$ rpki-client -vvf rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft File: KUHHFh7UouCbuRyrxEPIzLwDLtg.mft (raw, json) Hash identifier: Lpzm8jHQUxkw7cQDlg9zYNHhFQmqOI9/YF8e1H+LdSs= Subject key identifier: 91:BA:10:96:4E:CD:62:37:5C:11:05:FE:A7:03:89:1E:4B:86:B0:D5 Authority key identifier: 29:41:C7:16:1E:D4:A2:E0:9B:B9:1C:AB:C4:43:C8:CC:BC:03:2E:D8 Certificate issuer: /CN=A91FEEA9/serialNumber=2941C7161ED4A2E09BB91CABC443C8CCBC032ED8 Certificate serial: 349D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft Manifest number: 3498 Signing time: Mon 30 Jun 2025 14:56:01 +0000 Manifest this update: Mon 30 Jun 2025 14:56:00 +0000 Manifest next update: Mon 07 Jul 2025 14:56:00 +0000 Files and hashes: 1: KUHHFh7UouCbuRyrxEPIzLwDLtg.crl (hash: a4Df9JKA6kPEdxeCb+XxqIWfCMoceoojEPg7Z+f1EEA=) 2: 59ADACFCD16A11EE99648C6FC4F9AE02.roa (hash: 0ceifDjQLvS0AatDPaHtr8ucHZrcfHCORggS9sKc0+A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.crl rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Jul 2025 14:56:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13469 (0x349d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FEEA9, serialNumber=2941C7161ED4A2E09BB91CABC443C8CCBC032ED8 Validity Not Before: Jun 30 14:56:00 2025 GMT Not After : Jul 7 14:56:00 2025 GMT Subject: CN=6862a580-52a4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:0e:55:81:23:48:d4:fd:2c:46:f7:25:52:48: 67:0c:e0:cc:8d:49:a6:21:9b:c2:81:2d:b3:06:3d: 04:ea:24:82:dc:3b:d4:37:c6:01:5c:62:34:d3:04: 79:b3:88:01:91:37:2d:15:16:d4:c1:2e:8b:2a:85: c9:25:8f:91:a0:ec:47:a5:ac:a2:54:11:0f:ca:10: bd:d5:b9:61:b4:e8:50:45:18:f2:ae:87:9e:fd:ac: 02:2b:42:9d:09:fd:a8:c5:26:4b:0a:d7:86:8b:b6: e0:1a:81:9c:69:23:f1:91:2d:70:5d:93:27:e1:d8: 2b:35:c4:8c:ca:8e:e4:9f:c1:a3:b4:75:93:40:d7: 1a:7d:46:fe:9c:e6:45:c3:c1:48:c1:9b:68:87:10: a3:c4:62:a4:55:a0:82:0f:34:46:46:56:1d:0f:84: b6:fa:51:c7:97:f7:48:d5:c4:90:ac:64:c8:ee:ed: df:ea:4f:05:77:92:88:00:15:92:e7:02:49:58:8b: c6:20:18:d3:32:7c:84:9c:97:a1:98:da:7b:f4:81: cc:5b:fd:a5:58:98:a6:f5:f6:d8:5d:3c:01:84:c6: a8:43:e6:f5:75:4a:e3:6d:03:ce:5a:51:e0:5a:bb: e0:79:b3:98:ab:9e:e7:21:eb:e8:cb:b1:91:30:bf: 2b:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:BA:10:96:4E:CD:62:37:5C:11:05:FE:A7:03:89:1E:4B:86:B0:D5 X509v3 Authority Key Identifier: keyid:29:41:C7:16:1E:D4:A2:E0:9B:B9:1C:AB:C4:43:C8:CC:BC:03:2E:D8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 