$ rpki-client -vvf rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft File: KUHHFh7UouCbuRyrxEPIzLwDLtg.mft (raw, json) Hash identifier: X/11aCgL2v8lzX4SK9ZafrxKG4I+wNRmN8/yh7DXIvg= Subject key identifier: CC:9B:E4:75:78:A3:1E:15:8B:F6:6F:60:BB:3F:1C:3E:5C:4F:62:1A Authority key identifier: 29:41:C7:16:1E:D4:A2:E0:9B:B9:1C:AB:C4:43:C8:CC:BC:03:2E:D8 Certificate issuer: /CN=A91FEEA9/serialNumber=2941C7161ED4A2E09BB91CABC443C8CCBC032ED8 Certificate serial: 3479 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft Manifest number: 3475 Signing time: Sat 26 Apr 2025 14:51:59 +0000 Manifest this update: Sat 26 Apr 2025 14:51:58 +0000 Manifest next update: Sat 03 May 2025 14:51:58 +0000 Files and hashes: 1: KUHHFh7UouCbuRyrxEPIzLwDLtg.crl (hash: j0jMYhn17tpkmPZNyVdGL6UoTWLgajLNnIquKLiytE8=) 2: 59ADACFCD16A11EE99648C6FC4F9AE02.roa (hash: gBhtfDqbYf+6FfnwqEokkFBRyUrjeS3Q2Oprg2azRMM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.crl rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 03 May 2025 14:50:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13433 (0x3479) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FEEA9, serialNumber=2941C7161ED4A2E09BB91CABC443C8CCBC032ED8 Validity Not Before: Apr 26 14:51:58 2025 GMT Not After : May 3 14:51:58 2025 GMT Subject: CN=680cf30f-79ee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:f9:33:bf:44:06:c9:83:22:77:8c:54:33:d0: 6a:8c:99:b7:ab:98:eb:97:34:47:0f:35:7f:2d:62: 6c:f4:2c:0f:4b:0d:88:6c:f7:21:20:07:c6:9e:e7: 63:a6:51:2f:47:41:4c:96:0c:df:00:19:ab:9d:ec: 37:de:d3:69:ef:4e:3f:4c:28:00:47:39:6e:35:64: 86:8d:c3:39:30:b3:30:5d:50:74:2f:07:f1:2d:e2: 1c:91:fb:2a:71:ce:06:ac:10:22:0d:da:68:0d:79: a8:16:a1:39:98:34:37:2d:c5:56:8d:49:bc:39:7f: 77:57:a0:cb:80:2a:bd:98:59:7c:6d:93:0d:a9:e1: 8a:ac:1b:02:14:8c:8f:cc:9b:c1:2c:39:5c:63:39: 6f:56:1d:77:13:1b:f7:ce:62:6f:4b:ad:14:b3:2a: b4:51:d3:4e:6e:41:73:dc:a0:87:94:be:43:a9:02: ff:bb:45:54:3f:55:d3:63:ca:9e:80:cf:aa:fc:82: 85:7f:5d:46:f3:27:8a:4f:e6:7c:79:c0:6e:5b:4e: 0f:11:4d:a7:5a:63:ad:1b:1b:41:80:6c:9c:d4:33: b2:f5:ad:0f:de:2b:d5:4e:e0:4b:30:d9:d7:a7:f4: 20:b9:ef:5a:b2:42:6b:e9:5a:d4:be:17:bf:06:40: 9d:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:9B:E4:75:78:A3:1E:15:8B:F6:6F:60:BB:3F:1C:3E:5C:4F:62:1A X509v3 Authority Key Identifier: keyid:29:41:C7:16:1E:D4:A2:E0:9B:B9:1C:AB:C4:43:C8:CC:BC:03:2E:D8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0b:60:d2:fb:17:d9:e2:e3:6e:d3:80:73:eb:fa:4c:09:ac:0b: 