$ rpki-client -vvf rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft File: CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft (raw, json) Hash identifier: S2noV9WoVDXnXyDkyarBvrm7mjHcgv8D2cHE77+iccM= Subject key identifier: 2A:30:FE:35:B1:C8:9F:86:00:11:4F:01:73:E0:40:0C:A7:A8:6A:DC Authority key identifier: 09:95:06:EC:98:7C:8B:19:40:58:53:B0:8C:71:8B:5B:BE:4A:C6:92 Certificate issuer: /CN=A9143B0A/serialNumber=099506EC987C8B19405853B08C718B5BBE4AC692 Certificate serial: A2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CZUG7Jh8ixlAWFOwjHGLW75KxpI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft Manifest number: A1 Signing time: Tue 01 Jul 2025 06:58:19 +0000 Manifest this update: Tue 01 Jul 2025 06:58:19 +0000 Manifest next update: Tue 08 Jul 2025 06:58:19 +0000 Files and hashes: 1: CZUG7Jh8ixlAWFOwjHGLW75KxpI.crl (hash: RlvdhNrIUiGsu/UVVv6SSM2+Zx1YAkZPJMHdfZGBlow=) 2: 485B32A8607B11EFB27C6C5DC4F9AE02.roa (hash: g7W9G3ij02vVGRhQiw6Ym1yygIWGPWKSpCEET+ZTaHQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.crl rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CZUG7Jh8ixlAWFOwjHGLW75KxpI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 06:58:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 162 (0xa2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9143B0A, serialNumber=099506EC987C8B19405853B08C718B5BBE4AC692 Validity Not Before: Jul 1 06:58:19 2025 GMT Not After : Jul 8 06:58:19 2025 GMT Subject: CN=6863870b-0922 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:dd:c5:0c:e6:da:06:07:18:47:1b:15:1d:eb: 4d:8f:f0:dc:67:58:d5:c8:d2:8b:00:e2:81:fa:75: b3:0d:89:a3:34:d5:b7:0f:11:50:55:5b:7b:6d:07: 8f:88:6e:ea:87:4e:f9:9e:77:6b:1e:10:35:54:a8: fc:e3:fa:2f:a2:4f:26:ff:4a:d8:41:57:be:aa:ce: fc:ba:a1:02:a4:de:95:0e:f6:1f:96:de:06:4e:0b: cb:2d:68:8e:bf:d4:12:e1:26:a7:11:65:26:9c:4a: 2b:b3:0c:29:df:50:da:90:57:41:29:ab:61:4a:43: dd:47:e9:af:66:95:4a:e1:6a:da:42:df:39:c4:71: eb:c6:4e:cd:f5:dc:40:bb:a6:02:5d:25:7f:36:a9: d4:9d:66:c3:40:9a:3f:6d:2e:74:46:c6:98:4d:3d: e1:b0:7f:70:9d:01:2c:d1:e0:50:f9:1f:73:84:3c: ae:e6:c2:28:5b:23:80:37:e4:f2:d7:76:51:65:9b: 42:d0:cd:b6:44:d0:db:3a:bb:4e:14:8b:3f:75:6b: f0:ce:fc:d0:ca:9c:e9:40:ef:91:15:38:47:ba:51: f8:b6:46:85:51:55:4f:2e:b2:a8:c6:94:f3:1b:57: cb:16:b6:cd:14:66:ec:e3:7a:b3:ce:a8:0e:2d:a0: 97:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:30:FE:35:B1:C8:9F:86:00:11:4F:01:73:E0:40:0C:A7:A8:6A:DC X509v3 Authority Key Identifier: keyid:09:95:06:EC:98:7C:8B:19:40:58:53:B0:8C:71:8B:5B:BE:4A:C6:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CZUG7Jh8ixlAWFOwjHGLW75KxpI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 37:83:c4:c9:6b:76:71:ab:55:68:de:06:58:d8:67:8f:b4:99: bc:9b:f7:7d:9b:0c:49:bd:6e:5d:65:a6:f2:0a:4d:10:a6:7b: eb:33:1b:6b:e6:32:31:5a:00:73:63:50:0b:c0:ba:6b:b9:b5: 6c:3d:14:78:e9:9c:87:b1:17:b2:f0:68:66:bf:6f:e1:dd:d0: f7:ac:60:38:5a:7c:09:6d:2f:4e:22:18:a9:63:34:fa:fa:6c: 25:e5:77:7f:4b:af:0e:7f:be:86:d0:e8:f5:0c:75:bf:73:3e: c0:ae:41:83:5a:c7:81:85:01:ee:f4:f4:96:2a:76:b7:51:d5: 3d:bb:2c:db:36:35:cd:0f:db:42:5a:3e:78:30:ad:76:79:c2: 5e:a4:39:7e:86:d1:ab:56:2d:f5:5e:b1:b3:2b:3f:e7:13:dc: b8:c6:46:24:0e:83:3a:fe:a9:46:e1:ad:65:9b:35:8d:a4:33: e3:7e:e2:4b:34:bc:5f:71:73:be:08:1f:e8:a2:18:d4:1b:66: 2f:69:f1:d5:77:f5:75:14:5f:51:12:22:6b:93:fd:e4:c2:e1: 35:03:8c:28:4c:85:0f:02:94:70:18:8f:58:62:8d:da:27:67: 71:2a:14:28:dc:9f:4c:4a:5e:e4:98:ed:a6:b4:ee:6d:da:11: f1:bf:5f:17 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDNCMEExMTAvBgNVBAUTKDA5OTUwNkVDOTg3QzhCMTk0MDU4NTNCMDhDNzE4QjVC QkU0QUM2OTIwHhcNMjUwNzAxMDY1ODE5WhcNMjUwNzA4MDY1ODE5WjAYMRYwFAYD VQQDEw02ODYzODcwYi0wOTIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAud3FDObaBgcYRxsVHetNj/DcZ1jVyNKLAOKB+nWzDYmjNNW3DxFQVVt7bQeP iG7qh075nndrHhA1VKj84/ovok8m/0rYQVe+qs78uqECpN6VDvYflt4GTgvLLWiO v9QS4SanEWUmnEorswwp31DakFdBKathSkPdR+mvZpVK4WraQt85xHHrxk7N9dxA u6YCXSV/NqnUnWbDQJo/bS50RsaYTT3hsH9wnQEs0eBQ+R9zhDyu5sIoWyOAN+Ty 13ZRZZtC0M22RNDbOrtOFIs/dWvwzvzQypzpQO+RFThHulH4tkaFUVVPLrKoxpTz G1fLFrbNFGbs43qzzqgOLaCXlQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCow/jWx yJ+GABFPAXPgQAynqGrcMB8GA1UdIwQYMBaAFAmVBuyYfIsZQFhTsIxxi1u+SsaS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0IwQS9ENURCNkRGNjYw N0ExMUVGODY5QUE2NUNDNEY5QUUwMi9DWlVHN0poOGl4bEFXRk93akhHTFc3NUt4 cEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NaVUc3Smg4aXhsQVdGT3dqSEdMVzc1S3hwSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 M0IwQS9ENURCNkRGNjYwN0ExMUVGODY5QUE2NUNDNEY5QUUwMi9DWlVHN0poOGl4 bEFXRk93akhHTFc3NUt4cEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA3g8TJa3Zxq1Vo3gZY2GePtJm8m/d9mwxJvW5dZabyCk0QpnvrMxtr 5jIxWgBzY1ALwLprubVsPRR46ZyHsRey8Ghmv2/h3dD3rGA4WnwJbS9OIhipYzT6 +mwl5Xd/S68Of76G0Oj1DHW/cz7ArkGDWseBhQHu9PSWKna3UdU9uyzbNjXND9tC Wj54MK12ecJepDl+htGrVi31XrGzKz/nE9y4xkYkDoM6/qlG4a1lmzWNpDPjfuJL NLxfcXO+CB/oohjUG2YvafHVd/V1FF9REiJrk/3kwuE1A4woTIUPApRwGI9YYo3a J2dxKhQo3J9MSl7kmO2mtO5t2hHxv18X -----END CERTIFICATE-----Generated at Wed Jul 2 00:37:19 2025 by rpki-client