$ rpki-client -vvf rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft File: KUHHFh7UouCbuRyrxEPIzLwDLtg.mft (raw, json) Hash identifier: piX/zndPhpmy3ClYSuI9YX4/h4L9wJArlw1bcmRJwNg= Subject key identifier: BB:5C:DD:B4:D2:D5:BD:06:AD:1E:03:DF:B5:CA:E6:84:39:98:A5:94 Authority key identifier: 29:41:C7:16:1E:D4:A2:E0:9B:B9:1C:AB:C4:43:C8:CC:BC:03:2E:D8 Certificate issuer: /CN=A91FEEA9/serialNumber=2941C7161ED4A2E09BB91CABC443C8CCBC032ED8 Certificate serial: 34D7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft Manifest number: 34D2 Signing time: Wed 22 Oct 2025 14:56:56 +0000 Manifest this update: Wed 22 Oct 2025 14:56:55 +0000 Manifest next update: Wed 29 Oct 2025 14:56:55 +0000 Files and hashes: 1: KUHHFh7UouCbuRyrxEPIzLwDLtg.crl (hash: pV76xuLBM6LVIPpEuEp1ft02RulvXflhB5w3cVbyM8g=) 2: 59ADACFCD16A11EE99648C6FC4F9AE02.roa (hash: 0ceifDjQLvS0AatDPaHtr8ucHZrcfHCORggS9sKc0+A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.crl rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 29 Oct 2025 14:56:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13527 (0x34d7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FEEA9, serialNumber=2941C7161ED4A2E09BB91CABC443C8CCBC032ED8 Validity Not Before: Oct 22 14:56:55 2025 GMT Not After : Oct 29 14:56:55 2025 GMT Subject: CN=68f8f0b8-a5ca Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:fc:1e:73:1c:97:24:ed:64:94:ae:aa:f6:d2: ed:d8:65:f5:e8:3d:ce:89:54:ef:6f:f0:52:c7:3f: a5:c9:67:1b:3e:dd:f0:00:17:12:cb:a1:82:af:05: b2:c0:40:af:e1:ab:54:70:63:1d:cd:6c:b6:b0:e6: 63:fe:cd:9e:8e:1f:f2:00:95:db:61:e7:a3:52:28: 69:2b:d9:cf:72:1f:2f:98:e2:00:a1:75:b2:bd:dd: 03:50:c2:3d:87:f2:1c:58:b9:e4:f1:4c:eb:08:2a: f8:b4:19:be:39:6e:b5:51:95:52:ff:7d:e9:54:c3: 21:ac:86:67:a3:e4:bd:44:28:68:0e:37:aa:5e:5e: c1:2c:d9:9e:f1:3c:f0:d2:54:46:9c:d1:a6:42:42: e1:41:f9:e9:75:2b:bc:8e:77:3c:e2:9f:13:d6:b3: e8:56:5b:81:9f:9e:9f:ec:c8:57:ac:f2:0a:bf:d2: 4d:42:09:4e:65:92:7b:40:8a:29:21:7c:9a:70:de: 14:de:13:a9:5c:d9:02:a6:28:4e:19:1f:ce:60:8e: 4b:b9:a5:a7:b1:a4:d9:b8:3a:ec:76:2a:b4:2c:84: 7b:e0:f3:63:86:b5:24:48:ee:7b:90:1b:7a:80:10: 64:05:66:11:61:99:52:0e:68:10:e7:c1:66:fe:e9: c8:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:5C:DD:B4:D2:D5:BD:06:AD:1E:03:DF:B5:CA:E6:84:39:98:A5:94 X509v3 Authority Key Identifier: keyid:29:41:C7:16:1E:D4:A2:E0:9B:B9:1C:AB:C4:43:C8:CC:BC:03:2E:D8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 