$ rpki-client -vvf rpki.apnic.net/member_repository/A91C146D/F4D5A67E003711F0BBD72475C4F9AE02/BKM4-nsSbgfA74urj33BycGsMiE.mft File: BKM4-nsSbgfA74urj33BycGsMiE.mft (raw, json) Hash identifier: SITFprayoj/jVQNVl0iuDbRXLR72qJ6xdPYr1NpgFNs= Subject key identifier: DD:73:7D:96:89:0B:6C:B7:B1:4C:94:43:36:CD:FC:45:FB:7A:64:8E Authority key identifier: 04:A3:38:FA:7B:12:6E:07:C0:EF:8B:AB:8F:7D:C1:C9:C1:AC:32:21 Certificate issuer: /CN=A91C146D/serialNumber=04A338FA7B126E07C0EF8BAB8F7DC1C9C1AC3221 Certificate serial: 29 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BKM4-nsSbgfA74urj33BycGsMiE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C146D/F4D5A67E003711F0BBD72475C4F9AE02/BKM4-nsSbgfA74urj33BycGsMiE.mft Manifest number: 29 Signing time: Sat 31 May 2025 07:20:17 +0000 Manifest this update: Sat 31 May 2025 07:20:17 +0000 Manifest next update: Sat 07 Jun 2025 07:20:17 +0000 Files and hashes: 1: BKM4-nsSbgfA74urj33BycGsMiE.crl (hash: LtvO612Uw2vmNsWooulYWxC9tkwmeCbvkXy2Owig3Bk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C146D/F4D5A67E003711F0BBD72475C4F9AE02/BKM4-nsSbgfA74urj33BycGsMiE.crl rsync://rpki.apnic.net/member_repository/A91C146D/F4D5A67E003711F0BBD72475C4F9AE02/BKM4-nsSbgfA74urj33BycGsMiE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BKM4-nsSbgfA74urj33BycGsMiE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 07:20:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41 (0x29) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C146D, serialNumber=04A338FA7B126E07C0EF8BAB8F7DC1C9C1AC3221 Validity Not Before: May 31 07:20:17 2025 GMT Not After : Jun 7 07:20:17 2025 GMT Subject: CN=683aadb1-94e6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:4a:d0:43:00:1a:6c:89:56:91:f8:a3:5d:8d: cd:ec:c5:b5:2a:08:41:6a:b6:ea:8d:b3:41:e0:20: 44:99:17:25:eb:76:c6:ad:02:7b:a9:2a:0d:e5:7d: 40:85:03:8d:60:d2:58:fc:3a:e0:10:a3:1c:90:4d: d9:72:03:03:6d:5c:b3:fd:e5:a7:e8:a2:c5:27:bf: 49:d7:7a:3e:ed:77:78:d7:4c:9c:09:49:a4:d7:27: c3:f2:1e:31:91:de:3b:65:a5:1a:7e:d9:9c:66:ba: 0b:91:ed:5c:e5:4f:2f:63:c2:61:2a:56:27:9c:2b: ea:f5:50:24:e5:c3:1e:c5:5d:71:f1:c7:76:a4:f6: 6d:d4:21:c4:e1:28:b4:f5:3d:4f:db:ac:4e:76:dc: 8e:5b:d5:7e:60:38:e4:6d:1a:19:e3:e1:3e:bd:b3: b4:3a:61:ed:73:82:14:ff:71:a9:11:63:86:3f:07: b1:a9:2b:e6:80:69:b7:be:4c:08:2c:3e:62:85:d8: aa:82:ed:e1:93:3d:00:4e:be:71:0e:55:33:28:14: 5c:b8:3d:16:36:fc:46:e3:35:1c:38:ad:bb:6c:72: e6:78:7f:fd:6a:94:d5:70:02:ea:2e:28:08:2d:c5: f8:05:de:42:3d:37:05:38:a2:ca:9c:51:30:77:28: e9:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:73:7D:96:89:0B:6C:B7:B1:4C:94:43:36:CD:FC:45:FB:7A:64:8E X509v3 Authority Key Identifier: keyid:04:A3:38:FA:7B:12:6E:07:C0:EF:8B:AB:8F:7D:C1:C9:C1:AC:32:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C146D/F4D5A67E003711F0BBD72475C4F9AE02/BKM4-nsSbgfA74urj33BycGsMiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BKM4-nsSbgfA74urj33BycGsMiE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C146D/F4D5A67E003711F0BBD72475C4F9AE02/BKM4-nsSbgfA74urj33BycGsMiE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption cb:de:39:22:c7:cd:ee:3f:82:7d:b6:32:56:db:fb:f0:a8:f9: 8f:b8:d8:7a:af:12:3f:0f:40:63:d2:82:2a:e1:ea:41:40:c5: 4b:96:13:89:45:3d:fb:06:58:58:1b:7b:b1:16:83:b4:f9:e4: 58:a2:f3:4c:f5:d6:01:c5:49:87:c5:1f:0f:ce:2e:76:ed:b6: 4b:ea:2e:c6:95:af:dc:5b:3e:37:60:58:d9:94:da:86:96:a7: 93:cd:d0:f4:b5:d2:42:22:b1:56:49:50:30:7c:08:d3:63:48: 50:1c:b5:59:ec:b7:b8:05:50:7d:ae:10:30:bb:9a:cb:8e:c1: 6c:cb:fa:c0:0e:12:23:93:42:37:e2:31:1e:16:c5:9d:1f:2d: d2:b1:63:22:87:75:43:e1:cb:ac:13:4c:a0:99:1d:cd:3e:30: be:e5:0c:0b:2c:f8:34:fb:7f:9b:c5:a7:f4:2d:df:aa:e9:cf: cd:1e:c9:dd:3b:3e:dc:69:06:f7:c8:46:fe:f7:cf:66:5f:28: 9b:af:d5:d5:2c:80:32:ff:5f:5a:54:5d:88:0f:bf:c2:8d:f0: 4f:37:e4:8b:8b:62:6c:8d:b1:29:a7:a8:18:3f:4e:8c:5c:cd: c1:62:59:b2:97:35:5e:92:f0:b3:52:7a:52:89:3c:98:76:1c: 77:92:f8:4d -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBKTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD MTQ2RDExMC8GA1UEBRMoMDRBMzM4RkE3QjEyNkUwN0MwRUY4QkFCOEY3REMxQzlD MUFDMzIyMTAeFw0yNTA1MzEwNzIwMTdaFw0yNTA2MDcwNzIwMTdaMBgxFjAUBgNV BAMTDTY4M2FhZGIxLTk0ZTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC/StBDABpsiVaR+KNdjc3sxbUqCEFqtuqNs0HgIESZFyXrdsatAnupKg3lfUCF A41g0lj8OuAQoxyQTdlyAwNtXLP95afoosUnv0nXej7td3jXTJwJSaTXJ8PyHjGR 3jtlpRp+2ZxmuguR7VzlTy9jwmEqViecK+r1UCTlwx7FXXHxx3ak9m3UIcThKLT1 PU/brE523I5b1X5gOORtGhnj4T69s7Q6Ye1zghT/cakRY4Y/B7GpK+aAabe+TAgs PmKF2KqC7eGTPQBOvnEOVTMoFFy4PRY2/EbjNRw4rbtscuZ4f/1qlNVwAuouKAgt xfgF3kI9NwU4osqcUTB3KOmfAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU3XN9lokL bLexTJRDNs38Rft6ZI4wHwYDVR0jBBgwFoAUBKM4+nsSbgfA74urj33BycGsMiEw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUMxNDZEL0Y0RDVBNjdFMDAz NzExRjBCQkQ3MjQ3NUM0RjlBRTAyL0JLTTQtbnNTYmdmQTc0dXJqMzNCeWNHc01p RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvQktNNC1uc1NiZ2ZBNzR1cmozM0J5Y0dzTWlFLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUMx NDZEL0Y0RDVBNjdFMDAzNzExRjBCQkQ3MjQ3NUM0RjlBRTAyL0JLTTQtbnNTYmdm QTc0dXJqMzNCeWNHc01pRS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAMveOSLHze4/gn22Mlbb+/Co+Y+42HqvEj8PQGPSgirh6kFAxUuWE4lF PfsGWFgbe7EWg7T55Fii80z11gHFSYfFHw/OLnbttkvqLsaVr9xbPjdgWNmU2oaW p5PN0PS10kIisVZJUDB8CNNjSFActVnst7gFUH2uEDC7msuOwWzL+sAOEiOTQjfi MR4WxZ0fLdKxYyKHdUPhy6wTTKCZHc0+ML7lDAss+DT7f5vFp/Qt36rpz80eyd07 PtxpBvfIRv73z2ZfKJuv1dUsgDL/X1pUXYgPv8KN8E835IuLYmyNsSmnqBg/Toxc zcFiWbKXNV6S8LNSelKJPJh2HHeS+E0= -----END CERTIFICATE-----Generated at Sat May 31 17:37:49 2025 by rpki-client