$ rpki-client -vvf rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft File: bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft (raw, json) Hash identifier: VQrtCNwIEZEySTwS9Tmo1q8c1oQaB1cEX6SYG5rxejQ= Subject key identifier: 52:32:4C:AC:9B:E4:A6:94:4C:50:D3:FA:78:25:23:70:DC:29:F6:DB Authority key identifier: 6E:48:61:0A:A0:E6:B0:E2:C5:EE:D4:02:DD:07:83:3A:A7:3E:7E:A2 Certificate issuer: /CN=A91FBD28/serialNumber=6E48610AA0E6B0E2C5EED402DD07833AA73E7EA2 Certificate serial: 1AD5 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/bkhhCqDmsOLF7tQC3QeDOqc-fqI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft Manifest number: 1AC0 Signing time: Sun 10 Aug 2025 15:38:11 +0000 Manifest this update: Sun 10 Aug 2025 15:38:10 +0000 Manifest next update: Sun 17 Aug 2025 15:38:10 +0000 Files and hashes: 1: bkhhCqDmsOLF7tQC3QeDOqc-fqI.crl (hash: 8raJQnhuXrbKWEoBeWHNA2PACzitbifpK+usU77wm7Y=) 2: D8B92776A16A11EAA517B11EC4F9AE02.roa (hash: Kdp9AKQeL2FX/yJ9dKy0ocxr3Mori7J9VoVLko7H5hQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.crl rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/bkhhCqDmsOLF7tQC3QeDOqc-fqI.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6869 (0x1ad5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FBD28, serialNumber=6E48610AA0E6B0E2C5EED402DD07833AA73E7EA2 Validity Not Before: Aug 10 15:38:10 2025 GMT Not After : Aug 17 15:38:10 2025 GMT Subject: CN=6898bce2-b30b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:5c:37:a8:3c:85:69:25:d8:ee:cf:35:b5:67: d4:2f:07:25:26:85:fb:76:bd:a0:cd:3d:92:d8:76: 57:4a:ad:e5:fe:32:d2:4e:69:9c:89:a8:11:23:7e: cb:06:e7:27:3e:12:29:6f:d3:2d:9d:89:ee:ac:e6: 99:13:13:04:42:7f:7c:32:0b:86:e3:57:57:62:ed: c3:4c:44:d0:1c:32:f5:32:de:70:b5:b8:7a:a0:76: 3e:14:cb:05:9d:97:4c:cc:27:f6:8a:62:05:35:0d: ab:70:d7:95:44:83:39:ef:cd:33:c1:f6:be:b0:fe: ad:0d:fc:d2:f2:5b:e3:46:34:fb:04:c1:e8:b6:65: 48:07:7e:ff:d1:77:b3:60:41:96:0f:6b:d2:76:d7: ee:6e:10:c5:2d:13:a6:45:a8:df:9e:55:c8:65:16: f5:25:99:d7:af:d6:34:41:be:74:87:f2:07:3f:94: a8:d4:ed:d4:1b:c7:a6:56:14:39:ed:3b:3c:be:f5: 61:88:6a:ee:6b:3b:d8:55:2b:db:2a:3b:0b:bb:b6: 8f:60:8d:96:17:59:5d:1f:22:90:b2:e9:68:e6:4d: de:c3:c8:25:6b:2f:63:aa:01:81:70:be:3b:02:ba: 75:8a:ec:49:32:7a:e6:3e:97:71:0a:24:c8:ab:b9: b6:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:32:4C:AC:9B:E4:A6:94:4C:50:D3:FA:78:25:23:70:DC:29:F6:DB X509v3 Authority Key Identifier: