$ rpki-client -vvf rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft File: KUHHFh7UouCbuRyrxEPIzLwDLtg.mft (raw, json) Hash identifier: fT6mkPgeapUmXXIbdSFQRvGlVn+proJmq6nIwv1A0KY= Subject key identifier: 44:43:7B:C7:34:EE:60:82:B9:35:9F:2B:11:90:54:DA:4F:EC:18:E1 Authority key identifier: 29:41:C7:16:1E:D4:A2:E0:9B:B9:1C:AB:C4:43:C8:CC:BC:03:2E:D8 Certificate issuer: /CN=A91FEEA9/serialNumber=2941C7161ED4A2E09BB91CABC443C8CCBC032ED8 Certificate serial: 348D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft Manifest number: 3488 Signing time: Fri 30 May 2025 14:55:36 +0000 Manifest this update: Fri 30 May 2025 14:55:35 +0000 Manifest next update: Fri 06 Jun 2025 14:55:35 +0000 Files and hashes: 1: KUHHFh7UouCbuRyrxEPIzLwDLtg.crl (hash: iL6DLLQOdfOapD1ezvKN0nGx8qoW6rxw8B/NYddNeaM=) 2: 59ADACFCD16A11EE99648C6FC4F9AE02.roa (hash: 0ceifDjQLvS0AatDPaHtr8ucHZrcfHCORggS9sKc0+A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.crl rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 14:55:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13453 (0x348d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FEEA9, serialNumber=2941C7161ED4A2E09BB91CABC443C8CCBC032ED8 Validity Not Before: May 30 14:55:35 2025 GMT Not After : Jun 6 14:55:35 2025 GMT Subject: CN=6839c6e8-d8c1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:e5:14:a6:05:f8:34:e6:10:de:10:3f:9a:a9: 26:af:ba:b3:a1:90:1d:59:fb:12:e9:96:6e:13:a8: 9f:9e:a1:89:6e:3f:11:ed:e6:39:7a:9d:7d:74:93: a0:38:c2:38:b6:e3:69:83:56:bc:b4:16:fa:c2:11: a9:65:29:e6:88:e7:8a:7e:2a:e3:b4:ae:b5:28:da: 49:f1:9a:de:1a:25:f6:7b:3f:f6:10:a4:75:69:8e: 81:ca:b3:9f:52:e4:af:00:c9:15:c1:f6:4d:c0:ae: 95:fb:2b:fa:7f:a0:62:a6:7b:09:cb:bd:88:b4:33: 63:cf:c4:e7:5d:6e:f3:0d:13:6f:c9:c9:7a:20:6c: f6:28:eb:b8:cf:5a:74:7c:f0:97:dd:45:63:28:fd: ba:7a:bb:40:2f:c5:17:b7:2e:72:fd:c7:f0:8d:86: df:d0:13:a4:48:29:2a:5e:2a:69:ea:be:e2:aa:5b: e6:38:0f:0a:a3:8d:8c:58:80:a0:c6:16:92:65:bd: 9a:11:b2:8c:4d:5b:da:37:45:3d:12:6f:4e:0a:e6: ec:a6:c6:9e:87:ba:e7:ba:f0:77:c3:fa:d5:75:df: c7:88:89:7b:ee:55:cc:8e:3f:cd:19:13:66:54:67: 6e:2a:74:18:27:f3:a7:12:36:df:06:2d:62:2c:7d: 67:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:43:7B:C7:34:EE:60:82:B9:35:9F:2B:11:90:54:DA:4F:EC:18:E1 X509v3 Authority Key Identifier: keyid:29:41:C7:16:1E:D4:A2:E0:9B:B9:1C:AB:C4:43:C8:CC:BC:03:2E:D8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2e:a4:85:4d:d5:a7:57:98:91:1c:4e:aa:79:5a:a6:e4:07:51: 