$ rpki-client -vvf rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft File: KUHHFh7UouCbuRyrxEPIzLwDLtg.mft (raw, json) Hash identifier: B+kWobjOJhULvogl/LtEc7JWutWyJFfnZSM90FP/zNI= Subject key identifier: 77:56:92:DA:F0:A5:CD:F2:A5:4D:B2:4F:F6:79:2F:1D:B2:85:D9:04 Authority key identifier: 29:41:C7:16:1E:D4:A2:E0:9B:B9:1C:AB:C4:43:C8:CC:BC:03:2E:D8 Certificate issuer: /CN=A91FEEA9/serialNumber=2941C7161ED4A2E09BB91CABC443C8CCBC032ED8 Certificate serial: 34B8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft Manifest number: 34B3 Signing time: Fri 22 Aug 2025 14:53:34 +0000 Manifest this update: Fri 22 Aug 2025 14:53:34 +0000 Manifest next update: Fri 29 Aug 2025 14:53:34 +0000 Files and hashes: 1: KUHHFh7UouCbuRyrxEPIzLwDLtg.crl (hash: KUvjBni05JNXE4NmaNFh+RXn4Mb0BhEh8MbLq4kDLOI=) 2: 59ADACFCD16A11EE99648C6FC4F9AE02.roa (hash: 0ceifDjQLvS0AatDPaHtr8ucHZrcfHCORggS9sKc0+A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.crl rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 14:53:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13496 (0x34b8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FEEA9, serialNumber=2941C7161ED4A2E09BB91CABC443C8CCBC032ED8 Validity Not Before: Aug 22 14:53:34 2025 GMT Not After : Aug 29 14:53:34 2025 GMT Subject: CN=68a8846e-dfee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:97:97:4e:f2:f3:6a:fe:26:fc:ec:04:a5:2f: 37:57:ee:af:c8:4c:a3:2d:41:39:30:e0:92:55:57: 16:c7:a1:31:33:20:e2:7d:48:b5:e0:b8:bf:11:d4: 2a:ed:0d:d3:b6:a3:58:49:a1:22:87:8f:f1:b5:55: 6d:e7:ca:43:e8:d9:cb:bf:eb:9b:5d:f1:12:6a:b7: 01:33:e0:97:4c:7a:ed:3a:38:ef:57:10:71:eb:15: 18:d0:a7:cf:04:91:a6:92:e1:9f:6c:60:f0:d1:aa: 9e:26:d1:1d:72:9f:a4:fe:62:7f:9f:52:de:a2:62: 84:de:5a:52:bb:8b:68:5d:32:d4:85:01:3e:d6:a3: 32:8c:05:80:46:9d:d6:25:e0:7a:1f:c7:7e:09:30: 97:41:98:8e:ed:9d:37:58:95:bc:bf:45:da:55:56: 2b:1a:a1:8d:4d:e1:1d:39:1a:8f:c0:ee:c1:93:5e: 75:df:af:1f:26:f2:06:b8:5d:7a:0b:02:b3:c9:f1: 27:a5:fa:c8:7b:c0:53:db:42:f7:b0:4b:7b:de:b8: 5b:1c:2d:28:21:fd:36:4a:a9:c7:ff:fe:2e:af:a6: a1:8f:c3:c3:81:54:e2:a7:20:2e:ed:6e:64:8e:d1: 61:61:ea:b6:66:ed:46:75:63:76:b6:8d:29:db:04: d5:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:56:92:DA:F0:A5:CD:F2:A5:4D:B2:4F:F6:79:2F:1D:B2:85:D9:04 X509v3 Authority Key Identifier: keyid:29:41:C7:16:1E:D4:A2:E0:9B:B9:1C:AB:C4:43:C8:CC:BC:03:2E:D8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b9:58:60:ff:ad:69:e9:e6:6e:4c:b2:ee:7f:f2:bf:69:4a:71: cc:e8:8e:d6:5e:a1:c4:24:c2:7a:34:5a:e7:21:ae:30:38:2b: d0:41:79:dc:51:25:cf:a0:a6:bc:18:96:3c:91:69:d7:ac:59: a2:96:e8:20:a5:af:be:8c:12:76:f9:ea:a7:43:48:35:3f:6a: 8f:28:1d:07:13:82:6c:c6:14:3a:9a:dd:bd:b0:74:2f:b6:65: b9:3d:6c:9a:54:5d:29:cb:81:24:64:8f:8f:15:0e:19:b9:43: a2:ae:78:7a:9e:cf:5c:cb:38:b1:96:d5:5a:c3:86:c1:36:dc: b5:c6:7d:9c:54:e8:b1:9d:7d:fb:0e:62:76:e1:02:37:92:37: ce:85:eb:cd:10:c3:5f:96:d4:c8:d0:ec:2b:62:4a:8b:0a:41: 53:ce:e2:cb:58:df:ec:74:57:8d:e7:e3:19:64:b9:03:79:3c: 1d:20:56:a3:29:81:3a:7e:c0:55:66:8b:30:1b:46:78:25:ef: c9:b8:80:98:84:a7:e3:56:90:6f:7b:90:7f:48:a5:57:6f:56: 92:6b:41:fc:76:7d:c5:03:f1:0a:a5:19:96:e1:45:e0:5f:07: ca:72:86:7e:d5:07:fe:b8:80:8e:05:62:f9:99:2f:f5:0c:db: 79:2f:22:d7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNLgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkVFQTkxMTAvBgNVBAUTKDI5NDFDNzE2MUVENEEyRTA5QkI5MUNBQkM0NDNDOEND QkMwMzJFRDgwHhcNMjUwODIyMTQ1MzM0WhcNMjUwODI5MTQ1MzM0WjAYMRYwFAYD VQQDEw02OGE4ODQ2ZS1kZmVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtpeXTvLzav4m/OwEpS83V+6vyEyjLUE5MOCSVVcWx6ExMyDifUi14Li/EdQq 7Q3TtqNYSaEih4/xtVVt58pD6NnLv+ubXfESarcBM+CXTHrtOjjvVxBx6xUY0KfP BJGmkuGfbGDw0aqeJtEdcp+k/mJ/n1LeomKE3lpSu4toXTLUhQE+1qMyjAWARp3W JeB6H8d+CTCXQZiO7Z03WJW8v0XaVVYrGqGNTeEdORqPwO7Bk151368fJvIGuF16 CwKzyfEnpfrIe8BT20L3sEt73rhbHC0oIf02SqnH//4ur6ahj8PDgVTipyAu7W5k jtFhYeq2Zu1GdWN2to0p2wTV3QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHdWktrw pc3ypU2yT/Z5Lx2yhdkEMB8GA1UdIwQYMBaAFClBxxYe1KLgm7kcq8RDyMy8Ay7Y MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRUVBOS9DRUQwQTlFNjFE OTcxMUUyQkYzRTgxODEwOEIwMkNEMi9LVUhIRmg3VW91Q2J1UnlyeEVQSXpMd0RM dGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tVSEhGaDdVb3VDYnVSeXJ4RVBJekx3REx0Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG RUVBOS9DRUQwQTlFNjFEOTcxMUUyQkYzRTgxODEwOEIwMkNEMi9LVUhIRmg3VW91 Q2J1UnlyeEVQSXpMd0RMdGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC5WGD/rWnp5m5Msu5/8r9pSnHM6I7WXqHEJMJ6NFrnIa4wOCvQQXnc USXPoKa8GJY8kWnXrFmiluggpa++jBJ2+eqnQ0g1P2qPKB0HE4JsxhQ6mt29sHQv tmW5PWyaVF0py4EkZI+PFQ4ZuUOirnh6ns9cyzixltVaw4bBNty1xn2cVOixnX37 DmJ24QI3kjfOhevNEMNfltTI0OwrYkqLCkFTzuLLWN/sdFeN5+MZZLkDeTwdIFaj KYE6fsBVZoswG0Z4Je/JuICYhKfjVpBve5B/SKVXb1aSa0H8dn3FA/EKpRmW4UXg XwfKcoZ+1Qf+uICOBWL5mS/1DNt5LyLX -----END CERTIFICATE-----Generated at Sat Aug 23 17:07:08 2025 by rpki-client