$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE4C1/3644887AE9BB11EFBAAC9D70C4F9AE02/BH7xoc9llmNJhmdnZVZI7vkRDFo.mft File: BH7xoc9llmNJhmdnZVZI7vkRDFo.mft (raw, json) Hash identifier: cF5Xu69bFvjt2IBF9lT8qPoAgvHcwHCpZhh3urJKSZQ= Subject key identifier: 59:6A:2F:6C:56:3B:B8:D2:8E:61:C6:EB:05:79:60:29:E6:C4:23:F1 Authority key identifier: 04:7E:F1:A1:CF:65:96:63:49:86:67:67:65:56:48:EE:F9:11:0C:5A Certificate issuer: /CN=A91CE4C1/serialNumber=047EF1A1CF65966349866767655648EEF9110C5A Certificate serial: 46 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BH7xoc9llmNJhmdnZVZI7vkRDFo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CE4C1/3644887AE9BB11EFBAAC9D70C4F9AE02/BH7xoc9llmNJhmdnZVZI7vkRDFo.mft Manifest number: 3F Signing time: Sat 31 May 2025 07:07:35 +0000 Manifest this update: Sat 31 May 2025 07:07:35 +0000 Manifest next update: Sat 07 Jun 2025 07:07:35 +0000 Files and hashes: 1: BH7xoc9llmNJhmdnZVZI7vkRDFo.crl (hash: JxtLt78FVAk4JiUtioRU1iEWmHLCwXAmfDGxmYjbb7Q=) 2: 459E12EAE9C611EFB8012F10C4F9AE02.roa (hash: /RmfZz46so9ge+fbPNaFv77MZSPZTzTOQnyx59sNwag=) 3: FB4C0514E9C311EFADA7270AC4F9AE02.roa (hash: b+8Vf+1PI1yNyvvstVRxJPifoMZ8KqBIQc0NBIzO5qc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CE4C1/3644887AE9BB11EFBAAC9D70C4F9AE02/BH7xoc9llmNJhmdnZVZI7vkRDFo.crl rsync://rpki.apnic.net/member_repository/A91CE4C1/3644887AE9BB11EFBAAC9D70C4F9AE02/BH7xoc9llmNJhmdnZVZI7vkRDFo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BH7xoc9llmNJhmdnZVZI7vkRDFo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 07:07:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70 (0x46) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CE4C1, serialNumber=047EF1A1CF65966349866767655648EEF9110C5A Validity Not Before: May 31 07:07:35 2025 GMT Not After : Jun 7 07:07:35 2025 GMT Subject: CN=683aaab7-c7e4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:df:69:36:ec:71:2f:1a:64:5d:d7:43:ad:02: 86:5b:a4:67:a3:78:ef:53:7d:b8:d9:bd:ef:b8:b3: 05:f1:cc:bb:8a:48:cc:1c:e9:85:84:18:26:99:cf: ad:66:27:e6:37:12:4e:50:c2:0e:d7:08:69:e3:7f: 49:16:26:c2:26:19:c4:47:b3:07:84:2e:ac:e8:fe: 35:7f:eb:52:f9:2a:93:ab:de:04:e9:d1:71:0e:a1: 49:83:ca:f9:03:b3:2f:34:57:e2:32:8c:fc:a1:f1: ae:c2:75:54:3c:08:93:2a:1e:ce:31:0e:14:c8:a5: 3b:01:43:57:b1:b7:3d:bf:38:0f:7f:72:58:d4:c5: 00:de:bb:01:0b:b8:85:d8:0f:d5:e3:c7:e2:17:56: 6f:a8:1a:c3:a1:84:7b:d7:ba:12:6d:e8:47:10:26: 31:03:61:cd:7e:c6:fd:65:9b:2c:65:0f:85:85:15: c1:34:2d:e3:c3:d4:83:a9:a8:d0:ec:b3:3d:58:f3: b3:51:d6:16:90:c0:d4:d7:98:64:9a:ce:d2:77:ce: 52:41:eb:36:f6:3a:d6:1a:93:60:83:62:08:98:e6: fe:78:b5:d4:e1:3e:48:68:c0:d2:07:10:52:7b:6b: 37:b0:56:0e:5d:b1:eb:d9:1c:7d:fe:44:a7:89:42: 04:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:6A:2F:6C:56:3B:B8:D2:8E:61:C6:EB:05:79:60:29:E6:C4:23:F1 X509v3 Authority Key Identifier: keyid:04:7E:F1:A1:CF:65:96:63:49:86:67:67:65:56:48:EE:F9:11:0C:5A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CE4C1/3644887AE9BB11EFBAAC9D70C4F9AE02/BH7xoc9llmNJhmdnZVZI7vkRDFo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BH7xoc9llmNJhmdnZVZI7vkRDFo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE4C1/3644887AE9BB11EFBAAC9D70C4F9AE02/BH7xoc9llmNJhmdnZVZI7vkRDFo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0b:f0:72:32:13:b0:12:58:4f:22:28:fd:d6:d2:78:38:04:67: 2c:d3:0e:c9:be:aa:2e:a8:c3:32:48:b5:76:18:34:c9:ed:52: 2b:8b:e2:6d:3f:be:94:f2:39:fd:25:a6:4a:ca:76:3b:ec:3a: 91:ef:09:fc:7a:a8:3e:78:23:5f:f7:77:8b:03:4b:7d:24:60: f9:48:af:03:ad:67:2b:ed:83:eb:af:a7:5e:1b:37:8f:c3:04: 83:24:88:99:69:f8:d4:23:1e:19:1f:b0:29:ca:71:7d:1c:64: a1:c1:af:5b:66:73:2a:b6:f7:fb:fe:bc:70:7b:dc:2c:03:ce: ab:4e:85:7e:20:fc:2d:5d:38:c4:d0:b9:5c:9b:a6:67:71:b9: 3b:dd:5a:f2:b3:0b:82:b7:1d:e6:e5:53:d4:3e:94:8a:30:80: 2e:4a:51:8a:b2:01:55:0d:71:83:d8:2d:f4:99:71:21:11:f7: 07:1d:53:00:80:2a:18:2f:cb:2d:41:a0:37:06:c4:37:49:3d: 14:22:88:07:e9:45:35:9a:6b:5c:38:10:24:15:8f:ab:68:22: b7:65:c6:d0:2c:8d:28:a6:70:ba:39:a1:31:1e:db:7a:a5:0d: 09:ba:c6:c2:2e:0c:32:e8:aa:a0:48:47:d8:22:c3:6d:50:f1: 8e:88:e5:72 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBRjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD RTRDMTExMC8GA1UEBRMoMDQ3RUYxQTFDRjY1OTY2MzQ5ODY2NzY3NjU1NjQ4RUVG OTExMEM1QTAeFw0yNTA1MzEwNzA3MzVaFw0yNTA2MDcwNzA3MzVaMBgxFjAUBgNV BAMTDTY4M2FhYWI3LWM3ZTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCm32k27HEvGmRd10OtAoZbpGejeO9TfbjZve+4swXxzLuKSMwc6YWEGCaZz61m J+Y3Ek5Qwg7XCGnjf0kWJsImGcRHsweELqzo/jV/61L5KpOr3gTp0XEOoUmDyvkD sy80V+IyjPyh8a7CdVQ8CJMqHs4xDhTIpTsBQ1extz2/OA9/cljUxQDeuwELuIXY D9Xjx+IXVm+oGsOhhHvXuhJt6EcQJjEDYc1+xv1lmyxlD4WFFcE0LePD1IOpqNDs sz1Y87NR1haQwNTXmGSaztJ3zlJB6zb2OtYak2CDYgiY5v54tdThPkhowNIHEFJ7 azewVg5dsevZHH3+RKeJQgQ7AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUWWovbFY7 uNKOYcbrBXlgKebEI/EwHwYDVR0jBBgwFoAUBH7xoc9llmNJhmdnZVZI7vkRDFow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNFNEMxLzM2NDQ4ODdBRTlC QjExRUZCQUFDOUQ3MEM0RjlBRTAyL0JIN3hvYzlsbG1OSmhtZG5aVlpJN3ZrUkRG by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvQkg3eG9jOWxsbU5KaG1kblpWWkk3dmtSREZvLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNF NEMxLzM2NDQ4ODdBRTlCQjExRUZCQUFDOUQ3MEM0RjlBRTAyL0JIN3hvYzlsbG1O SmhtZG5aVlpJN3ZrUkRGby5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAAvwcjITsBJYTyIo/dbSeDgEZyzTDsm+qi6owzJItXYYNMntUiuL4m0/ vpTyOf0lpkrKdjvsOpHvCfx6qD54I1/3d4sDS30kYPlIrwOtZyvtg+uvp14bN4/D BIMkiJlp+NQjHhkfsCnKcX0cZKHBr1tmcyq29/v+vHB73CwDzqtOhX4g/C1dOMTQ uVybpmdxuTvdWvKzC4K3HeblU9Q+lIowgC5KUYqyAVUNcYPYLfSZcSER9wcdUwCA Khgvyy1BoDcGxDdJPRQiiAfpRTWaa1w4ECQVj6toIrdlxtAsjSimcLo5oTEe23ql DQm6xsIuDDLoqqBIR9giw21Q8Y6I5XI= -----END CERTIFICATE-----Generated at Sat May 31 17:26:10 2025 by rpki-client