18:43:23:7e:d3:e0:92:b2:bc:7b:ef:7b:73:1a:f0:c1:bf:39: bc:68:ae:8b:dd:8e:96:fc:00:a9:99:eb:0e:3b:4b:91:f3:42: de:8d:7b:1e:66:43:12:52:24:66:b9:8c:28:e2:06:81:fe:da: 98:1a:56:c7:6f:a5:cb:6b:13:bf:89:ef:76:2e:e4:c4:c7:78: 4c:7d:14:18:cf:16:d4:76:85:e5:c2:7a:94:df:95:87:9f:a3: b1:e1:49:1d:8f:d9:9b:40:30:25:be:32:2c:d2:e5:8e:62:66: f7:2b:ea:7f:80:e0:26:12:36:9b:45:3e:21:9d:0a:55:04:ce: 42:01:0c:48:5c:f7:74:6d:c8:20:9a:ac:cb:a2:b9:e7:9e:99: 1d:9c:b6:3e:75:f9:83:37:f2:57:db:2c:ef:3b:31:35:03:c8: ca:ae:1e:8b:9a:65:32:c5:fe:b6:32:9e:dd:95:34:90:dd:33: c7:c7:fe:fc:4b:86:e2:57:1c:a4:32:50:ec:c0:ce:9f:28:76: 25:f3:ac:0b:e5:3e:4c:75:0b:4b:b0:7b:fa:6c:55:de:bb:5d: 6f:99:ef:a5:47:2c:da:6e:5d:9c:11:a6:3c:66:2f:70:3a:84: 85:f4:57:0e:0e:9a:10:ff:12:bb:fe:ae:11:ff:cb:9a:f1:c0: a5:d3:67:af -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNJ0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkVFQTkxMTAvBgNVBAUTKDI5NDFDNzE2MUVENEEyRTA5QkI5MUNBQkM0NDNDOEND QkMwMzJFRDgwHhcNMjUwNjMwMTQ1NjAwWhcNMjUwNzA3MTQ1NjAwWjAYMRYwFAYD VQQDEw02ODYyYTU4MC01MmE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1g5VgSNI1P0sRvclUkhnDODMjUmmIZvCgS2zBj0E6iSC3DvUN8YBXGI00wR5 s4gBkTctFRbUwS6LKoXJJY+RoOxHpayiVBEPyhC91blhtOhQRRjyroee/awCK0Kd Cf2oxSZLCteGi7bgGoGcaSPxkS1wXZMn4dgrNcSMyo7kn8GjtHWTQNcafUb+nOZF w8FIwZtohxCjxGKkVaCCDzRGRlYdD4S2+lHHl/dI1cSQrGTI7u3f6k8Fd5KIABWS 5wJJWIvGIBjTMnyEnJehmNp79IHMW/2lWJim9fbYXTwBhMaoQ+b1dUrjbQPOWlHg WrvgebOYq57nIevoy7GRML8rEwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJG6EJZO zWI3XBEF/qcDiR5LhrDVMB8GA1UdIwQYMBaAFClBxxYe1KLgm7kcq8RDyMy8Ay7Y MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRUVBOS9DRUQwQTlFNjFE OTcxMUUyQkYzRTgxODEwOEIwMkNEMi9LVUhIRmg3VW91Q2J1UnlyeEVQSXpMd0RM dGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tVSEhGaDdVb3VDYnVSeXJ4RVBJekx3REx0Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG RUVBOS9DRUQwQTlFNjFEOTcxMUUyQkYzRTgxODEwOEIwMkNEMi9LVUhIRmg3VW91 Q2J1UnlyeEVQSXpMd0RMdGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAYQyN+0+CSsrx773tzGvDBvzm8aK6L3Y6W/ACpmesOO0uR80LejXse ZkMSUiRmuYwo4gaB/tqYGlbHb6XLaxO/ie92LuTEx3hMfRQYzxbUdoXlwnqU35WH n6Ox4Ukdj9mbQDAlvjIs0uWOYmb3K+p/gOAmEjabRT4hnQpVBM5CAQxIXPd0bcgg mqzLornnnpkdnLY+dfmDN/JX2yzvOzE1A8jKrh6LmmUyxf62Mp7dlTSQ3TPHx/78 S4biVxykMlDswM6fKHYl86wL5T5MdQtLsHv6bFXeu11vme+lRyzabl2cEaY8Zi9w OoSF9FcODpoQ/xK7/q4R/8ua8cCl02ev -----END CERTIFICATE-----Generated at Wed Jul 2 13:37:50 2025 by rpki-client