$ rpki-client -vvf rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft File: KUHHFh7UouCbuRyrxEPIzLwDLtg.mft (raw, json) Hash identifier: Zdy2zEq2fxBMGT5lifMDyKClqeFk5ztteBbvRKq6hqo= Subject key identifier: B2:E7:C6:AA:55:42:FB:1B:49:A8:35:9C:7F:59:1E:02:EB:8A:81:97 Authority key identifier: 29:41:C7:16:1E:D4:A2:E0:9B:B9:1C:AB:C4:43:C8:CC:BC:03:2E:D8 Certificate issuer: /CN=A91FEEA9/serialNumber=2941C7161ED4A2E09BB91CABC443C8CCBC032ED8 Certificate serial: 3496 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft Manifest number: 3491 Signing time: Mon 16 Jun 2025 14:54:17 +0000 Manifest this update: Mon 16 Jun 2025 14:54:17 +0000 Manifest next update: Mon 23 Jun 2025 14:54:17 +0000 Files and hashes: 1: KUHHFh7UouCbuRyrxEPIzLwDLtg.crl (hash: u5pE1SgWALS5kEs0TMg1FnmjJHKFIz8lh1vw0DKUoJA=) 2: 59ADACFCD16A11EE99648C6FC4F9AE02.roa (hash: 0ceifDjQLvS0AatDPaHtr8ucHZrcfHCORggS9sKc0+A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.crl rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 23 Jun 2025 14:54:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13462 (0x3496) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FEEA9, serialNumber=2941C7161ED4A2E09BB91CABC443C8CCBC032ED8 Validity Not Before: Jun 16 14:54:17 2025 GMT Not After : Jun 23 14:54:17 2025 GMT Subject: CN=68503019-99ad Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:fe:f5:05:80:3e:ec:99:ba:7a:e1:bb:14:fb: 0d:03:34:a1:36:8a:5a:f4:04:18:34:e0:b1:3c:f8: da:5f:79:d0:f6:15:08:d0:45:87:16:ce:26:7c:eb: db:52:8d:e5:11:47:fc:d8:75:ee:5a:c5:bf:08:b4: 30:72:bc:1f:8e:2e:1e:5e:da:bd:30:07:77:44:04: 83:f7:29:45:21:da:3c:06:39:8a:04:92:65:74:c9: 11:62:b8:c4:47:9f:05:74:62:39:be:a8:07:d0:3a: fc:92:dc:42:f5:32:72:e1:31:82:6e:6d:1e:9c:43: ba:8c:f5:30:8a:4e:19:24:38:3e:63:8e:85:82:73: 19:d5:ae:ad:07:ba:aa:7c:e5:69:79:b4:b8:83:8f: d9:4e:4d:9e:d7:6b:cb:4f:74:c5:25:56:c6:19:62: f4:13:46:11:ef:0b:58:e5:bd:bb:89:94:3f:3e:ba: f4:f6:f7:c2:07:a5:4d:05:65:dc:90:28:dc:27:d3: 70:52:a1:4a:00:08:6e:35:dd:af:bc:87:b2:6a:62: ca:4f:77:1f:f7:56:91:1a:83:68:69:00:a1:84:07: 6d:6e:71:4a:15:c2:36:78:b8:88:ae:88:69:e3:12: a8:10:28:d5:88:9e:24:f1:a3:5e:7d:ae:0f:a7:6b: e5:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:E7:C6:AA:55:42:FB:1B:49:A8:35:9C:7F:59:1E:02:EB:8A:81:97 X509v3 Authority Key Identifier: keyid:29:41:C7:16:1E:D4:A2:E0:9B:B9:1C:AB:C4:43:C8:CC:BC:03:2E:D8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ba:3f:b9:d0:51:49:ef:0b:7f:a8:d9:0f:2b:49:07:11:17:fb: 