$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft File: Klbs8PH_OfsVFWANEgo0cr4UtzI.mft (raw, json) Hash identifier: 89mGVNLkSsRuBpHIXg+XUdVp2QU9OWNbqWhDNM9YAYk= Subject key identifier: 63:BB:96:10:EE:CE:82:18:21:A7:E0:A3:E1:F2:AB:5D:48:44:40:88 Authority key identifier: 2A:56:EC:F0:F1:FF:39:FB:15:15:60:0D:12:0A:34:72:BE:14:B7:32 Certificate issuer: /CN=A91EA485/serialNumber=2A56ECF0F1FF39FB1515600D120A3472BE14B732 Certificate serial: 012C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Klbs8PH_OfsVFWANEgo0cr4UtzI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft Manifest number: 0129 Signing time: Sat 29 Mar 2025 04:02:28 +0000 Manifest this update: Sat 29 Mar 2025 04:02:27 +0000 Manifest next update: Sat 05 Apr 2025 04:02:27 +0000 Files and hashes: 1: Klbs8PH_OfsVFWANEgo0cr4UtzI.crl (hash: xSi/jr8Gdzw8iib9kOnbAjjf/uRUxwFf3y0mFGXZ7Ww=) 2: EF31E31847CE11EEB588375DC4F9AE02.roa (hash: D2jnJ061deT1FgcnPcnAa54o8jUyuQQ7FJDAZ8ZL8D4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.crl rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Klbs8PH_OfsVFWANEgo0cr4UtzI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 04:02:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 300 (0x12c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA485 Validity Not Before: Mar 29 04:02:27 2025 GMT Not After : Apr 5 04:02:27 2025 GMT Subject: CN=67e770d4-3c9f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:d2:70:6c:33:3b:10:d7:8f:61:7c:88:ea:e1: 63:c7:8e:08:02:c2:48:6f:04:36:a3:a1:8f:d0:bc: d0:19:cf:1a:08:cb:e8:35:26:5e:2c:c1:1e:63:f1: 77:09:63:db:91:9e:19:ea:16:0f:1f:41:0c:0e:44: 3a:2f:77:67:6a:7a:25:b4:e4:94:f4:fe:95:e6:18: 3a:fa:3a:00:f7:25:b1:0f:eb:bf:54:82:df:97:b0: f0:f0:19:c0:21:0a:27:13:0c:0f:10:c7:53:8c:b7: 1d:d5:07:90:01:e6:f4:96:8c:c6:b4:d9:6f:05:2e: cb:df:70:a1:9a:bf:14:bf:ba:5e:55:6d:75:b7:11: f0:23:59:de:e3:f5:e1:5d:ab:03:50:7c:7b:9a:02: 7f:c7:52:86:27:c7:3f:b9:23:37:ac:84:ba:6e:b0: e0:7b:a0:ae:00:6d:61:b0:5d:5c:17:47:82:21:5c: 29:29:c9:a0:bd:6b:5b:15:81:e0:0b:30:5f:7a:24: 31:a5:6f:3b:5b:cb:59:9d:00:7a:33:e7:f8:77:47: c3:99:50:5d:fb:6d:2e:91:ef:5e:75:b2:32:6a:d8: 89:cf:ef:98:ef:a1:08:79:16:57:d7:6f:39:f6:cf: 07:06:c4:f8:42:40:15:a8:cc:27:4e:3e:1e:4e:6d: 4c:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:BB:96:10:EE:CE:82:18:21:A7:E0:A3:E1:F2:AB:5D:48:44:40:88 X509v3 Authority Key Identifier: keyid:2A:56:EC:F0:F1:FF:39:FB:15:15:60:0D:12:0A:34:72:BE:14:B7:32 