRp6KMVe+fTDtMB8GA1UdIwQYMBaAFG5IYQqg5rDixe7UAt0HgzqnPn6i MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQkQyOC8yNjc1OEJCNDNB QjUxMUU3Qjg2MDlGMUNDNEY5QUUwMi9ia2hoQ3FEbXNPTEY3dFFDM1FlRE9xYy1m cUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL2JraGhDcURtc09MRjd0UUMzUWVET3FjLWZxSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG QkQyOC8yNjc1OEJCNDNBQjUxMUU3Qjg2MDlGMUNDNEY5QUUwMi9ia2hoQ3FEbXNP TEY3dFFDM1FlRE9xYy1mcUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCqDQ6gk4RIf4SZsXqAOJtSvqODyrdQN89DoWbPIjy4hz9FqtjGaSci R2Ie9VoX42hvbheO0wlm4XkQE1W07E6YjQp53J/fK0Jrbh+czMq0wmEDWktLrD0O kJydE5UKep5V2X/Ee+rXTXUJfm/RnETuWR0UbvOFWRMbnA9xTckXkJRcfvyx2cXF CKbJ4qn+4m7u41S+9BuneSwpP4GGtXAzDXeJQ0DdJCBrJ5XXhCR4yE9MxuP+hHOU g6TpbLGvbOxtLIEiD5UFaBmfZ9sogo9ChVwMyRxjkgzp+QHhP/zGTQ1OsROAjnsN zjvKxPJCOXqQVmAMzJV7vx0Hu8OUGCap -----END CERTIFICATE-----Generated at Sat Apr 26 13:57:18 2025 by rpki-client