$ rpki-client -vvf rpki.apnic.net/member_repository/A9197FDB/657E4074DA3611EB84E6A349C4F9AE02/4AJb-TLnFuGh-K-QECEcQRCE_J0.mft File: 4AJb-TLnFuGh-K-QECEcQRCE_J0.mft (raw, json) Hash identifier: Y0aXSqkXOI7XDeVzD8DVKFFN+sQNuAF4MtfWi84voFE= Subject key identifier: 79:AC:53:30:5B:4D:06:CE:70:56:D5:36:2E:FE:5F:69:9B:20:D7:7E Authority key identifier: E0:02:5B:F9:32:E7:16:E1:A1:F8:AF:90:10:21:1C:41:10:84:FC:9D Certificate issuer: /CN=A9197FDB/serialNumber=E0025BF932E716E1A1F8AF9010211C411084FC9D Certificate serial: 059D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4AJb-TLnFuGh-K-QECEcQRCE_J0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9197FDB/657E4074DA3611EB84E6A349C4F9AE02/4AJb-TLnFuGh-K-QECEcQRCE_J0.mft Manifest number: 0596 Signing time: Sat 28 Jun 2025 22:49:58 +0000 Manifest this update: Sat 28 Jun 2025 22:49:57 +0000 Manifest next update: Sat 05 Jul 2025 22:49:57 +0000 Files and hashes: 1: 4AJb-TLnFuGh-K-QECEcQRCE_J0.crl (hash: CkBQeDJtiaWFOZej/ocJyLmxijl/SsNPoAfDHUsuUrA=) 2: 0A1FAC405BB211EEAD06B243C4F9AE02.roa (hash: +Nf3CbeJiQCKoMqVOr8fCtBhRD9vFNzRUGK/YqqHHSM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9197FDB/657E4074DA3611EB84E6A349C4F9AE02/4AJb-TLnFuGh-K-QECEcQRCE_J0.crl rsync://rpki.apnic.net/member_repository/A9197FDB/657E4074DA3611EB84E6A349C4F9AE02/4AJb-TLnFuGh-K-QECEcQRCE_J0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4AJb-TLnFuGh-K-QECEcQRCE_J0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Jul 2025 22:49:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1437 (0x59d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9197FDB, serialNumber=E0025BF932E716E1A1F8AF9010211C411084FC9D Validity Not Before: Jun 28 22:49:57 2025 GMT Not After : Jul 5 22:49:57 2025 GMT Subject: CN=68607195-b529 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:4e:fb:df:82:3e:4a:bd:3a:b1:aa:8d:17:4d: 4c:4c:10:ca:74:78:9c:e5:19:be:58:ba:80:97:f2: de:ef:7d:48:5e:bc:db:cd:bf:cf:d2:fa:cd:8f:f5: 29:7b:ca:47:f5:41:e8:f6:f7:43:90:31:a7:f3:be: 72:31:d8:7f:c3:e0:26:74:81:78:e3:cc:44:6d:05: 03:a6:33:ba:fe:10:38:e8:fc:97:41:fe:04:52:d9: 9b:84:05:2e:ba:3a:65:b3:51:13:bb:13:ca:fd:c0: f3:74:21:82:27:64:c3:1d:88:50:33:b7:f7:4b:e5: 54:2e:57:26:cb:81:11:17:5b:3d:ce:30:d7:f7:f6: 0f:40:d7:4c:82:63:1c:dc:22:be:a2:b6:59:ce:0e: b8:fe:0b:9a:97:d5:ef:ea:5d:dc:1d:3b:10:97:01: 14:c5:db:9b:e7:21:bb:a5:86:45:8c:d8:6b:fb:b4: ca:5d:76:6b:86:3a:c1:57:57:48:f8:b7:c8:9d:11: 3e:23:4f:2f:65:12:85:c9:e2:ec:20:bc:d8:b8:2a: 9f:84:0f:da:3e:18:af:ab:e9:c5:02:b9:3c:24:b5: c9:94:61:fa:bf:1f:f0:df:31:87:b1:06:c9:e8:ba: 49:5f:af:43:ef:94:b6:33:5e:a9:cc:65:4b:ca:38: 9b:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:AC:53:30:5B:4D:06:CE:70:56:D5:36:2E:FE:5F:69:9B:20:D7:7E X509v3 Authority Key Identifier: keyid:E0:02:5B:F9:32:E7:16:E1:A1:F8:AF:90:10:21:1C:41:10:84:FC:9D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9197FDB/657E4074DA3611EB84E6A349C4F9AE02/4AJb-TLnFuGh-K-QECEcQRCE_J0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4AJb-TLnFuGh-K-QECEcQRCE_J0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9197FDB/657E4074DA3611EB84E6A349C4F9AE02/4AJb-TLnFuGh-K-QECEcQRCE_J0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 26:86:aa:8a:64:e9:4c:a7:bb:25:7b:aa:c2:04:12:1f:f3:04: 70:da:e7:e6:10:e8:cc:0c:e4:62:23:cd:56:3d:ad:24:e7:2a: f4:5d:1a:5a:79:02:c3:9c:38:81:34:84:c3:e2:73:67:06:f4: 9c:4f:a3:78:ba:1a:1e:52:33:32:5f:80:46:66:d2:47:52:85: 84:d1:5e:2e:4c:6e:83:57:e9:4f:19:ae:72:56:53:2d:89:82: 6d:8f:7d:44:8a:7f:35:ea:84:80:b9:7f:b3:ca:37:78:4e:06: fc:32:07:c1:b3:f2:ce:3a:a2:a1:a0:90:d5:c9:39:5e:4d:d9: 29:d1:42:ec:04:39:ba:41:ab:bc:88:2c:a4:ec:78:f5:0f:aa: 87:35:cf:4f:db:21:e1:c6:31:4d:70:39:1c:5c:d7:16:9f:46: b7:85:5f:27:d1:dc:53:7a:0f:5b:61:e1:04:d0:ba:22:5b:5d: 51:4f:90:eb:71:1a:91:4c:db:9c:06:b3:e1:bd:d2:23:df:7b: 89:ca:fc:56:be:d1:cf:29:73:d1:bc:4d:de:3e:ba:0a:57:21: eb:1a:7a:22:33:46:b4:c8:b4:05:de:92:e9:63:9c:0f:bc:d2: ea:cb:42:58:ff:d4:47:b9:a2:7b:ba:f3:5e:40:18:dc:c6:1f: 3e:71:e2:62 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBZ0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTdGREIxMTAvBgNVBAUTKEUwMDI1QkY5MzJFNzE2RTFBMUY4QUY5MDEwMjExQzQx MTA4NEZDOUQwHhcNMjUwNjI4MjI0OTU3WhcNMjUwNzA1MjI0OTU3WjAYMRYwFAYD VQQDEw02ODYwNzE5NS1iNTI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr07734I+Sr06saqNF01MTBDKdHic5Rm+WLqAl/Le731IXrzbzb/P0vrNj/Up e8pH9UHo9vdDkDGn875yMdh/w+AmdIF448xEbQUDpjO6/hA46PyXQf4EUtmbhAUu ujpls1ETuxPK/cDzdCGCJ2TDHYhQM7f3S+VULlcmy4ERF1s9zjDX9/YPQNdMgmMc 3CK+orZZzg64/gual9Xv6l3cHTsQlwEUxdub5yG7pYZFjNhr+7TKXXZrhjrBV1dI +LfInRE+I08vZRKFyeLsILzYuCqfhA/aPhivq+nFArk8JLXJlGH6vx/w3zGHsQbJ 6LpJX69D75S2M16pzGVLyjib/wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHmsUzBb TQbOcFbVNi7+X2mbINd+MB8GA1UdIwQYMBaAFOACW/ky5xbhofivkBAhHEEQhPyd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5N0ZEQi82NTdFNDA3NERB MzYxMUVCODRFNkEzNDlDNEY5QUUwMi80QUpiLVRMbkZ1R2gtSy1RRUNFY1FSQ0Vf SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzRBSmItVExuRnVHaC1LLVFFQ0VjUVJDRV9KMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 N0ZEQi82NTdFNDA3NERBMzYxMUVCODRFNkEzNDlDNEY5QUUwMi80QUpiLVRMbkZ1 R2gtSy1RRUNFY1FSQ0VfSjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAmhqqKZOlMp7sle6rCBBIf8wRw2ufmEOjMDORiI81WPa0k5yr0XRpa eQLDnDiBNITD4nNnBvScT6N4uhoeUjMyX4BGZtJHUoWE0V4uTG6DV+lPGa5yVlMt iYJtj31Ein816oSAuX+zyjd4Tgb8MgfBs/LOOqKhoJDVyTleTdkp0ULsBDm6Qau8 iCyk7Hj1D6qHNc9P2yHhxjFNcDkcXNcWn0a3hV8n0dxTeg9bYeEE0LoiW11RT5Dr cRqRTNucBrPhvdIj33uJyvxWvtHPKXPRvE3eProKVyHrGnoiM0a0yLQF3pLpY5wP vNLqy0JY/9RHuaJ7uvNeQBjcxh8+ceJi -----END CERTIFICATE-----Generated at Sun Jun 29 21:08:23 2025 by rpki-client