$ rpki-client -vvf rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft File: KUHHFh7UouCbuRyrxEPIzLwDLtg.mft (raw, json) Hash identifier: ybKNuYrIfDTl9ThLwLieK9+IPaE9lA17XuGNv5G58IA= Subject key identifier: 2B:4A:B6:39:CC:01:58:06:AA:10:DB:4E:32:8A:94:0D:15:84:10:88 Authority key identifier: 29:41:C7:16:1E:D4:A2:E0:9B:B9:1C:AB:C4:43:C8:CC:BC:03:2E:D8 Certificate issuer: /CN=A91FEEA9/serialNumber=2941C7161ED4A2E09BB91CABC443C8CCBC032ED8 Certificate serial: 34C0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft Manifest number: 34BB Signing time: Sat 06 Sep 2025 14:53:08 +0000 Manifest this update: Sat 06 Sep 2025 14:53:08 +0000 Manifest next update: Sat 13 Sep 2025 14:53:08 +0000 Files and hashes: 1: KUHHFh7UouCbuRyrxEPIzLwDLtg.crl (hash: rV05Kt1kAK2tchhf+bFLAnP4drG3R/4T6MlE7rh/a5s=) 2: 59ADACFCD16A11EE99648C6FC4F9AE02.roa (hash: 0ceifDjQLvS0AatDPaHtr8ucHZrcfHCORggS9sKc0+A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.crl rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Sep 2025 14:50:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13504 (0x34c0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FEEA9, serialNumber=2941C7161ED4A2E09BB91CABC443C8CCBC032ED8 Validity Not Before: Sep 6 14:53:08 2025 GMT Not After : Sep 13 14:53:08 2025 GMT Subject: CN=68bc4ad4-5c58 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:7a:ad:bd:01:18:f0:76:de:6b:57:d6:96:11: 10:14:50:65:58:26:67:56:3f:d2:cd:0e:84:fb:b8: fb:ee:33:16:13:d9:5c:d5:1c:c5:0b:3c:37:7c:00: d2:2a:32:10:12:05:ae:59:a8:b4:30:2c:4c:1e:7c: 2c:32:a5:90:1a:b5:69:75:f1:7f:02:c5:b4:4c:2b: 7c:52:c6:2f:2a:33:cd:c6:82:aa:e6:49:0a:6a:f4: 83:e7:7e:4d:52:cd:ce:f6:95:8e:8d:ec:52:26:18: 65:7e:6c:f0:ce:dc:13:a9:6f:c5:67:cc:6b:ba:83: 17:cf:89:7d:46:c8:0d:5d:f1:db:01:ce:fd:09:20: 1e:00:d9:01:de:c7:73:d9:d9:9c:a1:f6:2f:ea:60: 40:e0:15:5b:1f:be:d1:15:55:bc:be:00:e1:e7:01: 8d:c4:7d:6d:27:7e:66:6c:55:4d:41:c4:9c:ae:96: ad:e1:d1:ad:b6:2b:88:da:9b:9d:e1:7e:e9:48:bf: aa:97:b7:17:08:fb:d3:72:4e:4a:0d:54:9b:9d:08: a2:d4:47:68:c6:69:7a:29:e3:ce:84:db:a8:d1:f7: 39:2a:7b:c7:e7:3e:07:f7:1e:2d:fa:7e:fa:ab:07: 59:a4:d1:84:0b:82:96:1c:d5:6f:ae:5b:cd:7d:8a: 41:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:4A:B6:39:CC:01:58:06:AA:10:DB:4E:32:8A:94:0D:15:84:10:88 X509v3 Authority Key Identifier: keyid:29:41:C7:16:1E:D4:A2:E0:9B:B9:1C:AB:C4:43:C8:CC:BC:03:2E:D8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 