$ rpki-client -vvf rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft File: KUHHFh7UouCbuRyrxEPIzLwDLtg.mft (raw, json) Hash identifier: WCDMEfyHQwJ5zMY3QOJEM6Q8F/YiM75f3tHGoMrLKTY= Subject key identifier: E8:DE:CB:D0:28:69:AC:5D:8B:07:61:E3:F9:C4:85:31:01:49:D8:6B Authority key identifier: 29:41:C7:16:1E:D4:A2:E0:9B:B9:1C:AB:C4:43:C8:CC:BC:03:2E:D8 Certificate issuer: /CN=A91FEEA9/serialNumber=2941C7161ED4A2E09BB91CABC443C8CCBC032ED8 Certificate serial: 3483 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft Manifest number: 347E Signing time: Sat 10 May 2025 14:50:53 +0000 Manifest this update: Sat 10 May 2025 14:50:52 +0000 Manifest next update: Sat 17 May 2025 14:50:52 +0000 Files and hashes: 1: KUHHFh7UouCbuRyrxEPIzLwDLtg.crl (hash: Zh1vqVaiR5nwsGbr98j3ny8VMOGP/2KUy1jof5AZkQw=) 2: 59ADACFCD16A11EE99648C6FC4F9AE02.roa (hash: 0ceifDjQLvS0AatDPaHtr8ucHZrcfHCORggS9sKc0+A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.crl rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 14:50:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13443 (0x3483) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FEEA9, serialNumber=2941C7161ED4A2E09BB91CABC443C8CCBC032ED8 Validity Not Before: May 10 14:50:52 2025 GMT Not After : May 17 14:50:52 2025 GMT Subject: CN=681f67cd-2309 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:1e:b8:c2:e0:19:0c:cb:b2:d1:95:5d:da:97: 3e:37:68:da:15:06:be:23:b3:f4:db:0c:3a:f7:d7: 8d:2a:d4:98:d0:ec:34:c1:f6:7d:e8:fa:70:be:3f: 6a:59:ea:c2:1e:3d:39:0d:57:d8:40:b9:f9:39:ac: 30:6b:4b:74:1c:4e:4d:65:7e:c5:de:95:6f:dd:09: b0:2e:3d:d2:95:49:d1:b0:d2:0d:6e:25:eb:b5:a0: 3c:d2:5d:c5:8e:5a:6a:be:ab:ab:74:14:b9:b5:77: 3a:94:41:45:af:0c:17:df:3a:42:b5:9a:b5:ab:63: 83:89:a0:5b:db:d8:6e:04:32:aa:de:c7:c7:12:51: 89:b5:01:ea:5c:f2:c6:bf:67:86:35:19:e8:af:77: 24:89:1c:67:f3:4a:ca:08:ba:1f:bf:d7:df:11:e6: 1a:03:56:de:5d:6d:81:a5:86:51:ac:a1:b0:a5:84: 39:e1:8e:47:12:fc:8e:34:6f:bb:2b:70:0f:3a:94: 87:35:2b:65:53:ee:3f:18:bc:ea:8d:2b:23:41:8e: a0:ea:75:55:73:94:f9:e3:85:fa:b5:69:07:fc:9a: cf:fa:5c:8c:f9:23:21:85:43:3f:f5:e6:6b:2a:e2: 47:33:a7:e0:19:7f:e2:74:a9:6c:89:7f:14:ce:42: 2f:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:DE:CB:D0:28:69:AC:5D:8B:07:61:E3:F9:C4:85:31:01:49:D8:6B X509v3 Authority Key Identifier: keyid:29:41:C7:16:1E:D4:A2:E0:9B:B9:1C:AB:C4:43:C8:CC:BC:03:2E:D8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 