$ rpki-client -vvf rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft File: KUHHFh7UouCbuRyrxEPIzLwDLtg.mft (raw, json) Hash identifier: qb8yt1xiHyudGzowHiVgr7QbbwkMH5N2HZ3ziY9V1QQ= Subject key identifier: D1:B4:06:DF:8E:C5:6D:01:E1:93:AD:95:80:92:A8:8D:C9:3A:21:3F Authority key identifier: 29:41:C7:16:1E:D4:A2:E0:9B:B9:1C:AB:C4:43:C8:CC:BC:03:2E:D8 Certificate issuer: /CN=A91FEEA9/serialNumber=2941C7161ED4A2E09BB91CABC443C8CCBC032ED8 Certificate serial: 34DD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft Manifest number: 34D8 Signing time: Sun 02 Nov 2025 14:52:30 +0000 Manifest this update: Sun 02 Nov 2025 14:52:29 +0000 Manifest next update: Sun 09 Nov 2025 14:52:29 +0000 Files and hashes: 1: KUHHFh7UouCbuRyrxEPIzLwDLtg.crl (hash: XgfIc5XVaEjR5Nln/h4hBmfMh3TFZnpXpWlujrvKkWI=) 2: 59ADACFCD16A11EE99648C6FC4F9AE02.roa (hash: 0ceifDjQLvS0AatDPaHtr8ucHZrcfHCORggS9sKc0+A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.crl rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 14:52:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13533 (0x34dd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FEEA9, serialNumber=2941C7161ED4A2E09BB91CABC443C8CCBC032ED8 Validity Not Before: Nov 2 14:52:29 2025 GMT Not After : Nov 9 14:52:29 2025 GMT Subject: CN=6907702e-2955 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:95:8c:a7:4d:42:ce:48:ac:38:91:91:bf:5a: 67:a2:ed:24:f3:c2:4a:1a:dc:11:0e:b0:71:2a:f0: a0:6e:4d:15:4f:e1:f2:8c:73:35:f5:96:b3:2d:05: 57:2c:5f:b2:d5:df:4d:30:d9:4c:28:5f:29:b1:1c: 66:d2:ec:9f:da:bf:73:82:49:59:bd:d4:41:87:13: 9b:f6:46:98:32:d3:3d:69:d8:7c:2c:f6:86:95:0c: 11:2e:ee:98:58:38:46:07:0d:61:48:7b:de:05:46: 86:62:d1:a4:8b:90:f2:b3:3d:70:dd:35:64:84:ce: 83:31:a1:62:b8:23:1f:90:f4:d0:74:f9:d3:7a:0d: 99:72:1e:4e:9b:8c:1e:d7:a3:86:cf:91:f4:67:15: f2:3a:06:01:c1:8c:2a:bb:7e:a5:c3:6b:a3:7e:61: ea:08:79:38:e7:d1:86:21:bd:b8:88:a9:1c:f9:b8: cd:25:27:49:7e:86:9c:2e:63:7b:96:fb:4d:1a:57: be:90:ce:e6:cb:7a:b6:63:77:e1:58:04:f9:a9:a3: 17:d3:13:2a:6e:08:2e:a8:ac:63:ea:d2:df:de:8d: 28:04:2b:61:9e:11:05:3f:3e:bd:28:56:c8:22:9f: 2c:69:a7:d9:a9:2a:a7:1e:f2:e1:e7:b0:93:21:4f: 20:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:B4:06:DF:8E:C5:6D:01:E1:93:AD:95:80:92:A8:8D:C9:3A:21:3F X509v3 Authority Key Identifier: keyid:29:41:C7:16:1E:D4:A2:E0:9B:B9:1C:AB:C4:43:C8:CC:BC:03:2E:D8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ae:94:37:9f:32:04:30:fe:d6:ba:cd:58:e4:ac:00:c4:ba:6b: 