$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE4C1/3644887AE9BB11EFBAAC9D70C4F9AE02/BH7xoc9llmNJhmdnZVZI7vkRDFo.mft File: BH7xoc9llmNJhmdnZVZI7vkRDFo.mft (raw, json) Hash identifier: EEfDKBgKVXexPCKFYrkTMGUSkbYL1nGc8GvKM8KJzQ0= Subject key identifier: 0C:C8:F5:CD:FC:01:88:A9:AE:A1:3E:BB:F9:EF:8F:0B:CA:6E:0D:9F Authority key identifier: 04:7E:F1:A1:CF:65:96:63:49:86:67:67:65:56:48:EE:F9:11:0C:5A Certificate issuer: /CN=A91CE4C1/serialNumber=047EF1A1CF65966349866767655648EEF9110C5A Certificate serial: 79 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BH7xoc9llmNJhmdnZVZI7vkRDFo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CE4C1/3644887AE9BB11EFBAAC9D70C4F9AE02/BH7xoc9llmNJhmdnZVZI7vkRDFo.mft Manifest number: 72 Signing time: Sun 07 Sep 2025 07:26:08 +0000 Manifest this update: Sun 07 Sep 2025 07:26:08 +0000 Manifest next update: Sun 14 Sep 2025 07:26:08 +0000 Files and hashes: 1: BH7xoc9llmNJhmdnZVZI7vkRDFo.crl (hash: Uq3T4Dg7gNQocXjRZjFPiNKvH8Xeanb72RgARNmCTo0=) 2: 459E12EAE9C611EFB8012F10C4F9AE02.roa (hash: /RmfZz46so9ge+fbPNaFv77MZSPZTzTOQnyx59sNwag=) 3: FB4C0514E9C311EFADA7270AC4F9AE02.roa (hash: b+8Vf+1PI1yNyvvstVRxJPifoMZ8KqBIQc0NBIzO5qc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CE4C1/3644887AE9BB11EFBAAC9D70C4F9AE02/BH7xoc9llmNJhmdnZVZI7vkRDFo.crl rsync://rpki.apnic.net/member_repository/A91CE4C1/3644887AE9BB11EFBAAC9D70C4F9AE02/BH7xoc9llmNJhmdnZVZI7vkRDFo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BH7xoc9llmNJhmdnZVZI7vkRDFo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 14 Sep 2025 07:26:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 121 (0x79) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CE4C1, serialNumber=047EF1A1CF65966349866767655648EEF9110C5A Validity Not Before: Sep 7 07:26:08 2025 GMT Not After : Sep 14 07:26:08 2025 GMT Subject: CN=68bd3390-3604 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:62:03:86:9e:94:1e:7f:29:34:77:69:2e:44: d1:d8:9d:48:2f:3a:14:35:db:b8:3c:07:e0:a9:f0: fb:c5:fd:57:a0:bd:4e:d8:78:7e:ff:8c:fe:e3:fd: 28:1e:28:5e:da:aa:18:5f:1f:58:bb:18:2c:18:85: dd:2b:56:9a:10:86:00:7b:c2:05:2c:2c:e2:c5:99: 65:71:96:06:e5:83:5a:77:21:c0:2b:cd:66:b1:3c: f1:ef:1e:b4:85:18:7a:7d:e7:2b:0a:dc:e0:52:f4: 66:3f:53:4a:0a:b7:31:a7:49:cc:40:2c:fe:28:19: 0c:01:65:fb:2a:4d:2d:51:ba:cc:21:96:2b:b7:01: f0:a5:88:a2:4c:4d:b2:fd:9b:d5:15:d9:94:9e:dd: 90:e4:ec:2e:ff:ff:cb:4b:f9:3d:65:ac:2a:9a:cb: 63:04:94:85:a3:be:6c:8f:68:9e:72:db:5a:99:89: d6:97:e4:40:2d:69:82:41:17:8e:14:ba:81:b7:26: c1:39:bf:3b:ec:19:f9:ab:4b:2b:3c:7b:92:c7:19: 45:83:39:8f:2a:e8:ca:1c:ef:6d:e6:bd:3c:35:27: c6:d8:ee:74:be:c4:51:34:44:fc:bc:fb:97:12:da: a6:35:27:09:40:77:10:79:a4:f2:55:0f:2a:81:b2: 59:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:C8:F5:CD:FC:01:88:A9:AE:A1:3E:BB:F9:EF:8F:0B:CA:6E:0D:9F X509v3 Authority Key Identifier: keyid:04:7E:F1:A1:CF:65:96:63:49:86:67:67:65:56:48:EE:F9:11:0C:5A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CE4C1/3644887AE9BB11EFBAAC9D70C4F9AE02/BH7xoc9llmNJhmdnZVZI7vkRDFo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BH7xoc9llmNJhmdnZVZI7vkRDFo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE4C1/3644887AE9BB11EFBAAC9D70C4F9AE02/BH7xoc9llmNJhmdnZVZI7vkRDFo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a7:af:4b:91:1f:17:fe:2c:b5:8f:ea:ef:0a:1a:91:28:0e:f7: d3:49:43:6c:5a:ad:c6:aa:8b:70:9f:61:11:bc:00:a9:dc:5d: 9a:71:bd:ca:28:a2:d3:b7:25:13:12:8d:2f:07:35:13:90:21: a6:51:31:92:d1:51:da:d9:66:45:64:d1:cc:2d:61:f1:17:02: 2e:55:1e:45:27:9a:b3:f9:b9:19:0d:8e:75:50:73:1c:1c:8d: 20:6f:42:c1:04:ab:b5:bc:6d:cd:e8:39:af:9f:1d:eb:44:04: f1:d4:07:f1:3f:d9:44:39:a1:44:2a:01:15:b4:0c:6e:3e:1b: 7c:a9:8f:50:c5:ea:30:43:dd:3a:da:c9:a8:3e:c3:60:cb:9c: 7a:36:0b:da:49:5c:54:79:83:58:8f:ea:1d:e3:8b:0d:50:2b: 4b:52:8d:55:38:a5:63:98:58:ca:64:dd:3d:5e:27:a1:d3:12: 2b:d3:3b:a1:71:43:46:15:91:d3:c7:64:98:d5:c5:6e:3f:f0: 51:e7:13:b8:5b:93:05:17:c1:02:84:5b:c5:1c:1c:59:4c:d4: b2:30:72:b9:db:50:53:f9:f1:88:39:7f:e2:56:76:10:e6:3b: 02:1c:d5:ce:2d:a3:ea:3d:85:c2:db:b4:df:43:75:3a:ec:0f: 98:fc:b2:c0 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBeTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD RTRDMTExMC8GA1UEBRMoMDQ3RUYxQTFDRjY1OTY2MzQ5ODY2NzY3NjU1NjQ4RUVG OTExMEM1QTAeFw0yNTA5MDcwNzI2MDhaFw0yNTA5MTQwNzI2MDhaMBgxFjAUBgNV BAMTDTY4YmQzMzkwLTM2MDQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDLYgOGnpQefyk0d2kuRNHYnUgvOhQ127g8B+Cp8PvF/VegvU7YeH7/jP7j/Sge KF7aqhhfH1i7GCwYhd0rVpoQhgB7wgUsLOLFmWVxlgblg1p3IcArzWaxPPHvHrSF GHp95ysK3OBS9GY/U0oKtzGnScxALP4oGQwBZfsqTS1Ruswhliu3AfCliKJMTbL9 m9UV2ZSe3ZDk7C7//8tL+T1lrCqay2MElIWjvmyPaJ5y21qZidaX5EAtaYJBF44U uoG3JsE5vzvsGfmrSys8e5LHGUWDOY8q6Moc723mvTw1J8bY7nS+xFE0RPy8+5cS 2qY1JwlAdxB5pPJVDyqBslnRAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUDMj1zfwB iKmuoT67+e+PC8puDZ8wHwYDVR0jBBgwFoAUBH7xoc9llmNJhmdnZVZI7vkRDFow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNFNEMxLzM2NDQ4ODdBRTlC QjExRUZCQUFDOUQ3MEM0RjlBRTAyL0JIN3hvYzlsbG1OSmhtZG5aVlpJN3ZrUkRG by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvQkg3eG9jOWxsbU5KaG1kblpWWkk3dmtSREZvLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNF NEMxLzM2NDQ4ODdBRTlCQjExRUZCQUFDOUQ3MEM0RjlBRTAyL0JIN3hvYzlsbG1O SmhtZG5aVlpJN3ZrUkRGby5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAKevS5EfF/4stY/q7woakSgO99NJQ2xarcaqi3CfYRG8AKncXZpxvcoo otO3JRMSjS8HNROQIaZRMZLRUdrZZkVk0cwtYfEXAi5VHkUnmrP5uRkNjnVQcxwc jSBvQsEEq7W8bc3oOa+fHetEBPHUB/E/2UQ5oUQqARW0DG4+G3ypj1DF6jBD3Tra yag+w2DLnHo2C9pJXFR5g1iP6h3jiw1QK0tSjVU4pWOYWMpk3T1eJ6HTEivTO6Fx Q0YVkdPHZJjVxW4/8FHnE7hbkwUXwQKEW8UcHFlM1LIwcrnbUFP58Yg5f+JWdhDm OwIc1c4to+o9hcLbtN9DdTrsD5j8ssA= -----END CERTIFICATE-----Generated at Sun Sep 7 19:53:16 2025 by rpki-client