$ rpki-client -vvf rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft File: CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft (raw, json) Hash identifier: eaQnA7Jd8dLWasVSATRUmKgARjdZ9xePNcKyzd83+C4= Subject key identifier: 39:1C:80:7F:66:AA:E7:FD:25:2D:2D:CB:CD:8D:6A:DE:7F:8A:39:BD Authority key identifier: 09:95:06:EC:98:7C:8B:19:40:58:53:B0:8C:71:8B:5B:BE:4A:C6:92 Certificate issuer: /CN=A9143B0A/serialNumber=099506EC987C8B19405853B08C718B5BBE4AC692 Certificate serial: 88 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CZUG7Jh8ixlAWFOwjHGLW75KxpI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft Manifest number: 87 Signing time: Fri 09 May 2025 05:36:20 +0000 Manifest this update: Fri 09 May 2025 05:36:19 +0000 Manifest next update: Fri 16 May 2025 05:36:19 +0000 Files and hashes: 1: CZUG7Jh8ixlAWFOwjHGLW75KxpI.crl (hash: f2s9jJmoGnVDMRaBu30BzrizoPqnOgCc7Npm9aGT7ZE=) 2: 485B32A8607B11EFB27C6C5DC4F9AE02.roa (hash: g7W9G3ij02vVGRhQiw6Ym1yygIWGPWKSpCEET+ZTaHQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.crl rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CZUG7Jh8ixlAWFOwjHGLW75KxpI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 16 May 2025 05:36:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 136 (0x88) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9143B0A, serialNumber=099506EC987C8B19405853B08C718B5BBE4AC692 Validity Not Before: May 9 05:36:19 2025 GMT Not After : May 16 05:36:19 2025 GMT Subject: CN=681d9454-3474 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:74:7f:1c:5f:98:af:2e:96:95:d4:fc:6d:c7: 66:e3:ff:3c:21:fb:2f:c0:61:a6:7d:76:b5:ef:d5: 71:b0:80:ae:53:45:2c:83:95:06:89:9e:fa:46:e7: d0:ae:7c:b6:f4:00:92:8e:78:4d:1a:36:ed:a4:e3: 6b:5d:84:60:14:98:ed:43:c7:0c:37:f2:78:bb:de: 05:91:1e:30:ca:c8:d2:3d:2f:1e:c0:86:38:25:63: 03:a6:66:d7:07:1f:79:be:57:4f:dd:4d:74:34:61: a4:f3:60:b4:ac:05:f5:8f:a2:e3:34:48:2a:18:1c: ae:35:46:fb:4e:14:b4:cd:84:46:2c:87:65:77:94: d6:39:e0:0a:06:1b:cb:5a:1e:13:28:3c:5a:cc:f8: 08:37:ea:b3:a6:e4:a5:e4:0b:d1:ba:99:5d:c5:54: 49:2a:0f:b4:6a:19:f6:db:ef:c7:5e:5f:29:f0:f5: c5:30:46:ec:ce:d8:4d:c8:18:18:ad:91:40:14:f3: 61:1d:86:92:12:db:22:71:bd:d7:21:4d:6a:74:80: 47:78:7e:e6:1d:15:d3:9a:8a:98:49:61:51:a8:3d: 74:46:28:55:b1:f9:c9:b6:77:e4:d3:b2:86:2e:1a: 45:14:29:68:fd:4d:10:e3:ba:59:b6:2f:40:d2:e5: 83:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:1C:80:7F:66:AA:E7:FD:25:2D:2D:CB:CD:8D:6A:DE:7F:8A:39:BD X509v3 Authority Key Identifier: keyid:09:95:06:EC:98:7C:8B:19:40:58:53:B0:8C:71:8B:5B:BE:4A:C6:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CZUG7Jh8ixlAWFOwjHGLW75KxpI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9e:36:a8:8e:b2:ec:6f:49:ab:71:69:f4:a8:54:a5:87:ba:4b: c2:02:da:28:72:2c:b2:12:97:a3:91:45:7d:d0:8c:63:09:41: 1b:7a:71:7b:aa:32:e2:8d:05:cc:74:33:3d:af:52:ac:c0:0d: 11:1d:c1:08:cb:4a:85:da:75:9a:85:af:3c:ce:ff:98:8a:18: cb:0a:b4:55:10:5e:eb:8c:aa:b4:ca:0d:5e:81:a7:cb:10:b2: da:da:b2:1f:8f:e7:27:63:3b:9f:b9:fe:b4:57:7e:94:c6:06: 2a:fb:a3:48:bb:6c:b7:77:ed:9f:bd:8e:cd:f4:17:94:a0:58: 88:76:ac:02:e6:15:9a:10:89:72:25:34:86:08:f3:b5:58:59: d4:84:54:4f:88:8c:7a:fe:7b:b8:aa:c1:71:58:ba:9e:86:f3: ce:ff:9f:f5:5b:d2:a2:2e:d8:54:88:1d:dc:e4:da:89:b4:67: f9:32:6a:5e:0a:33:f4:f7:ee:47:9f:37:5e:cf:80:2d:86:01: 5a:e4:d9:9b:f0:f3:7a:80:13:20:06:d5:43:81:7e:21:0e:4b: 60:ff:c9:b2:e5:7d:48:ec:68:52:0e:b9:ef:3e:56:86:70:fb: 7c:c1:5f:e5:ee:44:72:5b:f8:4f:9a:78:1d:9b:95:1f:4e:56: ab:cd:1e:25 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAIgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDNCMEExMTAvBgNVBAUTKDA5OTUwNkVDOTg3QzhCMTk0MDU4NTNCMDhDNzE4QjVC QkU0QUM2OTIwHhcNMjUwNTA5MDUzNjE5WhcNMjUwNTE2MDUzNjE5WjAYMRYwFAYD VQQDEw02ODFkOTQ1NC0zNDc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0HR/HF+Yry6WldT8bcdm4/88IfsvwGGmfXa179VxsICuU0Usg5UGiZ76RufQ rny29ACSjnhNGjbtpONrXYRgFJjtQ8cMN/J4u94FkR4wysjSPS8ewIY4JWMDpmbX Bx95vldP3U10NGGk82C0rAX1j6LjNEgqGByuNUb7ThS0zYRGLIdld5TWOeAKBhvL Wh4TKDxazPgIN+qzpuSl5AvRupldxVRJKg+0ahn22+/HXl8p8PXFMEbszthNyBgY rZFAFPNhHYaSEtsicb3XIU1qdIBHeH7mHRXTmoqYSWFRqD10RihVsfnJtnfk07KG LhpFFClo/U0Q47pZti9A0uWDBQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDkcgH9m quf9JS0ty82Nat5/ijm9MB8GA1UdIwQYMBaAFAmVBuyYfIsZQFhTsIxxi1u+SsaS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0IwQS9ENURCNkRGNjYw N0ExMUVGODY5QUE2NUNDNEY5QUUwMi9DWlVHN0poOGl4bEFXRk93akhHTFc3NUt4 cEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NaVUc3Smg4aXhsQVdGT3dqSEdMVzc1S3hwSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 M0IwQS9ENURCNkRGNjYwN0ExMUVGODY5QUE2NUNDNEY5QUUwMi9DWlVHN0poOGl4 bEFXRk93akhHTFc3NUt4cEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCeNqiOsuxvSatxafSoVKWHukvCAtoociyyEpejkUV90IxjCUEbenF7 qjLijQXMdDM9r1KswA0RHcEIy0qF2nWaha88zv+YihjLCrRVEF7rjKq0yg1egafL ELLa2rIfj+cnYzufuf60V36UxgYq+6NIu2y3d+2fvY7N9BeUoFiIdqwC5hWaEIly JTSGCPO1WFnUhFRPiIx6/nu4qsFxWLqehvPO/5/1W9KiLthUiB3c5NqJtGf5Mmpe CjP09+5Hnzdez4AthgFa5Nmb8PN6gBMgBtVDgX4hDktg/8my5X1I7GhSDrnvPlaG cPt8wV/l7kRyW/hPmngdm5UfTlarzR4l -----END CERTIFICATE-----Generated at Sun May 11 04:05:03 2025 by rpki-client