$ rpki-client -vvf rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft File: bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft (raw, json) Hash identifier: 5DpIe/0O24zutvGFsWwAxPrNiI7LImQECa1uSfzM27g= Subject key identifier: A1:02:4A:2C:DB:40:42:B8:89:13:56:C1:56:29:27:FD:57:12:B3:19 Authority key identifier: 6E:48:61:0A:A0:E6:B0:E2:C5:EE:D4:02:DD:07:83:3A:A7:3E:7E:A2 Certificate issuer: /CN=A91FBD28/serialNumber=6E48610AA0E6B0E2C5EED402DD07833AA73E7EA2 Certificate serial: 1B02 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/bkhhCqDmsOLF7tQC3QeDOqc-fqI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft Manifest number: 1AEC Signing time: Fri 31 Oct 2025 15:39:28 +0000 Manifest this update: Fri 31 Oct 2025 15:39:28 +0000 Manifest next update: Fri 07 Nov 2025 15:39:28 +0000 Files and hashes: 1: bkhhCqDmsOLF7tQC3QeDOqc-fqI.crl (hash: U5a9pZkItdoH9l0+psLJRR7gRXi0pk8ZmjPcB7xur2c=) 2: D8B92776A16A11EAA517B11EC4F9AE02.roa (hash: 0/HP0DwNYOfkRXXhvxhJ7qmLcNQDOwmKr3HHIF1F5nU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.crl rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/bkhhCqDmsOLF7tQC3QeDOqc-fqI.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 14:50:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6914 (0x1b02) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FBD28, serialNumber=6E48610AA0E6B0E2C5EED402DD07833AA73E7EA2 Validity Not Before: Oct 31 15:39:28 2025 GMT Not After : Nov 7 15:39:28 2025 GMT Subject: CN=6904d830-1a06 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:7f:83:37:ca:2d:2e:27:89:73:1c:0f:be:68: 00:3e:c6:d1:dd:15:1a:69:08:df:62:28:8b:03:31: 99:0f:e0:5c:ab:2a:54:0d:25:1c:d8:d9:ec:52:1f: 5b:21:70:78:54:6b:e2:fb:96:3b:a7:6a:d7:0e:0e: 60:ce:56:ef:c6:5c:c9:f3:7a:2a:1d:fe:fb:6e:3a: f5:22:6b:cd:d1:c3:84:05:04:b7:ed:51:dc:2d:09: 48:4c:91:b4:28:c3:45:cf:5f:3a:9c:1c:d5:5c:aa: 5f:e9:ae:86:df:e4:18:4d:0c:c1:09:01:fc:66:63: cb:23:15:49:7d:0a:3b:fa:a5:17:7e:1a:f1:7e:4f: 5a:08:af:ed:ca:1d:e8:e7:79:69:ee:09:5f:2c:b8: 24:35:df:b4:6e:21:84:31:f1:6a:c3:44:35:9b:2d: f3:e1:01:45:26:96:49:3e:36:88:48:89:61:43:53: f7:02:ae:9e:ba:f4:4e:1d:2c:3b:60:81:09:0e:59: 61:79:8b:59:8f:10:5a:55:1e:ac:8c:95:b6:f4:61: e6:fd:b0:c3:f2:c8:ba:5f:10:bc:73:20:40:91:1e: f2:59:43:d8:1f:15:62:ff:a5:22:1d:c0:f6:4e:98: 98:41:a9:13:78:76:37:dc:14:f0:44:3a:7b:b1:fa: a9:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:02:4A:2C:DB:40:42:B8:89:13:56:C1:56:29:27:FD:57:12:B3:19 X509v3 Authority Key Identifier: keyid:6E:48:61:0A:A0:E6:B0:E2:C5:EE:D4:02:DD:07:83:3A:A7:3E:7E:A2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/bkhhCqDmsOLF7tQC3QeDOqc-fqI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b4:4c:9b:67:55:06:ec:08:5d:ed:98:25:89:13:fc:b1:ec:be: b7:84:37:ef:75:72:06:c3:db:45:bf:25:26:09:02:ce:1a:2b: 63:89:bc:4a:62:bc:7c:89:9a:39:73:8a:52:30:1d:36:46:f0: c6:d5:2f:36:2b:a4:e7:62:e1:9f:fa:ef:90:a1:9c:c9:6a:26: 99:e6:c7:f1:d3:3b:57:03:44:dc:90:34:6a:a9:d1:c4:dd:66: 9a:51:2f:ad:a4:a1:4d:12:de:f3:3c:89:61:a7:77:af:81:fd: 59:ba:8c:15:a9:64:6e:e0:86:f9:15:31:c8:8f:92:d9:45:f7: 8c:13:a8:5e:c6:86:79:6d:5b:99:1a:8a:19:5b:50:a3:bf:52: 76:74:c8:6c:de:28:b7:5f:8c:fe:bf:50:4e:b7:9e:75:b2:88: 86:ec:f2:ad:f4:f7:36:a6:c8:3e:a3:b9:97:01:c9:33:4b:1e: ee:d6:71:52:8c:4e:ed:99:9d:31:1c:bd:1a:11:2b:10:3c:13: 33:b5:e0:54:9c:57:9c:de:90:30:33:a6:6f:61:d8:19:6d:f5: 08:b2:83:63:1e:51:e4:32:14:74:1e:fa:a4:eb:30:5b:9b:d5: 1d:a2:7b:22:d6:37:8d:14:bf:14:17:fb:eb:38:f8:1d:9a:dc: 8a:19:bd:f6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICGwIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkJEMjgxMTAvBgNVBAUTKDZFNDg2MTBBQTBFNkIwRTJDNUVFRDQwMkREMDc4MzNB QTczRTdFQTIwHhcNMjUxMDMxMTUzOTI4WhcNMjUxMTA3MTUzOTI4WjAYMRYwFAYD VQQDEw02OTA0ZDgzMC0xYTA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1X+DN8otLieJcxwPvmgAPsbR3RUaaQjfYiiLAzGZD+BcqypUDSUc2NnsUh9b IXB4VGvi+5Y7p2rXDg5gzlbvxlzJ83oqHf77bjr1ImvN0cOEBQS37VHcLQlITJG0 KMNFz186nBzVXKpf6a6G3+QYTQzBCQH8ZmPLIxVJfQo7+qUXfhrxfk9aCK/tyh3o 53lp7glfLLgkNd+0biGEMfFqw0Q1my3z4QFFJpZJPjaISIlhQ1P3Aq6euvROHSw7 YIEJDllheYtZjxBaVR6sjJW29GHm/bDD8si6XxC8cyBAkR7yWUPYHxVi/6UiHcD2 TpiYQakTeHY33BTwRDp7sfqpwQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKECSizb QEK4iRNWwVYpJ/1XErMZMB8GA1UdIwQYMBaAFG5IYQqg5rDixe7UAt0HgzqnPn6i MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQkQyOC8yNjc1OEJCNDNB QjUxMUU3Qjg2MDlGMUNDNEY5QUUwMi9ia2hoQ3FEbXNPTEY3dFFDM1FlRE9xYy1m cUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL2JraGhDcURtc09MRjd0UUMzUWVET3FjLWZxSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG QkQyOC8yNjc1OEJCNDNBQjUxMUU3Qjg2MDlGMUNDNEY5QUUwMi9ia2hoQ3FEbXNP TEY3dFFDM1FlRE9xYy1mcUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC0TJtnVQbsCF3tmCWJE/yx7L63hDfvdXIGw9tFvyUmCQLOGitjibxK Yrx8iZo5c4pSMB02RvDG1S82K6TnYuGf+u+QoZzJaiaZ5sfx0ztXA0TckDRqqdHE 3WaaUS+tpKFNEt7zPIlhp3evgf1ZuowVqWRu4Ib5FTHIj5LZRfeME6hexoZ5bVuZ GooZW1Cjv1J2dMhs3ii3X4z+v1BOt551soiG7PKt9Pc2psg+o7mXAckzSx7u1nFS jE7tmZ0xHL0aESsQPBMzteBUnFec3pAwM6ZvYdgZbfUIsoNjHlHkMhR0Hvqk6zBb m9Udonsi1jeNFL8UF/vrOPgdmtyKGb32 -----END CERTIFICATE-----Generated at Fri Oct 31 21:40:17 2025 by rpki-client