00:8e:f7:ce:de:a2:cb:f6:97:d5:4b:96:da:1e:c8:8e:d9:76: 3b:fc:50:1e:be:fa:cd:3a:8e:91:cd:7e:93:82:12:f0:ec:cb: 5d:ae:6b:ef:25:93:a8:38:a7:14:83:45:7f:7e:55:70:89:10: ab:29:9b:40:41:86:95:bc:ff:af:4f:03:2c:39:9c:77:f9:01: 41:46:17:e1:b4:13:ee:be:5a:34:bd:d6:3a:03:56:06:01:fd: f5:3d:f1:8c:ff:be:63:8d:bb:8e:13:ad:b6:20:ac:32:62:d5: 37:41:bf:de:87:ae:c3:5c:c1:70:5f:02:a4:22:27:d5:af:66: 9a:f9:b1:91:0c:36:98:f3:29:cd:01:5c:2f:14:96:07:ff:c0: b9:82:36:8b:ba:9c:55:38:e7:9a:71:49:77:4f:e9:ee:75:55: 89:e5:96:e8:7a:fd:94:51:90:31:00:0a:0f:6a:b9:c5:06:d6: b5:0c:3e:5c:9c:6e:c1:06:96:d7:92:56:cd:d6:74:50:8d:32: 0e:ea:b7:fe:bd:86:d7:bd:2a:97:68:2b:6d:1a:28:b4:b7:da: 13:c4:b5:8c:96:a5:ff:ca:01:eb:f4:51:36:4b:1e:15:43:fe: 5f:eb:f2:0f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNN0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkVFQTkxMTAvBgNVBAUTKDI5NDFDNzE2MUVENEEyRTA5QkI5MUNBQkM0NDNDOEND QkMwMzJFRDgwHhcNMjUxMTAyMTQ1MjI5WhcNMjUxMTA5MTQ1MjI5WjAYMRYwFAYD VQQDEw02OTA3NzAyZS0yOTU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7JWMp01CzkisOJGRv1pnou0k88JKGtwRDrBxKvCgbk0VT+HyjHM19ZazLQVX LF+y1d9NMNlMKF8psRxm0uyf2r9zgklZvdRBhxOb9kaYMtM9adh8LPaGlQwRLu6Y WDhGBw1hSHveBUaGYtGki5Dysz1w3TVkhM6DMaFiuCMfkPTQdPnTeg2Zch5Om4we 16OGz5H0ZxXyOgYBwYwqu36lw2ujfmHqCHk459GGIb24iKkc+bjNJSdJfoacLmN7 lvtNGle+kM7my3q2Y3fhWAT5qaMX0xMqbgguqKxj6tLf3o0oBCthnhEFPz69KFbI Ip8saafZqSqnHvLh57CTIU8grwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNG0Bt+O xW0B4ZOtlYCSqI3JOiE/MB8GA1UdIwQYMBaAFClBxxYe1KLgm7kcq8RDyMy8Ay7Y MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRUVBOS9DRUQwQTlFNjFE OTcxMUUyQkYzRTgxODEwOEIwMkNEMi9LVUhIRmg3VW91Q2J1UnlyeEVQSXpMd0RM dGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tVSEhGaDdVb3VDYnVSeXJ4RVBJekx3REx0Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG RUVBOS9DRUQwQTlFNjFEOTcxMUUyQkYzRTgxODEwOEIwMkNEMi9LVUhIRmg3VW91 Q2J1UnlyeEVQSXpMd0RMdGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCulDefMgQw/ta6zVjkrADEumsAjvfO3qLL9pfVS5baHsiO2XY7/FAe vvrNOo6RzX6TghLw7MtdrmvvJZOoOKcUg0V/flVwiRCrKZtAQYaVvP+vTwMsOZx3 +QFBRhfhtBPuvlo0vdY6A1YGAf31PfGM/75jjbuOE622IKwyYtU3Qb/eh67DXMFw XwKkIifVr2aa+bGRDDaY8ynNAVwvFJYH/8C5gjaLupxVOOeacUl3T+nudVWJ5Zbo ev2UUZAxAAoParnFBta1DD5cnG7BBpbXklbN1nRQjTIO6rf+vYbXvSqXaCttGii0 t9oTxLWMlqX/ygHr9FE2Sx4VQ/5f6/IP -----END CERTIFICATE-----Generated at Tue Nov 4 08:19:21 2025 by rpki-client