$ rpki-client -vvf rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft File: CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft (raw, json) Hash identifier: tieOW1eQw4yIPuJuM0UPSpPlaeBSTCAdB2bpF6NWtxc= Subject key identifier: 1B:8D:8A:1F:F9:71:B4:0D:C0:89:5D:BB:D4:BF:3D:4D:16:76:FE:BB Authority key identifier: 09:95:06:EC:98:7C:8B:19:40:58:53:B0:8C:71:8B:5B:BE:4A:C6:92 Certificate issuer: /CN=A9143B0A/serialNumber=099506EC987C8B19405853B08C718B5BBE4AC692 Certificate serial: 92 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CZUG7Jh8ixlAWFOwjHGLW75KxpI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft Manifest number: 91 Signing time: Sat 31 May 2025 06:01:08 +0000 Manifest this update: Sat 31 May 2025 06:01:08 +0000 Manifest next update: Sat 07 Jun 2025 06:01:08 +0000 Files and hashes: 1: CZUG7Jh8ixlAWFOwjHGLW75KxpI.crl (hash: 8X3wJP79rJcRtNPA+zVpqpjBOG/vVkql8GkwpWBNNmc=) 2: 485B32A8607B11EFB27C6C5DC4F9AE02.roa (hash: g7W9G3ij02vVGRhQiw6Ym1yygIWGPWKSpCEET+ZTaHQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.crl rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CZUG7Jh8ixlAWFOwjHGLW75KxpI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 06:01:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 146 (0x92) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9143B0A, serialNumber=099506EC987C8B19405853B08C718B5BBE4AC692 Validity Not Before: May 31 06:01:08 2025 GMT Not After : Jun 7 06:01:08 2025 GMT Subject: CN=683a9b24-d2f3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:b5:cc:f6:57:36:fb:36:33:6b:ef:e0:66:4d: 1f:0a:67:4a:ea:79:c4:c8:6c:da:45:1b:1a:a6:fa: 1c:03:d8:7b:69:c1:ad:e4:2f:4c:5c:75:66:8f:98: 40:df:34:06:75:e7:7c:c8:d9:93:24:af:29:a4:0e: 1c:39:24:7f:70:84:76:b0:32:f8:42:37:90:97:46: 0f:2d:de:8d:14:6f:93:a0:d3:2d:11:19:43:37:fe: a0:b4:fe:51:88:a7:8e:8d:87:8e:34:b6:22:7b:12: 7d:9d:a3:a5:8b:5e:9c:86:f2:81:a0:f5:e3:51:c3: 74:db:e4:b4:a1:74:b6:de:4e:02:cd:7f:44:48:a3: 57:9e:ec:8e:5f:f4:91:62:cc:cf:0f:ef:4a:90:10: 10:7a:58:75:a3:29:16:f9:a4:d4:bf:a4:eb:8f:5e: 51:46:79:e7:67:0d:8c:fc:ce:8f:8e:66:9a:b3:e1: ab:f0:58:75:0c:30:d9:ca:02:1f:a0:a9:69:2a:09: 6b:f0:19:b9:f8:11:e2:e9:76:2c:47:b4:61:30:34: c2:2b:fa:d2:81:33:46:d7:57:0a:cd:d3:c7:84:5f: 8d:b4:bf:85:ac:15:28:8b:b1:ee:d6:7b:04:f1:cf: 64:89:31:c4:cb:20:3f:ff:bf:bf:97:20:72:2f:75: d6:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:8D:8A:1F:F9:71:B4:0D:C0:89:5D:BB:D4:BF:3D:4D:16:76:FE:BB X509v3 Authority Key Identifier: keyid:09:95:06:EC:98:7C:8B:19:40:58:53:B0:8C:71:8B:5B:BE:4A:C6:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CZUG7Jh8ixlAWFOwjHGLW75KxpI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 85:66:6f:65:27:06:34:31:e7:8e:84:d2:89:1c:95:0d:9a:ec: 88:7a:ad:fe:7a:66:e6:44:46:6f:a6:bd:28:59:c1:32:9a:3e: 7d:43:9d:84:c9:dc:21:f4:d2:15:e9:29:b8:d4:6a:f8:97:3e: b6:8b:5d:d8:ce:62:39:d4:6d:60:68:46:3a:eb:21:b3:bd:ed: 8d:3e:46:04:4e:1c:a0:4c:15:50:e9:ad:da:d2:ae:02:20:8c: 8e:ed:74:7e:9c:2d:5a:5a:bd:09:52:d7:bc:d0:b5:64:6e:77: 4b:74:fc:1e:7a:6b:b9:b5:4d:57:41:ab:9f:91:59:11:ed:fd: bf:33:22:91:82:8c:1c:ab:81:11:43:3d:7f:2f:93:a6:97:fe: 7f:4a:87:18:2a:b0:7b:b7:19:a4:64:91:37:6f:e2:cb:a6:11: 32:73:49:5f:08:af:86:a7:2e:ec:42:1a:29:78:9a:67:e5:e9: 1b:8c:6f:ce:c3:07:1a:6c:3e:08:18:2f:19:a5:92:0c:06:a6: 02:35:c9:c0:17:16:0a:d6:88:1e:29:e8:5f:55:ed:1a:29:dd: 58:03:2c:d8:88:5a:89:f9:cd:77:a7:ba:3d:aa:4a:5c:cb:57: 8c:d9:ec:44:96:8b:6e:24:e6:8d:6f:10:18:7b:d4:3d:2c:d1: 66:23:ad:f5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAJIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDNCMEExMTAvBgNVBAUTKDA5OTUwNkVDOTg3QzhCMTk0MDU4NTNCMDhDNzE4QjVC QkU0QUM2OTIwHhcNMjUwNTMxMDYwMTA4WhcNMjUwNjA3MDYwMTA4WjAYMRYwFAYD VQQDEw02ODNhOWIyNC1kMmYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnLXM9lc2+zYza+/gZk0fCmdK6nnEyGzaRRsapvocA9h7acGt5C9MXHVmj5hA 3zQGded8yNmTJK8ppA4cOSR/cIR2sDL4QjeQl0YPLd6NFG+ToNMtERlDN/6gtP5R iKeOjYeONLYiexJ9naOli16chvKBoPXjUcN02+S0oXS23k4CzX9ESKNXnuyOX/SR YszPD+9KkBAQelh1oykW+aTUv6Trj15RRnnnZw2M/M6Pjmaas+Gr8Fh1DDDZygIf oKlpKglr8Bm5+BHi6XYsR7RhMDTCK/rSgTNG11cKzdPHhF+NtL+FrBUoi7Hu1nsE 8c9kiTHEyyA//7+/lyByL3XWjQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBuNih/5 cbQNwIldu9S/PU0Wdv67MB8GA1UdIwQYMBaAFAmVBuyYfIsZQFhTsIxxi1u+SsaS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0IwQS9ENURCNkRGNjYw N0ExMUVGODY5QUE2NUNDNEY5QUUwMi9DWlVHN0poOGl4bEFXRk93akhHTFc3NUt4 cEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NaVUc3Smg4aXhsQVdGT3dqSEdMVzc1S3hwSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 M0IwQS9ENURCNkRGNjYwN0ExMUVGODY5QUE2NUNDNEY5QUUwMi9DWlVHN0poOGl4 bEFXRk93akhHTFc3NUt4cEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCFZm9lJwY0MeeOhNKJHJUNmuyIeq3+embmREZvpr0oWcEymj59Q52E ydwh9NIV6Sm41Gr4lz62i13YzmI51G1gaEY66yGzve2NPkYEThygTBVQ6a3a0q4C IIyO7XR+nC1aWr0JUte80LVkbndLdPweemu5tU1XQaufkVkR7f2/MyKRgowcq4ER Qz1/L5Oml/5/SocYKrB7txmkZJE3b+LLphEyc0lfCK+Gpy7sQhopeJpn5ekbjG/O wwcabD4IGC8ZpZIMBqYCNcnAFxYK1ogeKehfVe0aKd1YAyzYiFqJ+c13p7o9qkpc y1eM2exElotuJOaNbxAYe9Q9LNFmI631 -----END CERTIFICATE-----Generated at Sat May 31 16:35:56 2025 by rpki-client