keyid:6E:48:61:0A:A0:E6:B0:E2:C5:EE:D4:02:DD:07:83:3A:A7:3E:7E:A2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/bkhhCqDmsOLF7tQC3QeDOqc-fqI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7e:6f:81:2a:07:77:fb:dc:38:06:e0:37:f9:d7:09:36:6d:e6: a0:94:95:8f:12:07:03:72:54:d3:bd:15:da:7a:ef:ba:27:f6: 0d:aa:0f:06:7e:37:2e:cc:1f:1e:5f:76:df:3c:16:b8:71:8a: 7f:29:68:a2:3a:ec:cc:16:07:63:ce:56:95:66:c3:90:07:1d: 3b:ac:a0:2f:fe:42:d0:b0:a9:ad:96:63:93:d9:28:2e:26:1f: e1:0f:e6:a5:fe:31:f4:27:3f:8e:91:75:29:42:af:ac:b5:36: fe:af:45:99:69:1b:cc:4e:22:c9:14:ef:7d:79:34:f0:5f:83: 1e:94:e7:0d:fc:e0:c2:d7:02:6a:ae:15:a8:b2:eb:d9:c0:e3: b0:76:18:6c:0c:9a:45:6a:2f:7d:69:2f:75:4c:08:1a:7b:97: 8b:56:b1:a8:fa:38:6a:1e:b9:74:ed:d1:8e:00:48:4e:fa:04: 09:8d:69:77:5c:b8:d2:1f:97:72:25:69:89:78:63:b7:fa:19: 5c:61:4e:af:c0:9b:83:6d:bf:f9:a2:32:f9:b5:57:69:15:50: a1:2f:fd:41:0d:51:db:e5:33:55:a0:86:bf:84:ee:3b:75:c6: b6:ad:dc:f6:ec:ec:a4:0d:a4:5a:1e:7f:59:da:2e:cb:9e:63: ae:ca:6b:d5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICGtUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkJEMjgxMTAvBgNVBAUTKDZFNDg2MTBBQTBFNkIwRTJDNUVFRDQwMkREMDc4MzNB QTczRTdFQTIwHhcNMjUwODEwMTUzODEwWhcNMjUwODE3MTUzODEwWjAYMRYwFAYD VQQDEw02ODk4YmNlMi1iMzBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAslw3qDyFaSXY7s81tWfULwclJoX7dr2gzT2S2HZXSq3l/jLSTmmciagRI37L BucnPhIpb9MtnYnurOaZExMEQn98MguG41dXYu3DTETQHDL1Mt5wtbh6oHY+FMsF nZdMzCf2imIFNQ2rcNeVRIM5780zwfa+sP6tDfzS8lvjRjT7BMHotmVIB37/0Xez YEGWD2vSdtfubhDFLROmRajfnlXIZRb1JZnXr9Y0Qb50h/IHP5So1O3UG8emVhQ5 7Ts8vvVhiGruazvYVSvbKjsLu7aPYI2WF1ldHyKQsulo5k3ew8glay9jqgGBcL47 Arp1iuxJMnrmPpdxCiTIq7m25wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFIyTKyb 5KaUTFDT+nglI3DcKfbbMB8GA1UdIwQYMBaAFG5IYQqg5rDixe7UAt0HgzqnPn6i MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQkQyOC8yNjc1OEJCNDNB QjUxMUU3Qjg2MDlGMUNDNEY5QUUwMi9ia2hoQ3FEbXNPTEY3dFFDM1FlRE9xYy1m cUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL2JraGhDcURtc09MRjd0UUMzUWVET3FjLWZxSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG QkQyOC8yNjc1OEJCNDNBQjUxMUU3Qjg2MDlGMUNDNEY5QUUwMi9ia2hoQ3FEbXNP TEY3dFFDM1FlRE9xYy1mcUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB+b4EqB3f73DgG4Df51wk2beaglJWPEgcDclTTvRXaeu+6J/YNqg8G fjcuzB8eX3bfPBa4cYp/KWiiOuzMFgdjzlaVZsOQBx07rKAv/kLQsKmtlmOT2Sgu Jh/hD+al/jH0Jz+OkXUpQq+stTb+r0WZaRvMTiLJFO99eTTwX4MelOcN/ODC1wJq rhWosuvZwOOwdhhsDJpFai99aS91TAgae5eLVrGo+jhqHrl07dGOAEhO+gQJjWl3 XLjSH5dyJWmJeGO3+hlcYU6vwJuDbb/5ojL5tVdpFVChL/1BDVHb5TNVoIa/hO47 dca2rdz27OykDaRaHn9Z2i7LnmOuymvV -----END CERTIFICATE-----Generated at Mon Aug 11 10:30:59 2025 by rpki-client