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Klbs8PH_OfsVFWANEgo0cr4UtzI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 55:31:e7:d6:e9:6e:67:da:0a:41:5c:fe:47:f1:59:2f:9f:70: 98:63:90:40:0b:d5:33:bd:cb:0b:e4:b8:ca:ba:3f:b5:42:3e: c0:84:d6:be:54:d3:2e:a7:8c:04:c0:05:3e:f4:fd:d9:bd:ee: 5c:de:bc:44:64:b6:bf:c8:43:b3:9f:e1:0a:f8:e6:19:e6:c4: dc:c6:d4:74:4e:23:39:f3:af:f1:94:3b:bc:33:4e:c8:be:26: 27:59:67:12:48:15:8b:f2:4f:df:86:b7:ff:94:26:52:49:11: 15:6d:ce:60:ca:bd:fd:99:c8:98:7b:06:d1:9f:a8:4c:b3:ad: ec:44:ca:b8:6d:0e:6e:66:e9:d5:d3:ee:01:88:b6:fa:6d:e9: 1c:51:19:da:16:0c:7a:9b:04:29:ec:bc:5b:13:90:e8:74:94: f8:58:b4:74:67:03:05:f4:79:80:88:65:8f:49:d6:be:ac:31: 37:ac:7b:ee:e1:7e:7a:7b:a5:7f:41:72:f3:aa:69:0c:90:43: 27:30:4e:e3:03:ea:3e:34:95:68:01:83:22:56:59:5e:60:95: 3e:b6:ea:4b:f7:2b:c4:08:05:df:c2:85:91:ed:2e:4a:ad:39: 3b:ff:2a:13:27:ae:51:e9:a5:73:c2:51:ab:b8:95:3a:5c:f7: 73:74:45:2b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICASwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUE0ODUxMTAvBgNVBAUTKDJBNTZFQ0YwRjFGRjM5RkIxNTE1NjAwRDEyMEEzNDcy QkUxNEI3MzIwHhcNMjUwMzI5MDQwMjI3WhcNMjUwNDA1MDQwMjI3WjAYMRYwFAYD VQQDEw02N2U3NzBkNC0zYzlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAttJwbDM7ENePYXyI6uFjx44IAsJIbwQ2o6GP0LzQGc8aCMvoNSZeLMEeY/F3 CWPbkZ4Z6hYPH0EMDkQ6L3dnanoltOSU9P6V5hg6+joA9yWxD+u/VILfl7Dw8BnA IQonEwwPEMdTjLcd1QeQAeb0lozGtNlvBS7L33Chmr8Uv7peVW11txHwI1ne4/Xh XasDUHx7mgJ/x1KGJ8c/uSM3rIS6brDge6CuAG1hsF1cF0eCIVwpKcmgvWtbFYHg CzBfeiQxpW87W8tZnQB6M+f4d0fDmVBd+20uke9edbIyatiJz++Y76EIeRZX1285 9s8HBsT4QkAVqMwnTj4eTm1M+wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGO7lhDu zoIYIafgo+Hyq11IRECIMB8GA1UdIwQYMBaAFCpW7PDx/zn7FRVgDRIKNHK+FLcy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTQ4NS82MkE5Mjg2NjQ3 Q0UxMUVFODZDMjM4NUNDNEY5QUUwMi9LbGJzOFBIX09mc1ZGV0FORWdvMGNyNFV0 ekkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tsYnM4UEhfT2ZzVkZXQU5FZ28wY3I0VXR6SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QTQ4NS82MkE5Mjg2NjQ3Q0UxMUVFODZDMjM4NUNDNEY5QUUwMi9LbGJzOFBIX09m c1ZGV0FORWdvMGNyNFV0ekkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBVMefW6W5n2gpBXP5H8Vkvn3CYY5BAC9UzvcsL5LjKuj+1Qj7AhNa+ VNMup4wEwAU+9P3Zve5c3rxEZLa/yEOzn+EK+OYZ5sTcxtR0TiM586/xlDu8M07I viYnWWcSSBWL8k/fhrf/lCZSSREVbc5gyr39mciYewbRn6hMs63sRMq4bQ5uZunV 0+4BiLb6bekcURnaFgx6mwQp7LxbE5DodJT4WLR0ZwMF9HmAiGWPSda+rDE3rHvu 4X56e6V/QXLzqmkMkEMnME7jA+o+NJVoAYMiVlleYJU+tupL9yvECAXfwoWR7S5K rTk7/yoTJ65R6aVzwlGruJU6XPdzdEUr -----END CERTIFICATE-----Generated at Fri Apr 4 22:06:43 2025 by rpki-client