$ rpki-client -vvf rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft File: CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft (raw, json) Hash identifier: C58trrig9C9bFgd81//EijZMS5NrBuPJbXDZKZrv4sI= Subject key identifier: 71:91:8D:45:0B:64:CA:78:F0:3A:44:46:D7:39:13:AA:FB:31:48:D3 Authority key identifier: 09:95:06:EC:98:7C:8B:19:40:58:53:B0:8C:71:8B:5B:BE:4A:C6:92 Certificate issuer: /CN=A9143B0A/serialNumber=099506EC987C8B19405853B08C718B5BBE4AC692 Certificate serial: 99 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CZUG7Jh8ixlAWFOwjHGLW75KxpI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft Manifest number: 98 Signing time: Fri 13 Jun 2025 05:17:15 +0000 Manifest this update: Fri 13 Jun 2025 05:17:14 +0000 Manifest next update: Fri 20 Jun 2025 05:17:14 +0000 Files and hashes: 1: CZUG7Jh8ixlAWFOwjHGLW75KxpI.crl (hash: gZtod5uB60Y+7UM+OIjFIbYX//lRSo+syY6Hdusd49s=) 2: 485B32A8607B11EFB27C6C5DC4F9AE02.roa (hash: g7W9G3ij02vVGRhQiw6Ym1yygIWGPWKSpCEET+ZTaHQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.crl rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CZUG7Jh8ixlAWFOwjHGLW75KxpI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 20 Jun 2025 05:17:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 153 (0x99) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9143B0A, serialNumber=099506EC987C8B19405853B08C718B5BBE4AC692 Validity Not Before: Jun 13 05:17:14 2025 GMT Not After : Jun 20 05:17:14 2025 GMT Subject: CN=684bb45a-7804 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:79:1e:ba:6d:ff:26:c6:52:ed:4a:ee:b3:13: ef:56:fd:ad:53:b2:d7:6c:53:a1:78:13:cd:c8:8a: d8:2d:c8:21:a6:2c:50:95:61:ed:82:80:27:d2:8f: bc:b1:49:08:b3:71:60:a1:6b:ba:3b:63:b6:8b:54: 9b:37:00:b8:45:ed:f9:d9:41:b4:0f:ed:76:10:a0: 5a:95:cd:45:be:a2:d4:db:6c:80:79:30:56:ce:6a: 4f:c1:3f:62:46:45:2a:e2:4c:dc:44:ff:e2:4f:e1: 22:26:83:4e:8e:72:eb:e6:26:5a:77:97:91:99:28: 95:98:d4:11:8e:c2:00:c7:4e:45:20:2c:65:51:a0: 51:44:25:c5:1a:1f:92:4e:b7:d4:a2:a1:16:98:5a: 09:69:8e:66:03:73:3c:ad:a2:94:38:b3:7c:ba:75: c7:8c:0b:d5:06:95:02:a0:c2:8a:fd:a1:05:df:b2: 47:4f:e5:53:f4:9d:f1:29:6a:9c:28:83:00:09:b1: fd:3b:05:cf:0a:7d:5d:0c:4c:82:a5:5c:59:1d:35: 93:11:15:dd:6d:75:42:d8:e5:95:cd:05:e0:bc:c4: 4f:3f:9c:b0:6b:77:f4:f9:bd:51:74:04:9c:98:be: 91:0e:85:29:cb:1e:63:86:46:c7:18:bf:2c:db:11: c0:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:91:8D:45:0B:64:CA:78:F0:3A:44:46:D7:39:13:AA:FB:31:48:D3 X509v3 Authority Key Identifier: keyid:09:95:06:EC:98:7C:8B:19:40:58:53:B0:8C:71:8B:5B:BE:4A:C6:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CZUG7Jh8ixlAWFOwjHGLW75KxpI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 79:a1:2c:3e:06:0e:de:13:00:a4:ae:00:c9:00:3b:8e:00:f0: d1:d8:bf:d9:e3:5e:46:38:e4:95:b2:5a:e3:f5:df:bb:6e:1b: 7c:ac:7f:5c:38:76:d6:c4:e3:34:55:d4:8b:ad:41:49:0d:6c: 7a:b4:cb:7c:69:3e:f6:bd:2a:7d:f9:f8:1a:eb:75:f7:f7:c7: 02:28:f5:cb:25:d6:5f:97:54:96:a2:29:9e:61:58:bf:21:c4: 20:3a:2b:c9:17:1d:2b:e2:a0:40:72:e3:1b:7d:99:e5:df:fa: bb:bc:2b:5c:55:88:c4:c0:fc:09:4b:1f:8e:5e:31:19:82:89: 1e:1d:79:62:c8:d0:58:24:b9:1f:71:20:62:e2:e4:7c:40:42: 35:a8:1c:5e:98:9a:d6:61:4b:d6:c3:f7:4c:af:e0:f9:54:e3: 86:a6:32:2e:0f:63:fb:0a:3a:5b:d7:73:78:12:ac:34:7e:51: 73:1e:87:67:5f:49:54:61:dd:cc:36:08:87:ea:e3:3d:1c:0c: b4:5a:a2:a4:e3:f8:d1:eb:16:a0:67:6e:aa:1a:56:cf:b7:3e: b5:8c:f3:d0:75:f1:40:68:15:1a:62:92:33:4d:af:a5:f3:e9: 71:e3:38:3a:d8:a4:4f:0b:bf:9f:eb:b3:c9:89:e5:8d:7a:1d: ae:c7:b5:56 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAJkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDNCMEExMTAvBgNVBAUTKDA5OTUwNkVDOTg3QzhCMTk0MDU4NTNCMDhDNzE4QjVC QkU0QUM2OTIwHhcNMjUwNjEzMDUxNzE0WhcNMjUwNjIwMDUxNzE0WjAYMRYwFAYD VQQDEw02ODRiYjQ1YS03ODA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxHkeum3/JsZS7UrusxPvVv2tU7LXbFOheBPNyIrYLcghpixQlWHtgoAn0o+8 sUkIs3FgoWu6O2O2i1SbNwC4Re352UG0D+12EKBalc1FvqLU22yAeTBWzmpPwT9i RkUq4kzcRP/iT+EiJoNOjnLr5iZad5eRmSiVmNQRjsIAx05FICxlUaBRRCXFGh+S TrfUoqEWmFoJaY5mA3M8raKUOLN8unXHjAvVBpUCoMKK/aEF37JHT+VT9J3xKWqc KIMACbH9OwXPCn1dDEyCpVxZHTWTERXdbXVC2OWVzQXgvMRPP5ywa3f0+b1RdASc mL6RDoUpyx5jhkbHGL8s2xHArQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHGRjUUL ZMp48DpERtc5E6r7MUjTMB8GA1UdIwQYMBaAFAmVBuyYfIsZQFhTsIxxi1u+SsaS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0IwQS9ENURCNkRGNjYw N0ExMUVGODY5QUE2NUNDNEY5QUUwMi9DWlVHN0poOGl4bEFXRk93akhHTFc3NUt4 cEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NaVUc3Smg4aXhsQVdGT3dqSEdMVzc1S3hwSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 M0IwQS9ENURCNkRGNjYwN0ExMUVGODY5QUE2NUNDNEY5QUUwMi9DWlVHN0poOGl4 bEFXRk93akhHTFc3NUt4cEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB5oSw+Bg7eEwCkrgDJADuOAPDR2L/Z415GOOSVslrj9d+7bht8rH9c OHbWxOM0VdSLrUFJDWx6tMt8aT72vSp9+fga63X398cCKPXLJdZfl1SWoimeYVi/ IcQgOivJFx0r4qBAcuMbfZnl3/q7vCtcVYjEwPwJSx+OXjEZgokeHXliyNBYJLkf cSBi4uR8QEI1qBxemJrWYUvWw/dMr+D5VOOGpjIuD2P7Cjpb13N4Eqw0flFzHodn X0lUYd3MNgiH6uM9HAy0WqKk4/jR6xagZ26qGlbPtz61jPPQdfFAaBUaYpIzTa+l 8+lx4zg62KRPC7+f67PJieWNeh2ux7VW -----END CERTIFICATE-----Generated at Sat Jun 14 18:50:38 2025 by rpki-client