$ rpki-client -vvf rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft File: CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft (raw, json) Hash identifier: /D/DRpfK7L+SPGRglCpdwYPURB6sii5kFtMPeZKi/T0= Subject key identifier: 71:96:27:F3:1D:89:DB:95:05:72:55:24:F6:75:6E:1D:40:02:F8:9A Authority key identifier: 09:95:06:EC:98:7C:8B:19:40:58:53:B0:8C:71:8B:5B:BE:4A:C6:92 Certificate issuer: /CN=A9143B0A/serialNumber=099506EC987C8B19405853B08C718B5BBE4AC692 Certificate serial: DD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CZUG7Jh8ixlAWFOwjHGLW75KxpI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft Manifest number: DB Signing time: Sun 19 Oct 2025 08:37:24 +0000 Manifest this update: Sun 19 Oct 2025 08:37:23 +0000 Manifest next update: Sun 26 Oct 2025 08:37:23 +0000 Files and hashes: 1: CZUG7Jh8ixlAWFOwjHGLW75KxpI.crl (hash: m/LX9LqKV0i8ViQ5jhP+Ao0XhcM3pOwDyjHF4PfIaok=) 2: 485B32A8607B11EFB27C6C5DC4F9AE02.roa (hash: ssSab392rUEklfenSvYRYq8TUWajk4XJZygnBh6m+8Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.crl rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CZUG7Jh8ixlAWFOwjHGLW75KxpI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 08:37:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 221 (0xdd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9143B0A, serialNumber=099506EC987C8B19405853B08C718B5BBE4AC692 Validity Not Before: Oct 19 08:37:23 2025 GMT Not After : Oct 26 08:37:23 2025 GMT Subject: CN=68f4a344-60c9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:26:49:c5:92:b2:67:3e:5c:91:34:39:e6:a8: ce:4d:51:10:e5:e4:6b:21:5a:de:ee:ff:47:34:73: 53:3c:c5:06:62:67:2b:40:1c:3d:48:ce:ff:c3:1c: 1c:07:de:71:11:c2:da:00:32:e5:1a:6f:9a:cf:7e: 9d:20:f6:15:3d:9f:23:43:d2:b4:e5:57:b5:cb:07: ae:4c:ab:0f:64:fe:75:9b:eb:e4:95:28:96:c5:07: ae:dd:7f:44:23:82:17:99:e2:35:59:29:11:47:09: 4f:fb:3d:19:38:aa:99:9c:cb:59:3f:6d:62:85:1b: 66:f2:ec:fa:79:ae:89:f5:65:7e:61:6b:3d:ab:94: 92:ab:17:a8:9a:49:1a:44:a5:8f:43:b4:ad:0a:ec: 61:84:e8:1b:de:c8:3c:2c:0e:53:d2:73:bb:56:f0: ed:45:30:6b:9d:fe:9c:d2:7c:90:3b:e1:57:31:99: fd:ca:0c:4c:10:32:0a:5f:dc:3b:1a:e0:15:04:91: 98:b8:e3:8f:09:bb:32:83:ff:07:0b:cf:d0:f1:4a: 4f:ef:6e:57:f1:bf:e4:c3:82:77:46:af:0d:6c:ab: a6:ad:6d:b6:76:19:4c:13:4c:4c:1c:6c:7c:df:28: 72:50:fd:55:d0:a7:ec:9e:44:e7:6f:b1:77:be:40: 58:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:96:27:F3:1D:89:DB:95:05:72:55:24:F6:75:6E:1D:40:02:F8:9A X509v3 Authority Key Identifier: keyid:09:95:06:EC:98:7C:8B:19:40:58:53:B0:8C:71:8B:5B:BE:4A:C6:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CZUG7Jh8ixlAWFOwjHGLW75KxpI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4d:f5:94:3b:46:d6:5d:42:52:d9:af:2b:c7:8e:67:a9:aa:e2: 94:54:19:39:f9:34:2a:67:7e:19:9f:e7:e2:26:e5:26:ef:ca: e1:d9:c2:f4:c2:9c:79:a0:52:73:44:1f:e5:62:e6:15:d2:89: 96:41:55:3e:d5:cf:61:3e:62:e8:82:90:f8:fd:b3:4a:2f:58: c8:b1:93:1e:86:28:7b:fa:d6:50:cb:c7:82:3a:94:8a:b5:78: 74:d2:0e:59:11:39:d6:b4:ef:50:85:a2:b3:00:90:62:ce:57: ad:54:55:9e:d4:78:86:f0:9f:2b:11:ac:35:f0:44:c2:5a:18: 75:fb:79:76:04:7b:ae:0c:c1:c8:2b:6b:06:8a:b9:f3:49:bf: 62:40:80:51:9d:a6:f5:29:b4:0b:09:b0:43:ba:6c:e0:d1:c2: 76:78:29:7f:6c:fa:ba:e9:15:dc:a0:62:e4:72:f9:9c:c7:f3: 65:e8:05:bb:5f:41:4a:ba:96:82:35:50:20:7f:4d:6d:17:10: da:b1:1a:bd:33:7b:fa:33:af:77:3c:50:46:3d:88:45:bd:7a: 6e:34:f4:a4:fe:af:ed:ff:b6:31:4d:3a:e2:38:80:c2:d4:62: 32:9e:43:2f:47:31:12:2d:e4:b5:e6:b6:35:55:e8:60:3a:34: dc:1b:50:05 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAN0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDNCMEExMTAvBgNVBAUTKDA5OTUwNkVDOTg3QzhCMTk0MDU4NTNCMDhDNzE4QjVC QkU0QUM2OTIwHhcNMjUxMDE5MDgzNzIzWhcNMjUxMDI2MDgzNzIzWjAYMRYwFAYD VQQDEw02OGY0YTM0NC02MGM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvSZJxZKyZz5ckTQ55qjOTVEQ5eRrIVre7v9HNHNTPMUGYmcrQBw9SM7/wxwc B95xEcLaADLlGm+az36dIPYVPZ8jQ9K05Ve1yweuTKsPZP51m+vklSiWxQeu3X9E I4IXmeI1WSkRRwlP+z0ZOKqZnMtZP21ihRtm8uz6ea6J9WV+YWs9q5SSqxeomkka RKWPQ7StCuxhhOgb3sg8LA5T0nO7VvDtRTBrnf6c0nyQO+FXMZn9ygxMEDIKX9w7 GuAVBJGYuOOPCbsyg/8HC8/Q8UpP725X8b/kw4J3Rq8NbKumrW22dhlME0xMHGx8 3yhyUP1V0KfsnkTnb7F3vkBY3QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHGWJ/Md iduVBXJVJPZ1bh1AAviaMB8GA1UdIwQYMBaAFAmVBuyYfIsZQFhTsIxxi1u+SsaS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0IwQS9ENURCNkRGNjYw N0ExMUVGODY5QUE2NUNDNEY5QUUwMi9DWlVHN0poOGl4bEFXRk93akhHTFc3NUt4 cEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NaVUc3Smg4aXhsQVdGT3dqSEdMVzc1S3hwSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 M0IwQS9ENURCNkRGNjYwN0ExMUVGODY5QUE2NUNDNEY5QUUwMi9DWlVHN0poOGl4 bEFXRk93akhHTFc3NUt4cEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBN9ZQ7RtZdQlLZryvHjmepquKUVBk5+TQqZ34Zn+fiJuUm78rh2cL0 wpx5oFJzRB/lYuYV0omWQVU+1c9hPmLogpD4/bNKL1jIsZMehih7+tZQy8eCOpSK tXh00g5ZETnWtO9QhaKzAJBizletVFWe1HiG8J8rEaw18ETCWhh1+3l2BHuuDMHI K2sGirnzSb9iQIBRnab1KbQLCbBDumzg0cJ2eCl/bPq66RXcoGLkcvmcx/Nl6AW7 X0FKupaCNVAgf01tFxDasRq9M3v6M693PFBGPYhFvXpuNPSk/q/t/7YxTTriOIDC 1GIynkMvRzESLeS15rY1VehgOjTcG1AF -----END CERTIFICATE-----Generated at Sun Oct 19 23:21:51 2025 by rpki-client