$ rpki-client -vvf rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft File: KUHHFh7UouCbuRyrxEPIzLwDLtg.mft (raw, json) Hash identifier: 1tu+UpcxdpxjXLJlTF8YMHQJYfwOJ+pq9dBsO/XO6cc= Subject key identifier: 4E:65:4A:F5:02:7C:70:B2:A4:0B:42:30:E8:C1:9C:03:88:36:B4:70 Authority key identifier: 29:41:C7:16:1E:D4:A2:E0:9B:B9:1C:AB:C4:43:C8:CC:BC:03:2E:D8 Certificate issuer: /CN=A91FEEA9/serialNumber=2941C7161ED4A2E09BB91CABC443C8CCBC032ED8 Certificate serial: 34D6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft Manifest number: 34D1 Signing time: Mon 20 Oct 2025 14:57:10 +0000 Manifest this update: Mon 20 Oct 2025 14:57:09 +0000 Manifest next update: Mon 27 Oct 2025 14:57:09 +0000 Files and hashes: 1: KUHHFh7UouCbuRyrxEPIzLwDLtg.crl (hash: 47G89QWP/+FL0x+A6twtAmuS/X0tFTBq9rv4iqGnY2k=) 2: 59ADACFCD16A11EE99648C6FC4F9AE02.roa (hash: 0ceifDjQLvS0AatDPaHtr8ucHZrcfHCORggS9sKc0+A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.crl rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 14:57:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13526 (0x34d6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FEEA9, serialNumber=2941C7161ED4A2E09BB91CABC443C8CCBC032ED8 Validity Not Before: Oct 20 14:57:09 2025 GMT Not After : Oct 27 14:57:09 2025 GMT Subject: CN=68f64dc5-2128 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:ac:cc:94:52:3a:4d:17:9e:36:b7:61:d5:1f: b1:f8:6f:30:44:46:d4:e6:00:1f:4d:f7:00:c9:1e: c1:aa:fe:f6:a7:fd:71:89:d2:f1:02:9b:08:1b:ce: 8c:01:cd:4f:d6:91:05:10:df:39:92:99:74:9b:f2: c0:e6:f4:6f:ee:22:a1:2e:9a:1e:8d:36:c9:0a:a0: 77:c1:3e:96:6c:c7:e7:6d:7a:32:53:c7:13:f7:75: d1:23:47:28:c9:b4:04:49:69:e6:df:49:16:0b:f0: 5b:3f:60:41:76:36:36:cf:95:2d:40:21:ab:c5:63: 55:48:ae:5f:e0:8a:4a:a8:4a:bd:91:e0:56:7a:b2: fe:f2:a6:c5:c8:6d:6f:78:a6:3d:e8:ee:4e:1f:5a: ad:65:b7:62:15:de:28:9d:e9:26:b0:d6:32:78:d3: 7e:72:61:60:c6:6c:46:3b:c3:91:11:2a:e1:c2:94: 91:48:a8:34:26:c5:67:a1:3c:0a:53:cb:6f:df:73: 24:50:c0:98:96:80:8a:53:4f:7f:6b:12:47:00:eb: 3c:da:cf:3c:52:36:a5:d4:74:20:d3:d9:c9:9f:f3: 90:ba:ad:96:99:c9:dc:44:fc:de:15:be:ae:eb:cb: b9:4d:31:95:7c:d3:20:7e:8d:31:e0:cf:d6:dd:2f: 50:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:65:4A:F5:02:7C:70:B2:A4:0B:42:30:E8:C1:9C:03:88:36:B4:70 X509v3 Authority Key Identifier: keyid:29:41:C7:16:1E:D4:A2:E0:9B:B9:1C:AB:C4:43:C8:CC:BC:03:2E:D8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6b:82:95:1b:01:75:cc:9d:00:10:27:d3:f1:22:56:8e:bc:fa: ee:ac:aa:d1:09:05:db:64:a1:db:0a:bb:0a:0a:77:f2:55:cf: aa:c0:45:54:0f:88:f6:ac:e8:2d:35:1c:45:44:d4:1c:2b:56: e9:96:68:86:33:4b:30:7e:2e:2b:0e:66:f5:a5:f4:61:0d:a0: cd:68:76:88:a4:9e:d6:48:ba:3d:d2:61:10:9e:bf:c0:a9:39: 3f:13:c3:a6:c6:cc:d2:7e:c9:b7:c0:42:ce:f4:2a:0b:c7:57: 4a:b1:63:ec:6d:f1:61:44:6f:0a:e8:95:5b:35:45:ff:10:60: 28:b8:dc:25:fe:ed:27:46:2b:f4:66:8a:73:28:98:c1:cc:c8: 06:e7:66:53:4e:45:41:70:46:14:c9:6b:58:a8:85:e7:c4:2b: 70:88:0d:fe:6a:23:94:c0:fc:f0:c5:1f:87:4f:08:74:b1:00: 8a:32:83:a7:99:77:44:9b:cf:22:25:fd:1c:f0:d0:13:f9:16: cd:6f:88:87:e2:09:a0:4b:dd:03:95:a0:dd:11:58:f1:d0:69: 89:33:c5:03:cd:ff:a4:4f:ed:cb:1a:b6:5b:67:f3:83:e5:dd: 89:47:80:15:ca:0d:af:96:50:49:79:7e:b9:91:83:8d:04:06: 65:ac:f0:3f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNNYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkVFQTkxMTAvBgNVBAUTKDI5NDFDNzE2MUVENEEyRTA5QkI5MUNBQkM0NDNDOEND QkMwMzJFRDgwHhcNMjUxMDIwMTQ1NzA5WhcNMjUxMDI3MTQ1NzA5WjAYMRYwFAYD VQQDEw02OGY2NGRjNS0yMTI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArqzMlFI6TReeNrdh1R+x+G8wREbU5gAfTfcAyR7Bqv72p/1xidLxApsIG86M Ac1P1pEFEN85kpl0m/LA5vRv7iKhLpoejTbJCqB3wT6WbMfnbXoyU8cT93XRI0co ybQESWnm30kWC/BbP2BBdjY2z5UtQCGrxWNVSK5f4IpKqEq9keBWerL+8qbFyG1v eKY96O5OH1qtZbdiFd4onekmsNYyeNN+cmFgxmxGO8ORESrhwpSRSKg0JsVnoTwK U8tv33MkUMCYloCKU09/axJHAOs82s88Ujal1HQg09nJn/OQuq2WmcncRPzeFb6u 68u5TTGVfNMgfo0x4M/W3S9QlwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFE5lSvUC fHCypAtCMOjBnAOINrRwMB8GA1UdIwQYMBaAFClBxxYe1KLgm7kcq8RDyMy8Ay7Y MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRUVBOS9DRUQwQTlFNjFE OTcxMUUyQkYzRTgxODEwOEIwMkNEMi9LVUhIRmg3VW91Q2J1UnlyeEVQSXpMd0RM dGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tVSEhGaDdVb3VDYnVSeXJ4RVBJekx3REx0Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG RUVBOS9DRUQwQTlFNjFEOTcxMUUyQkYzRTgxODEwOEIwMkNEMi9LVUhIRmg3VW91 Q2J1UnlyeEVQSXpMd0RMdGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBrgpUbAXXMnQAQJ9PxIlaOvPrurKrRCQXbZKHbCrsKCnfyVc+qwEVU D4j2rOgtNRxFRNQcK1bplmiGM0swfi4rDmb1pfRhDaDNaHaIpJ7WSLo90mEQnr/A qTk/E8OmxszSfsm3wELO9CoLx1dKsWPsbfFhRG8K6JVbNUX/EGAouNwl/u0nRiv0 ZopzKJjBzMgG52ZTTkVBcEYUyWtYqIXnxCtwiA3+aiOUwPzwxR+HTwh0sQCKMoOn mXdEm88iJf0c8NAT+RbNb4iH4gmgS90DlaDdEVjx0GmJM8UDzf+kT+3LGrZbZ/OD 5d2JR4AVyg2vllBJeX65kYONBAZlrPA/ -----END CERTIFICATE-----Generated at Tue Oct 21 02:11:20 2025 by rpki-client