$ rpki-client -vvf rpki.apnic.net/member_repository/A9142127/337FBA44546D11EABDD3C117C4F9AE02/uko-NN2arQAtSR0TxciM5c3Jk6o.mft File: uko-NN2arQAtSR0TxciM5c3Jk6o.mft (raw, json) Hash identifier: eARimO2BQFa2e9myOTKuFpSbAjGTo7nIRUjfTo3ixkE= Subject key identifier: 56:32:6F:8F:EC:A1:2A:34:CC:65:17:30:ED:8F:1B:4D:5C:5C:67:79 Authority key identifier: BA:4A:3E:34:DD:9A:AD:00:2D:49:1D:13:C5:C8:8C:E5:CD:C9:93:AA Certificate issuer: /CN=A9142127/serialNumber=BA4A3E34DD9AAD002D491D13C5C88CE5CDC993AA Certificate serial: 0AFC Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/uko-NN2arQAtSR0TxciM5c3Jk6o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9142127/337FBA44546D11EABDD3C117C4F9AE02/uko-NN2arQAtSR0TxciM5c3Jk6o.mft Manifest number: 0AF6 Signing time: Mon 20 Oct 2025 20:07:27 +0000 Manifest this update: Mon 20 Oct 2025 20:07:27 +0000 Manifest next update: Mon 27 Oct 2025 20:07:27 +0000 Files and hashes: 1: uko-NN2arQAtSR0TxciM5c3Jk6o.crl (hash: M22fk4joDFdVnES31a2kPt5dTvN/3FaYZaB1mnmTi4w=) 2: 2FCB8FBA56DC11EA8D75187CC4F9AE02.roa (hash: 1RC1hvOn8M5X9ccmY3hdnJuLljVCrrYvq7AQQg0ulGE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9142127/337FBA44546D11EABDD3C117C4F9AE02/uko-NN2arQAtSR0TxciM5c3Jk6o.crl rsync://rpki.apnic.net/member_repository/A9142127/337FBA44546D11EABDD3C117C4F9AE02/uko-NN2arQAtSR0TxciM5c3Jk6o.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/uko-NN2arQAtSR0TxciM5c3Jk6o.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 20:07:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2812 (0xafc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9142127, serialNumber=BA4A3E34DD9AAD002D491D13C5C88CE5CDC993AA Validity Not Before: Oct 20 20:07:27 2025 GMT Not After : Oct 27 20:07:27 2025 GMT Subject: CN=68f6967f-b358 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:a3:aa:43:f1:b9:5b:33:72:96:83:ad:86:dd: 40:18:8f:b6:13:19:df:8e:88:9b:f1:04:a8:45:23: b7:8b:3c:43:4b:c9:5d:ff:88:3a:26:43:98:3e:0e: fa:8c:de:02:fe:09:7d:9f:a7:a0:70:66:9e:a1:63: 0b:2b:a2:1b:60:a4:93:63:9e:8a:dd:62:5c:c2:29: 63:7b:9f:7f:00:ef:da:b4:1d:dc:08:79:85:61:2c: 60:12:a7:77:6a:9b:38:51:24:7d:72:5f:e9:95:b5: b4:07:ae:2f:ea:0a:54:5c:ef:8d:77:65:7b:bd:ee: 2e:6f:89:7c:2f:2d:7c:8e:1d:1f:ad:f2:51:d4:38: 18:eb:7f:04:80:48:de:b5:8b:92:fd:64:d4:ef:50: 43:d3:76:e0:6b:e1:c3:a6:52:b4:a4:b0:6d:fd:e3: bb:2c:07:3b:4d:12:d9:a0:27:fe:b7:e3:be:26:7c: bc:02:91:8d:7d:f2:b1:0d:96:20:07:0d:ee:7b:bb: 43:8d:7b:ac:9e:68:96:69:c0:63:2e:b2:75:93:71: 6e:02:e3:4b:76:53:48:52:e1:44:7a:3a:3d:f1:61: 35:45:b7:38:4b:dd:8f:c3:b9:cb:0b:82:64:07:1f: b1:e8:ae:f8:30:40:e5:a2:58:fa:58:bd:98:ba:96: 54:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:32:6F:8F:EC:A1:2A:34:CC:65:17:30:ED:8F:1B:4D:5C:5C:67:79 X509v3 Authority Key Identifier: keyid:BA:4A:3E:34:DD:9A:AD:00:2D:49:1D:13:C5:C8:8C:E5:CD:C9:93:AA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9142127/337FBA44546D11EABDD3C117C4F9AE02/uko-NN2arQAtSR0TxciM5c3Jk6o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/uko-NN2arQAtSR0TxciM5c3Jk6o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9142127/337FBA44546D11EABDD3C117C4F9AE02/uko-NN2arQAtSR0TxciM5c3Jk6o.