$ rpki-client -vvf rpki.apnic.net/member_repository/A9142127/337FBA44546D11EABDD3C117C4F9AE02/uko-NN2arQAtSR0TxciM5c3Jk6o.mft File: uko-NN2arQAtSR0TxciM5c3Jk6o.mft (raw, json) Hash identifier: o1jAeMggOoOtFMbTjUJRV9YbuSVZzVDr0Wh8SoxTzJc= Subject key identifier: 49:1F:D6:B5:D9:E7:7F:06:3E:DC:7F:0A:79:E9:BC:21:B6:0B:95:57 Authority key identifier: BA:4A:3E:34:DD:9A:AD:00:2D:49:1D:13:C5:C8:8C:E5:CD:C9:93:AA Certificate issuer: /CN=A9142127/serialNumber=BA4A3E34DD9AAD002D491D13C5C88CE5CDC993AA Certificate serial: 0AFB Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/uko-NN2arQAtSR0TxciM5c3Jk6o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9142127/337FBA44546D11EABDD3C117C4F9AE02/uko-NN2arQAtSR0TxciM5c3Jk6o.mft Manifest number: 0AF5 Signing time: Sat 18 Oct 2025 20:19:13 +0000 Manifest this update: Sat 18 Oct 2025 20:19:13 +0000 Manifest next update: Sat 25 Oct 2025 20:19:13 +0000 Files and hashes: 1: uko-NN2arQAtSR0TxciM5c3Jk6o.crl (hash: 2f0g3Rx2taEJozXyZDw4jDmlVs7Tdg2QN6FGBTlFnvQ=) 2: 2FCB8FBA56DC11EA8D75187CC4F9AE02.roa (hash: 1RC1hvOn8M5X9ccmY3hdnJuLljVCrrYvq7AQQg0ulGE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9142127/337FBA44546D11EABDD3C117C4F9AE02/uko-NN2arQAtSR0TxciM5c3Jk6o.crl rsync://rpki.apnic.net/member_repository/A9142127/337FBA44546D11EABDD3C117C4F9AE02/uko-NN2arQAtSR0TxciM5c3Jk6o.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/uko-NN2arQAtSR0TxciM5c3Jk6o.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 20:19:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2811 (0xafb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9142127, serialNumber=BA4A3E34DD9AAD002D491D13C5C88CE5CDC993AA Validity Not Before: Oct 18 20:19:13 2025 GMT Not After : Oct 25 20:19:13 2025 GMT Subject: CN=68f3f641-ca77 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:44:e1:5d:8c:c0:d0:29:21:91:9b:b5:92:72: 7c:60:7c:8b:90:cc:34:ed:fc:16:4a:55:a0:f9:4c: 47:e3:10:a4:d8:97:07:7e:ff:5c:71:68:26:e3:07: 31:dd:8c:d1:76:fe:3f:fe:a9:03:73:df:32:4e:10: 29:09:48:31:b3:4d:60:81:02:ab:e0:de:06:1e:67: 28:9b:70:42:98:d6:6b:15:9a:91:27:0a:00:31:41: 9a:89:9b:34:2a:e2:af:87:80:4d:6e:71:65:4e:66: 1e:32:15:bb:4e:5b:e6:63:44:1f:71:87:13:98:61: 52:35:49:62:2f:9d:2e:c5:d6:d1:3d:bb:53:bf:7f: 99:e6:5a:d6:d6:95:58:74:69:e2:6e:a6:b8:2d:dd: 1e:29:c1:94:75:97:ca:29:ee:89:fe:82:0d:32:a5: 43:12:68:3b:03:44:5b:6c:dc:3f:26:20:23:06:71: 4c:dd:b3:a7:21:05:06:ca:d8:bd:34:35:7b:22:75: af:c1:a5:66:aa:af:e2:52:6c:ef:ac:57:98:55:e6: 6b:5c:ca:bd:45:73:9e:e6:99:ee:4e:55:be:19:2d: 4d:1e:8f:88:1a:ed:b0:2f:15:d4:68:5e:d0:d1:de: c3:78:a3:df:3a:0f:95:d9:81:8b:c2:b2:f2:76:7a: 55:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:1F:D6:B5:D9:E7:7F:06:3E:DC:7F:0A:79:E9:BC:21:B6:0B:95:57 X509v3 Authority Key Identifier: keyid:BA:4A:3E:34:DD:9A:AD:00:2D:49:1D:13:C5:C8:8C:E5:CD:C9:93:AA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9142127/337FBA44546D11EABDD3C117C4F9AE02/uko-NN2arQAtSR0TxciM5c3Jk6o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/uko-NN2arQAtSR0TxciM5c3Jk6o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9142127/337FBA44546D11EABDD3C117C4F9AE02/uko-NN2arQAtSR0TxciM5c3Jk6o.