$ rpki-client -vvf rpki.apnic.net/member_repository/A91C146D/F4D5A67E003711F0BBD72475C4F9AE02/BKM4-nsSbgfA74urj33BycGsMiE.mft File: BKM4-nsSbgfA74urj33BycGsMiE.mft (raw, json) Hash identifier: nF9LtA9xWHUTDUvScItkLuxlvlteSbcLYyUnFgHwIuo= Subject key identifier: 03:1B:C9:44:C7:F5:52:AA:89:1D:E1:4D:AC:C2:6A:D8:AC:4D:29:A8 Authority key identifier: 04:A3:38:FA:7B:12:6E:07:C0:EF:8B:AB:8F:7D:C1:C9:C1:AC:32:21 Certificate issuer: /CN=A91C146D/serialNumber=04A338FA7B126E07C0EF8BAB8F7DC1C9C1AC3221 Certificate serial: 42 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BKM4-nsSbgfA74urj33BycGsMiE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C146D/F4D5A67E003711F0BBD72475C4F9AE02/BKM4-nsSbgfA74urj33BycGsMiE.mft Manifest number: 42 Signing time: Sat 19 Jul 2025 07:43:18 +0000 Manifest this update: Sat 19 Jul 2025 07:43:17 +0000 Manifest next update: Sat 26 Jul 2025 07:43:17 +0000 Files and hashes: 1: BKM4-nsSbgfA74urj33BycGsMiE.crl (hash: tl/6WI03nvZWlH4xsOz0SRsC1h+yQbXWOAMeIyo+P6s=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C146D/F4D5A67E003711F0BBD72475C4F9AE02/BKM4-nsSbgfA74urj33BycGsMiE.crl rsync://rpki.apnic.net/member_repository/A91C146D/F4D5A67E003711F0BBD72475C4F9AE02/BKM4-nsSbgfA74urj33BycGsMiE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BKM4-nsSbgfA74urj33BycGsMiE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 07:43:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66 (0x42) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C146D, serialNumber=04A338FA7B126E07C0EF8BAB8F7DC1C9C1AC3221 Validity Not Before: Jul 19 07:43:17 2025 GMT Not After : Jul 26 07:43:17 2025 GMT Subject: CN=687b4c95-f09f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:95:44:56:e6:ea:77:23:0e:35:b8:ff:12:e3: b7:cf:79:85:fc:e4:2c:14:38:e6:fa:e3:20:14:d1: d7:a2:9f:b5:9b:0f:cd:2d:14:77:b1:3f:30:a4:ec: 17:d7:5b:d4:71:ab:c3:ce:bc:10:d7:ee:15:d5:c3: 1d:e2:12:ae:9d:16:72:8a:91:30:68:0f:f0:d7:24: c6:52:8e:cd:ea:b4:fd:4c:62:d6:f3:ec:7f:f0:5d: ca:75:41:d9:7b:c0:14:c0:50:b0:d2:35:67:bd:76: 53:46:47:77:38:84:ed:d3:ad:ea:b9:dd:47:c9:4f: 7c:aa:16:7e:34:a4:6a:44:02:85:5d:80:a2:f0:2d: ed:27:0b:fd:fa:2a:a1:60:46:fd:63:ab:2b:48:27: 0c:f1:54:21:1e:e4:8f:24:2a:25:dc:e1:c2:63:77: 64:a2:d0:51:80:fa:ad:73:42:e2:8d:38:5d:e7:12: 2a:1d:ad:d9:44:dd:8a:9f:64:d1:38:9a:49:3d:14: 30:4f:11:51:e4:df:8c:71:ec:d6:06:5b:89:34:1c: ad:54:df:7c:23:46:67:1d:6b:a7:1d:a9:9f:99:ea: 7e:27:c9:48:3e:3d:84:3e:76:c0:e1:be:5b:bc:ee: 50:dc:6a:5c:3c:bc:6f:23:b1:a3:61:7d:9c:34:b8: 64:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:1B:C9:44:C7:F5:52:AA:89:1D:E1:4D:AC:C2:6A:D8:AC:4D:29:A8 X509v3 Authority Key Identifier: keyid:04:A3:38:FA:7B:12:6E:07:C0:EF:8B:AB:8F:7D:C1:C9:C1:AC:32:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C146D/F4D5A67E003711F0BBD72475C4F9AE02/BKM4-nsSbgfA74urj33BycGsMiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BKM4-nsSbgfA74urj33BycGsMiE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C146D/F4D5A67E003711F0BBD72475C4F9AE02/BKM4-nsSbgfA74urj33BycGsMiE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 48:25:c0:1d:3f:dd:34:4a:87:0a:64:03:55:00:fa:1a:91:10: f2:7d:f8:91:a0:a3:90:5c:07:91:34:87:4b:a5:ec:39:24:35: e8:e0:48:b0:d1:bc:76:f6:8a:62:e6:da:86:86:64:2d:68:ad: c4:b3:0b:3f:ac:9a:f9:eb:8b:74:de:5e:aa:0e:6b:4b:76:8e: 08:ad:1e:1b:4e:fb:f5:52:5e:12:a9:f8:6a:b5:33:05:67:9c: ba:a9:e7:5c:00:6b:00:72:bc:8f:6e:22:63:2b:2a:b8:68:c7: ee:ba:1b:5c:69:ed:34:8b:cd:cb:b9:32:38:96:65:6b:9f:ef: 78:e0:46:e0:ef:01:62:28:7d:f5:48:bb:d1:c8:0a:f3:26:c7: 97:97:30:5f:21:a2:2e:b5:2e:08:6f:7d:b8:05:8f:1b:52:8c: fd:fe:11:cb:ab:b1:5a:3d:5e:bf:a9:d7:75:ad:ca:48:23:1f: 33:47:02:42:2b:ed:56:43:c2:47:6c:62:1f:c0:72:1a:83:64: 43:d0:78:37:41:c9:4f:9f:b4:ff:f5:9d:1e:b4:73:0e:b5:bc: aa:ca:9d:e3:c7:54:c8:c2:c4:dc:69:c9:bf:8f:dc:f0:30:6b: e2:5a:e3:48:1e:a6:36:54:7e:dc:eb:09:1e:69:3b:c7:9b:ff: ff:c5:ea:fd -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBQjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD MTQ2RDExMC8GA1UEBRMoMDRBMzM4RkE3QjEyNkUwN0MwRUY4QkFCOEY3REMxQzlD MUFDMzIyMTAeFw0yNTA3MTkwNzQzMTdaFw0yNTA3MjYwNzQzMTdaMBgxFjAUBgNV BAMTDTY4N2I0Yzk1LWYwOWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCYlURW5up3Iw41uP8S47fPeYX85CwUOOb64yAU0dein7WbD80tFHexPzCk7BfX W9Rxq8POvBDX7hXVwx3iEq6dFnKKkTBoD/DXJMZSjs3qtP1MYtbz7H/wXcp1Qdl7 wBTAULDSNWe9dlNGR3c4hO3Treq53UfJT3yqFn40pGpEAoVdgKLwLe0nC/36KqFg Rv1jqytIJwzxVCEe5I8kKiXc4cJjd2Si0FGA+q1zQuKNOF3nEiodrdlE3YqfZNE4 mkk9FDBPEVHk34xx7NYGW4k0HK1U33wjRmcda6cdqZ+Z6n4nyUg+PYQ+dsDhvlu8 7lDcalw8vG8jsaNhfZw0uGT9AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUAxvJRMf1 UqqJHeFNrMJq2KxNKagwHwYDVR0jBBgwFoAUBKM4+nsSbgfA74urj33BycGsMiEw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUMxNDZEL0Y0RDVBNjdFMDAz NzExRjBCQkQ3MjQ3NUM0RjlBRTAyL0JLTTQtbnNTYmdmQTc0dXJqMzNCeWNHc01p RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvQktNNC1uc1NiZ2ZBNzR1cmozM0J5Y0dzTWlFLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUMx NDZEL0Y0RDVBNjdFMDAzNzExRjBCQkQ3MjQ3NUM0RjlBRTAyL0JLTTQtbnNTYmdm QTc0dXJqMzNCeWNHc01pRS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAEglwB0/3TRKhwpkA1UA+hqREPJ9+JGgo5BcB5E0h0ul7DkkNejgSLDR vHb2imLm2oaGZC1orcSzCz+smvnri3TeXqoOa0t2jgitHhtO+/VSXhKp+Gq1MwVn nLqp51wAawByvI9uImMrKrhox+66G1xp7TSLzcu5MjiWZWuf73jgRuDvAWIoffVI u9HICvMmx5eXMF8hoi61LghvfbgFjxtSjP3+EcursVo9Xr+p13WtykgjHzNHAkIr 7VZDwkdsYh/AchqDZEPQeDdByU+ftP/1nR60cw61vKrKnePHVMjCxNxpyb+P3PAw a+Ja40gepjZUftzrCR5pO8eb///F6v0= -----END CERTIFICATE-----Generated at Sun Jul 20 03:41:04 2025 by rpki-client