50:b2:fe:c2:c2:b2:1a:5d:4b:6b:a4:92:bf:a1:d6:39:61:d8: 68:22:77:cf:3e:13:62:ff:e8:64:14:34:00:4a:2c:94:52:30: a8:c7:6a:ac:0f:29:70:d9:77:cb:f9:e3:83:88:13:ac:86:f6: 50:38:74:8b:c9:f6:7c:cb:9e:1e:24:f4:41:ba:94:e2:ec:51: e5:f0:a3:73:ae:f9:97:1e:ce:ee:a9:32:5f:ca:c0:c6:3c:ac: 0f:dd:07:64:4f:da:7e:1c:21:a2:8d:b8:92:3f:92:c3:87:73: 09:e4:52:35:27:5b:a3:22:56:18:5c:f0:29:68:5d:90:28:c4: 75:33:51:b6:23:2b:fb:ef:a6:cc:e1:44:92:10:78:de:32:83: 3c:28:18:f5:f7:46:75:77:77:c8:62:b7:ee:90:92:88:f3:da: 1e:65:82:35:cc:5f:d0:07:3f:e4:0f:d5:5b:eb:ce:51:54:90: 0e:31:ba:e7:23:d6:54:6a:87:ef:95:21:4f:17:ed:14:f8:0e: cd:e8:b7:f4:89:56:85:93:f6:de:a2:1d:6f:b0:3d:ff:cb:d9: fe:42:76:c6:2a:cf:93:aa:48:c5:58:61:d4:f3:b9:00:b4:f7: ad:48:04:db:06:df:93:de:51:7c:bd:d5:ff:cc:6f:86:c1:3e: ec:5b:08:0d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNNcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkVFQTkxMTAvBgNVBAUTKDI5NDFDNzE2MUVENEEyRTA5QkI5MUNBQkM0NDNDOEND QkMwMzJFRDgwHhcNMjUxMDIyMTQ1NjU1WhcNMjUxMDI5MTQ1NjU1WjAYMRYwFAYD VQQDEw02OGY4ZjBiOC1hNWNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7fwecxyXJO1klK6q9tLt2GX16D3OiVTvb/BSxz+lyWcbPt3wABcSy6GCrwWy wECv4atUcGMdzWy2sOZj/s2ejh/yAJXbYeejUihpK9nPch8vmOIAoXWyvd0DUMI9 h/IcWLnk8UzrCCr4tBm+OW61UZVS/33pVMMhrIZno+S9RChoDjeqXl7BLNme8Tzw 0lRGnNGmQkLhQfnpdSu8jnc84p8T1rPoVluBn56f7MhXrPIKv9JNQglOZZJ7QIop IXyacN4U3hOpXNkCpihOGR/OYI5LuaWnsaTZuDrsdiq0LIR74PNjhrUkSO57kBt6 gBBkBWYRYZlSDmgQ58Fm/unImQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLtc3bTS 1b0GrR4D37XK5oQ5mKWUMB8GA1UdIwQYMBaAFClBxxYe1KLgm7kcq8RDyMy8Ay7Y MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRUVBOS9DRUQwQTlFNjFE OTcxMUUyQkYzRTgxODEwOEIwMkNEMi9LVUhIRmg3VW91Q2J1UnlyeEVQSXpMd0RM dGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tVSEhGaDdVb3VDYnVSeXJ4RVBJekx3REx0Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG RUVBOS9DRUQwQTlFNjFEOTcxMUUyQkYzRTgxODEwOEIwMkNEMi9LVUhIRmg3VW91 Q2J1UnlyeEVQSXpMd0RMdGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBQsv7CwrIaXUtrpJK/odY5YdhoInfPPhNi/+hkFDQASiyUUjCox2qs Dylw2XfL+eODiBOshvZQOHSLyfZ8y54eJPRBupTi7FHl8KNzrvmXHs7uqTJfysDG PKwP3QdkT9p+HCGijbiSP5LDh3MJ5FI1J1ujIlYYXPApaF2QKMR1M1G2Iyv776bM 4USSEHjeMoM8KBj190Z1d3fIYrfukJKI89oeZYI1zF/QBz/kD9Vb685RVJAOMbrn I9ZUaofvlSFPF+0U+A7N6Lf0iVaFk/beoh1vsD3/y9n+QnbGKs+TqkjFWGHU87kA tPetSATbBt+T3lF8vdX/zG+GwT7sWwgN -----END CERTIFICATE-----Generated at Wed Oct 22 18:12:51 2025 by rpki-client