$ rpki-client -vvf rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft File: CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft (raw, json) Hash identifier: a1eYqsA8NnnnlXE3wMAVKeuuaOM6/Z9ktFl3CXIq/So= Subject key identifier: 40:21:79:21:C2:6E:88:ED:2C:91:60:FC:5F:87:9C:20:B6:8D:A0:31 Authority key identifier: 09:95:06:EC:98:7C:8B:19:40:58:53:B0:8C:71:8B:5B:BE:4A:C6:92 Certificate issuer: /CN=A9143B0A/serialNumber=099506EC987C8B19405853B08C718B5BBE4AC692 Certificate serial: 77 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CZUG7Jh8ixlAWFOwjHGLW75KxpI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft Manifest number: 76 Signing time: Sat 05 Apr 2025 06:04:28 +0000 Manifest this update: Sat 05 Apr 2025 06:04:27 +0000 Manifest next update: Sat 12 Apr 2025 06:04:27 +0000 Files and hashes: 1: CZUG7Jh8ixlAWFOwjHGLW75KxpI.crl (hash: IG72Vl/RVmr9mxNv7RWfM90pXNSaq3W3w0/VNmTKlNA=) 2: 485B32A8607B11EFB27C6C5DC4F9AE02.roa (hash: g7W9G3ij02vVGRhQiw6Ym1yygIWGPWKSpCEET+ZTaHQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.crl rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CZUG7Jh8ixlAWFOwjHGLW75KxpI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 06:04:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 119 (0x77) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9143B0A Validity Not Before: Apr 5 06:04:27 2025 GMT Not After : Apr 12 06:04:27 2025 GMT Subject: CN=67f0c7eb-bf6b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:23:bd:e7:9f:17:bc:c2:dd:3c:a2:21:37:08: f1:61:31:3c:05:42:ca:29:4e:11:da:07:54:a7:71: 89:72:70:7b:8b:19:c1:a5:d1:b7:08:ec:8c:f7:b9: b6:3f:5e:41:fc:4a:69:06:40:93:99:0f:fb:68:0c: d0:83:d3:be:14:f5:de:1d:de:92:73:ce:d1:73:69: 6e:75:ea:4b:99:d3:fd:c2:30:3a:40:4b:44:e4:17: b2:18:63:43:59:02:05:66:cd:15:f7:13:2d:e1:af: 47:f7:29:be:81:65:58:72:be:68:21:2c:b5:89:8c: e0:f2:7c:fd:3d:a5:ec:af:1a:46:15:43:b3:eb:18: d9:53:96:e0:6f:0b:74:bb:d2:e8:34:ab:a0:e0:6a: c1:04:49:2d:3e:cd:8f:81:0e:bb:34:25:73:1e:db: 82:5a:35:07:d4:32:8f:d5:57:12:d0:bf:d9:93:83: 38:be:0a:76:6f:bb:21:8e:65:c1:fa:24:3e:78:e1: 0a:f6:be:5e:03:f9:6d:ec:e6:78:e1:c9:6d:81:0b: a8:55:cc:4c:30:9c:bd:e0:f4:f3:23:36:c3:13:5a: 0e:5d:eb:dc:94:06:13:59:83:5e:05:6d:a0:23:a0: cc:e9:9e:ac:a9:9d:8b:f6:50:9d:df:c8:75:47:0e: a5:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:21:79:21:C2:6E:88:ED:2C:91:60:FC:5F:87:9C:20:B6:8D:A0:31 X509v3 Authority Key Identifier: keyid:09:95:06:EC:98:7C:8B:19:40:58:53:B0:8C:71:8B:5B:BE:4A:C6:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CZUG7Jh8ixlAWFOwjHGLW75KxpI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 