$ rpki-client -vvf rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.mft File: CeskiT_4OKrchy_8N1hCf2rsIXI.mft (raw, json) Hash identifier: t2Brmjk4wY1dRN6Syth/V4fRKv6Xb1wq0MYp6Dsn1OE= Subject key identifier: 0D:65:54:74:CA:8A:EB:8C:CB:1E:72:4E:44:88:8D:9B:3A:FC:97:28 Authority key identifier: 09:EB:24:89:3F:F8:38:AA:DC:87:2F:FC:37:58:42:7F:6A:EC:21:72 Certificate issuer: /CN=A918F7A1/serialNumber=09EB24893FF838AADC872FFC3758427F6AEC2172 Certificate serial: 056B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CeskiT_4OKrchy_8N1hCf2rsIXI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.mft Manifest number: 074B Signing time: Fri 22 Aug 2025 23:30:08 +0000 Manifest this update: Fri 22 Aug 2025 23:30:08 +0000 Manifest next update: Fri 29 Aug 2025 23:30:08 +0000 Files and hashes: 1: CeskiT_4OKrchy_8N1hCf2rsIXI.crl (hash: pslAcdgKrqa+KHkdgm4PmiV1ItOrEJF1NVZh34lzwPM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.crl rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CeskiT_4OKrchy_8N1hCf2rsIXI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 23:30:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1387 (0x56b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918F7A1, serialNumber=09EB24893FF838AADC872FFC3758427F6AEC2172 Validity Not Before: Aug 22 23:30:08 2025 GMT Not After : Aug 29 23:30:08 2025 GMT Subject: CN=68a8fd80-2d8e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:98:4a:10:0f:70:bc:1f:72:56:8b:bc:7d:cf: 3b:ce:b2:44:01:08:6d:60:ad:6e:25:3a:e4:d6:71: b2:77:bb:a7:9d:25:20:a6:ed:cd:80:f3:7a:c2:8f: 36:9f:f1:0c:77:74:a1:cf:2d:bb:ee:6c:b2:de:9c: ff:eb:74:59:0a:4c:6f:bc:de:c2:2e:ec:13:3e:7e: cd:7e:11:4b:50:3e:4d:cc:83:a2:98:54:88:09:02: 59:61:4d:fc:cd:40:25:30:26:5a:5f:64:1e:9f:b4: ff:5b:bd:89:e9:54:ac:9a:1a:ea:69:01:19:b2:d4: 8a:5e:8c:6f:51:5d:49:5b:6e:a5:5a:71:13:3c:9a: b2:ec:49:d0:fb:57:0e:27:d3:cc:da:ff:32:de:b1: f5:a0:a1:bb:d9:87:f4:5d:93:b4:a4:c5:46:47:39: 57:e7:e0:31:17:2d:70:5f:ed:95:57:9f:02:51:60: 1d:a2:ca:19:81:42:b6:3e:77:a5:f0:30:16:50:32: f9:cf:58:88:1b:fe:d2:95:46:b5:02:01:6f:f1:86: d9:d0:fb:22:a0:f6:b4:64:35:ee:73:25:19:7d:24: ab:27:03:ee:46:0a:7b:9d:58:00:f6:3b:de:69:36: 65:15:ca:90:ea:f4:87:53:b3:5e:ff:34:ba:c5:36: 2a:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:65:54:74:CA:8A:EB:8C:CB:1E:72:4E:44:88:8D:9B:3A:FC:97:28 X509v3 Authority Key Identifier: keyid:09:EB:24:89:3F:F8:38:AA:DC:87:2F:FC:37:58:42:7F:6A:EC:21:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CeskiT_4OKrchy_8N1hCf2rsIXI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2d:d8:e2:d5:2a:56:35:d5:7c:05:de:89:80:ad:24:89:d2:e4: 