69:1b:a9:37:00:09:6f:c2:f8:a5:0a:4f:4c:13:d4:b6:24:d2: 62:84:7d:0a:3f:be:9e:18:00:27:88:20:25:26:e3:a0:62:0a: d2:11:bb:d6:5f:d4:a6:2c:47:4e:52:6b:ad:2d:bc:00:55:33: d5:96:2f:d0:af:5c:1b:84:95:96:f3:1a:c2:8b:f3:33:9f:36: b4:4c:33:b9:a8:29:12:c1:eb:51:32:73:fe:16:12:76:40:86: 82:57:d3:b3:04:90:b1:c9:13:57:30:d3:b0:e5:6e:65:1b:b4: 4b:cd:93:98:40:94:94:b3:64:ad:d7:6a:0a:46:4a:a0:ac:a3: 56:0c:8b:60:16:6d:5d:15:72:2b:66:06:d2:ca:82:8e:4e:1f: 70:c7:5d:d0:43:44:ed:0a:ec:50:e7:16:b3:05:45:70:6b:fe: c7:19:fb:32:25:ff:d3:36:86:b3:d7:96:6a:1c:b3:ef:4f:2e: 95:3e:9b:d0:e2:42:bc:88:86:c2:a7:12:e4:ce:35:9b:29:17: 76:36:7f:ab:76:57:5f:8b:ca:b5:d1:8b:f6:20:ef:77:11:d2: 88:3f:7d:1b:34:99:ad:5d:9a:65:ac:81:4f:97:5c:a5:3b:aa: f3:73:c6:d9:2f:fa:78:56:b1:64:f5:9d:4a:1a:44:2b:60:e2: b4:9d:77:46 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNMAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkVFQTkxMTAvBgNVBAUTKDI5NDFDNzE2MUVENEEyRTA5QkI5MUNBQkM0NDNDOEND QkMwMzJFRDgwHhcNMjUwOTA2MTQ1MzA4WhcNMjUwOTEzMTQ1MzA4WjAYMRYwFAYD VQQDEw02OGJjNGFkNC01YzU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8HqtvQEY8Hbea1fWlhEQFFBlWCZnVj/SzQ6E+7j77jMWE9lc1RzFCzw3fADS KjIQEgWuWai0MCxMHnwsMqWQGrVpdfF/AsW0TCt8UsYvKjPNxoKq5kkKavSD535N Us3O9pWOjexSJhhlfmzwztwTqW/FZ8xruoMXz4l9RsgNXfHbAc79CSAeANkB3sdz 2dmcofYv6mBA4BVbH77RFVW8vgDh5wGNxH1tJ35mbFVNQcScrpat4dGttiuI2pud 4X7pSL+ql7cXCPvTck5KDVSbnQii1Edoxml6KePOhNuo0fc5KnvH5z4H9x4t+n76 qwdZpNGEC4KWHNVvrlvNfYpB/QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCtKtjnM AVgGqhDbTjKKlA0VhBCIMB8GA1UdIwQYMBaAFClBxxYe1KLgm7kcq8RDyMy8Ay7Y MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRUVBOS9DRUQwQTlFNjFE OTcxMUUyQkYzRTgxODEwOEIwMkNEMi9LVUhIRmg3VW91Q2J1UnlyeEVQSXpMd0RM dGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tVSEhGaDdVb3VDYnVSeXJ4RVBJekx3REx0Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG RUVBOS9DRUQwQTlFNjFEOTcxMUUyQkYzRTgxODEwOEIwMkNEMi9LVUhIRmg3VW91 Q2J1UnlyeEVQSXpMd0RMdGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBpG6k3AAlvwvilCk9ME9S2JNJihH0KP76eGAAniCAlJuOgYgrSEbvW X9SmLEdOUmutLbwAVTPVli/Qr1wbhJWW8xrCi/Mznza0TDO5qCkSwetRMnP+FhJ2 QIaCV9OzBJCxyRNXMNOw5W5lG7RLzZOYQJSUs2St12oKRkqgrKNWDItgFm1dFXIr ZgbSyoKOTh9wx13QQ0TtCuxQ5xazBUVwa/7HGfsyJf/TNoaz15ZqHLPvTy6VPpvQ 4kK8iIbCpxLkzjWbKRd2Nn+rdldfi8q10Yv2IO93EdKIP30bNJmtXZplrIFPl1yl O6rzc8bZL/p4VrFk9Z1KGkQrYOK0nXdG -----END CERTIFICATE-----Generated at Sat Sep 6 16:31:45 2025 by rpki-client