$ rpki-client -vvf rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft File: CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft (raw, json) Hash identifier: K/sdHWMCnDhUVMdvIqqol6JPQRVIUmJvs7duEqE+AvE= Subject key identifier: 49:B4:2A:D3:F6:12:E8:E7:97:AE:1A:77:21:94:D1:31:C9:C6:62:AD Authority key identifier: 09:95:06:EC:98:7C:8B:19:40:58:53:B0:8C:71:8B:5B:BE:4A:C6:92 Certificate issuer: /CN=A9143B0A/serialNumber=099506EC987C8B19405853B08C718B5BBE4AC692 Certificate serial: E5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CZUG7Jh8ixlAWFOwjHGLW75KxpI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft Manifest number: E3 Signing time: Wed 05 Nov 2025 05:39:17 +0000 Manifest this update: Wed 05 Nov 2025 05:39:17 +0000 Manifest next update: Wed 12 Nov 2025 05:39:17 +0000 Files and hashes: 1: CZUG7Jh8ixlAWFOwjHGLW75KxpI.crl (hash: d2zVC9bfcBkyhxdOQKD6LOCOOHxU8Je6/90AAmRtNoI=) 2: 485B32A8607B11EFB27C6C5DC4F9AE02.roa (hash: ssSab392rUEklfenSvYRYq8TUWajk4XJZygnBh6m+8Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.crl rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CZUG7Jh8ixlAWFOwjHGLW75KxpI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 05:39:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 229 (0xe5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9143B0A, serialNumber=099506EC987C8B19405853B08C718B5BBE4AC692 Validity Not Before: Nov 5 05:39:17 2025 GMT Not After : Nov 12 05:39:17 2025 GMT Subject: CN=690ae305-9fec Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:17:92:86:c7:00:21:8b:c5:89:05:25:f9:a4: 3f:ee:43:88:28:59:02:ba:77:98:33:0e:6c:df:a3: f2:8f:ac:f6:1f:15:34:85:b3:87:f7:9d:ce:0a:61: 77:d1:d8:03:d6:b0:3e:3c:5c:ee:73:9a:40:80:c7: 18:24:10:17:35:dc:25:f2:67:26:58:70:39:1a:b7: d4:b3:71:36:04:30:83:05:df:fe:44:c1:57:72:0f: 4d:4a:ba:b5:b3:66:ab:8c:c5:38:84:3b:b3:02:9e: ae:04:74:02:e6:e2:d4:89:a4:68:ac:42:2b:da:37: 6c:e9:2e:4b:52:fb:d3:ae:4c:77:08:36:86:56:86: 5b:ce:71:12:f2:90:5e:82:62:0d:95:37:90:a5:de: 65:e5:00:a2:f7:18:8e:ee:9c:0e:09:b2:44:d9:8d: 89:24:1f:4c:82:af:e5:5d:45:3b:4b:71:a8:6f:a5: 13:a4:ce:9c:7a:d0:66:65:c4:bc:d6:62:15:df:4c: 3f:22:9a:d1:38:ee:24:31:65:cd:77:2c:fd:71:fc: f9:1b:91:dc:6b:f2:e0:37:0e:4c:22:94:0f:59:12: c9:91:95:f0:57:62:f7:1d:4f:b2:88:7b:da:92:e6: 24:14:55:86:b4:57:07:75:13:65:c4:cd:6c:1b:f1: 91:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:B4:2A:D3:F6:12:E8:E7:97:AE:1A:77:21:94:D1:31:C9:C6:62:AD X509v3 Authority Key Identifier: keyid:09:95:06:EC:98:7C:8B:19:40:58:53:B0:8C:71:8B:5B:BE:4A:C6:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CZUG7Jh8ixlAWFOwjHGLW75KxpI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 12:e2:be:cb:de:3a:b1:aa:34:35:bc:83:09:08:f0:dc:61:84: e8:1c:86:c1:34:a8:e8:c2:a2:0f:c9:2a:07:50:f5:5e:05:18: eb:d6:eb:42:a2:fa:d2:d4:5f:5c:5d:26:b8:94:23:f1:38:d4: e3:2a:2b:02:e3:05:bf:93:dd:c8:fc:45:03:64:58:cb:fd:54: f2:f8:b6:fb:b1:e8:d8:24:77:f7:f5:fd:f4:75:57:4d:5a:84: b9:33:2a:75:ed:b7:75:7d:08:2a:ac:7a:d9:07:37:34:ec:81: 5b:8d:a2:df:24:35:52:dd:12:8e:20:6c:6f:a2:ad:44:16:d5: 55:91:22:43:a5:dd:85:0f:d6:d4:fa:a2:9b:98:fc:39:1b:e5: fc:7a:81:5c:65:95:d9:8f:00:cb:b6:4b:38:9d:1d:92:59:43: 4a:58:91:4f:b4:05:c4:16:93:1e:fe:d4:31:e4:1c:24:a8:3b: fa:5d:13:40:2e:8e:5d:48:71:45:bd:99:41:07:24:22:09:a1: 43:ee:33:f0:bd:8a:b1:1e:2d:61:61:59:c4:4f:f7:e3:c7:1a: b3:48:bd:51:a6:e8:f5:4f:aa:9d:1a:ca:27:64:c8:c4:af:e3: 8f:b7:6d:09:e2:e9:5d:9d:5c:0c:68:26:37:c6:db:77:b8:91: 30:38:f0:13 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAOUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDNCMEExMTAvBgNVBAUTKDA5OTUwNkVDOTg3QzhCMTk0MDU4NTNCMDhDNzE4QjVC QkU0QUM2OTIwHhcNMjUxMTA1MDUzOTE3WhcNMjUxMTEyMDUzOTE3WjAYMRYwFAYD VQQDEw02OTBhZTMwNS05ZmVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuheShscAIYvFiQUl+aQ/7kOIKFkCuneYMw5s36Pyj6z2HxU0hbOH953OCmF3 0dgD1rA+PFzuc5pAgMcYJBAXNdwl8mcmWHA5GrfUs3E2BDCDBd/+RMFXcg9NSrq1 s2arjMU4hDuzAp6uBHQC5uLUiaRorEIr2jds6S5LUvvTrkx3CDaGVoZbznES8pBe gmINlTeQpd5l5QCi9xiO7pwOCbJE2Y2JJB9Mgq/lXUU7S3Gob6UTpM6cetBmZcS8 1mIV30w/IprROO4kMWXNdyz9cfz5G5Hca/LgNw5MIpQPWRLJkZXwV2L3HU+yiHva kuYkFFWGtFcHdRNlxM1sG/GRdQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEm0KtP2 Eujnl64adyGU0THJxmKtMB8GA1UdIwQYMBaAFAmVBuyYfIsZQFhTsIxxi1u+SsaS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0IwQS9ENURCNkRGNjYw N0ExMUVGODY5QUE2NUNDNEY5QUUwMi9DWlVHN0poOGl4bEFXRk93akhHTFc3NUt4 cEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NaVUc3Smg4aXhsQVdGT3dqSEdMVzc1S3hwSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 M0IwQS9ENURCNkRGNjYwN0ExMUVGODY5QUE2NUNDNEY5QUUwMi9DWlVHN0poOGl4 bEFXRk93akhHTFc3NUt4cEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAS4r7L3jqxqjQ1vIMJCPDcYYToHIbBNKjowqIPySoHUPVeBRjr1utC ovrS1F9cXSa4lCPxONTjKisC4wW/k93I/EUDZFjL/VTy+Lb7sejYJHf39f30dVdN WoS5Myp17bd1fQgqrHrZBzc07IFbjaLfJDVS3RKOIGxvoq1EFtVVkSJDpd2FD9bU +qKbmPw5G+X8eoFcZZXZjwDLtks4nR2SWUNKWJFPtAXEFpMe/tQx5BwkqDv6XRNA Lo5dSHFFvZlBByQiCaFD7jPwvYqxHi1hYVnET/fjxxqzSL1Rpuj1T6qdGsonZMjE r+OPt20J4uldnVwMaCY3xtt3uJEwOPAT -----END CERTIFICATE-----Generated at Wed Nov 5 09:52:31 2025 by rpki-client