$ rpki-client -vvf rpki.apnic.net/member_repository/A91238EC/61D4F48AE3E611E7AF2F615EC4F9AE02/BIMvvnDHuIWcoaDj4Fopa7CcXT0.mft File: BIMvvnDHuIWcoaDj4Fopa7CcXT0.mft (raw, json) Hash identifier: FQ7luajYX5hP0QeW07hE1rTJITj73+DYHq2cPbeDv34= Subject key identifier: F5:A6:AF:BA:DB:70:F9:F1:C3:04:FA:F5:C7:97:57:A3:56:AD:EC:03 Authority key identifier: 04:83:2F:BE:70:C7:B8:85:9C:A1:A0:E3:E0:5A:29:6B:B0:9C:5D:3D Certificate issuer: /CN=A91238EC/serialNumber=04832FBE70C7B8859CA1A0E3E05A296BB09C5D3D Certificate serial: 1734 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BIMvvnDHuIWcoaDj4Fopa7CcXT0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91238EC/61D4F48AE3E611E7AF2F615EC4F9AE02/BIMvvnDHuIWcoaDj4Fopa7CcXT0.mft Manifest number: 1719 Signing time: Thu 24 Apr 2025 16:39:16 +0000 Manifest this update: Thu 24 Apr 2025 16:39:16 +0000 Manifest next update: Thu 01 May 2025 16:39:16 +0000 Files and hashes: 1: BIMvvnDHuIWcoaDj4Fopa7CcXT0.crl (hash: fmj+3s56dv3jtCj3D4f1SK6Ir76sKcqJT0sXvHCBWkU=) 2: 2F9D268C76B211ECABA1A612C4F9AE02.roa (hash: N4cX9Gn5/2UN1QBdCa0fdRS9KCB6RvJx+JIs1tA6NvU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91238EC/61D4F48AE3E611E7AF2F615EC4F9AE02/BIMvvnDHuIWcoaDj4Fopa7CcXT0.crl rsync://rpki.apnic.net/member_repository/A91238EC/61D4F48AE3E611E7AF2F615EC4F9AE02/BIMvvnDHuIWcoaDj4Fopa7CcXT0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BIMvvnDHuIWcoaDj4Fopa7CcXT0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 16:39:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5940 (0x1734) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91238EC, serialNumber=04832FBE70C7B8859CA1A0E3E05A296BB09C5D3D Validity Not Before: Apr 24 16:39:16 2025 GMT Not After : May 1 16:39:16 2025 GMT Subject: CN=680a6934-55f3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:47:49:f6:a9:02:d9:27:49:ca:5d:da:80:7a: 49:f3:3a:6c:20:af:ad:93:00:b0:3f:12:43:d2:c9: d7:ea:11:93:1e:bb:10:60:65:1b:47:df:5b:d6:aa: 90:f1:38:e5:92:ee:64:90:62:6a:06:fd:05:32:a7: 0d:97:cc:fa:e0:8b:65:d6:74:ec:2b:ae:be:78:a4: 7f:b1:b2:83:4f:6c:86:ce:a7:80:ed:71:c0:8b:89: 29:17:db:f3:d5:09:4f:12:2a:b3:8c:d6:6c:42:28: 81:a5:c3:0a:11:d5:44:55:6b:d1:de:d4:93:c2:13: 5c:d0:18:8b:c7:5a:67:5c:eb:59:6b:1d:81:cc:0d: 12:c6:32:20:d9:59:c6:cf:c3:d4:57:de:5a:2f:72: 36:2c:65:99:98:a4:88:55:8d:05:94:0c:52:87:bd: f6:15:b2:47:7c:db:01:79:74:46:06:b3:6c:7f:f7: 79:33:e0:9e:21:b1:bc:a0:73:41:91:93:d5:fe:ec: d3:46:c7:f8:80:2b:75:3a:2d:6a:a1:05:27:d4:0a: e5:1d:9a:6c:14:07:29:a1:be:e7:8e:fe:d7:ab:e6: fe:9e:bc:ee:a1:04:88:2b:d1:1a:dd:16:f1:de:31: 3d:e0:b4:b0:0b:c2:3f:74:8e:ba:9b:26:a5:bf:aa: 60:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F5:A6:AF:BA:DB:70:F9:F1:C3:04:FA:F5:C7:97:57:A3:56:AD:EC:03 X509v3 Authority Key Identifier: keyid:04:83:2F:BE:70:C7:B8:85:9C:A1:A0:E3:E0:5A:29:6B:B0:9C:5D:3D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91238EC/61D4F48AE3E611E7AF2F615EC4F9AE02/BIMvvnDHuIWcoaDj4Fopa7CcXT0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BIMvvnDHuIWcoaDj4Fopa7CcXT0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91238EC/61D4F48AE3E611E7AF2F615EC4F9AE02/BIMvvnDHuIWcoaDj4Fopa7CcXT0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 04:99:24:c8:21:cf:41:ea:27:32:19:6d:09:7a:6e:f1:ce:ca: 13:3f:2b:7a:1d:3a:34:fa:12:c3:ce:d2:59:e8:d8:33:fa:cf: b9:00:2d:7c:c7:c0:26:14:c3:14:8c:c2:9d:88:98:30:88:5b: 85:cd:7c:b4:4a:cd:81:27:f7:b3:4a:d3:19:9a:b1:bf:fd:39: b7:c7:6d:9b:8c:97:f4:00:9f:9d:ad:90:75:74:e9:21:bd:43: 51:ae:0b:4f:0b:2f:98:c8:cc:be:8c:60:0c:c3:67:72:ad:c3: cc:2b:a1:40:15:ca:fc:0d:23:c7:49:27:05:3c:af:00:76:3c: 03:98:84:dd:92:c1:57:60:4e:23:a8:b9:c2:c0:2c:a6:f8:b7: e2:34:bf:84:5d:95:ae:e4:47:4c:9a:51:fe:1b:1e:44:3c:99: fc:e9:bf:85:89:dc:5f:02:b3:0f:5b:74:2a:1a:be:6a:07:cd: 7f:17:dc:47:54:63:a9:bf:8f:cf:91:4f:51:a0:4f:44:6e:9d: 8e:3a:e7:82:fc:94:37:3f:4d:a7:d4:56:4f:55:a8:70:8d:91: 13:0e:78:be:de:a2:70:5d:d0:70:c1:44:76:2e:07:de:37:5c: d3:ea:aa:0a:3c:d8:6b:d6:82:a6:24:fa:08:9b:3a:4f:d8:13: dd:77:d8:2f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICFzQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjM4RUMxMTAvBgNVBAUTKDA0ODMyRkJFNzBDN0I4ODU5Q0ExQTBFM0UwNUEyOTZC QjA5QzVEM0QwHhcNMjUwNDI0MTYzOTE2WhcNMjUwNTAxMTYzOTE2WjAYMRYwFAYD VQQDEw02ODBhNjkzNC01NWYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4kdJ9qkC2SdJyl3agHpJ8zpsIK+tkwCwPxJD0snX6hGTHrsQYGUbR99b1qqQ 8Tjlku5kkGJqBv0FMqcNl8z64Itl1nTsK66+eKR/sbKDT2yGzqeA7XHAi4kpF9vz 1QlPEiqzjNZsQiiBpcMKEdVEVWvR3tSTwhNc0BiLx1pnXOtZax2BzA0SxjIg2VnG z8PUV95aL3I2LGWZmKSIVY0FlAxSh732FbJHfNsBeXRGBrNsf/d5M+CeIbG8oHNB kZPV/uzTRsf4gCt1Oi1qoQUn1ArlHZpsFAcpob7njv7Xq+b+nrzuoQSIK9Ea3Rbx 3jE94LSwC8I/dI66myalv6pgtQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPWmr7rb cPnxwwT69ceXV6NWrewDMB8GA1UdIwQYMBaAFASDL75wx7iFnKGg4+BaKWuwnF09 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMzhFQy82MUQ0RjQ4QUUz RTYxMUU3QUYyRjYxNUVDNEY5QUUwMi9CSU12dm5ESHVJV2NvYURqNEZvcGE3Q2NY VDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0JJTXZ2bkRIdUlXY29hRGo0Rm9wYTdDY1hUMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy MzhFQy82MUQ0RjQ4QUUzRTYxMUU3QUYyRjYxNUVDNEY5QUUwMi9CSU12dm5ESHVJ V2NvYURqNEZvcGE3Q2NYVDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAEmSTIIc9B6icyGW0Jem7xzsoTPyt6HTo0+hLDztJZ6Ngz+s+5AC18 x8AmFMMUjMKdiJgwiFuFzXy0Ss2BJ/ezStMZmrG//Tm3x22bjJf0AJ+drZB1dOkh vUNRrgtPCy+YyMy+jGAMw2dyrcPMK6FAFcr8DSPHSScFPK8AdjwDmITdksFXYE4j qLnCwCym+LfiNL+EXZWu5EdMmlH+Gx5EPJn86b+FidxfArMPW3QqGr5qB81/F9xH VGOpv4/PkU9RoE9Ebp2OOueC/JQ3P02n1FZPVahwjZETDni+3qJwXdBwwUR2Lgfe N1zT6qoKPNhr1oKmJPoImzpP2BPdd9gv -----END CERTIFICATE-----Generated at Sat Apr 26 04:51:22 2025 by rpki-client