$ rpki-client -vvf rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft File: bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft (raw, json) Hash identifier: xt5DQ0x8QlBFrUajareg6ZuxxORaGjhg7DM4bdz1fDs= Subject key identifier: 78:60:A9:AB:0A:95:81:8D:ED:36:13:07:B0:11:0B:58:23:6E:BF:EF Authority key identifier: 6E:48:61:0A:A0:E6:B0:E2:C5:EE:D4:02:DD:07:83:3A:A7:3E:7E:A2 Certificate issuer: /CN=A91FBD28/serialNumber=6E48610AA0E6B0E2C5EED402DD07833AA73E7EA2 Certificate serial: 1ABA Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/bkhhCqDmsOLF7tQC3QeDOqc-fqI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft Manifest number: 1AA5 Signing time: Wed 18 Jun 2025 15:41:28 +0000 Manifest this update: Wed 18 Jun 2025 15:41:28 +0000 Manifest next update: Wed 25 Jun 2025 15:41:28 +0000 Files and hashes: 1: bkhhCqDmsOLF7tQC3QeDOqc-fqI.crl (hash: LPbmspoVXzoK7PyyiSagLUD8faY2TA9XZBlcqTyVGrk=) 2: D8B92776A16A11EAA517B11EC4F9AE02.roa (hash: Kdp9AKQeL2FX/yJ9dKy0ocxr3Mori7J9VoVLko7H5hQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.crl rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/bkhhCqDmsOLF7tQC3QeDOqc-fqI.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 25 Jun 2025 15:41:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6842 (0x1aba) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FBD28, serialNumber=6E48610AA0E6B0E2C5EED402DD07833AA73E7EA2 Validity Not Before: Jun 18 15:41:28 2025 GMT Not After : Jun 25 15:41:28 2025 GMT Subject: CN=6852de28-c33c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:75:cd:0c:85:25:16:e2:68:c0:2e:ad:ca:cf: 7e:9d:22:07:ce:be:9a:6c:d6:fc:73:fa:40:4d:be: 0d:04:e5:80:57:74:66:3d:07:ac:18:bd:fd:a9:d0: 77:00:08:3b:1f:72:c3:0a:92:c0:7d:96:2d:80:a2: be:85:41:60:36:88:f9:58:7e:59:b2:ea:98:35:26: 5a:ed:23:17:ce:f0:e1:8d:6c:21:d3:81:56:ec:3f: b8:38:8c:23:82:bf:0a:a3:67:cf:f0:c1:22:10:38: bc:63:71:6a:60:b6:88:74:70:51:1e:91:34:ca:5e: 2a:26:9a:d8:2e:78:75:f4:d5:67:18:63:3a:f0:14: e7:13:3d:af:cd:ee:54:85:1d:6e:3a:57:90:b0:49: fd:0e:2e:8f:1b:71:fa:08:56:9b:16:46:d8:18:18: d4:28:a7:c2:83:b8:3b:c9:c8:19:7b:97:56:6a:aa: 89:2f:4c:18:42:1d:90:bc:26:a8:06:3e:d7:f1:ea: 2b:50:17:26:43:4e:07:1b:25:bd:84:3e:97:51:c4: 8a:fe:27:45:db:fe:db:12:40:75:13:62:fc:96:75: 3f:46:fa:db:86:2c:8b:99:89:d4:e7:08:65:6f:2c: 8e:97:4e:07:f6:d4:75:b8:cc:b4:28:b4:b0:82:f9: 00:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:60:A9:AB:0A:95:81:8D:ED:36:13:07:B0:11:0B:58:23:6E:BF:EF X509v3 Authority Key Identifier: keyid:6E:48:61:0A:A0:E6:B0:E2:C5:EE:D4:02:DD:07:83:3A:A7:3E:7E:A2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/bkhhCqDmsOLF7tQC3QeDOqc-fqI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c7:45:e6:69:be:b9:30:2e:b6:25:d8:47:82:b1:d7:ff:01:c3: be:6d:c0:f3:f2:78:86:7e:b2:76:78:15:5e:ca:42:98:46:53: cc:9f:0a:cf:2d:3c:8b:c3:32:c1:75:05:ce:1c:db:f7:56:7c: c0:f6:bf:17:d6:23:75:b7:f6:f0:b6:a0:de:ce:42:67:5f:bd: 62:77:d3:4f:ea:e7:25:82:b6:56:67:2c:91:68:91:ba:71:12: b1:ff:27:0f:9d:6e:12:85:a6:42:3b:77:88:11:9c:f3:20:05: 5f:5c:58:6b:88:66:ac:7c:37:ba:8a:dc:e4:ee:20:ea:d9:88: 0f:67:4c:94:cc:8b:d4:72:9d:86:1a:41:e7:32:1a:00:12:a0: 78:ec:ea:90:f6:97:56:76:3b:bf:38:f5:2b:1b:e9:99:42:6c: a0:82:a4:2a:1c:4d:2e:59:fe:40:a7:e8:8e:6a:61:52:96:38: 68:82:72:d7:9b:97:57:86:31:13:a8:f3:10:c9:0c:0c:65:44: bc:51:1b:9b:74:18:7b:3d:cc:00:f2:cd:1b:51:c7:3b:78:2e: fd:10:f7:b6:b3:3c:91:cf:71:c3:ec:cb:7f:b7:53:8e:d7:af: 37:78:62:06:dd:da:20:dc:cc:0b:15:1c:78:72:b5:1d:b6:da: 53:d1:09:a1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICGrowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkJEMjgxMTAvBgNVBAUTKDZFNDg2MTBBQTBFNkIwRTJDNUVFRDQwMkREMDc4MzNB QTczRTdFQTIwHhcNMjUwNjE4MTU0MTI4WhcNMjUwNjI1MTU0MTI4WjAYMRYwFAYD VQQDEw02ODUyZGUyOC1jMzNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApXXNDIUlFuJowC6tys9+nSIHzr6abNb8c/pATb4NBOWAV3RmPQesGL39qdB3 AAg7H3LDCpLAfZYtgKK+hUFgNoj5WH5ZsuqYNSZa7SMXzvDhjWwh04FW7D+4OIwj gr8Ko2fP8MEiEDi8Y3FqYLaIdHBRHpE0yl4qJprYLnh19NVnGGM68BTnEz2vze5U hR1uOleQsEn9Di6PG3H6CFabFkbYGBjUKKfCg7g7ycgZe5dWaqqJL0wYQh2QvCao Bj7X8eorUBcmQ04HGyW9hD6XUcSK/idF2/7bEkB1E2L8lnU/RvrbhiyLmYnU5whl byyOl04H9tR1uMy0KLSwgvkAkQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHhgqasK lYGN7TYTB7ARC1gjbr/vMB8GA1UdIwQYMBaAFG5IYQqg5rDixe7UAt0HgzqnPn6i MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQkQyOC8yNjc1OEJCNDNB QjUxMUU3Qjg2MDlGMUNDNEY5QUUwMi9ia2hoQ3FEbXNPTEY3dFFDM1FlRE9xYy1m cUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL2JraGhDcURtc09MRjd0UUMzUWVET3FjLWZxSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG QkQyOC8yNjc1OEJCNDNBQjUxMUU3Qjg2MDlGMUNDNEY5QUUwMi9ia2hoQ3FEbXNP TEY3dFFDM1FlRE9xYy1mcUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDHReZpvrkwLrYl2EeCsdf/AcO+bcDz8niGfrJ2eBVeykKYRlPMnwrP LTyLwzLBdQXOHNv3VnzA9r8X1iN1t/bwtqDezkJnX71id9NP6uclgrZWZyyRaJG6 cRKx/ycPnW4ShaZCO3eIEZzzIAVfXFhriGasfDe6itzk7iDq2YgPZ0yUzIvUcp2G GkHnMhoAEqB47OqQ9pdWdju/OPUrG+mZQmyggqQqHE0uWf5Ap+iOamFSljhognLX m5dXhjETqPMQyQwMZUS8URubdBh7PcwA8s0bUcc7eC79EPe2szyRz3HD7Mt/t1OO 1683eGIG3dog3MwLFRx4crUdttpT0Qmh -----END CERTIFICATE-----Generated at Fri Jun 20 04:04:44 2025 by rpki-client