$ rpki-client -vvf rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft File: KUHHFh7UouCbuRyrxEPIzLwDLtg.mft (raw, json) Hash identifier: 3B3FSs7xiqs4Tl/32/+gX06sTdQjx2bILDMGNgNoDho= Subject key identifier: 5C:6D:AF:B8:21:73:BA:64:58:0F:B4:19:4C:BD:25:C2:87:B8:A0:0D Authority key identifier: 29:41:C7:16:1E:D4:A2:E0:9B:B9:1C:AB:C4:43:C8:CC:BC:03:2E:D8 Certificate issuer: /CN=A91FEEA9/serialNumber=2941C7161ED4A2E09BB91CABC443C8CCBC032ED8 Certificate serial: 34A7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft Manifest number: 34A2 Signing time: Sun 20 Jul 2025 14:53:45 +0000 Manifest this update: Sun 20 Jul 2025 14:53:45 +0000 Manifest next update: Sun 27 Jul 2025 14:53:45 +0000 Files and hashes: 1: KUHHFh7UouCbuRyrxEPIzLwDLtg.crl (hash: b96Bk3kti0r3djJsrczaziGMfnAyvrCSh3MVtfpMMIE=) 2: 59ADACFCD16A11EE99648C6FC4F9AE02.roa (hash: 0ceifDjQLvS0AatDPaHtr8ucHZrcfHCORggS9sKc0+A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.crl rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Jul 2025 14:53:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13479 (0x34a7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FEEA9, serialNumber=2941C7161ED4A2E09BB91CABC443C8CCBC032ED8 Validity Not Before: Jul 20 14:53:45 2025 GMT Not After : Jul 27 14:53:45 2025 GMT Subject: CN=687d02f9-f8e7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:62:49:32:12:75:79:9d:25:89:7b:22:3d:f6: 6b:50:47:82:74:40:46:62:b9:5e:eb:6f:94:80:b2: 11:c3:7c:88:61:ba:c0:93:35:22:d7:2c:05:1d:12: ef:df:ff:43:33:c0:04:dc:ab:9a:6c:5a:b7:02:03: 8b:a8:0b:0a:4b:14:26:0f:5a:f6:dc:c4:4a:c9:43: f5:93:38:c2:74:87:16:07:d0:1b:38:21:7d:2c:65: 77:ff:b2:ec:da:6a:1a:e0:12:a3:52:70:46:e4:d3: 56:93:a6:1f:f9:3e:36:25:26:b8:cd:c4:0c:0b:0a: 2f:80:f6:55:c1:5c:05:39:d5:4c:fd:cd:60:f8:e6: 1d:c6:16:18:51:79:12:bf:46:80:fa:37:d1:16:05: 9c:01:aa:7b:c5:49:d5:89:c1:98:80:08:1d:17:19: 9c:2e:eb:66:dd:cc:00:95:d2:7f:a7:30:c6:45:da: 9e:cf:4d:4f:52:bf:0a:20:b2:d3:12:99:3f:d5:be: 6a:34:e0:67:dc:06:20:ab:83:1e:fc:e5:ce:64:88: d8:c7:1f:6a:b2:1b:a3:d7:ee:50:90:39:c9:75:45: 0b:62:44:22:ee:ca:c8:0e:48:04:68:66:5f:0f:c9: 2b:25:4f:53:18:2f:8f:26:48:dd:7f:20:da:80:03: 8e:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:6D:AF:B8:21:73:BA:64:58:0F:B4:19:4C:BD:25:C2:87:B8:A0:0D X509v3 Authority Key Identifier: keyid:29:41:C7:16:1E:D4:A2:E0:9B:B9:1C:AB:C4:43:C8:CC:BC:03:2E:D8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 