35:f4:a6:55:96:e4:cf:f0:92:8f:17:e2:29:f5:3f:fa:1b:a3: b4:0e:cb:c8:93:a3:7f:a0:9c:b2:b7:04:4f:5a:1b:e7:c5:55: 7e:6d:b2:ee:27:01:90:f9:06:c9:37:c3:66:e3:4f:aa:83:80: 8d:1d:84:f6:45:4d:41:d3:6f:7e:39:ad:b3:a1:81:d3:93:18: fc:c5:a8:cf:13:65:08:7a:a7:aa:5a:53:fe:5a:65:d9:55:65: 24:15:3c:d5:d5:bf:2b:8b:9a:d3:3e:28:6c:94:9a:43:48:e4: 1a:8b:60:0d:3a:fc:1b:4f:18:0c:2e:af:75:07:90:8c:6e:59: ad:cc:e7:a7:6e:ea:b9:b7:9b:dc:0d:ed:7b:26:51:26:f2:ed: 7f:58:46:43:bb:bb:98:73:c2:e7:97:a4:55:6f:ef:5b:20:85: 57:9d:b0:3d:a3:0f:9f:5b:d2:56:b7:b2:00:96:1e:b7:62:d7: d7:9e:1d:6b:03:35:09:e2:90:9c:46:aa:3b:10:42:da:90:e1: 08:85:30:7f:4b:83:6c:b1:c8:fe:3a:d4:04:1b:b8:a9:65:e6: b8:4c:f7:40:cc:fe:72:b6:59:59:36:46:44:ee:79:af:83:98: f2:53:a2:f4:7a:cc:36:7a:74:a1:5d:f7:5f:6e:69:ba:f6:e2: aa:39:f9:12 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBdzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 M0IwQTExMC8GA1UEBRMoMDk5NTA2RUM5ODdDOEIxOTQwNTg1M0IwOEM3MThCNUJC RTRBQzY5MjAeFw0yNTA0MDUwNjA0MjdaFw0yNTA0MTIwNjA0MjdaMBgxFjAUBgNV BAMTDTY3ZjBjN2ViLWJmNmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC9I73nnxe8wt08oiE3CPFhMTwFQsopThHaB1SncYlycHuLGcGl0bcI7Iz3ubY/ XkH8SmkGQJOZD/toDNCD074U9d4d3pJzztFzaW516kuZ0/3CMDpAS0TkF7IYY0NZ AgVmzRX3Ey3hr0f3Kb6BZVhyvmghLLWJjODyfP09peyvGkYVQ7PrGNlTluBvC3S7 0ug0q6DgasEESS0+zY+BDrs0JXMe24JaNQfUMo/VVxLQv9mTgzi+CnZvuyGOZcH6 JD544Qr2vl4D+W3s5njhyW2BC6hVzEwwnL3g9PMjNsMTWg5d69yUBhNZg14FbaAj oMzpnqypnYv2UJ3fyHVHDqW1AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUQCF5IcJu iO0skWD8X4ecILaNoDEwHwYDVR0jBBgwFoAUCZUG7Jh8ixlAWFOwjHGLW75KxpIw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQzQjBBL0Q1REI2REY2NjA3 QTExRUY4NjlBQTY1Q0M0RjlBRTAyL0NaVUc3Smg4aXhsQVdGT3dqSEdMVzc1S3hw SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvQ1pVRzdKaDhpeGxBV0ZPd2pIR0xXNzVLeHBJLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQz QjBBL0Q1REI2REY2NjA3QTExRUY4NjlBQTY1Q0M0RjlBRTAyL0NaVUc3Smg4aXhs QVdGT3dqSEdMVzc1S3hwSS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBADX0plWW5M/wko8X4in1P/obo7QOy8iTo3+gnLK3BE9aG+fFVX5tsu4n AZD5Bsk3w2bjT6qDgI0dhPZFTUHTb345rbOhgdOTGPzFqM8TZQh6p6paU/5aZdlV ZSQVPNXVvyuLmtM+KGyUmkNI5BqLYA06/BtPGAwur3UHkIxuWa3M56du6rm3m9wN 7XsmUSby7X9YRkO7u5hzwueXpFVv71sghVedsD2jD59b0la3sgCWHrdi19eeHWsD NQnikJxGqjsQQtqQ4QiFMH9Lg2yxyP461AQbuKll5rhM90DM/nK2WVk2RkTuea+D mPJTovR6zDZ6dKFd919uabr24qo5+RI= -----END CERTIFICATE-----Generated at Sun Apr 6 23:30:23 2025 by rpki-client