$ rpki-client -vvf rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft File: bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft (raw, json) Hash identifier: 7GaNiahiW/1lh2tVo8y8h4/pCSUmSZ0kBwdpRUD2vZ8= Subject key identifier: 61:D5:70:C0:A4:46:B7:20:5D:74:8D:3C:29:E3:38:10:7B:AB:50:05 Authority key identifier: 6E:48:61:0A:A0:E6:B0:E2:C5:EE:D4:02:DD:07:83:3A:A7:3E:7E:A2 Certificate issuer: /CN=A91FBD28/serialNumber=6E48610AA0E6B0E2C5EED402DD07833AA73E7EA2 Certificate serial: 1AC1 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/bkhhCqDmsOLF7tQC3QeDOqc-fqI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft Manifest number: 1AAC Signing time: Wed 02 Jul 2025 15:48:03 +0000 Manifest this update: Wed 02 Jul 2025 15:48:03 +0000 Manifest next update: Wed 09 Jul 2025 15:48:03 +0000 Files and hashes: 1: bkhhCqDmsOLF7tQC3QeDOqc-fqI.crl (hash: jL3AULAwBmDsyjnNSf5nACGDLElBOTbrUmT4uKyKFM8=) 2: D8B92776A16A11EAA517B11EC4F9AE02.roa (hash: Kdp9AKQeL2FX/yJ9dKy0ocxr3Mori7J9VoVLko7H5hQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.crl rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/bkhhCqDmsOLF7tQC3QeDOqc-fqI.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 15:48:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6849 (0x1ac1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FBD28, serialNumber=6E48610AA0E6B0E2C5EED402DD07833AA73E7EA2 Validity Not Before: Jul 2 15:48:03 2025 GMT Not After : Jul 9 15:48:03 2025 GMT Subject: CN=686554b3-de22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:7d:4a:ee:53:ec:5c:19:63:51:71:c3:e2:e3: 46:b7:93:b6:3b:87:2c:7d:37:1a:53:84:75:3c:9d: 4c:80:11:77:06:72:2b:34:54:34:d3:66:95:18:c8: 10:8c:b3:0e:ff:88:b4:2b:91:75:84:46:13:ef:7c: 0a:e6:ef:6c:06:49:ca:19:2e:62:38:dc:11:e4:69: 15:2f:68:16:87:bb:5a:25:29:36:89:be:8b:1d:2c: d2:03:dd:2b:5b:ee:1b:62:25:74:b7:a1:c8:90:a0: 72:d1:ac:40:5f:8d:ec:d7:ee:8f:cc:e9:63:4d:fd: 70:20:a8:7c:7f:8f:d9:15:d6:b0:15:d8:7c:75:c3: 38:c4:3b:f6:1f:b6:d4:36:62:cc:74:f6:54:c9:a2: 1a:9d:1d:86:40:be:fe:af:4e:7e:0e:f0:b1:57:a2: e9:d1:3c:fc:83:46:35:cb:e1:b9:70:a7:fc:4a:3e: 28:4b:7d:bf:5b:2b:3a:7b:b3:92:af:28:5f:f3:d2: 87:7a:04:62:0a:49:bb:7d:a6:70:f1:4d:f4:b4:76: 06:73:91:ff:82:de:c5:e3:0a:70:da:41:ad:b7:5b: 91:9a:10:e0:ca:de:65:e5:55:32:6c:0e:be:86:ba: ae:3b:a0:5e:80:02:79:c0:9c:c3:20:f5:2b:a9:e1: 87:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:D5:70:C0:A4:46:B7:20:5D:74:8D:3C:29:E3:38:10:7B:AB:50:05 X509v3 Authority Key Identifier: keyid:6E:48:61:0A:A0:E6:B0:E2:C5:EE:D4:02:DD:07:83:3A:A7:3E:7E:A2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/bkhhCqDmsOLF7tQC3QeDOqc-fqI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7c:18:2e:f6:0e:2f:3e:b7:e9:d9:45:8e:20:28:83:a2:e0:9d: 37:dc:c1:30:61:c2:6d:e7:2e:c4:bf:25:62:60:5c:97:09:5a: d5:94:2e:e3:61:f1:11:e1:43:94:29:bc:bc:a0:c5:54:44:f1: d7:86:19:2b:ab:62:e3:7e:59:ef:b3:9b:e3:ad:42:1b:35:3f: 97:c7:50:34:17:0f:63:e2:9a:e4:c4:fe:b4:bf:12:96:21:82: 62:58:80:31:97:4b:f9:e6:4b:f3:23:4a:1b:a0:6d:e1:a3:1c: fe:f0:00:ee:ec:7d:6f:5f:7a:9e:bb:f5:0d:d7:d0:cf:fd:de: 5d:8e:bd:b8:69:d9:00:76:32:34:07:f3:fc:e6:da:18:0b:75: 59:2d:37:dd:40:4c:f7:3a:6c:a2:d3:8f:3d:b0:9a:54:68:64: d2:54:9e:c8:c0:1c:99:1e:a5:cd:2c:ef:e3:6c:b3:ba:59:7b: 83:70:11:6e:3c:4b:8b:c7:2b:9f:97:51:f3:ab:4e:99:4c:f3: f6:76:15:40:f8:fa:9f:fc:f0:6e:70:ea:a2:cc:19:b3:f5:04: 88:09:17:39:8c:50:91:32:00:a9:45:e2:35:a4:41:56:92:40: ad:b9:52:ff:17:d7:af:72:5d:bd:45:33:f5:a5:66:bf:09:46: 7c:0d:0d:d9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICGsEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkJEMjgxMTAvBgNVBAUTKDZFNDg2MTBBQTBFNkIwRTJDNUVFRDQwMkREMDc4MzNB QTczRTdFQTIwHhcNMjUwNzAyMTU0ODAzWhcNMjUwNzA5MTU0ODAzWjAYMRYwFAYD VQQDEw02ODY1NTRiMy1kZTIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyX1K7lPsXBljUXHD4uNGt5O2O4csfTcaU4R1PJ1MgBF3BnIrNFQ002aVGMgQ jLMO/4i0K5F1hEYT73wK5u9sBknKGS5iONwR5GkVL2gWh7taJSk2ib6LHSzSA90r W+4bYiV0t6HIkKBy0axAX43s1+6PzOljTf1wIKh8f4/ZFdawFdh8dcM4xDv2H7bU NmLMdPZUyaIanR2GQL7+r05+DvCxV6Lp0Tz8g0Y1y+G5cKf8Sj4oS32/Wys6e7OS ryhf89KHegRiCkm7faZw8U30tHYGc5H/gt7F4wpw2kGtt1uRmhDgyt5l5VUybA6+ hrquO6BegAJ5wJzDIPUrqeGHBQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGHVcMCk RrcgXXSNPCnjOBB7q1AFMB8GA1UdIwQYMBaAFG5IYQqg5rDixe7UAt0HgzqnPn6i MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQkQyOC8yNjc1OEJCNDNB QjUxMUU3Qjg2MDlGMUNDNEY5QUUwMi9ia2hoQ3FEbXNPTEY3dFFDM1FlRE9xYy1m cUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL2JraGhDcURtc09MRjd0UUMzUWVET3FjLWZxSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG QkQyOC8yNjc1OEJCNDNBQjUxMUU3Qjg2MDlGMUNDNEY5QUUwMi9ia2hoQ3FEbXNP TEY3dFFDM1FlRE9xYy1mcUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB8GC72Di8+t+nZRY4gKIOi4J033MEwYcJt5y7EvyViYFyXCVrVlC7j YfER4UOUKby8oMVURPHXhhkrq2Ljflnvs5vjrUIbNT+Xx1A0Fw9j4prkxP60vxKW IYJiWIAxl0v55kvzI0oboG3hoxz+8ADu7H1vX3qeu/UN19DP/d5djr24adkAdjI0 B/P85toYC3VZLTfdQEz3Omyi0489sJpUaGTSVJ7IwByZHqXNLO/jbLO6WXuDcBFu PEuLxyufl1Hzq06ZTPP2dhVA+Pqf/PBucOqizBmz9QSICRc5jFCRMgCpReI1pEFW kkCtuVL/F9evcl29RTP1pWa/CUZ8DQ3Z -----END CERTIFICATE-----Generated at Thu Jul 3 23:26:58 2025 by rpki-client