10:b1:b3:7d:de:7b:32:23:b1:9c:7f:4d:23:1a:73:d1:95:cc: 76:e3:f3:4c:fc:49:53:0c:51:3c:1f:63:09:55:ed:0d:55:1b: ef:fe:df:82:d3:df:34:b9:10:7a:1b:18:c7:b6:21:b6:ca:1b: a1:75:1b:08:bb:49:51:28:ca:ea:c8:71:4b:fb:f9:d3:84:bb: 78:86:a4:2f:7e:aa:b0:3a:08:22:f7:5f:b2:a8:be:84:0c:c7: 94:0c:eb:24:8a:ca:c4:b3:b7:13:7a:2f:1f:c4:53:0d:3b:d7: a4:57:05:8b:2a:42:2b:46:9f:4b:75:48:50:22:07:b8:7b:de: 6f:40:08:92:88:86:1a:80:4d:c1:bc:0e:86:31:4d:ba:4d:fa: ac:35:b2:0b:73:74:b7:05:af:5e:e2:55:c6:15:bb:97:07:d7: da:1e:9e:2f:f5:a4:5e:6d:fe:de:b2:8f:50:ce:df:d8:3f:7d: db:97:5a:a6:6f:1c:8a:de:93:29:36:bc:fe:61:20:19:7a:e2: 75:96:12:1b:63:b6:1c:10:1f:fd:a0:05:79:52:a7:9f:3f:29: eb:d8:f7:41:8c:0f:d4:1c:18:04:77:8e:a9:20:38:16:6b:0d: c5:2e:fe:97 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNI0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkVFQTkxMTAvBgNVBAUTKDI5NDFDNzE2MUVENEEyRTA5QkI5MUNBQkM0NDNDOEND QkMwMzJFRDgwHhcNMjUwNTMwMTQ1NTM1WhcNMjUwNjA2MTQ1NTM1WjAYMRYwFAYD VQQDEw02ODM5YzZlOC1kOGMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAveUUpgX4NOYQ3hA/mqkmr7qzoZAdWfsS6ZZuE6ifnqGJbj8R7eY5ep19dJOg OMI4tuNpg1a8tBb6whGpZSnmiOeKfirjtK61KNpJ8ZreGiX2ez/2EKR1aY6ByrOf UuSvAMkVwfZNwK6V+yv6f6BipnsJy72ItDNjz8TnXW7zDRNvycl6IGz2KOu4z1p0 fPCX3UVjKP26ertAL8UXty5y/cfwjYbf0BOkSCkqXipp6r7iqlvmOA8Ko42MWICg xhaSZb2aEbKMTVvaN0U9Em9OCubspsaeh7rnuvB3w/rVdd/HiIl77lXMjj/NGRNm VGduKnQYJ/OnEjbfBi1iLH1nswIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFERDe8c0 7mCCuTWfKxGQVNpP7BjhMB8GA1UdIwQYMBaAFClBxxYe1KLgm7kcq8RDyMy8Ay7Y MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRUVBOS9DRUQwQTlFNjFE OTcxMUUyQkYzRTgxODEwOEIwMkNEMi9LVUhIRmg3VW91Q2J1UnlyeEVQSXpMd0RM dGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tVSEhGaDdVb3VDYnVSeXJ4RVBJekx3REx0Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG RUVBOS9DRUQwQTlFNjFEOTcxMUUyQkYzRTgxODEwOEIwMkNEMi9LVUhIRmg3VW91 Q2J1UnlyeEVQSXpMd0RMdGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAupIVN1adXmJEcTqp5WqbkB1EQsbN93nsyI7Gcf00jGnPRlcx24/NM /ElTDFE8H2MJVe0NVRvv/t+C0980uRB6GxjHtiG2yhuhdRsIu0lRKMrqyHFL+/nT hLt4hqQvfqqwOggi91+yqL6EDMeUDOskisrEs7cTei8fxFMNO9ekVwWLKkIrRp9L dUhQIge4e95vQAiSiIYagE3BvA6GMU26TfqsNbILc3S3Ba9e4lXGFbuXB9faHp4v 9aRebf7eso9Qzt/YP33bl1qmbxyK3pMpNrz+YSAZeuJ1lhIbY7YcEB/9oAV5Uqef Pynr2PdBjA/UHBgEd46pIDgWaw3FLv6X -----END CERTIFICATE-----Generated at Sat May 31 16:50:37 2025 by rpki-client