09:84:c8:de:c5:87:73:61:35:7d:91:d0:58:9a:63:05:71:4f: 65:35:0e:a7:d6:8b:65:71:f5:f6:2b:b8:6b:8d:00:0d:19:9d: 89:3a:e6:37:00:49:1d:1d:8c:f0:e6:38:fd:6d:0d:aa:8f:a7: 25:c5:59:22:0f:63:53:6b:89:a3:7a:4a:a3:00:78:f3:dd:eb: 84:68:89:3b:02:89:a7:43:01:74:99:19:d1:1d:fe:82:6b:7f: 59:1c:29:24:fe:dd:5c:03:8a:3d:2b:2a:cd:4e:d2:b5:06:30: 0f:18:e8:bf:ff:44:e7:4a:14:be:d7:e4:73:c2:1d:0a:2f:fa: a7:bc:ab:66:5d:6e:35:9a:d0:5f:e8:97:6f:fb:a7:7e:19:70: 4e:be:66:a8:5c:26:39:71:10:8c:33:60:1e:01:a8:9e:a4:4f: 27:ec:c9:6c:79:d3:84:6b:be:c4:c9:59:a5:64:e6:b9:f2:9e: f1:71:24:7d:b9:a1:d5:8b:2a:3c:3e:3f:1a:7d:53:c8:b1:c6: da:5a:56:dd:7c:13:b4:c0:70:ed:b5:c2:13:91:5b:41:86:c4: cb:26:31:59:4d:5f:d7:20:1b:fc:d2:9a:3b:8d:7b:db:1a:2c: bd:94:9c:89:59:5e:1b:31:f0:92:72:ea:04:32:18:95:f6:e3: 49:e0:4b:f4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNIMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkVFQTkxMTAvBgNVBAUTKDI5NDFDNzE2MUVENEEyRTA5QkI5MUNBQkM0NDNDOEND QkMwMzJFRDgwHhcNMjUwNTEwMTQ1MDUyWhcNMjUwNTE3MTQ1MDUyWjAYMRYwFAYD VQQDEw02ODFmNjdjZC0yMzA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4x64wuAZDMuy0ZVd2pc+N2jaFQa+I7P02ww699eNKtSY0Ow0wfZ96Ppwvj9q WerCHj05DVfYQLn5Oawwa0t0HE5NZX7F3pVv3QmwLj3SlUnRsNINbiXrtaA80l3F jlpqvqurdBS5tXc6lEFFrwwX3zpCtZq1q2ODiaBb29huBDKq3sfHElGJtQHqXPLG v2eGNRnor3ckiRxn80rKCLofv9ffEeYaA1beXW2BpYZRrKGwpYQ54Y5HEvyONG+7 K3APOpSHNStlU+4/GLzqjSsjQY6g6nVVc5T544X6tWkH/JrP+lyM+SMhhUM/9eZr KuJHM6fgGX/idKlsiX8UzkIvjwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOjey9Ao aaxdiwdh4/nEhTEBSdhrMB8GA1UdIwQYMBaAFClBxxYe1KLgm7kcq8RDyMy8Ay7Y MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRUVBOS9DRUQwQTlFNjFE OTcxMUUyQkYzRTgxODEwOEIwMkNEMi9LVUhIRmg3VW91Q2J1UnlyeEVQSXpMd0RM dGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tVSEhGaDdVb3VDYnVSeXJ4RVBJekx3REx0Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG RUVBOS9DRUQwQTlFNjFEOTcxMUUyQkYzRTgxODEwOEIwMkNEMi9LVUhIRmg3VW91 Q2J1UnlyeEVQSXpMd0RMdGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAJhMjexYdzYTV9kdBYmmMFcU9lNQ6n1otlcfX2K7hrjQANGZ2JOuY3 AEkdHYzw5jj9bQ2qj6clxVkiD2NTa4mjekqjAHjz3euEaIk7AomnQwF0mRnRHf6C a39ZHCkk/t1cA4o9KyrNTtK1BjAPGOi//0TnShS+1+Rzwh0KL/qnvKtmXW41mtBf 6Jdv+6d+GXBOvmaoXCY5cRCMM2AeAaiepE8n7MlsedOEa77EyVmlZOa58p7xcSR9 uaHViyo8Pj8afVPIscbaWlbdfBO0wHDttcITkVtBhsTLJjFZTV/XIBv80po7jXvb Giy9lJyJWV4bMfCScuoEMhiV9uNJ4Ev0 -----END CERTIFICATE-----Generated at Mon May 12 12:38:31 2025 by rpki-client