$ rpki-client -vvf rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft File: KUHHFh7UouCbuRyrxEPIzLwDLtg.mft (raw, json) Hash identifier: oBX5bMKPELVoIxgrA9UQoe+d/aBBMz+SBuwyX9O9o9E= Subject key identifier: 45:DB:D1:8F:B9:48:6D:DA:F3:AE:B5:BD:23:68:B6:0C:5D:AE:E3:EC Authority key identifier: 29:41:C7:16:1E:D4:A2:E0:9B:B9:1C:AB:C4:43:C8:CC:BC:03:2E:D8 Certificate issuer: /CN=A91FEEA9/serialNumber=2941C7161ED4A2E09BB91CABC443C8CCBC032ED8 Certificate serial: 34B1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft Manifest number: 34AC Signing time: Fri 08 Aug 2025 14:54:09 +0000 Manifest this update: Fri 08 Aug 2025 14:54:09 +0000 Manifest next update: Fri 15 Aug 2025 14:54:09 +0000 Files and hashes: 1: KUHHFh7UouCbuRyrxEPIzLwDLtg.crl (hash: eFfH5roF0+jCi/OCZEr4s/3A3Hipx24BcVyCDJXIVQ0=) 2: 59ADACFCD16A11EE99648C6FC4F9AE02.roa (hash: 0ceifDjQLvS0AatDPaHtr8ucHZrcfHCORggS9sKc0+A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.crl rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13489 (0x34b1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FEEA9, serialNumber=2941C7161ED4A2E09BB91CABC443C8CCBC032ED8 Validity Not Before: Aug 8 14:54:09 2025 GMT Not After : Aug 15 14:54:09 2025 GMT Subject: CN=68960f91-25a0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:85:55:55:7e:58:01:80:b6:0d:4e:90:f2:db: 7e:6f:9d:d7:bc:c9:00:1c:9f:1b:df:d2:c1:de:d8: 92:bc:cb:36:37:64:c2:f9:68:e5:80:8a:c6:af:f4: f2:a6:63:45:5f:c5:0a:b1:d1:01:1a:4b:07:ca:f9: 14:1d:7a:e5:e7:91:15:1b:89:28:3c:73:55:a8:47: 35:13:84:5e:27:77:33:bf:15:ae:b5:b4:65:1e:83: a4:77:3c:98:b3:39:be:bd:ca:c2:8c:21:a6:72:df: da:a7:fa:04:65:2e:7c:92:cf:ee:8a:49:f7:15:dc: 86:0b:a7:34:34:2e:71:6b:7e:83:28:25:af:d6:16: 75:3b:79:06:7a:1e:5b:69:56:a1:b0:a9:47:06:6d: 6d:0a:b9:95:01:75:b3:da:d6:55:b4:a3:0c:58:4c: 74:35:bd:fb:3d:5a:5f:13:e7:18:4c:34:86:69:a3: 38:80:d9:d9:7b:80:23:9a:ce:31:a9:5d:5f:e5:7c: 55:9e:c6:27:e7:a3:e1:38:d2:2a:16:e3:8e:b9:7a: f4:39:f1:5b:c3:d3:95:36:98:0d:89:e2:6e:b5:6b: ed:42:4c:56:41:80:4f:8a:35:4d:9f:31:1f:63:15: 20:12:ee:51:96:9e:d0:de:66:1d:bd:2d:fc:43:81: 3e:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:DB:D1:8F:B9:48:6D:DA:F3:AE:B5:BD:23:68:B6:0C:5D:AE:E3:EC X509v3 Authority Key Identifier: keyid:29:41:C7:16:1E:D4:A2:E0:9B:B9:1C:AB:C4:43:C8:CC:BC:03:2E:D8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 54:6f:41:6e:32:97:62:9d:b1:96:5f:76:c1:ab:36:58:fb:51: 