$ rpki-client -vvf rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft File: CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft (raw, json) Hash identifier: aPREjjc2RymL5cDJ6wLagdzPSs0a4Ybhh5xCrRnUlM4= Subject key identifier: D7:A1:04:1A:0A:39:2E:40:B8:B7:47:A0:48:A8:58:03:6E:CE:BC:97 Authority key identifier: 09:95:06:EC:98:7C:8B:19:40:58:53:B0:8C:71:8B:5B:BE:4A:C6:92 Certificate issuer: /CN=A9143B0A/serialNumber=099506EC987C8B19405853B08C718B5BBE4AC692 Certificate serial: AB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CZUG7Jh8ixlAWFOwjHGLW75KxpI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft Manifest number: AA Signing time: Sat 19 Jul 2025 06:21:27 +0000 Manifest this update: Sat 19 Jul 2025 06:21:27 +0000 Manifest next update: Sat 26 Jul 2025 06:21:27 +0000 Files and hashes: 1: CZUG7Jh8ixlAWFOwjHGLW75KxpI.crl (hash: kvFJGQwODQ1iZ/E7im71a0rB2rRrmxJwH6DrcgGnO/E=) 2: 485B32A8607B11EFB27C6C5DC4F9AE02.roa (hash: g7W9G3ij02vVGRhQiw6Ym1yygIWGPWKSpCEET+ZTaHQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.crl rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CZUG7Jh8ixlAWFOwjHGLW75KxpI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 06:21:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 171 (0xab) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9143B0A, serialNumber=099506EC987C8B19405853B08C718B5BBE4AC692 Validity Not Before: Jul 19 06:21:27 2025 GMT Not After : Jul 26 06:21:27 2025 GMT Subject: CN=687b3967-8906 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:a6:f8:eb:57:f8:c1:b2:f5:cb:35:d2:ac:ea: 7c:7f:71:d8:66:4b:97:dd:79:d4:3c:15:93:da:ff: aa:03:be:e7:31:7e:22:9d:3f:b1:ef:ca:f7:8d:28: 21:35:cc:99:61:85:94:44:47:b3:99:a6:69:e3:58: 77:3a:e2:09:ad:56:24:ca:29:ef:15:9c:94:36:66: e4:e4:6f:a3:57:e6:7b:02:71:ca:70:af:81:23:bf: a9:3c:04:47:d1:3e:eb:ac:85:6c:34:a7:a2:d5:1c: aa:6a:1d:96:fb:56:34:36:5a:6c:7f:20:54:33:c1: 9b:42:e6:db:e8:48:41:7c:78:64:b3:ad:52:61:f3: 78:33:77:f1:78:fc:27:46:8e:12:67:f1:9f:18:a9: 4e:3e:e5:1a:03:00:eb:18:29:1e:c4:6a:f7:d5:7f: 12:b6:4a:03:ae:80:c2:67:11:fa:4a:c2:23:f7:45: e2:b4:50:22:7f:fe:b4:62:3a:16:29:31:ce:ec:ef: 95:94:2e:3e:c5:b7:6e:ad:a3:10:53:c9:ea:96:eb: bf:f6:58:03:57:70:cb:47:0c:50:95:40:42:f8:35: 38:3b:83:ec:27:c2:d0:f2:01:d2:6c:70:e4:af:ad: 57:34:4d:8b:c2:88:29:a1:63:74:48:a8:69:b5:57: cd:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:A1:04:1A:0A:39:2E:40:B8:B7:47:A0:48:A8:58:03:6E:CE:BC:97 X509v3 Authority Key Identifier: keyid:09:95:06:EC:98:7C:8B:19:40:58:53:B0:8C:71:8B:5B:BE:4A:C6:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CZUG7Jh8ixlAWFOwjHGLW75KxpI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 12:1f:cc:06:59:87:ff:75:b6:7f:f2:ed:14:72:c1:34:f1:0d: 78:24:c8:ad:3a:2c:5f:70:45:de:75:91:af:5a:b7:3d:07:21: 0f:b7:8c:99:df:c3:64:32:4a:11:92:46:da:04:dc:72:72:1b: c9:cb:fe:68:89:d0:e8:fd:9a:92:ba:48:0f:7d:36:6b:f9:a3: b9:85:01:da:e8:69:ba:8f:92:02:e8:95:cb:8f:ba:b7:4c:bf: 58:c4:5f:08:af:49:3a:99:91:94:4b:4a:ba:e8:07:99:55:d8: a6:b7:f3:ad:2f:b3:ce:56:1c:87:b3:d5:59:d8:48:1d:c3:7e: d9:fc:24:65:86:b5:18:2c:05:9f:c8:60:9c:58:d4:38:ad:58: d0:46:33:1c:80:b5:17:73:92:b4:d0:dd:13:e1:84:cc:0e:c5: 05:6d:d2:aa:4d:a2:19:6d:bb:9c:28:95:41:c3:80:92:12:64: 6b:89:85:72:67:eb:e1:71:9d:cf:4a:55:da:59:e7:2c:d5:f4: e3:9d:4b:89:62:ec:75:5a:81:c2:ab:4d:f4:7b:76:5c:ac:c1: 7b:cc:42:ca:2e:9e:c5:f9:cb:9f:45:19:73:3f:7b:4f:db:90: 47:35:aa:7d:cf:55:25:29:ef:ac:12:dd:c9:a7:90:e4:4c:1c: 2c:d2:c3:ba -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDNCMEExMTAvBgNVBAUTKDA5OTUwNkVDOTg3QzhCMTk0MDU4NTNCMDhDNzE4QjVC QkU0QUM2OTIwHhcNMjUwNzE5MDYyMTI3WhcNMjUwNzI2MDYyMTI3WjAYMRYwFAYD VQQDEw02ODdiMzk2Ny04OTA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtKb461f4wbL1yzXSrOp8f3HYZkuX3XnUPBWT2v+qA77nMX4inT+x78r3jSgh NcyZYYWUREezmaZp41h3OuIJrVYkyinvFZyUNmbk5G+jV+Z7AnHKcK+BI7+pPARH 0T7rrIVsNKei1Ryqah2W+1Y0NlpsfyBUM8GbQubb6EhBfHhks61SYfN4M3fxePwn Ro4SZ/GfGKlOPuUaAwDrGCkexGr31X8StkoDroDCZxH6SsIj90XitFAif/60YjoW KTHO7O+VlC4+xbduraMQU8nqluu/9lgDV3DLRwxQlUBC+DU4O4PsJ8LQ8gHSbHDk r61XNE2LwogpoWN0SKhptVfNIwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNehBBoK OS5AuLdHoEioWANuzryXMB8GA1UdIwQYMBaAFAmVBuyYfIsZQFhTsIxxi1u+SsaS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0IwQS9ENURCNkRGNjYw N0ExMUVGODY5QUE2NUNDNEY5QUUwMi9DWlVHN0poOGl4bEFXRk93akhHTFc3NUt4 cEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NaVUc3Smg4aXhsQVdGT3dqSEdMVzc1S3hwSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 M0IwQS9ENURCNkRGNjYwN0ExMUVGODY5QUE2NUNDNEY5QUUwMi9DWlVHN0poOGl4 bEFXRk93akhHTFc3NUt4cEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQASH8wGWYf/dbZ/8u0UcsE08Q14JMitOixfcEXedZGvWrc9ByEPt4yZ 38NkMkoRkkbaBNxychvJy/5oidDo/ZqSukgPfTZr+aO5hQHa6Gm6j5IC6JXLj7q3 TL9YxF8Ir0k6mZGUS0q66AeZVdimt/OtL7POVhyHs9VZ2Egdw37Z/CRlhrUYLAWf yGCcWNQ4rVjQRjMcgLUXc5K00N0T4YTMDsUFbdKqTaIZbbucKJVBw4CSEmRriYVy Z+vhcZ3PSlXaWecs1fTjnUuJYux1WoHCq030e3ZcrMF7zELKLp7F+cufRRlzP3tP 25BHNap9z1UlKe+sEt3Jp5DkTBws0sO6 -----END CERTIFICATE-----Generated at Sun Jul 20 03:17:36 2025 by rpki-client