$ rpki-client -vvf rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.mft File: CeskiT_4OKrchy_8N1hCf2rsIXI.mft (raw, json) Hash identifier: Eoesuks82mTAf2IJjX1ALhdsVvfuNAWeGEwQ5Un0zvI= Subject key identifier: 4E:63:36:C5:F9:D7:B2:48:25:2D:E5:A9:19:04:55:BD:0B:4A:53:23 Authority key identifier: 09:EB:24:89:3F:F8:38:AA:DC:87:2F:FC:37:58:42:7F:6A:EC:21:72 Certificate issuer: /CN=A918F7A1/serialNumber=09EB24893FF838AADC872FFC3758427F6AEC2172 Certificate serial: 055C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CeskiT_4OKrchy_8N1hCf2rsIXI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.mft Manifest number: 072D Signing time: Thu 24 Jul 2025 23:41:38 +0000 Manifest this update: Thu 24 Jul 2025 23:41:37 +0000 Manifest next update: Thu 31 Jul 2025 23:41:37 +0000 Files and hashes: 1: CeskiT_4OKrchy_8N1hCf2rsIXI.crl (hash: OY2E41am267rdZEnHDZCv4ekR2fsHqv3qkqSSkvD2MA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.crl rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CeskiT_4OKrchy_8N1hCf2rsIXI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 31 Jul 2025 23:41:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1372 (0x55c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918F7A1, serialNumber=09EB24893FF838AADC872FFC3758427F6AEC2172 Validity Not Before: Jul 24 23:41:37 2025 GMT Not After : Jul 31 23:41:37 2025 GMT Subject: CN=6882c4b1-e582 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:f3:aa:b6:23:a7:ae:5d:cd:10:5a:a3:c4:2c: 9e:84:d9:0a:91:8d:a8:cd:69:d5:24:eb:a0:be:13: 46:cf:5c:cb:1e:8e:4b:ee:4d:bf:5c:11:54:92:0e: d8:64:59:87:0b:ca:2e:80:1d:36:d7:84:84:ed:a2: aa:f0:53:fe:5b:db:99:ba:cb:51:0b:22:63:d7:3b: 4e:ac:2a:bc:ad:15:db:be:30:11:f3:c5:b6:93:6c: 56:0d:f0:80:3c:c6:43:da:6d:35:d3:24:5c:f8:1d: af:9d:6f:81:8d:80:18:65:df:dc:91:46:1c:8b:89: c2:1f:f1:17:9e:a5:16:d6:d0:8e:c6:17:7d:26:fc: e6:2f:f1:c4:55:c2:ff:69:65:e5:87:77:35:17:5f: d2:94:1f:f4:a2:ff:fd:3d:ad:fc:94:c3:c5:00:d8: 2f:cb:57:e0:27:f3:ed:b3:70:ca:6e:ad:4e:e1:91: a6:7a:64:09:aa:13:68:35:f2:72:9d:78:ab:d2:26: 4c:bd:f8:c9:c5:fc:ba:6f:a2:0f:08:d3:2f:54:06: 39:b4:87:03:8d:52:4c:69:c3:73:d1:3c:ce:b5:43: d0:58:2e:04:8a:87:43:ae:b9:c7:c6:91:12:65:ce: d0:6d:40:fe:68:77:f4:f1:34:9e:52:b2:9b:72:a9: ab:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:63:36:C5:F9:D7:B2:48:25:2D:E5:A9:19:04:55:BD:0B:4A:53:23 X509v3 Authority Key Identifier: keyid:09:EB:24:89:3F:F8:38:AA:DC:87:2F:FC:37:58:42:7F:6A:EC:21:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CeskiT_4OKrchy_8N1hCf2rsIXI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7f:f6:fd:34:49:c6:b2:00:57:c8:63:ee:12:74:62:5a:ff:28: fe:06:e4:5c:6a:4d:77:bb:88:c6:d9:79:d4:d5:83:ff:62:3d: 4f:7b:fa:39:5b:f8:d7:d1:1f:95:f7:43:e6:91:2a:ae:11:d0: 2f:57:3d:69:8c:93:a4:f4:85:f2:03:f3:4c:53:a9:11:a6:15: c8:fc:de:28:ee:63:e7:06:ca:44:ee:73:52:e7:a8:c6:72:d7: 72:75:cc:a5:3a:de:db:d6:e9:44:da:26:ed:5f:42:dd:92:bd: 5b:f2:62:22:4e:33:7c:c6:e7:9b:40:68:7e:a2:b4:29:a3:bf: 56:2c:fc:c4:83:cf:1d:cc:42:31:59:4b:75:c0:cf:1a:d2:11: f1:f9:3f:45:7b:ab:fb:c1:94:4b:8b:3f:0a:1f:27:c4:cf:56: 07:33:ed:f9:6b:4e:bc:78:3d:9c:76:5b:c0:fd:aa:bf:76:10: 56:1d:3c:ef:44:03:39:12:95:7a:2d:07:b9:fd:07:06:31:bf: db:64:c5:ac:e6:3e:1f:cb:04:5f:14:3e:32:75:fb:36:f1:6e: 99:2f:ad:b6:02:64:f6:96:20:e9:18:89:04:f3:7c:47:8b:da: ed:2d:e9:8a:37:c6:d5:3f:ab:f6:65:40:b4:56:f5:d7:54:a7: 0a:04:bb:07 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBVwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEY3QTExMTAvBgNVBAUTKDA5RUIyNDg5M0ZGODM4QUFEQzg3MkZGQzM3NTg0MjdG NkFFQzIxNzIwHhcNMjUwNzI0MjM0MTM3WhcNMjUwNzMxMjM0MTM3WjAYMRYwFAYD VQQDEw02ODgyYzRiMS1lNTgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr/OqtiOnrl3NEFqjxCyehNkKkY2ozWnVJOugvhNGz1zLHo5L7k2/XBFUkg7Y ZFmHC8ougB0214SE7aKq8FP+W9uZustRCyJj1ztOrCq8rRXbvjAR88W2k2xWDfCA PMZD2m010yRc+B2vnW+BjYAYZd/ckUYci4nCH/EXnqUW1tCOxhd9JvzmL/HEVcL/ aWXlh3c1F1/SlB/0ov/9Pa38lMPFANgvy1fgJ/Pts3DKbq1O4ZGmemQJqhNoNfJy nXir0iZMvfjJxfy6b6IPCNMvVAY5tIcDjVJMacNz0TzOtUPQWC4EiodDrrnHxpES Zc7QbUD+aHf08TSeUrKbcqmrjQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFE5jNsX5 17JIJS3lqRkEVb0LSlMjMB8GA1UdIwQYMBaAFAnrJIk/+Diq3Icv/DdYQn9q7CFy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RjdBMS85MUU4RTI4NEY0 MzcxMUVCQjVENTY5MUNDNEY5QUUwMi9DZXNraVRfNE9LcmNoeV84TjFoQ2YycnNJ WEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0Nlc2tpVF80T0tyY2h5XzhOMWhDZjJyc0lYSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 RjdBMS85MUU4RTI4NEY0MzcxMUVCQjVENTY5MUNDNEY5QUUwMi9DZXNraVRfNE9L cmNoeV84TjFoQ2YycnNJWEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB/9v00ScayAFfIY+4SdGJa/yj+BuRcak13u4jG2XnU1YP/Yj1Pe/o5 W/jX0R+V90PmkSquEdAvVz1pjJOk9IXyA/NMU6kRphXI/N4o7mPnBspE7nNS56jG ctdydcylOt7b1ulE2ibtX0Ldkr1b8mIiTjN8xuebQGh+orQpo79WLPzEg88dzEIx WUt1wM8a0hHx+T9Fe6v7wZRLiz8KHyfEz1YHM+35a068eD2cdlvA/aq/dhBWHTzv RAM5EpV6LQe5/QcGMb/bZMWs5j4fywRfFD4ydfs28W6ZL622AmT2liDpGIkE83xH i9rtLemKN8bVP6v2ZUC0VvXXVKcKBLsH -----END CERTIFICATE-----Generated at Fri Jul 25 07:05:34 2025 by rpki-client