1a:50:ae:18:1f:8d:d8:61:9f:4d:c4:38:1e:27:37:96:77:45: d6:6e:d3:97:05:65:6b:bc:d8:16:7d:58:80:a4:79:f4:0f:ea: a3:90:bb:60:ed:1e:a1:da:58:d6:38:1f:43:cc:aa:28:b7:cd: 08:74:31:58:c7:13:39:f5:e8:21:ba:91:a5:5b:b5:07:0c:d4: b3:bd:bb:40:7d:bd:92:3b:ef:5f:c7:ca:dc:02:10:69:8f:e0: 77:9b:c8:6e:79:ef:24:c1:e8:a7:99:1c:52:dd:26:80:50:67: 31:77:3d:e7:74:e7:e1:ce:b4:f9:8c:87:50:91:7a:91:88:94: 87:ef:7b:90:61:ef:57:25:a1:8f:73:9d:b1:a9:02:9d:b7:37: 7e:e8:1f:2f:66:22:e9:77:3b:40:90:68:9c:96:15:88:2c:87: f0:d4:61:48:07:dc:24:05:4e:8f:be:fb:9f:5e:d1:1b:a0:8a: 0e:65:b9:99:05:8b:90:00:68:67:8c:a9:14:82:4e:bc:b0:5b: 92:b9:b1:84:bb:1d:a4:ee:c4:0d:65:b1:bc:b7:cb:09:57:69: cd:07:ff:f5:42:d6:f5:26:af:22:4d:95:72:8f:9f:1e:93:59: aa:e1:34:a4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNJYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkVFQTkxMTAvBgNVBAUTKDI5NDFDNzE2MUVENEEyRTA5QkI5MUNBQkM0NDNDOEND QkMwMzJFRDgwHhcNMjUwNjE2MTQ1NDE3WhcNMjUwNjIzMTQ1NDE3WjAYMRYwFAYD VQQDEw02ODUwMzAxOS05OWFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsP71BYA+7Jm6euG7FPsNAzShNopa9AQYNOCxPPjaX3nQ9hUI0EWHFs4mfOvb Uo3lEUf82HXuWsW/CLQwcrwfji4eXtq9MAd3RASD9ylFIdo8BjmKBJJldMkRYrjE R58FdGI5vqgH0Dr8ktxC9TJy4TGCbm0enEO6jPUwik4ZJDg+Y46FgnMZ1a6tB7qq fOVpebS4g4/ZTk2e12vLT3TFJVbGGWL0E0YR7wtY5b27iZQ/Prr09vfCB6VNBWXc kCjcJ9NwUqFKAAhuNd2vvIeyamLKT3cf91aRGoNoaQChhAdtbnFKFcI2eLiIrohp 4xKoECjViJ4k8aNefa4Pp2vlKQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLLnxqpV QvsbSag1nH9ZHgLrioGXMB8GA1UdIwQYMBaAFClBxxYe1KLgm7kcq8RDyMy8Ay7Y MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRUVBOS9DRUQwQTlFNjFE OTcxMUUyQkYzRTgxODEwOEIwMkNEMi9LVUhIRmg3VW91Q2J1UnlyeEVQSXpMd0RM dGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tVSEhGaDdVb3VDYnVSeXJ4RVBJekx3REx0Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG RUVBOS9DRUQwQTlFNjFEOTcxMUUyQkYzRTgxODEwOEIwMkNEMi9LVUhIRmg3VW91 Q2J1UnlyeEVQSXpMd0RMdGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC6P7nQUUnvC3+o2Q8rSQcRF/saUK4YH43YYZ9NxDgeJzeWd0XWbtOX BWVrvNgWfViApHn0D+qjkLtg7R6h2ljWOB9DzKoot80IdDFYxxM59eghupGlW7UH DNSzvbtAfb2SO+9fx8rcAhBpj+B3m8huee8kweinmRxS3SaAUGcxdz3ndOfhzrT5 jIdQkXqRiJSH73uQYe9XJaGPc52xqQKdtzd+6B8vZiLpdztAkGiclhWILIfw1GFI B9wkBU6PvvufXtEboIoOZbmZBYuQAGhnjKkUgk68sFuSubGEux2k7sQNZbG8t8sJ V2nNB//1Qtb1Jq8iTZVyj58ek1mq4TSk -----END CERTIFICATE-----Generated at Wed Jun 18 08:23:09 2025 by rpki-client