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 90:9c:36:3f:ab:dd:24:95:67:62:66:0f:5b:66:b4:ca:82:05: 4a:91:c6:3d:85:00:53:fb:f0:43:6f:e6:3c:13:1e:df:29:b4: 80:9c:43:ca:4c:50:ff:ab:41:8f:34:eb:42:0f:91:88:ce:c3: 6a:1f:a5:b3:fb:ea:91:59:cc:b8:92:bc:da:9a:83:fc:00:db: 68:90:8a:3a:0d:5b:c0:11:eb:9b:dc:0d:e4:31:ca:d7:63:d9: 51:2d:d5:e3:60:0a:89:ad:dc:b2:a4:a9:c6:5c:10:7b:83:d8: c6:d0:7a:fc:e7:e0:dc:53:b4:09:68:8b:af:c9:98:9c:91:a0: 8f:22:f2:49:0b:b6:0f:0b:55:08:9d:08:19:33:42:6a:a3:18: 1e:be:ba:4c:db:5a:41:81:6d:b5:16:0a:d2:8c:21:1c:7d:b9: 0a:e2:6d:bb:2c:d6:eb:e7:15:2e:8c:2d:fc:a4:16:59:b2:4d: d4:13:e4:66:53:fb:4a:f4:2e:3a:fe:41:97:5d:18:ed:f4:79: 38:f2:19:df:f4:8d:6c:50:ec:51:26:d6:20:60:ff:03:06:51: bc:8f:f5:8c:ed:48:d6:7b:e6:42:b0:8b:90:d6:27:ca:fd:f1: 51:ad:f5:57:c8:ad:b3:6b:3a:12:4d:ce:92:84:f8:0f:de:3b: 8b:74:f6:9c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCvwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDIxMjcxMTAvBgNVBAUTKEJBNEEzRTM0REQ5QUFEMDAyRDQ5MUQxM0M1Qzg4Q0U1 Q0RDOTkzQUEwHhcNMjUxMDIwMjAwNzI3WhcNMjUxMDI3MjAwNzI3WjAYMRYwFAYD VQQDEw02OGY2OTY3Zi1iMzU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2qOqQ/G5WzNyloOtht1AGI+2Exnfjoib8QSoRSO3izxDS8ld/4g6JkOYPg76 jN4C/gl9n6egcGaeoWMLK6IbYKSTY56K3WJcwilje59/AO/atB3cCHmFYSxgEqd3 aps4USR9cl/plbW0B64v6gpUXO+Nd2V7ve4ub4l8Ly18jh0frfJR1DgY638EgEje tYuS/WTU71BD03bga+HDplK0pLBt/eO7LAc7TRLZoCf+t+O+Jny8ApGNffKxDZYg Bw3ue7tDjXusnmiWacBjLrJ1k3FuAuNLdlNIUuFEejo98WE1Rbc4S92Pw7nLC4Jk Bx+x6K74MEDlolj6WL2YupZUfwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFYyb4/s oSo0zGUXMO2PG01cXGd5MB8GA1UdIwQYMBaAFLpKPjTdmq0ALUkdE8XIjOXNyZOq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MjEyNy8zMzdGQkE0NDU0 NkQxMUVBQkREM0MxMTdDNEY5QUUwMi91a28tTk4yYXJRQXRTUjBUeGNpTTVjM0pr Nm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL3Vrby1OTjJhclFBdFNSMFR4Y2lNNWMzSms2by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 MjEyNy8zMzdGQkE0NDU0NkQxMUVBQkREM0MxMTdDNEY5QUUwMi91a28tTk4yYXJR QXRTUjBUeGNpTTVjM0prNm8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCQnDY/q90klWdiZg9bZrTKggVKkcY9hQBT+/BDb+Y8Ex7fKbSAnEPK TFD/q0GPNOtCD5GIzsNqH6Wz++qRWcy4krzamoP8ANtokIo6DVvAEeub3A3kMcrX Y9lRLdXjYAqJrdyypKnGXBB7g9jG0Hr85+DcU7QJaIuvyZickaCPIvJJC7YPC1UI nQgZM0JqoxgevrpM21pBgW21FgrSjCEcfbkK4m27LNbr5xUujC38pBZZsk3UE+Rm U/tK9C46/kGXXRjt9Hk48hnf9I1sUOxRJtYgYP8DBlG8j/WM7UjWe+ZCsIuQ1ifK /fFRrfVXyK2zazoSTc6ShPgP3juLdPac -----END CERTIFICATE-----Generated at Wed Oct 22 02:50:44 2025 by rpki-client