$ rpki-client -vvf rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft File: CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft (raw, json) Hash identifier: AEeCzCr8KGtlaNZ1bpEFzqRdysoCM/zVjJzv0i6FRCM= Subject key identifier: 49:86:45:4D:68:49:A2:C9:99:53:EB:0D:90:65:47:CA:3F:96:A9:D9 Authority key identifier: 09:95:06:EC:98:7C:8B:19:40:58:53:B0:8C:71:8B:5B:BE:4A:C6:92 Certificate issuer: /CN=A9143B0A/serialNumber=099506EC987C8B19405853B08C718B5BBE4AC692 Certificate serial: 81 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CZUG7Jh8ixlAWFOwjHGLW75KxpI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft Manifest number: 80 Signing time: Fri 25 Apr 2025 05:39:37 +0000 Manifest this update: Fri 25 Apr 2025 05:39:36 +0000 Manifest next update: Fri 02 May 2025 05:39:36 +0000 Files and hashes: 1: CZUG7Jh8ixlAWFOwjHGLW75KxpI.crl (hash: zeXibuRorKLUQhWCfxYy2CgtriOhPoF3hnaGp3Bp6HE=) 2: 485B32A8607B11EFB27C6C5DC4F9AE02.roa (hash: g7W9G3ij02vVGRhQiw6Ym1yygIWGPWKSpCEET+ZTaHQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.crl rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CZUG7Jh8ixlAWFOwjHGLW75KxpI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 05:39:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 129 (0x81) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9143B0A, serialNumber=099506EC987C8B19405853B08C718B5BBE4AC692 Validity Not Before: Apr 25 05:39:36 2025 GMT Not After : May 2 05:39:36 2025 GMT Subject: CN=680b2018-1ee5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:ce:9b:dd:32:97:e2:24:86:6a:91:08:7b:fa: 1f:3f:0f:6a:6b:e5:ca:3f:ad:90:1d:32:08:d4:56: cc:23:29:19:93:80:2c:ca:03:62:2b:7e:0e:fa:97: 00:6a:dd:c6:f3:65:71:bf:79:28:5f:c9:5e:57:32: f7:b1:cc:61:5e:49:1e:b3:92:33:fb:31:00:d3:6f: 4d:e0:e4:fe:84:db:4d:1d:ae:fd:a0:b5:4e:df:d0: 96:82:ad:96:6c:a4:2b:27:9d:33:e2:69:54:39:46: 91:39:42:c0:35:81:93:f9:ee:ef:fb:e1:90:d1:7c: 9a:bd:4e:7d:9b:d8:1c:42:9f:8e:fb:f9:8f:6b:28: 84:e1:db:64:b0:95:c5:89:5f:31:f5:13:e6:10:af: 26:4e:c1:e3:8a:82:23:45:f9:76:0a:b8:f8:1a:0c: 4b:8e:7f:23:25:79:fe:81:dc:1d:12:4a:6a:2b:d0: 1c:74:f5:30:32:f7:58:d9:50:3f:68:f1:d7:19:49: f9:89:ec:f6:78:13:69:70:40:9a:a3:5c:23:12:57: a8:e0:06:63:83:3b:41:48:c9:79:17:d7:37:89:6d: 0a:49:50:d9:96:68:27:28:fa:5b:bc:1d:b6:16:b3: 0f:b0:8b:27:d7:ca:e3:e3:ed:1c:c4:9f:22:f3:1d: 2e:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:86:45:4D:68:49:A2:C9:99:53:EB:0D:90:65:47:CA:3F:96:A9:D9 X509v3 Authority Key Identifier: keyid:09:95:06:EC:98:7C:8B:19:40:58:53:B0:8C:71:8B:5B:BE:4A:C6:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CZUG7Jh8ixlAWFOwjHGLW75KxpI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0b:7f:48:92:95:bd:6c:cc:e4:61:ec:ff:3a:d1:f6:2e:73:6e: a0:c0:b0:36:ff:b2:83:9c:83:a0:b5:6d:fb:4b:2a:ee:07:08: 7a:f2:b7:85:5b:de:85:2c:c1:23:ec:a3:a4:09:28:03:42:21: 29:24:9d:77:22:0e:93:7a:ea:d9:f9:52:2a:e8:bb:ab:cb:6b: 7a:f1:a9:1d:12:c4:aa:60:23:7a:41:07:35:5e:26:6e:cc:53: 8a:bf:57:04:dc:69:9d:29:e2:8f:72:3a:45:87:8d:3b:30:16: 00:c4:ca:a5:ca:eb:eb:77:82:5e:77:ed:aa:89:63:0a:21:64: eb:2a:7e:1e:75:a6:ca:f9:3a:3e:25:f7:5f:ba:6a:76:03:fd: 4c:49:18:3e:35:d8:f9:94:69:d9:9c:21:14:6a:cc:e5:2e:45: e1:98:d2:1a:31:23:65:77:5d:d0:d4:f3:9e:56:7a:26:92:2e: 96:8d:cf:fe:53:8a:b0:e1:cd:64:0a:49:86:d6:9f:89:43:de: 56:55:5d:b6:67:23:e4:25:37:bc:23:7a:e1:93:f7:c5:9e:c6: 86:ad:81:2a:bc:dd:cc:bf:e7:17:80:f9:c3:c5:63:97:23:f6: d9:24:99:42:0d:54:bb:32:27:1d:0f:9d:5d:68:63:b6:d5:80: 18:c4:a2:68 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAIEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDNCMEExMTAvBgNVBAUTKDA5OTUwNkVDOTg3QzhCMTk0MDU4NTNCMDhDNzE4QjVC QkU0QUM2OTIwHhcNMjUwNDI1MDUzOTM2WhcNMjUwNTAyMDUzOTM2WjAYMRYwFAYD VQQDEw02ODBiMjAxOC0xZWU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoM6b3TKX4iSGapEIe/ofPw9qa+XKP62QHTII1FbMIykZk4AsygNiK34O+pcA at3G82Vxv3koX8leVzL3scxhXkkes5Iz+zEA029N4OT+hNtNHa79oLVO39CWgq2W bKQrJ50z4mlUOUaROULANYGT+e7v++GQ0XyavU59m9gcQp+O+/mPayiE4dtksJXF iV8x9RPmEK8mTsHjioIjRfl2Crj4GgxLjn8jJXn+gdwdEkpqK9AcdPUwMvdY2VA/ aPHXGUn5iez2eBNpcECao1wjEleo4AZjgztBSMl5F9c3iW0KSVDZlmgnKPpbvB22 FrMPsIsn18rj4+0cxJ8i8x0ueQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEmGRU1o SaLJmVPrDZBlR8o/lqnZMB8GA1UdIwQYMBaAFAmVBuyYfIsZQFhTsIxxi1u+SsaS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0IwQS9ENURCNkRGNjYw N0ExMUVGODY5QUE2NUNDNEY5QUUwMi9DWlVHN0poOGl4bEFXRk93akhHTFc3NUt4 cEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NaVUc3Smg4aXhsQVdGT3dqSEdMVzc1S3hwSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 M0IwQS9ENURCNkRGNjYwN0ExMUVGODY5QUE2NUNDNEY5QUUwMi9DWlVHN0poOGl4 bEFXRk93akhHTFc3NUt4cEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQALf0iSlb1szORh7P860fYuc26gwLA2/7KDnIOgtW37SyruBwh68reF W96FLMEj7KOkCSgDQiEpJJ13Ig6TeurZ+VIq6Lury2t68akdEsSqYCN6QQc1XiZu zFOKv1cE3GmdKeKPcjpFh407MBYAxMqlyuvrd4Jed+2qiWMKIWTrKn4edabK+To+ Jfdfump2A/1MSRg+Ndj5lGnZnCEUaszlLkXhmNIaMSNld13Q1POeVnomki6Wjc/+ U4qw4c1kCkmG1p+JQ95WVV22ZyPkJTe8I3rhk/fFnsaGrYEqvN3Mv+cXgPnDxWOX I/bZJJlCDVS7MicdD51daGO21YAYxKJo -----END CERTIFICATE-----Generated at Sat Apr 26 14:59:18 2025 by rpki-client