$ rpki-client -vvf rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.mft File: CeskiT_4OKrchy_8N1hCf2rsIXI.mft (raw, json) Hash identifier: fkE32u6Cxo3wjCmWhVw7B9b8X+Htllknys07nUpdHcA= Subject key identifier: 0D:90:22:AA:91:36:A5:04:A7:83:0B:BE:E2:68:BF:A4:6F:C6:41:1F Authority key identifier: 09:EB:24:89:3F:F8:38:AA:DC:87:2F:FC:37:58:42:7F:6A:EC:21:72 Certificate issuer: /CN=A918F7A1/serialNumber=09EB24893FF838AADC872FFC3758427F6AEC2172 Certificate serial: 0549 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CeskiT_4OKrchy_8N1hCf2rsIXI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.mft Manifest number: 0707 Signing time: Mon 16 Jun 2025 23:03:43 +0000 Manifest this update: Mon 16 Jun 2025 23:03:42 +0000 Manifest next update: Mon 23 Jun 2025 23:03:42 +0000 Files and hashes: 1: CeskiT_4OKrchy_8N1hCf2rsIXI.crl (hash: vxAR6TCH751AoKKQLw2Bzh/xFNa/P2Qbn+n9kkVwoMA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.crl rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CeskiT_4OKrchy_8N1hCf2rsIXI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 23 Jun 2025 23:03:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1353 (0x549) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918F7A1, serialNumber=09EB24893FF838AADC872FFC3758427F6AEC2172 Validity Not Before: Jun 16 23:03:42 2025 GMT Not After : Jun 23 23:03:42 2025 GMT Subject: CN=6850a2cf-7f3e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:8f:fd:b3:78:a8:a1:86:7f:60:e8:1d:1e:2a: 98:f2:18:02:4d:22:de:e7:1a:9e:88:4f:fb:37:5c: 59:72:5f:bd:bd:dd:cb:d9:e9:25:5e:38:1c:a6:02: 40:52:a1:63:85:b4:bf:93:7b:44:6e:f3:b8:60:6b: cb:eb:62:91:ab:fe:5b:5d:0f:ba:6c:1a:09:0d:56: b5:d7:48:96:5b:6e:b0:31:2e:ca:2d:d1:5a:64:ec: c4:dc:0a:d5:39:d7:03:65:d7:c0:9a:b8:a8:b9:8d: 18:cc:43:3b:b5:f3:0e:94:61:47:2e:68:e6:ee:2f: 81:db:d5:0e:c8:17:6f:76:24:81:21:a7:4d:5e:44: b7:39:03:ef:43:9f:2b:c5:54:68:37:c8:e5:07:7c: 3a:22:d1:d9:e0:ad:6b:1c:68:a0:02:9c:a1:ba:45: 39:49:37:77:46:bd:82:d6:c0:48:0e:64:55:d6:e2: aa:af:fa:04:24:06:87:42:e3:f0:88:ec:cc:25:69: 5a:40:cd:3b:76:b5:5b:8c:04:c4:87:26:e1:78:37: 43:75:88:40:23:c6:d9:5e:f7:10:5e:1e:85:aa:d1: b3:5e:ca:4a:5c:11:c5:e3:33:2b:ff:ab:9a:18:3c: 91:96:de:db:46:83:a6:14:1c:f2:a5:d3:ef:38:1f: a5:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:90:22:AA:91:36:A5:04:A7:83:0B:BE:E2:68:BF:A4:6F:C6:41:1F X509v3 Authority Key Identifier: keyid:09:EB:24:89:3F:F8:38:AA:DC:87:2F:FC:37:58:42:7F:6A:EC:21:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CeskiT_4OKrchy_8N1hCf2rsIXI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 