71:23:1d:0e:62:7a:8a:02:f4:f0:3c:bb:55:7b:dd:b6:c5:5d: 56:b2:dc:63:2a:ca:dd:ab:24:b2:70:2d:5c:0c:5a:a3:8a:fc: 1e:ef:27:59:f9:6a:e8:c3:ab:16:dd:7e:0b:e9:e3:4e:76:3f: c8:c4:ba:d3:0b:1d:40:ca:ae:94:a0:5b:67:0b:33:2e:83:64: fe:fd:c8:26:28:fa:72:9e:e5:d2:fe:8d:68:b1:74:db:33:4e: bd:79:a0:34:57:8e:c0:b6:3d:ea:1e:8f:74:51:8f:ed:01:72: a3:36:ff:c5:96:17:be:e9:70:ee:8d:b3:6a:d9:79:43:1b:29: 2d:95:75:05:2f:c4:35:00:c4:06:16:76:db:21:f6:8c:78:94: 94:1e:14:90:d7:20:4d:bd:c8:64:b8:86:c6:09:0f:61:e9:84: ac:41:e6:b2:3b:a3:d9:f2:a8:ad:45:cd:1c:80:c0:29:28:28: 23:28:3f:a1:44:ea:1f:5a:c9:cd:19:be:71:dc:23:5c:7f:56: 6f:6c:7c:3f:18:3a:8c:a0:60:da:dc:2d:fb:22:30:16:7d:52: 2c:35:ae:09:21:ea:1b:12:87:80:98:aa:8a:fd:32:e7:be:b3: a4:b6:b5:a9:a0:b6:6c:34:21:a7:58:a2:d8:72:51:af:de:11: 5f:b4:4a:13 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNKcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkVFQTkxMTAvBgNVBAUTKDI5NDFDNzE2MUVENEEyRTA5QkI5MUNBQkM0NDNDOEND QkMwMzJFRDgwHhcNMjUwNzIwMTQ1MzQ1WhcNMjUwNzI3MTQ1MzQ1WjAYMRYwFAYD VQQDEw02ODdkMDJmOS1mOGU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAomJJMhJ1eZ0liXsiPfZrUEeCdEBGYrle62+UgLIRw3yIYbrAkzUi1ywFHRLv 3/9DM8AE3KuabFq3AgOLqAsKSxQmD1r23MRKyUP1kzjCdIcWB9AbOCF9LGV3/7Ls 2moa4BKjUnBG5NNWk6Yf+T42JSa4zcQMCwovgPZVwVwFOdVM/c1g+OYdxhYYUXkS v0aA+jfRFgWcAap7xUnVicGYgAgdFxmcLutm3cwAldJ/pzDGRdqez01PUr8KILLT Epk/1b5qNOBn3AYgq4Me/OXOZIjYxx9qshuj1+5QkDnJdUULYkQi7srIDkgEaGZf D8krJU9TGC+PJkjdfyDagAOOnQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFxtr7gh c7pkWA+0GUy9JcKHuKANMB8GA1UdIwQYMBaAFClBxxYe1KLgm7kcq8RDyMy8Ay7Y MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRUVBOS9DRUQwQTlFNjFE OTcxMUUyQkYzRTgxODEwOEIwMkNEMi9LVUhIRmg3VW91Q2J1UnlyeEVQSXpMd0RM dGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tVSEhGaDdVb3VDYnVSeXJ4RVBJekx3REx0Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG RUVBOS9DRUQwQTlFNjFEOTcxMUUyQkYzRTgxODEwOEIwMkNEMi9LVUhIRmg3VW91 Q2J1UnlyeEVQSXpMd0RMdGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBxIx0OYnqKAvTwPLtVe922xV1WstxjKsrdqySycC1cDFqjivwe7ydZ +Wrow6sW3X4L6eNOdj/IxLrTCx1Ayq6UoFtnCzMug2T+/cgmKPpynuXS/o1osXTb M069eaA0V47Atj3qHo90UY/tAXKjNv/Flhe+6XDujbNq2XlDGyktlXUFL8Q1AMQG FnbbIfaMeJSUHhSQ1yBNvchkuIbGCQ9h6YSsQeayO6PZ8qitRc0cgMApKCgjKD+h ROofWsnNGb5x3CNcf1ZvbHw/GDqMoGDa3C37IjAWfVIsNa4JIeobEoeAmKqK/TLn vrOktrWpoLZsNCGnWKLYclGv3hFftEoT -----END CERTIFICATE-----Generated at Sun Jul 20 20:36:50 2025 by rpki-client