7e:72:b9:73:1c:41:a0:af:0b:b1:80:d1:ad:5a:08:f2:1f:7f: b5:56:49:7c:5e:71:1f:b7:fd:22:b8:4b:97:56:de:94:7c:fc: fb:44:01:4c:8a:39:13:5e:f6:de:e4:8b:59:a0:62:ac:05:5b: 25:80:ff:e5:0f:29:49:62:93:0e:de:79:74:2a:8e:6d:b1:fe: 30:9c:40:55:5d:90:ce:71:04:04:fd:c0:d9:ba:d0:82:3a:d7: 78:7c:e9:77:57:72:61:ef:e2:2d:75:4e:5d:7f:d2:ba:ef:a5: 1f:3a:9a:83:6d:1e:fe:bb:9d:f7:be:01:4a:36:22:85:00:eb: 8e:fa:f7:45:0d:07:c2:ec:75:c7:98:03:12:00:68:73:09:54: 06:62:5e:e9:97:36:61:a5:5a:8b:f7:2e:de:d4:72:12:6c:34: 1b:b3:0a:b4:8b:0b:ce:20:cb:15:84:26:67:30:b1:72:fa:e6: 7b:ed:db:d5:2f:ad:02:ee:9e:ee:de:8a:ac:e1:05:6f:ab:bc: 04:f3:6d:b8:33:87:61:8c:c0:a5:5b:92:3c:5d:08:d8:ba:39: ca:02:71:85:54:b7:a9:e6:b0:77:40:7d:9e:bc:10:c9:aa:4f: 7b:02:a5:b8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNLEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkVFQTkxMTAvBgNVBAUTKDI5NDFDNzE2MUVENEEyRTA5QkI5MUNBQkM0NDNDOEND QkMwMzJFRDgwHhcNMjUwODA4MTQ1NDA5WhcNMjUwODE1MTQ1NDA5WjAYMRYwFAYD VQQDEw02ODk2MGY5MS0yNWEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr4VVVX5YAYC2DU6Q8tt+b53XvMkAHJ8b39LB3tiSvMs2N2TC+WjlgIrGr/Ty pmNFX8UKsdEBGksHyvkUHXrl55EVG4koPHNVqEc1E4ReJ3czvxWutbRlHoOkdzyY szm+vcrCjCGmct/ap/oEZS58ks/uikn3FdyGC6c0NC5xa36DKCWv1hZ1O3kGeh5b aVahsKlHBm1tCrmVAXWz2tZVtKMMWEx0Nb37PVpfE+cYTDSGaaM4gNnZe4Ajms4x qV1f5XxVnsYn56PhONIqFuOOuXr0OfFbw9OVNpgNieJutWvtQkxWQYBPijVNnzEf YxUgEu5Rlp7Q3mYdvS38Q4E+PQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEXb0Y+5 SG3a8661vSNotgxdruPsMB8GA1UdIwQYMBaAFClBxxYe1KLgm7kcq8RDyMy8Ay7Y MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRUVBOS9DRUQwQTlFNjFE OTcxMUUyQkYzRTgxODEwOEIwMkNEMi9LVUhIRmg3VW91Q2J1UnlyeEVQSXpMd0RM dGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tVSEhGaDdVb3VDYnVSeXJ4RVBJekx3REx0Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG RUVBOS9DRUQwQTlFNjFEOTcxMUUyQkYzRTgxODEwOEIwMkNEMi9LVUhIRmg3VW91 Q2J1UnlyeEVQSXpMd0RMdGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBUb0FuMpdinbGWX3bBqzZY+1F+crlzHEGgrwuxgNGtWgjyH3+1Vkl8 XnEft/0iuEuXVt6UfPz7RAFMijkTXvbe5ItZoGKsBVslgP/lDylJYpMO3nl0Ko5t sf4wnEBVXZDOcQQE/cDZutCCOtd4fOl3V3Jh7+ItdU5df9K676UfOpqDbR7+u533 vgFKNiKFAOuO+vdFDQfC7HXHmAMSAGhzCVQGYl7plzZhpVqL9y7e1HISbDQbswq0 iwvOIMsVhCZnMLFy+uZ77dvVL60C7p7u3oqs4QVvq7wE8224M4dhjMClW5I8XQjY ujnKAnGFVLep5rB3QH2evBDJqk97AqW4 -----END CERTIFICATE-----Generated at Sun Aug 10 05:39:09 2025 by rpki-client