$ rpki-client -vvf rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft File: bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft (raw, json) Hash identifier: meXQrs5wHDpaZoSiyN6v7zWizyGzRn1YFMzJXfL3U1o= Subject key identifier: 95:C4:46:F4:A7:E2:98:41:89:D7:73:B5:E4:F0:C4:2B:0B:BD:32:0B Authority key identifier: 6E:48:61:0A:A0:E6:B0:E2:C5:EE:D4:02:DD:07:83:3A:A7:3E:7E:A2 Certificate issuer: /CN=A91FBD28/serialNumber=6E48610AA0E6B0E2C5EED402DD07833AA73E7EA2 Certificate serial: 1AB2 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/bkhhCqDmsOLF7tQC3QeDOqc-fqI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft Manifest number: 1A9D Signing time: Mon 02 Jun 2025 15:50:29 +0000 Manifest this update: Mon 02 Jun 2025 15:50:29 +0000 Manifest next update: Mon 09 Jun 2025 15:50:29 +0000 Files and hashes: 1: bkhhCqDmsOLF7tQC3QeDOqc-fqI.crl (hash: tU3uajPuzqwBG38Ap5wVcelVMQVW7NY0elDuzKdaziw=) 2: D8B92776A16A11EAA517B11EC4F9AE02.roa (hash: Kdp9AKQeL2FX/yJ9dKy0ocxr3Mori7J9VoVLko7H5hQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.crl rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/bkhhCqDmsOLF7tQC3QeDOqc-fqI.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Jun 2025 15:50:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6834 (0x1ab2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FBD28, serialNumber=6E48610AA0E6B0E2C5EED402DD07833AA73E7EA2 Validity Not Before: Jun 2 15:50:29 2025 GMT Not After : Jun 9 15:50:29 2025 GMT Subject: CN=683dc845-8bd2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:59:9b:44:a0:bc:c6:1c:c7:59:08:b1:8f:b0: 82:87:93:c6:6c:50:79:38:86:2d:c2:0f:1a:2f:ae: 48:a7:fd:7c:aa:02:99:c5:23:f9:be:4d:1e:df:0f: 3d:c1:f1:70:3d:c4:09:02:f7:2f:ec:8f:ba:c3:90: 6f:59:ec:24:e6:91:7a:a7:d0:43:e5:a6:97:d1:b6: 1b:0d:1a:69:78:97:ef:21:4e:f1:61:94:8a:46:3d: 3d:03:d4:61:74:48:51:88:0f:82:8d:3f:2e:7e:03: 75:0c:62:13:1e:f1:3c:56:f5:03:66:e7:92:18:44: 89:64:1b:54:85:5b:de:84:95:c9:1b:25:62:b7:ad: d4:35:50:ed:3e:54:c0:4f:1c:93:37:07:1c:c0:fe: 9c:53:1c:f0:cc:ef:c7:f7:30:be:bb:6f:98:69:49: b3:b8:21:03:80:0c:09:e9:73:f7:cd:58:5a:31:51: 84:d7:1b:3f:26:31:30:6d:af:5c:6d:8f:89:a6:c5: f5:60:ca:0f:b5:03:38:0e:dc:a8:63:c4:2a:d5:13: 07:23:b7:ad:13:da:0a:96:ac:d5:0a:e9:50:58:f1: 59:0d:75:49:70:53:3a:2e:a5:ea:72:dc:2c:25:24: 59:45:c4:0b:7f:8a:c7:6a:2b:4e:86:5c:7b:9b:41: 00:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:C4:46:F4:A7:E2:98:41:89:D7:73:B5:E4:F0:C4:2B:0B:BD:32:0B X509v3 Authority Key Identifier: keyid:6E:48:61:0A:A0:E6:B0:E2:C5:EE:D4:02:DD:07:83:3A:A7:3E:7E:A2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/bkhhCqDmsOLF7tQC3QeDOqc-fqI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 64:e4:4d:4c:be:20:b4:41:38:7f:55:d6:16:f0:62:f0:6e:54: f9:a5:6f:ed:24:3a:c6:d3:40:2b:50:fa:aa:4a:6e:8d:e0:e8: 17:7a:2b:7e:5e:38:d3:07:37:70:7c:5c:c1:32:bf:f5:4f:a0: 9d:15:9f:0a:07:49:a9:94:92:47:e0:8e:0e:e4:0e:46:62:af: e8:b4:4b:10:cb:3f:f7:8d:f5:e8:6c:0d:a6:be:9e:04:a4:eb: 54:b0:ed:f3:20:79:fd:d2:82:ab:01:a7:30:0b:29:c8:01:18: c9:b7:2a:1a:f0:75:18:a6:99:4e:a4:de:19:d9:9c:d3:d7:59: 49:75:9d:da:e7:5b:fe:b1:e2:ce:53:96:21:d8:c6:f7:6f:db: 38:84:8f:87:eb:db:30:63:0b:19:75:fa:a5:69:6e:d2:0e:d3: c4:20:c0:25:8d:6d:d9:10:42:8e:5c:11:ea:9c:bc:10:57:3a: 89:78:47:87:47:6f:8f:05:39:e4:f3:8a:92:3e:06:6c:c8:57: 7a:51:e7:a0:93:06:d7:7c:ee:86:e1:bf:24:88:d8:99:7b:c0: 1c:7e:7e:9d:e4:95:d7:f4:9c:b3:d2:70:71:de:82:94:ef:21: 25:43:26:54:23:12:c5:85:1c:64:5f:65:94:e1:28:ef:3d:4d: 6e:74:f0:60 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICGrIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkJEMjgxMTAvBgNVBAUTKDZFNDg2MTBBQTBFNkIwRTJDNUVFRDQwMkREMDc4MzNB QTczRTdFQTIwHhcNMjUwNjAyMTU1MDI5WhcNMjUwNjA5MTU1MDI5WjAYMRYwFAYD VQQDEw02ODNkYzg0NS04YmQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAp1mbRKC8xhzHWQixj7CCh5PGbFB5OIYtwg8aL65Ip/18qgKZxSP5vk0e3w89 wfFwPcQJAvcv7I+6w5BvWewk5pF6p9BD5aaX0bYbDRppeJfvIU7xYZSKRj09A9Rh dEhRiA+CjT8ufgN1DGITHvE8VvUDZueSGESJZBtUhVvehJXJGyVit63UNVDtPlTA TxyTNwccwP6cUxzwzO/H9zC+u2+YaUmzuCEDgAwJ6XP3zVhaMVGE1xs/JjEwba9c bY+JpsX1YMoPtQM4DtyoY8Qq1RMHI7etE9oKlqzVCulQWPFZDXVJcFM6LqXqctws JSRZRcQLf4rHaitOhlx7m0EACQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJXERvSn 4phBiddzteTwxCsLvTILMB8GA1UdIwQYMBaAFG5IYQqg5rDixe7UAt0HgzqnPn6i MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQkQyOC8yNjc1OEJCNDNB QjUxMUU3Qjg2MDlGMUNDNEY5QUUwMi9ia2hoQ3FEbXNPTEY3dFFDM1FlRE9xYy1m cUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL2JraGhDcURtc09MRjd0UUMzUWVET3FjLWZxSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG QkQyOC8yNjc1OEJCNDNBQjUxMUU3Qjg2MDlGMUNDNEY5QUUwMi9ia2hoQ3FEbXNP TEY3dFFDM1FlRE9xYy1mcUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBk5E1MviC0QTh/VdYW8GLwblT5pW/tJDrG00ArUPqqSm6N4OgXeit+ XjjTBzdwfFzBMr/1T6CdFZ8KB0mplJJH4I4O5A5GYq/otEsQyz/3jfXobA2mvp4E pOtUsO3zIHn90oKrAacwCynIARjJtyoa8HUYpplOpN4Z2ZzT11lJdZ3a51v+seLO U5Yh2Mb3b9s4hI+H69swYwsZdfqlaW7SDtPEIMAljW3ZEEKOXBHqnLwQVzqJeEeH R2+PBTnk84qSPgZsyFd6UeegkwbXfO6G4b8kiNiZe8Acfn6d5JXX9Jyz0nBx3oKU 7yElQyZUIxLFhRxkX2WU4SjvPU1udPBg -----END CERTIFICATE-----Generated at Tue Jun 3 23:59:35 2025 by rpki-client