57:cc:1e:e5:85:79:38:e0:aa:59:e9:c2:c4:e5:87:d4:77:37: 3a:6b:a8:ea:d5:ee:09:ff:90:aa:44:d7:80:ea:38:10:84:ac: 51:50:a2:f2:b1:bc:86:0e:b7:7c:4b:9a:c2:8f:ac:0e:bc:55: b4:92:96:cd:88:93:7a:0f:57:cc:9b:18:a8:7d:75:87:99:56: 9a:9e:a4:c8:b7:c7:9e:c7:5c:17:ff:ba:57:51:49:39:b4:c5: 60:c1:e3:b4:a8:0c:3e:cd:9e:90:68:81:d8:9b:88:5d:41:81: c1:1a:6a:9c:8a:17:00:76:8a:18:8f:71:fd:e8:4c:dd:28:65: d7:58:a5:d8:d4:23:9d:44:62:ad:14:3a:3d:50:e2:f3:5e:0e: d8:78:df:4f:28:7c:0c:4f:93:76:ff:70:6e:bd:49:c1:20:2c: 87:3a:1d:db:f0:73:ef:e6:6a:87:69:37:b0:9e:c4:19:6f:33: c6:96:e6:e2:a2:09:6f:75:24:a8:0c:b3:49:5f:45:52:98:a4: 5c:8e:d1:50:11:69:b4:75:10:95:cf:ff:82:62:92:16:4f:fb: 27:eb:ac:36:14:9b:72:c1:ce:0f:5f:01:fb:c2:49:54:14:64: 67:cd:f7:eb -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBWswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEY3QTExMTAvBgNVBAUTKDA5RUIyNDg5M0ZGODM4QUFEQzg3MkZGQzM3NTg0MjdG NkFFQzIxNzIwHhcNMjUwODIyMjMzMDA4WhcNMjUwODI5MjMzMDA4WjAYMRYwFAYD VQQDEw02OGE4ZmQ4MC0yZDhlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnJhKEA9wvB9yVou8fc87zrJEAQhtYK1uJTrk1nGyd7unnSUgpu3NgPN6wo82 n/EMd3Shzy277myy3pz/63RZCkxvvN7CLuwTPn7NfhFLUD5NzIOimFSICQJZYU38 zUAlMCZaX2Qen7T/W72J6VSsmhrqaQEZstSKXoxvUV1JW26lWnETPJqy7EnQ+1cO J9PM2v8y3rH1oKG72Yf0XZO0pMVGRzlX5+AxFy1wX+2VV58CUWAdosoZgUK2Pnel 8DAWUDL5z1iIG/7SlUa1AgFv8YbZ0PsioPa0ZDXucyUZfSSrJwPuRgp7nVgA9jve aTZlFcqQ6vSHU7Ne/zS6xTYqSwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFA1lVHTK iuuMyx5yTkSIjZs6/JcoMB8GA1UdIwQYMBaAFAnrJIk/+Diq3Icv/DdYQn9q7CFy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RjdBMS85MUU4RTI4NEY0 MzcxMUVCQjVENTY5MUNDNEY5QUUwMi9DZXNraVRfNE9LcmNoeV84TjFoQ2YycnNJ WEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0Nlc2tpVF80T0tyY2h5XzhOMWhDZjJyc0lYSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 RjdBMS85MUU4RTI4NEY0MzcxMUVCQjVENTY5MUNDNEY5QUUwMi9DZXNraVRfNE9L cmNoeV84TjFoQ2YycnNJWEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAt2OLVKlY11XwF3omArSSJ0uRXzB7lhXk44KpZ6cLE5YfUdzc6a6jq 1e4J/5CqRNeA6jgQhKxRUKLysbyGDrd8S5rCj6wOvFW0kpbNiJN6D1fMmxiofXWH mVaanqTIt8eex1wX/7pXUUk5tMVgweO0qAw+zZ6QaIHYm4hdQYHBGmqcihcAdooY j3H96EzdKGXXWKXY1COdRGKtFDo9UOLzXg7YeN9PKHwMT5N2/3BuvUnBICyHOh3b 8HPv5mqHaTewnsQZbzPGlubioglvdSSoDLNJX0VSmKRcjtFQEWm0dRCVz/+CYpIW T/sn66w2FJtywc4PXwH7wklUFGRnzffr -----END CERTIFICATE-----Generated at Sat Aug 23 19:06:18 2025 by rpki-client