$ rpki-client -vvf rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft File: KUHHFh7UouCbuRyrxEPIzLwDLtg.mft (raw, json) Hash identifier: K4APZzjdfb2MdVqbUX7xV4EBSydmvRjCrL8fBSHyv8w= Subject key identifier: 12:5E:33:E3:15:9F:16:D8:2E:DA:56:10:E8:AD:8E:B7:F4:E3:3B:DF Authority key identifier: 29:41:C7:16:1E:D4:A2:E0:9B:B9:1C:AB:C4:43:C8:CC:BC:03:2E:D8 Certificate issuer: /CN=A91FEEA9/serialNumber=2941C7161ED4A2E09BB91CABC443C8CCBC032ED8 Certificate serial: 3472 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft Manifest number: 346E Signing time: Sat 12 Apr 2025 14:51:27 +0000 Manifest this update: Sat 12 Apr 2025 14:51:27 +0000 Manifest next update: Sat 19 Apr 2025 14:51:27 +0000 Files and hashes: 1: KUHHFh7UouCbuRyrxEPIzLwDLtg.crl (hash: JDxZuk9tTI72+7QOG8Rv3SbN18dTKksIFp4SOHmsoTU=) 2: 59ADACFCD16A11EE99648C6FC4F9AE02.roa (hash: gBhtfDqbYf+6FfnwqEokkFBRyUrjeS3Q2Oprg2azRMM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.crl rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 19 Apr 2025 14:51:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13426 (0x3472) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FEEA9, serialNumber=2941C7161ED4A2E09BB91CABC443C8CCBC032ED8 Validity Not Before: Apr 12 14:51:27 2025 GMT Not After : Apr 19 14:51:27 2025 GMT Subject: CN=67fa7def-7ff6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:ce:1a:45:60:fb:d3:d8:b5:f3:ee:8b:c2:4f: 11:eb:61:46:3c:05:c3:10:36:76:6d:5a:26:33:fd: c9:3e:f0:df:aa:50:2d:8f:41:fc:0c:f7:48:70:d3: dc:07:17:59:88:95:75:64:83:dd:a8:d2:e9:2d:f8: 53:3b:1b:68:ae:b0:e0:b7:a3:d4:ad:5e:b3:f4:f9: cf:84:4a:14:d2:89:5d:76:ac:3d:81:e1:c3:a3:77: 9a:2f:a7:29:ca:31:aa:5b:06:71:57:74:63:70:2a: 7e:37:e3:ec:67:a4:c0:0d:13:eb:ff:e8:4d:ec:28: a5:3b:ba:60:9a:49:53:fc:aa:73:1e:24:17:af:0b: 1c:40:0c:16:5d:ad:a2:0b:c9:cd:32:ea:79:13:ef: b6:d1:67:d3:15:80:d1:1e:2e:ef:cc:d2:7d:9e:b8: 4f:24:f6:73:4e:d5:78:5d:18:5c:be:09:2d:70:df: 5e:16:19:78:89:16:9c:4f:bf:0e:59:af:8b:97:e9: 9b:0e:2d:a3:67:05:8e:e7:3b:f4:d3:5a:af:e4:9f: 26:dc:b8:80:4a:a8:9d:72:ad:4a:b9:5c:fb:2c:31: 0e:3a:c7:e4:4c:c3:f9:1d:42:c9:4c:37:4a:0c:d1: a6:ec:c5:58:1b:7b:b6:db:db:4f:23:e8:ea:42:b6: 2d:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:5E:33:E3:15:9F:16:D8:2E:DA:56:10:E8:AD:8E:B7:F4:E3:3B:DF X509v3 Authority Key Identifier: keyid:29:41:C7:16:1E:D4:A2:E0:9B:B9:1C:AB:C4:43:C8:CC:BC:03:2E:D8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6d:c4:03:f9:84:d6:3e:13:24:8e:aa:43:e3:87:bc:e5:a3:1f: a9:3f:a4:dd:3a:39:ce:91:3b:95:1c:4e:13:33:e6:7a:a1:b1: ec:7d:26:d4:21:18:dc:49:7e:41:f4:0e:87:c9:36:31:8c:80: 33:be:98:e1:bd:c6:0f:54:88:e9:79:fc:65:4b:4e:3f:02:5f: 8e:a2:77:82:10:cf:57:e8:f9:63:e5:1e:5b:9f:71:3b:74:e5: 86:8c:d3:9d:16:82:9e:3e:4a:1e:34:f0:a4:ee:17:55:8c:24: 45:92:bc:f3:0f:f0:44:b5:9a:e8:71:02:38:7b:3d:15:f1:78: 0f:bf:9b:5a:b0:41:d7:61:1e:b2:7a:c1:c9:bc:0a:73:28:d9: 39:4f:af:20:bc:62:eb:83:12:06:24:ee:8e:ad:77:91:a8:15: 86:cc:a6:05:df:a9:ea:b7:2e:d5:8e:d0:6f:c0:1c:af:fa:2d: 22:95:b3:2e:a4:1a:0e:de:a0:d7:6e:4d:b6:28:3e:44:50:8d: 58:45:b5:8b:eb:43:6c:81:24:9d:41:ad:42:e8:f1:d8:ff:78: 06:02:d8:20:ca:42:2d:2f:bb:86:d6:65:a0:b7:e7:b1:b4:09: 37:be:f0:e0:0e:6f:09:d1:88:2d:54:6b:b4:41:5e:2b:c1:51: 76:a6:33:9f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNHIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkVFQTkxMTAvBgNVBAUTKDI5NDFDNzE2MUVENEEyRTA5QkI5MUNBQkM0NDNDOEND QkMwMzJFRDgwHhcNMjUwNDEyMTQ1MTI3WhcNMjUwNDE5MTQ1MTI3WjAYMRYwFAYD VQQDEw02N2ZhN2RlZi03ZmY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv84aRWD709i18+6Lwk8R62FGPAXDEDZ2bVomM/3JPvDfqlAtj0H8DPdIcNPc BxdZiJV1ZIPdqNLpLfhTOxtorrDgt6PUrV6z9PnPhEoU0olddqw9geHDo3eaL6cp yjGqWwZxV3RjcCp+N+PsZ6TADRPr/+hN7CilO7pgmklT/KpzHiQXrwscQAwWXa2i C8nNMup5E++20WfTFYDRHi7vzNJ9nrhPJPZzTtV4XRhcvgktcN9eFhl4iRacT78O Wa+Ll+mbDi2jZwWO5zv001qv5J8m3LiASqidcq1KuVz7LDEOOsfkTMP5HULJTDdK DNGm7MVYG3u229tPI+jqQrYtkwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBJeM+MV nxbYLtpWEOitjrf04zvfMB8GA1UdIwQYMBaAFClBxxYe1KLgm7kcq8RDyMy8Ay7Y MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRUVBOS9DRUQwQTlFNjFE OTcxMUUyQkYzRTgxODEwOEIwMkNEMi9LVUhIRmg3VW91Q2J1UnlyeEVQSXpMd0RM dGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tVSEhGaDdVb3VDYnVSeXJ4RVBJekx3REx0Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG RUVBOS9DRUQwQTlFNjFEOTcxMUUyQkYzRTgxODEwOEIwMkNEMi9LVUhIRmg3VW91 Q2J1UnlyeEVQSXpMd0RMdGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBtxAP5hNY+EySOqkPjh7zlox+pP6TdOjnOkTuVHE4TM+Z6obHsfSbU IRjcSX5B9A6HyTYxjIAzvpjhvcYPVIjpefxlS04/Al+OoneCEM9X6Plj5R5bn3E7 dOWGjNOdFoKePkoeNPCk7hdVjCRFkrzzD/BEtZrocQI4ez0V8XgPv5tasEHXYR6y esHJvApzKNk5T68gvGLrgxIGJO6OrXeRqBWGzKYF36nqty7VjtBvwByv+i0ilbMu pBoO3qDXbk22KD5EUI1YRbWL60NsgSSdQa1C6PHY/3gGAtggykItL7uG1mWgt+ex tAk3vvDgDm8J0YgtVGu0QV4rwVF2pjOf -----END CERTIFICATE-----Generated at Sun Apr 13 02:00:22 2025 by rpki-client