$ rpki-client -vvf rpki.apnic.net/member_repository/A91238EC/61D4F48AE3E611E7AF2F615EC4F9AE02/BIMvvnDHuIWcoaDj4Fopa7CcXT0.mft File: BIMvvnDHuIWcoaDj4Fopa7CcXT0.mft (raw, json) Hash identifier: YXGvoORUKp0khggViyue5C1q7nTbUblRFtYjve3XTFk= Subject key identifier: C5:F5:9D:11:C3:A4:BF:4D:4F:EB:37:28:E5:20:8C:B9:48:D3:02:C7 Authority key identifier: 04:83:2F:BE:70:C7:B8:85:9C:A1:A0:E3:E0:5A:29:6B:B0:9C:5D:3D Certificate issuer: /CN=A91238EC/serialNumber=04832FBE70C7B8859CA1A0E3E05A296BB09C5D3D Certificate serial: 1749 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BIMvvnDHuIWcoaDj4Fopa7CcXT0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91238EC/61D4F48AE3E611E7AF2F615EC4F9AE02/BIMvvnDHuIWcoaDj4Fopa7CcXT0.mft Manifest number: 172E Signing time: Wed 04 Jun 2025 16:38:57 +0000 Manifest this update: Wed 04 Jun 2025 16:38:56 +0000 Manifest next update: Wed 11 Jun 2025 16:38:56 +0000 Files and hashes: 1: BIMvvnDHuIWcoaDj4Fopa7CcXT0.crl (hash: mNDX8R3gyNfxTzcqsi7Jt44zvhJQq6m3mpOaXiib9cs=) 2: 2F9D268C76B211ECABA1A612C4F9AE02.roa (hash: N4cX9Gn5/2UN1QBdCa0fdRS9KCB6RvJx+JIs1tA6NvU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91238EC/61D4F48AE3E611E7AF2F615EC4F9AE02/BIMvvnDHuIWcoaDj4Fopa7CcXT0.crl rsync://rpki.apnic.net/member_repository/A91238EC/61D4F48AE3E611E7AF2F615EC4F9AE02/BIMvvnDHuIWcoaDj4Fopa7CcXT0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BIMvvnDHuIWcoaDj4Fopa7CcXT0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 11 Jun 2025 16:38:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5961 (0x1749) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91238EC, serialNumber=04832FBE70C7B8859CA1A0E3E05A296BB09C5D3D Validity Not Before: Jun 4 16:38:56 2025 GMT Not After : Jun 11 16:38:56 2025 GMT Subject: CN=684076a0-6940 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:f0:40:de:ba:f6:cb:03:96:3c:04:5b:ca:86: b1:18:40:f5:d4:52:36:e3:7b:2c:04:79:11:a4:84: 4b:70:4e:80:06:69:ec:29:f2:5b:4a:de:7f:f6:57: 49:d1:43:37:f3:87:9e:d4:bf:93:7e:aa:78:6e:cf: 07:c5:0e:b1:66:5e:6e:bf:35:d3:17:15:a9:a4:44: 1b:f3:dc:1e:ce:33:de:12:e2:8e:74:a8:cb:b6:ba: 49:ee:70:1d:47:81:c6:21:e4:5f:ed:e3:6e:a4:1d: cf:a1:67:a3:85:7a:85:48:4d:da:32:46:83:67:fe: 01:d9:71:f0:5c:57:09:b6:88:2d:35:1a:36:3f:de: 32:17:0e:ce:53:3e:f8:44:48:3e:8f:36:df:da:67: f3:bf:5a:8b:34:d8:b9:8a:ce:3a:55:ae:f6:8b:4c: 5c:fa:4d:b2:9c:89:0d:3e:48:90:e0:09:09:37:3f: 00:c8:8c:42:31:fd:b7:86:5c:83:8e:ec:37:60:45: 7b:8d:7f:4c:6b:31:fc:74:ba:01:11:30:95:6b:d2: df:4c:5d:a5:be:fc:d7:a9:d1:38:ae:f1:be:c5:d6: a9:b9:08:ff:9a:39:2b:07:7c:2f:cc:c7:66:cc:61: 25:bc:0a:c3:9e:0e:d1:c6:9e:d8:93:2a:35:9f:45: f1:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:F5:9D:11:C3:A4:BF:4D:4F:EB:37:28:E5:20:8C:B9:48:D3:02:C7 X509v3 Authority Key Identifier: keyid:04:83:2F:BE:70:C7:B8:85:9C:A1:A0:E3:E0:5A:29:6B:B0:9C:5D:3D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91238EC/61D4F48AE3E611E7AF2F615EC4F9AE02/BIMvvnDHuIWcoaDj4Fopa7CcXT0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BIMvvnDHuIWcoaDj4Fopa7CcXT0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91238EC/61D4F48AE3E611E7AF2F615EC4F9AE02/BIMvvnDHuIWcoaDj4Fopa7CcXT0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5c:4c:a3:76:33:4f:a6:3e:a5:43:fa:8c:47:a4:a5:81:49:c9: 40:59:20:d7:a2:74:74:a1:70:43:27:a9:06:9f:cb:c8:d7:a4: be:d1:48:20:76:5c:27:f2:9a:cc:d2:f8:61:17:2c:9f:5f:82: 9b:0e:0b:19:41:2a:b5:e7:ca:e5:87:0c:02:1f:0f:67:4a:5b: 5b:65:b3:a9:2b:c7:69:b1:75:55:70:46:6f:6f:92:24:f3:98: 70:a2:30:ad:9c:2e:25:20:aa:2c:0d:96:df:dd:ec:d6:c0:6c: 3d:6a:be:e0:51:c5:43:ba:1c:91:2b:6d:94:89:8a:83:3f:ae: 3b:c0:98:cd:1f:09:65:47:ea:e1:0f:a4:19:f7:58:de:27:5b: a1:09:9c:4e:77:2a:5e:e2:bd:86:cd:4e:7e:53:05:ae:4c:77: 56:17:16:6c:59:bd:1f:40:67:a8:0d:58:87:5b:37:b3:56:c8: b3:c4:6b:bd:d8:f3:c3:06:7c:50:24:81:d4:0a:00:62:ff:43: ea:93:0d:85:fa:58:eb:c8:5a:69:92:90:ec:98:1b:e1:2f:20: 1a:e5:50:91:76:92:2d:b1:2f:0a:7e:ee:e2:ea:86:dd:cc:d2: 2b:d6:c1:91:fa:d0:6f:be:a8:5a:be:ad:6e:af:00:39:04:27: fc:0b:b4:e7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICF0kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjM4RUMxMTAvBgNVBAUTKDA0ODMyRkJFNzBDN0I4ODU5Q0ExQTBFM0UwNUEyOTZC QjA5QzVEM0QwHhcNMjUwNjA0MTYzODU2WhcNMjUwNjExMTYzODU2WjAYMRYwFAYD VQQDEw02ODQwNzZhMC02OTQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0fBA3rr2ywOWPARbyoaxGED11FI243ssBHkRpIRLcE6ABmnsKfJbSt5/9ldJ 0UM384ee1L+Tfqp4bs8HxQ6xZl5uvzXTFxWppEQb89wezjPeEuKOdKjLtrpJ7nAd R4HGIeRf7eNupB3PoWejhXqFSE3aMkaDZ/4B2XHwXFcJtogtNRo2P94yFw7OUz74 REg+jzbf2mfzv1qLNNi5is46Va72i0xc+k2ynIkNPkiQ4AkJNz8AyIxCMf23hlyD juw3YEV7jX9MazH8dLoBETCVa9LfTF2lvvzXqdE4rvG+xdapuQj/mjkrB3wvzMdm zGElvArDng7Rxp7Ykyo1n0XxJQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMX1nRHD pL9NT+s3KOUgjLlI0wLHMB8GA1UdIwQYMBaAFASDL75wx7iFnKGg4+BaKWuwnF09 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMzhFQy82MUQ0RjQ4QUUz RTYxMUU3QUYyRjYxNUVDNEY5QUUwMi9CSU12dm5ESHVJV2NvYURqNEZvcGE3Q2NY VDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0JJTXZ2bkRIdUlXY29hRGo0Rm9wYTdDY1hUMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy MzhFQy82MUQ0RjQ4QUUzRTYxMUU3QUYyRjYxNUVDNEY5QUUwMi9CSU12dm5ESHVJ V2NvYURqNEZvcGE3Q2NYVDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBcTKN2M0+mPqVD+oxHpKWBSclAWSDXonR0oXBDJ6kGn8vI16S+0Ugg dlwn8prM0vhhFyyfX4KbDgsZQSq158rlhwwCHw9nSltbZbOpK8dpsXVVcEZvb5Ik 85hwojCtnC4lIKosDZbf3ezWwGw9ar7gUcVDuhyRK22UiYqDP647wJjNHwllR+rh D6QZ91jeJ1uhCZxOdype4r2GzU5+UwWuTHdWFxZsWb0fQGeoDViHWzezVsizxGu9 2PPDBnxQJIHUCgBi/0Pqkw2F+ljryFppkpDsmBvhLyAa5VCRdpItsS8Kfu7i6obd zNIr1sGR+tBvvqhavq1urwA5BCf8C7Tn -----END CERTIFICATE-----Generated at Thu Jun 5 18:35:15 2025 by rpki-client