$ rpki-client -vvf rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft File: CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft (raw, json) Hash identifier: 8NjCocAcoFN6KoKPUXJYmNA4lluEWbGp9Wnb59q+VkY= Subject key identifier: 46:1D:D8:93:3E:7D:E4:AD:6C:0C:B9:AC:CD:B2:87:E6:2A:A2:86:1F Authority key identifier: 09:95:06:EC:98:7C:8B:19:40:58:53:B0:8C:71:8B:5B:BE:4A:C6:92 Certificate issuer: /CN=A9143B0A/serialNumber=099506EC987C8B19405853B08C718B5BBE4AC692 Certificate serial: C0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CZUG7Jh8ixlAWFOwjHGLW75KxpI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft Manifest number: BE Signing time: Sat 23 Aug 2025 06:06:59 +0000 Manifest this update: Sat 23 Aug 2025 06:06:59 +0000 Manifest next update: Sat 30 Aug 2025 06:06:59 +0000 Files and hashes: 1: CZUG7Jh8ixlAWFOwjHGLW75KxpI.crl (hash: sZAu9RU1QU2G6TYtoHm1MVyZazrnA1bIbxL+Lj0w81I=) 2: 485B32A8607B11EFB27C6C5DC4F9AE02.roa (hash: ssSab392rUEklfenSvYRYq8TUWajk4XJZygnBh6m+8Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.crl rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CZUG7Jh8ixlAWFOwjHGLW75KxpI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 06:06:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 192 (0xc0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9143B0A, serialNumber=099506EC987C8B19405853B08C718B5BBE4AC692 Validity Not Before: Aug 23 06:06:59 2025 GMT Not After : Aug 30 06:06:59 2025 GMT Subject: CN=68a95a83-d780 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:d8:d9:fd:65:46:8c:6b:fe:a8:ef:c8:d8:8c: 71:b1:90:c9:8c:5f:79:13:0c:64:53:db:89:31:b7: 88:a5:be:24:5f:35:07:73:10:d5:0a:58:5b:48:2d: f1:64:fc:7d:f2:7b:7e:ee:35:96:71:fd:f3:82:b4: 85:1e:75:fa:66:2e:8d:79:cd:c2:d1:c9:56:9f:53: 35:4d:87:1a:92:70:c8:75:f1:63:a1:be:0b:49:8a: ac:36:6e:72:e8:e5:ec:e0:fd:de:67:b4:a2:6f:53: 01:7a:80:7e:f8:3f:45:27:d6:d1:4d:d9:da:48:07: 44:dd:70:9a:59:e2:1e:a0:4d:97:e6:23:c3:80:b8: 3f:dc:37:52:16:a8:27:80:fa:81:5a:8b:ac:b6:bf: 9c:64:a2:c9:9b:9c:6d:02:d5:c3:b8:f6:8f:19:dc: 7a:66:cf:4e:14:83:9f:6f:2f:95:34:45:c0:94:18: ab:1f:0c:2d:0e:65:a5:81:20:2d:4c:d7:93:33:30: e4:5e:62:39:13:e5:4f:12:a4:06:fe:9f:83:6e:1a: 69:3b:95:6c:ef:3f:be:fd:98:38:b6:6b:de:08:f8: 8f:d2:6c:53:c7:dd:fd:5c:77:c6:d6:ca:5d:d1:cc: 9b:d4:74:88:e0:3b:72:72:57:db:c6:26:b4:ee:3f: 0e:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:1D:D8:93:3E:7D:E4:AD:6C:0C:B9:AC:CD:B2:87:E6:2A:A2:86:1F X509v3 Authority Key Identifier: keyid:09:95:06:EC:98:7C:8B:19:40:58:53:B0:8C:71:8B:5B:BE:4A:C6:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CZUG7Jh8ixlAWFOwjHGLW75KxpI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143B0A/D5DB6DF6607A11EF869AA65CC4F9AE02/CZUG7Jh8ixlAWFOwjHGLW75KxpI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 97:91:05:12:b6:ad:c0:57:a6:99:2a:8b:b0:9e:82:d5:5b:68: 4a:39:26:41:3f:c3:a6:02:de:ed:b1:d9:2c:3b:2a:e2:de:36: 68:a9:60:ca:50:52:5c:09:e5:8d:c8:34:28:98:75:4e:bb:eb: 9d:98:af:8d:72:a7:b9:89:8a:0c:01:4b:0d:f5:81:17:8d:0a: 76:a8:6a:d0:5a:90:09:73:31:57:50:47:7a:a1:0a:dc:b7:ee: 98:83:99:ff:f8:18:f4:4c:64:c2:34:5d:b6:c7:02:7d:71:99: e3:2a:78:be:54:92:80:8f:81:62:c6:14:06:ea:9a:d2:b4:f8: ef:d6:1e:e0:4d:b5:31:f6:94:43:72:cf:39:bd:74:da:91:76: 11:57:6f:84:d9:e2:ea:c5:76:15:37:05:2e:d2:79:c9:79:ac: 82:43:ce:0c:c9:4b:25:df:c6:f6:5f:78:8f:07:24:9e:af:4c: 3e:c8:48:f8:3a:fa:20:a6:51:fe:7b:3d:04:94:8f:18:ed:0a: 79:d2:40:44:31:8a:4a:6a:9e:f4:04:f4:e3:9f:85:3d:4b:6d: ab:db:93:9c:93:f6:ee:6b:10:22:e1:49:4d:81:6c:25:7b:29: 39:78:64:2e:b5:a8:81:d9:81:d6:ea:85:fa:72:ab:b6:e8:f6: b4:06:1c:45 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAMAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDNCMEExMTAvBgNVBAUTKDA5OTUwNkVDOTg3QzhCMTk0MDU4NTNCMDhDNzE4QjVC QkU0QUM2OTIwHhcNMjUwODIzMDYwNjU5WhcNMjUwODMwMDYwNjU5WjAYMRYwFAYD VQQDEw02OGE5NWE4My1kNzgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxdjZ/WVGjGv+qO/I2IxxsZDJjF95EwxkU9uJMbeIpb4kXzUHcxDVClhbSC3x ZPx98nt+7jWWcf3zgrSFHnX6Zi6Nec3C0clWn1M1TYcaknDIdfFjob4LSYqsNm5y 6OXs4P3eZ7Sib1MBeoB++D9FJ9bRTdnaSAdE3XCaWeIeoE2X5iPDgLg/3DdSFqgn gPqBWoustr+cZKLJm5xtAtXDuPaPGdx6Zs9OFIOfby+VNEXAlBirHwwtDmWlgSAt TNeTMzDkXmI5E+VPEqQG/p+DbhppO5Vs7z++/Zg4tmveCPiP0mxTx939XHfG1spd 0cyb1HSI4Dtyclfbxia07j8O6wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEYd2JM+ feStbAy5rM2yh+YqooYfMB8GA1UdIwQYMBaAFAmVBuyYfIsZQFhTsIxxi1u+SsaS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0IwQS9ENURCNkRGNjYw N0ExMUVGODY5QUE2NUNDNEY5QUUwMi9DWlVHN0poOGl4bEFXRk93akhHTFc3NUt4 cEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NaVUc3Smg4aXhsQVdGT3dqSEdMVzc1S3hwSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 M0IwQS9ENURCNkRGNjYwN0ExMUVGODY5QUE2NUNDNEY5QUUwMi9DWlVHN0poOGl4 bEFXRk93akhHTFc3NUt4cEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCXkQUStq3AV6aZKouwnoLVW2hKOSZBP8OmAt7tsdksOyri3jZoqWDK UFJcCeWNyDQomHVOu+udmK+Ncqe5iYoMAUsN9YEXjQp2qGrQWpAJczFXUEd6oQrc t+6Yg5n/+Bj0TGTCNF22xwJ9cZnjKni+VJKAj4FixhQG6prStPjv1h7gTbUx9pRD cs85vXTakXYRV2+E2eLqxXYVNwUu0nnJeayCQ84MyUsl38b2X3iPBySer0w+yEj4 OvogplH+ez0ElI8Y7Qp50kBEMYpKap70BPTjn4U9S22r25Ock/buaxAi4UlNgWwl eyk5eGQutaiB2YHW6oX6cqu26Pa0BhxF -----END CERTIFICATE-----Generated at Sat Aug 23 14:18:55 2025 by rpki-client