$ rpki-client -vvf rpki.apnic.net/member_repository/A91C146D/F4D5A67E003711F0BBD72475C4F9AE02/BKM4-nsSbgfA74urj33BycGsMiE.mft File: BKM4-nsSbgfA74urj33BycGsMiE.mft (raw, json) Hash identifier: PNhRCG6+qrJixrQMzrCG4Dbe+iqLxc+GRMNQ/nUV/IQ= Subject key identifier: 60:CB:1C:76:C4:89:17:00:F8:E0:DD:EB:D1:DE:B3:8B:B6:F4:11:90 Authority key identifier: 04:A3:38:FA:7B:12:6E:07:C0:EF:8B:AB:8F:7D:C1:C9:C1:AC:32:21 Certificate issuer: /CN=A91C146D/serialNumber=04A338FA7B126E07C0EF8BAB8F7DC1C9C1AC3221 Certificate serial: 39 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BKM4-nsSbgfA74urj33BycGsMiE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C146D/F4D5A67E003711F0BBD72475C4F9AE02/BKM4-nsSbgfA74urj33BycGsMiE.mft Manifest number: 39 Signing time: Tue 01 Jul 2025 08:20:57 +0000 Manifest this update: Tue 01 Jul 2025 08:20:56 +0000 Manifest next update: Tue 08 Jul 2025 08:20:56 +0000 Files and hashes: 1: BKM4-nsSbgfA74urj33BycGsMiE.crl (hash: 0YN+M7087LdOg2HUaLhl0IOjQIxTDHgVGH2XP4twLqM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C146D/F4D5A67E003711F0BBD72475C4F9AE02/BKM4-nsSbgfA74urj33BycGsMiE.crl rsync://rpki.apnic.net/member_repository/A91C146D/F4D5A67E003711F0BBD72475C4F9AE02/BKM4-nsSbgfA74urj33BycGsMiE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BKM4-nsSbgfA74urj33BycGsMiE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 08:20:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57 (0x39) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C146D, serialNumber=04A338FA7B126E07C0EF8BAB8F7DC1C9C1AC3221 Validity Not Before: Jul 1 08:20:56 2025 GMT Not After : Jul 8 08:20:56 2025 GMT Subject: CN=68639a68-ecaf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:d6:58:a2:37:2d:2e:d7:df:13:72:05:a3:90: 06:5d:e9:b9:9c:a2:8f:ba:f8:d8:66:3e:08:2c:c1: 98:e5:f4:93:9e:43:f8:c4:cc:b9:9b:ae:0a:0b:6c: ff:c1:1e:0e:af:a3:0d:a2:d3:b9:1f:ec:a3:37:76: eb:34:3c:68:33:33:f5:f4:ad:94:91:fb:f4:11:ab: e0:1c:14:c6:2c:ec:53:10:57:4d:24:2c:32:81:2e: 2b:50:7d:f6:0d:28:d7:ec:d5:c6:b3:f0:0a:c6:22: b3:49:cb:30:79:9b:a0:f5:da:34:2c:70:6a:79:8e: ec:37:e3:3c:0d:2b:65:5e:53:41:40:66:9d:5f:65: e4:2a:6f:4e:99:73:78:b5:af:c0:70:e1:96:86:d3: e5:37:87:b2:a1:7f:46:46:d3:a0:4c:4b:06:9e:4d: 26:f8:40:0e:dd:6f:49:e1:3f:81:ab:83:66:7d:ed: f3:ca:13:54:28:44:d2:2b:de:85:2d:dc:fe:c7:e7: 94:75:06:3a:c5:46:07:39:d1:2a:84:fc:00:16:47: c3:42:51:fc:f6:7f:b9:76:12:47:c7:73:15:2b:a0: 5d:b1:ae:8c:17:77:2e:20:00:05:16:81:e4:74:cb: 68:a7:c1:39:37:96:72:b0:ca:f4:f7:a4:8e:db:8a: 76:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:CB:1C:76:C4:89:17:00:F8:E0:DD:EB:D1:DE:B3:8B:B6:F4:11:90 X509v3 Authority Key Identifier: keyid:04:A3:38:FA:7B:12:6E:07:C0:EF:8B:AB:8F:7D:C1:C9:C1:AC:32:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C146D/F4D5A67E003711F0BBD72475C4F9AE02/BKM4-nsSbgfA74urj33BycGsMiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BKM4-nsSbgfA74urj33BycGsMiE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C146D/F4D5A67E003711F0BBD72475C4F9AE02/BKM4-nsSbgfA74urj33BycGsMiE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 95:ea:22:2f:be:45:4d:5c:22:11:5c:bb:f9:ef:3e:4c:80:5c: d9:35:b4:f7:4c:3e:9a:bd:d3:a2:a8:77:75:3b:dd:51:42:03: c0:26:cb:3c:87:27:9a:ae:d6:a5:e6:c4:35:4b:ef:0d:3e:51: dd:84:e4:3a:ba:bd:fa:8b:32:78:6a:c9:f4:87:5d:84:c3:1d: e8:10:dc:96:cb:56:5a:62:ed:2f:35:cf:03:50:3d:d0:89:ee: 76:c2:cf:7e:30:55:03:6a:27:40:a6:fa:f0:bf:60:d8:71:f5: c9:62:eb:39:20:66:7a:d0:03:d2:f6:ab:2a:d3:86:27:89:97: 7d:76:be:10:37:be:8b:0a:fa:42:0b:35:fb:61:8e:46:58:51: e1:72:a5:05:c8:f4:f6:bd:2b:e4:30:55:7a:06:7e:6d:8d:c7: fb:ad:f8:84:fa:2b:e5:2e:0c:af:3f:d4:88:db:c7:45:cd:6f: b8:9f:98:82:7b:63:a9:ed:8f:03:8a:34:39:f8:b5:ab:3a:8e: 89:06:26:84:15:cf:4d:bd:24:6e:15:ab:f0:a5:03:92:19:bf: 8b:30:3d:a0:2d:e2:a3:0a:9c:61:2c:c0:cb:8e:cd:2d:5d:62: 83:b8:c2:02:ba:63:81:1c:e8:23:c5:bc:c0:a4:66:41:4c:98: 8f:3b:61:9f -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBOTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD MTQ2RDExMC8GA1UEBRMoMDRBMzM4RkE3QjEyNkUwN0MwRUY4QkFCOEY3REMxQzlD MUFDMzIyMTAeFw0yNTA3MDEwODIwNTZaFw0yNTA3MDgwODIwNTZaMBgxFjAUBgNV BAMTDTY4NjM5YTY4LWVjYWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDC1liiNy0u198TcgWjkAZd6bmcoo+6+NhmPggswZjl9JOeQ/jEzLmbrgoLbP/B Hg6vow2i07kf7KM3dus0PGgzM/X0rZSR+/QRq+AcFMYs7FMQV00kLDKBLitQffYN KNfs1caz8ArGIrNJyzB5m6D12jQscGp5juw34zwNK2VeU0FAZp1fZeQqb06Zc3i1 r8Bw4ZaG0+U3h7Khf0ZG06BMSwaeTSb4QA7db0nhP4Grg2Z97fPKE1QoRNIr3oUt 3P7H55R1BjrFRgc50SqE/AAWR8NCUfz2f7l2EkfHcxUroF2xrowXdy4gAAUWgeR0 y2inwTk3lnKwyvT3pI7binblAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUYMscdsSJ FwD44N3r0d6zi7b0EZAwHwYDVR0jBBgwFoAUBKM4+nsSbgfA74urj33BycGsMiEw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUMxNDZEL0Y0RDVBNjdFMDAz NzExRjBCQkQ3MjQ3NUM0RjlBRTAyL0JLTTQtbnNTYmdmQTc0dXJqMzNCeWNHc01p RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvQktNNC1uc1NiZ2ZBNzR1cmozM0J5Y0dzTWlFLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUMx NDZEL0Y0RDVBNjdFMDAzNzExRjBCQkQ3MjQ3NUM0RjlBRTAyL0JLTTQtbnNTYmdm QTc0dXJqMzNCeWNHc01pRS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAJXqIi++RU1cIhFcu/nvPkyAXNk1tPdMPpq906Kod3U73VFCA8AmyzyH J5qu1qXmxDVL7w0+Ud2E5Dq6vfqLMnhqyfSHXYTDHegQ3JbLVlpi7S81zwNQPdCJ 7nbCz34wVQNqJ0Cm+vC/YNhx9cli6zkgZnrQA9L2qyrThieJl312vhA3vosK+kIL NfthjkZYUeFypQXI9Pa9K+QwVXoGfm2Nx/ut+IT6K+UuDK8/1Ijbx0XNb7ifmIJ7 Y6ntjwOKNDn4tas6jokGJoQVz029JG4Vq/ClA5IZv4swPaAt4qMKnGEswMuOzS1d YoO4wgK6Y4Ec6CPFvMCkZkFMmI87YZ8= -----END CERTIFICATE-----Generated at Thu Jul 3 08:46:42 2025 by rpki-client