33:25:48:9e:48:15:74:8a:85:81:8e:02:5c:96:e3:cb:00:07: 4d:e2:5e:74:35:29:ef:23:ae:f1:ad:7e:17:d0:84:29:d2:f4: 0b:a1:70:dd:07:39:db:62:69:05:3e:92:67:c8:5d:48:a4:ea: 76:4e:2c:06:44:29:a2:f2:ef:38:cc:af:e0:82:8b:5e:db:ab: 03:7c:a4:32:fe:ee:c8:2d:59:1a:61:c3:5c:ac:e2:d8:20:4f: 47:fc:81:c6:cf:87:99:c0:7b:0e:9c:d0:38:ff:5d:b1:29:e6: d8:b3:e5:ae:9e:6f:69:1c:10:61:ed:62:73:41:bb:a0:f2:20: 11:f6:59:4b:52:5d:e7:d3:3b:6a:1a:16:5b:5d:ef:7e:02:77: 3a:8e:0a:9f:5d:8f:59:6a:17:4e:42:47:98:36:bf:cd:bc:b2: c0:c5:1e:e7:23:31:4d:94:b0:bd:a4:1a:3b:28:25:69:fb:00: 1c:fa:26:f0:22:e8:93:91:47:c2:fa:94:8c:36:55:f0:33:f6: 9f:b8:11:1d:18:ca:a3:67:e3:04:82:cf:76:8c:6f:93:28:fc: dc:f2:1c:2d:e6:42:ce:78:59:3e:0a:bc:86:8c:41:3c:f5:06: 0f:30:19:86:40:ee:19:06:9d:63:d3:d2:d2:f7:e3:3f:49:6b: ef:d0:e0:ff -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBUkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEY3QTExMTAvBgNVBAUTKDA5RUIyNDg5M0ZGODM4QUFEQzg3MkZGQzM3NTg0MjdG NkFFQzIxNzIwHhcNMjUwNjE2MjMwMzQyWhcNMjUwNjIzMjMwMzQyWjAYMRYwFAYD VQQDEw02ODUwYTJjZi03ZjNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAq4/9s3iooYZ/YOgdHiqY8hgCTSLe5xqeiE/7N1xZcl+9vd3L2eklXjgcpgJA UqFjhbS/k3tEbvO4YGvL62KRq/5bXQ+6bBoJDVa110iWW26wMS7KLdFaZOzE3ArV OdcDZdfAmriouY0YzEM7tfMOlGFHLmjm7i+B29UOyBdvdiSBIadNXkS3OQPvQ58r xVRoN8jlB3w6ItHZ4K1rHGigApyhukU5STd3Rr2C1sBIDmRV1uKqr/oEJAaHQuPw iOzMJWlaQM07drVbjATEhybheDdDdYhAI8bZXvcQXh6FqtGzXspKXBHF4zMr/6ua GDyRlt7bRoOmFBzypdPvOB+lVwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFA2QIqqR NqUEp4MLvuJov6RvxkEfMB8GA1UdIwQYMBaAFAnrJIk/+Diq3Icv/DdYQn9q7CFy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RjdBMS85MUU4RTI4NEY0 MzcxMUVCQjVENTY5MUNDNEY5QUUwMi9DZXNraVRfNE9LcmNoeV84TjFoQ2YycnNJ WEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0Nlc2tpVF80T0tyY2h5XzhOMWhDZjJyc0lYSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 RjdBMS85MUU4RTI4NEY0MzcxMUVCQjVENTY5MUNDNEY5QUUwMi9DZXNraVRfNE9L cmNoeV84TjFoQ2YycnNJWEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAzJUieSBV0ioWBjgJcluPLAAdN4l50NSnvI67xrX4X0IQp0vQLoXDd BznbYmkFPpJnyF1IpOp2TiwGRCmi8u84zK/ggote26sDfKQy/u7ILVkaYcNcrOLY IE9H/IHGz4eZwHsOnNA4/12xKebYs+Wunm9pHBBh7WJzQbug8iAR9llLUl3n0ztq GhZbXe9+Anc6jgqfXY9ZahdOQkeYNr/NvLLAxR7nIzFNlLC9pBo7KCVp+wAc+ibw IuiTkUfC+pSMNlXwM/afuBEdGMqjZ+MEgs92jG+TKPzc8hwt5kLOeFk+CryGjEE8 9QYPMBmGQO4ZBp1j09LS9+M/SWvv0OD/ -----END CERTIFICATE-----Generated at Wed Jun 18 22:10:13 2025 by rpki-client