$ rpki-client -vvf rpki.apnic.net/member_repository/A9197FDB/657E4074DA3611EB84E6A349C4F9AE02/4AJb-TLnFuGh-K-QECEcQRCE_J0.mft File: 4AJb-TLnFuGh-K-QECEcQRCE_J0.mft (raw, json) Hash identifier: 4kHXiVN+C77mA/GKIUdq4xQUTMsGLsvL8XFUH9SMrEo= Subject key identifier: 4B:37:9F:27:BE:FB:ED:5F:30:A9:9C:1A:80:7D:37:35:9B:DD:DB:A7 Authority key identifier: E0:02:5B:F9:32:E7:16:E1:A1:F8:AF:90:10:21:1C:41:10:84:FC:9D Certificate issuer: /CN=A9197FDB/serialNumber=E0025BF932E716E1A1F8AF9010211C411084FC9D Certificate serial: 05C2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4AJb-TLnFuGh-K-QECEcQRCE_J0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9197FDB/657E4074DA3611EB84E6A349C4F9AE02/4AJb-TLnFuGh-K-QECEcQRCE_J0.mft Manifest number: 05BB Signing time: Mon 08 Sep 2025 23:10:59 +0000 Manifest this update: Mon 08 Sep 2025 23:10:59 +0000 Manifest next update: Mon 15 Sep 2025 23:10:59 +0000 Files and hashes: 1: 4AJb-TLnFuGh-K-QECEcQRCE_J0.crl (hash: K5wp9Nbc/axiKi2Z50AAgReCXrdz2YVFuUTpsbfahjQ=) 2: 0A1FAC405BB211EEAD06B243C4F9AE02.roa (hash: +Nf3CbeJiQCKoMqVOr8fCtBhRD9vFNzRUGK/YqqHHSM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9197FDB/657E4074DA3611EB84E6A349C4F9AE02/4AJb-TLnFuGh-K-QECEcQRCE_J0.crl rsync://rpki.apnic.net/member_repository/A9197FDB/657E4074DA3611EB84E6A349C4F9AE02/4AJb-TLnFuGh-K-QECEcQRCE_J0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4AJb-TLnFuGh-K-QECEcQRCE_J0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 15 Sep 2025 22:38:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1474 (0x5c2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9197FDB, serialNumber=E0025BF932E716E1A1F8AF9010211C411084FC9D Validity Not Before: Sep 8 23:10:59 2025 GMT Not After : Sep 15 23:10:59 2025 GMT Subject: CN=68bf6283-274b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:68:8b:2e:92:0c:5f:87:a8:2c:d4:39:d8:31: 9e:32:6a:21:ce:4c:bb:13:05:3c:b3:5c:da:26:e0: a1:6d:de:56:aa:81:da:1f:b5:f1:8d:91:a9:78:62: a4:ba:c5:3f:ed:5e:d1:af:0b:6f:b1:b8:01:60:a9: e6:d2:0f:9f:60:bf:4e:60:39:79:8e:59:ec:6d:66: 70:9f:ae:8c:52:82:bf:09:a5:09:09:96:17:ed:69: 5d:4f:14:3a:82:d4:b9:cd:89:47:ab:c6:0b:79:fe: bd:2c:61:92:bd:10:2b:44:56:e6:95:b9:9b:d9:ee: 7f:30:56:2f:d8:c1:33:8c:42:dd:59:33:20:0e:ef: 3b:05:c1:f0:40:d2:1c:25:e7:ee:66:c2:f6:c5:ec: 58:0c:91:ca:83:7b:7c:f0:6e:38:a0:20:16:a0:9e: b4:63:f4:f3:22:5e:ab:d9:e8:76:bf:34:7d:d8:bd: d9:04:33:e5:49:0a:63:ed:37:e6:4f:a5:af:bc:ee: eb:0c:44:2a:8f:b0:c3:98:c0:e5:15:cb:ab:d8:95: 1c:c0:5f:98:c5:97:0c:c5:0d:95:f0:18:58:ce:c0: 41:74:a4:59:d8:f0:5d:ef:a0:bc:57:7e:eb:46:59: dd:6b:e6:15:14:06:ca:59:d8:b3:ef:5a:c4:ce:05: 0b:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:37:9F:27:BE:FB:ED:5F:30:A9:9C:1A:80:7D:37:35:9B:DD:DB:A7 X509v3 Authority Key Identifier: keyid:E0:02:5B:F9:32:E7:16:E1:A1:F8:AF:90:10:21:1C:41:10:84:FC:9D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9197FDB/657E4074DA3611EB84E6A349C4F9AE02/4AJb-TLnFuGh-K-QECEcQRCE_J0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4AJb-TLnFuGh-K-QECEcQRCE_J0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9197FDB/657E4074DA3611EB84E6A349C4F9AE02/4AJb-TLnFuGh-K-QECEcQRCE_J0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 70:6a:d1:4c:83:6c:f5:0b:c4:56:e0:f0:9a:ca:28:e2:fc:22: dd:e3:4e:bd:d3:ea:ac:49:ef:56:51:48:fb:95:d7:aa:38:93: 7f:8d:af:dd:bf:c9:f6:33:b2:93:22:10:33:33:9e:53:62:a2: 33:09:e3:db:32:5b:75:ae:51:87:f6:58:24:4a:09:3f:56:a6: 97:dc:36:b3:05:e7:71:b0:d2:f9:bd:0b:1a:76:2f:74:a3:2c: 6f:48:49:2d:bf:19:56:a2:54:8f:7d:61:70:06:6b:95:ba:26: f4:9f:cd:5e:f1:0f:62:c5:a0:68:24:90:15:e3:4c:94:f8:03: 02:da:3f:81:92:fb:12:62:e9:e3:f7:97:b4:d8:d4:3f:04:b1: de:1d:45:86:da:ce:ab:1f:80:ab:48:b3:1f:53:ce:90:b6:e1: 4a:4b:46:3b:1f:9b:f6:43:73:ca:b3:f2:3a:1e:1b:52:a0:67: c8:35:bd:9e:6a:37:13:57:ff:5e:e0:ce:9d:d2:3a:b7:4c:5b: 01:d8:6b:68:db:a8:02:ec:37:cf:1f:79:d8:b8:60:a6:3b:b1: 91:78:08:ce:01:5d:82:fc:fa:82:19:94:74:78:20:e2:1c:41: 75:47:08:a0:e9:a9:d5:4a:d7:6e:8d:27:65:e1:b0:e2:cb:a2: 25:15:c0:0e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBcIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTdGREIxMTAvBgNVBAUTKEUwMDI1QkY5MzJFNzE2RTFBMUY4QUY5MDEwMjExQzQx MTA4NEZDOUQwHhcNMjUwOTA4MjMxMDU5WhcNMjUwOTE1MjMxMDU5WjAYMRYwFAYD VQQDEw02OGJmNjI4My0yNzRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0GiLLpIMX4eoLNQ52DGeMmohzky7EwU8s1zaJuChbd5WqoHaH7XxjZGpeGKk usU/7V7RrwtvsbgBYKnm0g+fYL9OYDl5jlnsbWZwn66MUoK/CaUJCZYX7WldTxQ6 gtS5zYlHq8YLef69LGGSvRArRFbmlbmb2e5/MFYv2MEzjELdWTMgDu87BcHwQNIc JefuZsL2xexYDJHKg3t88G44oCAWoJ60Y/TzIl6r2eh2vzR92L3ZBDPlSQpj7Tfm T6WvvO7rDEQqj7DDmMDlFcur2JUcwF+YxZcMxQ2V8BhYzsBBdKRZ2PBd76C8V37r Rlnda+YVFAbKWdiz71rEzgULtwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEs3nye+ ++1fMKmcGoB9NzWb3dunMB8GA1UdIwQYMBaAFOACW/ky5xbhofivkBAhHEEQhPyd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5N0ZEQi82NTdFNDA3NERB MzYxMUVCODRFNkEzNDlDNEY5QUUwMi80QUpiLVRMbkZ1R2gtSy1RRUNFY1FSQ0Vf SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzRBSmItVExuRnVHaC1LLVFFQ0VjUVJDRV9KMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 N0ZEQi82NTdFNDA3NERBMzYxMUVCODRFNkEzNDlDNEY5QUUwMi80QUpiLVRMbkZ1 R2gtSy1RRUNFY1FSQ0VfSjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBwatFMg2z1C8RW4PCayiji/CLd40690+qsSe9WUUj7ldeqOJN/ja/d v8n2M7KTIhAzM55TYqIzCePbMlt1rlGH9lgkSgk/VqaX3DazBedxsNL5vQsadi90 oyxvSEktvxlWolSPfWFwBmuVuib0n81e8Q9ixaBoJJAV40yU+AMC2j+BkvsSYunj 95e02NQ/BLHeHUWG2s6rH4CrSLMfU86QtuFKS0Y7H5v2Q3PKs/I6HhtSoGfINb2e ajcTV/9e4M6d0jq3TFsB2Gto26gC7DfPH3nYuGCmO7GReAjOAV2C/PqCGZR0eCDi HEF1Rwig6anVStdujSdl4bDiy6IlFcAO -----END CERTIFICATE-----Generated at Tue Sep 9 01:11:22 2025 by rpki-client