$ rpki-client -vvf rpki.apnic.net/member_repository/A91C146D/F4D5A67E003711F0BBD72475C4F9AE02/BKM4-nsSbgfA74urj33BycGsMiE.mft File: BKM4-nsSbgfA74urj33BycGsMiE.mft (raw, json) Hash identifier: 4HrUvl3fltIRoS0pvIhjQrG/ki98ehlSej3oNdCPo6M= Subject key identifier: 5F:1B:3A:42:1D:BA:C6:48:18:9B:AB:98:C7:59:AF:D0:54:5F:E2:98 Authority key identifier: 04:A3:38:FA:7B:12:6E:07:C0:EF:8B:AB:8F:7D:C1:C9:C1:AC:32:21 Certificate issuer: /CN=A91C146D/serialNumber=04A338FA7B126E07C0EF8BAB8F7DC1C9C1AC3221 Certificate serial: 71 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BKM4-nsSbgfA74urj33BycGsMiE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C146D/F4D5A67E003711F0BBD72475C4F9AE02/BKM4-nsSbgfA74urj33BycGsMiE.mft Manifest number: 71 Signing time: Sun 19 Oct 2025 10:13:35 +0000 Manifest this update: Sun 19 Oct 2025 10:13:35 +0000 Manifest next update: Sun 26 Oct 2025 10:13:35 +0000 Files and hashes: 1: BKM4-nsSbgfA74urj33BycGsMiE.crl (hash: W6T7ct4bGF3KK9fFvzgHGpZhB3ijKxp3D22IW+2tA/0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C146D/F4D5A67E003711F0BBD72475C4F9AE02/BKM4-nsSbgfA74urj33BycGsMiE.crl rsync://rpki.apnic.net/member_repository/A91C146D/F4D5A67E003711F0BBD72475C4F9AE02/BKM4-nsSbgfA74urj33BycGsMiE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BKM4-nsSbgfA74urj33BycGsMiE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 10:13:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 113 (0x71) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C146D, serialNumber=04A338FA7B126E07C0EF8BAB8F7DC1C9C1AC3221 Validity Not Before: Oct 19 10:13:35 2025 GMT Not After : Oct 26 10:13:35 2025 GMT Subject: CN=68f4b9cf-4a1b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:76:28:7c:fe:6c:24:0b:1e:26:5b:e0:9c:71: 27:55:5e:fb:80:7a:65:f9:98:07:bd:db:5c:01:f5: 67:8d:8b:dd:74:dc:f3:39:91:54:64:99:11:69:b7: 35:8b:3a:08:51:0d:0d:68:0f:ae:2e:f5:ef:b8:5e: 04:b2:fe:48:66:cc:6c:4d:08:3a:7c:ae:b0:60:64: 6d:80:a2:2a:96:e2:22:cb:d8:e9:5d:49:71:a0:08: f2:20:4d:4f:b6:ff:83:00:09:62:37:68:bd:2b:c3: 2d:f7:2f:d7:89:66:d6:47:4f:90:2a:51:1a:b0:78: 39:63:59:65:65:da:5d:24:ec:13:08:15:63:0e:a3: f0:8c:ee:31:33:ad:db:08:10:36:a2:d8:02:a4:17: 02:8e:f5:cf:5c:af:10:01:cb:c6:17:61:b4:f9:b4: 04:92:74:80:a8:73:07:bb:61:5b:2d:96:d1:56:24: df:ff:92:02:5c:a0:bc:21:f5:35:a1:ee:96:cc:31: 10:ee:4b:9a:f7:3d:2c:dd:c9:55:93:a0:28:05:aa: ba:6a:8c:74:92:bc:65:a8:cc:39:61:ec:75:65:39: 1a:d7:17:55:76:5e:dd:a6:e3:ba:15:d8:c1:1f:f1: 45:cc:83:e0:5d:91:36:8f:0e:29:45:51:44:0a:f4: e4:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:1B:3A:42:1D:BA:C6:48:18:9B:AB:98:C7:59:AF:D0:54:5F:E2:98 X509v3 Authority Key Identifier: keyid:04:A3:38:FA:7B:12:6E:07:C0:EF:8B:AB:8F:7D:C1:C9:C1:AC:32:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C146D/F4D5A67E003711F0BBD72475C4F9AE02/BKM4-nsSbgfA74urj33BycGsMiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BKM4-nsSbgfA74urj33BycGsMiE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C146D/F4D5A67E003711F0BBD72475C4F9AE02/BKM4-nsSbgfA74urj33BycGsMiE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption be:bd:f7:a3:8b:94:5e:9e:89:03:7d:b0:87:05:8f:4b:79:a5: af:da:1d:ce:ac:44:e2:07:66:b6:6c:6b:95:05:3f:44:8e:f4: 7c:5b:24:91:f1:66:c3:1a:07:73:d9:93:64:0d:ee:49:0c:a8: 12:71:48:fd:a6:e1:50:85:3b:5b:42:b3:65:4c:11:cc:f7:ea: 0c:cc:7b:6f:73:3d:da:bc:4c:28:0c:c7:a5:3c:ec:c0:0d:f4: f0:82:de:58:78:fa:8d:73:a0:e8:38:1a:72:0b:3e:7a:18:75: c2:5b:57:13:9d:8a:92:9e:46:d3:7a:27:72:84:15:91:f5:b3: 05:af:77:6f:6c:e6:54:d1:e8:d8:3e:5e:61:60:75:ae:e9:61: a6:1d:82:39:e3:53:20:a1:f5:79:c6:93:fe:3d:77:90:25:80: 46:03:9f:a4:54:bc:f3:fa:a9:ff:b8:79:b6:2b:2c:d1:e7:78: b7:5c:9e:25:2e:06:7d:df:0a:d8:0d:06:df:47:59:7c:77:a5: 03:13:d3:67:72:be:d1:8b:df:5a:b3:10:2d:d5:36:1a:af:1a: d8:ea:64:0c:54:3c:c3:e4:be:21:af:3c:bc:fa:08:f4:fe:2a: 08:e4:03:ad:3f:d3:28:43:46:83:33:40:0a:9c:8f:a4:1c:5d: 93:52:e6:64 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBcTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD MTQ2RDExMC8GA1UEBRMoMDRBMzM4RkE3QjEyNkUwN0MwRUY4QkFCOEY3REMxQzlD MUFDMzIyMTAeFw0yNTEwMTkxMDEzMzVaFw0yNTEwMjYxMDEzMzVaMBgxFjAUBgNV BAMTDTY4ZjRiOWNmLTRhMWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDedih8/mwkCx4mW+CccSdVXvuAemX5mAe921wB9WeNi9103PM5kVRkmRFptzWL OghRDQ1oD64u9e+4XgSy/khmzGxNCDp8rrBgZG2AoiqW4iLL2OldSXGgCPIgTU+2 /4MACWI3aL0rwy33L9eJZtZHT5AqURqweDljWWVl2l0k7BMIFWMOo/CM7jEzrdsI EDai2AKkFwKO9c9crxABy8YXYbT5tASSdICocwe7YVstltFWJN//kgJcoLwh9TWh 7pbMMRDuS5r3PSzdyVWToCgFqrpqjHSSvGWozDlh7HVlORrXF1V2Xt2m47oV2MEf 8UXMg+BdkTaPDilFUUQK9OT3AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUXxs6Qh26 xkgYm6uYx1mv0FRf4pgwHwYDVR0jBBgwFoAUBKM4+nsSbgfA74urj33BycGsMiEw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUMxNDZEL0Y0RDVBNjdFMDAz NzExRjBCQkQ3MjQ3NUM0RjlBRTAyL0JLTTQtbnNTYmdmQTc0dXJqMzNCeWNHc01p RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvQktNNC1uc1NiZ2ZBNzR1cmozM0J5Y0dzTWlFLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUMx NDZEL0Y0RDVBNjdFMDAzNzExRjBCQkQ3MjQ3NUM0RjlBRTAyL0JLTTQtbnNTYmdm QTc0dXJqMzNCeWNHc01pRS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAL6996OLlF6eiQN9sIcFj0t5pa/aHc6sROIHZrZsa5UFP0SO9HxbJJHx ZsMaB3PZk2QN7kkMqBJxSP2m4VCFO1tCs2VMEcz36gzMe29zPdq8TCgMx6U87MAN 9PCC3lh4+o1zoOg4GnILPnoYdcJbVxOdipKeRtN6J3KEFZH1swWvd29s5lTR6Ng+ XmFgda7pYaYdgjnjUyCh9XnGk/49d5AlgEYDn6RUvPP6qf+4ebYrLNHneLdcniUu Bn3fCtgNBt9HWXx3pQMT02dyvtGL31qzEC3VNhqvGtjqZAxUPMPkviGvPLz6CPT+ KgjkA60/0yhDRoMzQAqcj6QcXZNS5mQ= -----END CERTIFICATE-----Generated at Mon Oct 20 13:41:04 2025 by rpki-client