94:4f:c3:86:e2:4e:fa:dd:ea:f1:4a:7b:a5:fc:b3:b5:81:57: 54:aa:fb:6b:25:cc:83:4e:7d:e2:69:c1:f1:27:b4:73:20:2f: 31:7a:eb:aa:d1:4a:b9:c2:e2:76:9d:ca:05:37:0e:6f:a2:4c: c7:15:0c:31:08:f2:33:98:ec:fd:2d:28:ce:e2:b3:82:6c:4f: 7d:c9:04:73:d3:64:47:b7:a3:3b:76:89:41:04:26:66:3c:da: d1:51:d3:ab:81:45:d8:82:d8:79:03:e6:0b:7c:67:c3:10:d9: f2:b3:2e:45:9d:d9:a7:2d:bf:c2:e2:ab:fd:da:27:41:3e:ac: 73:6d:41:7f:ca:79:16:83:ff:7a:a0:ba:ef:94:6e:f6:30:2e: 79:8d:af:1c:dc:98:97:88:ed:64:8c:a4:16:88:a1:49:a5:82: c4:d5:20:9b:91:d8:fd:ad:89:b6:41:2e:92:ea:e4:f6:26:3e: 3b:d8:33:91:81:2b:69:c6:ee:ce:25:c4:33:4d:f2:1d:a9:64: c5:ed:a7:9d:0e:ee:35:2c:a5:33:6c:e3:7f:cb:f3:99:94:03: 75:1b:c6:07:41:10:bd:63:6a:23:d2:bc:38:b0:e2:5f:fa:20: 13:38:53:11 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNHkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkVFQTkxMTAvBgNVBAUTKDI5NDFDNzE2MUVENEEyRTA5QkI5MUNBQkM0NDNDOEND QkMwMzJFRDgwHhcNMjUwNDI2MTQ1MTU4WhcNMjUwNTAzMTQ1MTU4WjAYMRYwFAYD VQQDEw02ODBjZjMwZi03OWVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAp/kzv0QGyYMid4xUM9BqjJm3q5jrlzRHDzV/LWJs9CwPSw2IbPchIAfGnudj plEvR0FMlgzfABmrnew33tNp704/TCgARzluNWSGjcM5MLMwXVB0LwfxLeIckfsq cc4GrBAiDdpoDXmoFqE5mDQ3LcVWjUm8OX93V6DLgCq9mFl8bZMNqeGKrBsCFIyP zJvBLDlcYzlvVh13Exv3zmJvS60Usyq0UdNObkFz3KCHlL5DqQL/u0VUP1XTY8qe gM+q/IKFf11G8yeKT+Z8ecBuW04PEU2nWmOtGxtBgGyc1DOy9a0P3ivVTuBLMNnX p/Qgue9askJr6VrUvhe/BkCdswIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMyb5HV4 ox4Vi/ZvYLs/HD5cT2IaMB8GA1UdIwQYMBaAFClBxxYe1KLgm7kcq8RDyMy8Ay7Y MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRUVBOS9DRUQwQTlFNjFE OTcxMUUyQkYzRTgxODEwOEIwMkNEMi9LVUhIRmg3VW91Q2J1UnlyeEVQSXpMd0RM dGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tVSEhGaDdVb3VDYnVSeXJ4RVBJekx3REx0Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG RUVBOS9DRUQwQTlFNjFEOTcxMUUyQkYzRTgxODEwOEIwMkNEMi9LVUhIRmg3VW91 Q2J1UnlyeEVQSXpMd0RMdGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQALYNL7F9ni427TgHPr+kwJrAuUT8OG4k763erxSnul/LO1gVdUqvtr JcyDTn3iacHxJ7RzIC8xeuuq0Uq5wuJ2ncoFNw5vokzHFQwxCPIzmOz9LSjO4rOC bE99yQRz02RHt6M7dolBBCZmPNrRUdOrgUXYgth5A+YLfGfDENnysy5FndmnLb/C 4qv92idBPqxzbUF/ynkWg/96oLrvlG72MC55ja8c3JiXiO1kjKQWiKFJpYLE1SCb kdj9rYm2QS6S6uT2Jj472DORgStpxu7OJcQzTfIdqWTF7aedDu41LKUzbON/y/OZ lAN1G8YHQRC9Y2oj0rw4sOJf+iATOFMR -----END CERTIFICATE-----Generated at Sat Apr 26 16:50:45 2025 by rpki-client