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7a:36:ce:04:24:b6:ec:5c:2a:06:f6:e4:6d:68:62:57:68:71: bf:67:76:36:53:cc:f8:7c:cf:af:12:47:0c:6e:ae:87:d1:c4: 15:b6:01:fa:a0:4d:be:47:6b:46:6f:e8:9a:57:32:fb:30:2e: 6c:d0:d6:c8:be:67:e8:55:f9:79:52:cd:f4:15:c7:b1:94:6f: 7a:89:c1:73:ed:2d:6c:05:e2:fc:f8:f6:8f:8e:cc:c4:15:4a: f2:73:e0:af:ff:86:ba:1a:0b:99:26:82:4e:3d:44:96:52:f1: 99:20:f5:d2:93:8e:65:69:8f:6a:3a:dc:78:97:7d:76:4d:94: d8:e8:28:1e:72:73:3b:9e:60:ba:19:48:a9:70:8d:42:6a:8e: 76:69:a0:7c:d8:98:95:72:63:ec:f1:17:7b:46:39:99:a1:8e: cc:76:11:4d:7e:4b:03:18:a4:bb:11:28:43:27:20:c5:b1:ec: 30:1c:b9:6d:fa:3f:c9:ce:aa:35:53:3e:5d:88:40:b8:ca:80: b9:2e:f2:0f:8a:ce:2f:b2:8d:68:1f:3b:84:ec:6e:72:e4:ec: 31:c0:5f:30:52:26:c1:1b:ae:78:1d:ad:ec:58:7e:46:63:c1: ce:e2:ed:41:0c:b5:cb:fc:29:75:84:f2:6b:47:00:22:27:e7: 80:af:f6:64 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCvswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDIxMjcxMTAvBgNVBAUTKEJBNEEzRTM0REQ5QUFEMDAyRDQ5MUQxM0M1Qzg4Q0U1 Q0RDOTkzQUEwHhcNMjUxMDE4MjAxOTEzWhcNMjUxMDI1MjAxOTEzWjAYMRYwFAYD VQQDEw02OGYzZjY0MS1jYTc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvUThXYzA0CkhkZu1knJ8YHyLkMw07fwWSlWg+UxH4xCk2JcHfv9ccWgm4wcx 3YzRdv4//qkDc98yThApCUgxs01ggQKr4N4GHmcom3BCmNZrFZqRJwoAMUGaiZs0 KuKvh4BNbnFlTmYeMhW7TlvmY0QfcYcTmGFSNUliL50uxdbRPbtTv3+Z5lrW1pVY dGnibqa4Ld0eKcGUdZfKKe6J/oINMqVDEmg7A0RbbNw/JiAjBnFM3bOnIQUGyti9 NDV7InWvwaVmqq/iUmzvrFeYVeZrXMq9RXOe5pnuTlW+GS1NHo+IGu2wLxXUaF7Q 0d7DeKPfOg+V2YGLwrLydnpVLQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEkf1rXZ 538GPtx/CnnpvCG2C5VXMB8GA1UdIwQYMBaAFLpKPjTdmq0ALUkdE8XIjOXNyZOq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MjEyNy8zMzdGQkE0NDU0 NkQxMUVBQkREM0MxMTdDNEY5QUUwMi91a28tTk4yYXJRQXRTUjBUeGNpTTVjM0pr Nm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL3Vrby1OTjJhclFBdFNSMFR4Y2lNNWMzSms2by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 MjEyNy8zMzdGQkE0NDU0NkQxMUVBQkREM0MxMTdDNEY5QUUwMi91a28tTk4yYXJR QXRTUjBUeGNpTTVjM0prNm8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB6Ns4EJLbsXCoG9uRtaGJXaHG/Z3Y2U8z4fM+vEkcMbq6H0cQVtgH6 oE2+R2tGb+iaVzL7MC5s0NbIvmfoVfl5Us30FcexlG96icFz7S1sBeL8+PaPjszE FUryc+Cv/4a6GguZJoJOPUSWUvGZIPXSk45laY9qOtx4l312TZTY6CgecnM7nmC6 GUipcI1Cao52aaB82JiVcmPs8Rd7RjmZoY7MdhFNfksDGKS7EShDJyDFsewwHLlt +j/Jzqo1Uz5diEC4yoC5LvIPis4vso1oHzuE7G5y5OwxwF8wUibBG654Ha3sWH5G Y8HO4u1BDLXL/Cl1hPJrRwAiJ+eAr/Zk -----END CERTIFICATE-----Generated at Mon Oct 20 15:25:58 2025 by rpki-client