$ rpki-client -vvf rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft File: bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft (raw, json) Hash identifier: O1ysoCu0tUlk4r3m11RchSoRxFkm65oAcMV6KG76MM4= Subject key identifier: EA:3F:08:0D:1C:4F:07:69:C3:32:E5:77:F6:65:CB:84:80:B3:46:9C Authority key identifier: 6E:48:61:0A:A0:E6:B0:E2:C5:EE:D4:02:DD:07:83:3A:A7:3E:7E:A2 Certificate issuer: /CN=A91FBD28/serialNumber=6E48610AA0E6B0E2C5EED402DD07833AA73E7EA2 Certificate serial: 1ADB Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/bkhhCqDmsOLF7tQC3QeDOqc-fqI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft Manifest number: 1AC6 Signing time: Fri 22 Aug 2025 15:43:53 +0000 Manifest this update: Fri 22 Aug 2025 15:43:52 +0000 Manifest next update: Fri 29 Aug 2025 15:43:52 +0000 Files and hashes: 1: bkhhCqDmsOLF7tQC3QeDOqc-fqI.crl (hash: 5qmvXh5DpKN+qT+SeSf+AmzzQ2JuKNJXWAfl/1IFsFw=) 2: D8B92776A16A11EAA517B11EC4F9AE02.roa (hash: Kdp9AKQeL2FX/yJ9dKy0ocxr3Mori7J9VoVLko7H5hQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.crl rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/bkhhCqDmsOLF7tQC3QeDOqc-fqI.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 15:43:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6875 (0x1adb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FBD28, serialNumber=6E48610AA0E6B0E2C5EED402DD07833AA73E7EA2 Validity Not Before: Aug 22 15:43:52 2025 GMT Not After : Aug 29 15:43:52 2025 GMT Subject: CN=68a89039-aeb3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:f4:a3:29:c4:52:f6:b4:63:4f:81:79:00:6b: 60:e1:c3:ad:a9:e0:ab:c0:08:0a:a0:18:49:ff:ce: 82:01:6b:36:fb:11:0f:e0:1e:81:06:c2:58:db:a7: aa:27:0a:a8:f9:1c:dd:1a:f9:71:30:d7:7d:a8:16: f6:74:21:7f:62:23:02:04:07:74:7f:b8:f6:c1:0f: 60:5c:1d:da:0c:cd:9a:76:ee:3d:ed:fb:cc:40:f5: 00:a2:19:ae:19:cf:c1:c5:5a:df:fa:56:62:3a:3f: ff:5b:cf:cb:77:c9:15:a3:65:86:35:59:b3:7b:76: 72:16:94:d4:ed:ed:c8:c7:b5:58:70:68:a3:13:c1: e9:e5:e0:b9:dd:ed:1c:9c:cb:83:d7:c1:fc:f1:a0: 83:ac:2c:52:35:7d:69:11:ab:86:35:62:e9:ca:74: 7b:2c:ec:7f:6e:ce:f8:4c:c4:02:dd:99:7a:1d:ce: c5:06:23:13:20:45:bd:da:1a:3e:dc:b5:f1:cb:5e: e9:1f:ec:aa:1a:6b:3e:cc:82:d7:e2:1b:e6:6a:6e: 7b:9d:c3:85:3d:fd:3e:30:5d:93:42:9b:fd:20:11: 94:72:26:2e:60:a4:94:30:73:6e:3e:5b:cb:15:e7: 97:90:c2:f4:96:a1:8c:40:9e:2f:17:47:fa:92:e2: 83:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:3F:08:0D:1C:4F:07:69:C3:32:E5:77:F6:65:CB:84:80:B3:46:9C X509v3 Authority Key Identifier: keyid:6E:48:61:0A:A0:E6:B0:E2:C5:EE:D4:02:DD:07:83:3A:A7:3E:7E:A2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/bkhhCqDmsOLF7tQC3QeDOqc-fqI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 69:ae:18:d4:1d:23:97:b3:33:94:aa:3d:1a:43:7c:1e:8b:87: 1a:f2:eb:94:72:65:c1:a8:44:e8:9f:f8:61:f0:ec:43:f1:04: 14:0b:3b:0d:42:d2:b8:cd:9b:bc:41:f1:f1:63:c8:01:e5:dd: 00:5f:e2:eb:69:bf:4d:c1:a1:9c:7e:34:51:10:3a:a6:83:30: 4f:e5:8f:6c:1d:17:af:44:59:ed:e0:cd:6e:73:d9:f8:7f:48: 51:49:89:44:f4:af:f6:a1:b5:91:e4:70:70:4b:aa:d1:6e:53: 18:07:38:6b:6a:22:b7:36:a3:a9:89:a5:3b:3f:b0:a8:a8:12: 5a:01:17:c0:c8:25:8d:dd:a3:eb:b5:4d:0e:06:c0:d4:7e:6f: fe:98:06:35:d5:ca:d8:cb:b4:c8:d6:a1:13:79:b1:7d:01:ed: 17:a4:9a:99:9e:5a:fc:9f:62:ae:5e:10:2d:27:a8:9a:7d:d8: 63:37:95:dc:5d:ab:28:7a:fa:ab:47:79:c6:b7:db:4d:8f:4d: 00:34:87:fa:48:1d:08:89:69:af:5a:f0:37:6e:50:bd:58:52: 94:92:46:dd:49:2b:4f:81:ca:db:56:b4:71:f5:09:ac:8c:ad: 02:7d:30:ec:ce:e6:6f:57:74:6c:18:bf:81:df:fc:e0:75:6f: 1b:39:a8:48 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICGtswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkJEMjgxMTAvBgNVBAUTKDZFNDg2MTBBQTBFNkIwRTJDNUVFRDQwMkREMDc4MzNB QTczRTdFQTIwHhcNMjUwODIyMTU0MzUyWhcNMjUwODI5MTU0MzUyWjAYMRYwFAYD VQQDEw02OGE4OTAzOS1hZWIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz/SjKcRS9rRjT4F5AGtg4cOtqeCrwAgKoBhJ/86CAWs2+xEP4B6BBsJY26eq Jwqo+RzdGvlxMNd9qBb2dCF/YiMCBAd0f7j2wQ9gXB3aDM2adu497fvMQPUAohmu Gc/BxVrf+lZiOj//W8/Ld8kVo2WGNVmze3ZyFpTU7e3Ix7VYcGijE8Hp5eC53e0c nMuD18H88aCDrCxSNX1pEauGNWLpynR7LOx/bs74TMQC3Zl6Hc7FBiMTIEW92ho+ 3LXxy17pH+yqGms+zILX4hvmam57ncOFPf0+MF2TQpv9IBGUciYuYKSUMHNuPlvL FeeXkML0lqGMQJ4vF0f6kuKDYQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOo/CA0c TwdpwzLld/Zly4SAs0acMB8GA1UdIwQYMBaAFG5IYQqg5rDixe7UAt0HgzqnPn6i MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQkQyOC8yNjc1OEJCNDNB QjUxMUU3Qjg2MDlGMUNDNEY5QUUwMi9ia2hoQ3FEbXNPTEY3dFFDM1FlRE9xYy1m cUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL2JraGhDcURtc09MRjd0UUMzUWVET3FjLWZxSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG QkQyOC8yNjc1OEJCNDNBQjUxMUU3Qjg2MDlGMUNDNEY5QUUwMi9ia2hoQ3FEbXNP TEY3dFFDM1FlRE9xYy1mcUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBprhjUHSOXszOUqj0aQ3wei4ca8uuUcmXBqETon/hh8OxD8QQUCzsN QtK4zZu8QfHxY8gB5d0AX+Lrab9NwaGcfjRREDqmgzBP5Y9sHRevRFnt4M1uc9n4 f0hRSYlE9K/2obWR5HBwS6rRblMYBzhraiK3NqOpiaU7P7CoqBJaARfAyCWN3aPr tU0OBsDUfm/+mAY11crYy7TI1qETebF9Ae0XpJqZnlr8n2KuXhAtJ6iafdhjN5Xc XasoevqrR3nGt9tNj00ANIf6SB0IiWmvWvA3blC9WFKUkkbdSStPgcrbVrRx9Qms jK0CfTDszuZvV3RsGL+B3/zgdW8bOahI -----END CERTIFICATE-----Generated at Sat Aug 23 19:04:43 2025 by rpki-client