$ rpki-client -vvf rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft File: bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft (raw, json) Hash identifier: vaBg6NDY7H6XMgGM3d0Q9QDwcLa2XfkT+gBRV7Pdze8= Subject key identifier: 26:C1:A5:F3:5B:31:91:1B:94:0D:04:82:AA:FA:F8:8A:31:75:58:B2 Authority key identifier: 6E:48:61:0A:A0:E6:B0:E2:C5:EE:D4:02:DD:07:83:3A:A7:3E:7E:A2 Certificate issuer: /CN=A91FBD28/serialNumber=6E48610AA0E6B0E2C5EED402DD07833AA73E7EA2 Certificate serial: 1AF9 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/bkhhCqDmsOLF7tQC3QeDOqc-fqI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft Manifest number: 1AE4 Signing time: Mon 20 Oct 2025 15:52:13 +0000 Manifest this update: Mon 20 Oct 2025 15:52:12 +0000 Manifest next update: Mon 27 Oct 2025 15:52:12 +0000 Files and hashes: 1: bkhhCqDmsOLF7tQC3QeDOqc-fqI.crl (hash: 6pVwf2tPPknNG3KzLS2wHYJhMzLZ6hZ9W/7beexIPpc=) 2: D8B92776A16A11EAA517B11EC4F9AE02.roa (hash: Kdp9AKQeL2FX/yJ9dKy0ocxr3Mori7J9VoVLko7H5hQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.crl rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/bkhhCqDmsOLF7tQC3QeDOqc-fqI.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 14:50:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6905 (0x1af9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FBD28, serialNumber=6E48610AA0E6B0E2C5EED402DD07833AA73E7EA2 Validity Not Before: Oct 20 15:52:12 2025 GMT Not After : Oct 27 15:52:12 2025 GMT Subject: CN=68f65aad-ff5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:74:c7:a3:c8:1b:65:8d:bc:31:2c:3c:0d:cc: 42:1b:29:57:3e:eb:3d:fd:59:3e:66:84:9e:12:d5: ee:32:e0:55:76:d0:e6:05:b2:01:fc:56:e8:dd:ed: c3:55:52:ea:a6:fe:34:f4:72:01:99:96:93:7b:ac: 17:bb:a5:81:d4:ab:7a:48:31:9a:13:cc:5f:c0:c4: 0e:c2:02:a3:e3:6b:fc:9e:43:02:b7:1f:93:b3:b5: 4c:03:d2:9d:1b:2d:4a:10:a5:e4:f1:3c:ef:b3:3c: 3b:a0:43:8f:6e:ae:0e:8f:d8:cc:15:a1:80:54:24: b1:3f:77:e5:bf:4c:d0:54:11:ba:99:36:f2:34:04: 0f:c7:35:92:45:d6:b8:b8:2f:d7:b7:16:a5:8c:a4: c4:eb:02:23:44:20:2d:88:99:e8:6d:03:76:90:b1: 75:c5:a1:8a:14:1a:3b:98:5b:6e:f2:42:9d:39:59: a1:26:25:28:0a:eb:79:da:ea:97:d4:0d:64:47:10: a8:ee:0f:f9:d4:e2:b8:43:77:b7:35:4d:6f:4e:2e: c2:cd:e6:90:65:72:63:4c:62:66:15:17:f0:37:a6: 3c:0e:5b:1c:86:1f:86:aa:f6:ee:28:3c:9c:f1:64: 2d:a1:4c:2e:ad:bc:9d:28:6f:9e:7f:51:4d:6c:ce: 3e:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 26:C1:A5:F3:5B:31:91:1B:94:0D:04:82:AA:FA:F8:8A:31:75:58:B2 X509v3 Authority Key Identifier: keyid:6E:48:61:0A:A0:E6:B0:E2:C5:EE:D4:02:DD:07:83:3A:A7:3E:7E:A2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/bkhhCqDmsOLF7tQC3QeDOqc-fqI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 69:42:57:05:8b:72:80:c8:8a:88:a1:81:08:88:c3:07:e5:5e: 5a:2e:be:2c:af:3d:93:81:ed:21:df:69:d6:12:e8:0e:a3:84: 75:4c:f5:19:0e:4f:ad:d4:88:c0:81:a6:37:b1:0f:a6:81:21: 02:b6:65:ce:61:e3:5c:0b:7e:40:13:9d:31:f2:1a:dd:48:bc: 60:48:94:dc:de:09:a9:25:88:77:d5:db:e8:a0:75:fc:cc:bd: 30:81:54:71:3c:fe:9f:31:64:5c:db:fd:ca:fe:54:df:8d:05: 71:9f:81:39:c0:2d:51:e7:b9:81:9c:8b:13:c4:5f:c9:17:a3: 1f:39:50:04:00:65:4c:5a:02:25:af:98:bb:59:b4:6e:ad:ec: 75:60:1d:00:6c:86:97:bc:f2:41:5c:3a:c4:5a:55:60:c0:0c: fc:bd:f2:f1:e0:fc:47:81:4c:84:e5:9b:d3:e2:72:a2:99:25: db:92:d2:3f:4c:f2:26:95:60:38:de:5c:a8:66:c2:6c:ab:bc: 28:37:e7:22:e1:b4:39:e5:53:91:42:02:99:56:8a:56:6f:a3: 8c:68:08:43:07:cb:22:b9:e1:5c:01:d7:57:65:4d:a9:34:c7: 57:fd:94:42:7b:f0:32:a6:93:9e:bf:2c:89:63:5d:1b:33:6a: cc:6b:56:fd -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICGvkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkJEMjgxMTAvBgNVBAUTKDZFNDg2MTBBQTBFNkIwRTJDNUVFRDQwMkREMDc4MzNB QTczRTdFQTIwHhcNMjUxMDIwMTU1MjEyWhcNMjUxMDI3MTU1MjEyWjAYMRYwFAYD VQQDEw02OGY2NWFhZC1mZjVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu3THo8gbZY28MSw8DcxCGylXPus9/Vk+ZoSeEtXuMuBVdtDmBbIB/Fbo3e3D VVLqpv409HIBmZaTe6wXu6WB1Kt6SDGaE8xfwMQOwgKj42v8nkMCtx+Ts7VMA9Kd Gy1KEKXk8Tzvszw7oEOPbq4Oj9jMFaGAVCSxP3flv0zQVBG6mTbyNAQPxzWSRda4 uC/XtxaljKTE6wIjRCAtiJnobQN2kLF1xaGKFBo7mFtu8kKdOVmhJiUoCut52uqX 1A1kRxCo7g/51OK4Q3e3NU1vTi7CzeaQZXJjTGJmFRfwN6Y8Dlschh+GqvbuKDyc 8WQtoUwurbydKG+ef1FNbM4+GwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCbBpfNb MZEblA0Egqr6+IoxdViyMB8GA1UdIwQYMBaAFG5IYQqg5rDixe7UAt0HgzqnPn6i MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQkQyOC8yNjc1OEJCNDNB QjUxMUU3Qjg2MDlGMUNDNEY5QUUwMi9ia2hoQ3FEbXNPTEY3dFFDM1FlRE9xYy1m cUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL2JraGhDcURtc09MRjd0UUMzUWVET3FjLWZxSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG QkQyOC8yNjc1OEJCNDNBQjUxMUU3Qjg2MDlGMUNDNEY5QUUwMi9ia2hoQ3FEbXNP TEY3dFFDM1FlRE9xYy1mcUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBpQlcFi3KAyIqIoYEIiMMH5V5aLr4srz2Tge0h32nWEugOo4R1TPUZ Dk+t1IjAgaY3sQ+mgSECtmXOYeNcC35AE50x8hrdSLxgSJTc3gmpJYh31dvooHX8 zL0wgVRxPP6fMWRc2/3K/lTfjQVxn4E5wC1R57mBnIsTxF/JF6MfOVAEAGVMWgIl r5i7WbRurex1YB0AbIaXvPJBXDrEWlVgwAz8vfLx4PxHgUyE5ZvT4nKimSXbktI/ TPImlWA43lyoZsJsq7woN+ci4bQ55VORQgKZVopWb6OMaAhDB8siueFcAddXZU2p NMdX/ZRCe/AyppOevyyJY10bM2rMa1b9 -----END CERTIFICATE-----Generated at Mon Oct 20 18:26:10 2025 by rpki-client