$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft File: Klbs8PH_OfsVFWANEgo0cr4UtzI.mft (raw, json) Hash identifier: p3zDH6jvyKKhOzY8QAgZsNQ4DG34cw/DPBdG6DEuwL8= Subject key identifier: EA:73:27:ED:B1:9C:2D:9F:82:38:72:14:EA:16:93:A6:22:95:15:BB Authority key identifier: 2A:56:EC:F0:F1:FF:39:FB:15:15:60:0D:12:0A:34:72:BE:14:B7:32 Certificate issuer: /CN=A91EA485/serialNumber=2A56ECF0F1FF39FB1515600D120A3472BE14B732 Certificate serial: 8A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Klbs8PH_OfsVFWANEgo0cr4UtzI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft Manifest number: 88 Signing time: Sun 19 May 2024 07:06:34 +0000 Manifest this update: Sun 19 May 2024 07:06:33 +0000 Manifest next update: Sun 26 May 2024 07:06:33 +0000 Files and hashes: 1: Klbs8PH_OfsVFWANEgo0cr4UtzI.crl (hash: ONcTyalBxpUSVFyYPZbvnXN8mAnCzV/4NNlHLaQx+Mw=) 2: EF31E31847CE11EEB588375DC4F9AE02.roa (hash: QXH5hAugaFjvEdnEVywy5kmJrtY3XKt8VoVhSSAgxFw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.crl rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Klbs8PH_OfsVFWANEgo0cr4UtzI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 May 2024 02:50:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 138 (0x8a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA485/serialNumber=2A56ECF0F1FF39FB1515600D120A3472BE14B732 Validity Not Before: May 19 07:06:33 2024 GMT Not After : May 26 07:06:33 2024 GMT Subject: CN=6649a4fa-c9a1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:ad:ee:26:13:08:09:7b:5c:d3:2e:fd:da:19: 73:29:b1:13:3e:a6:ee:90:33:d0:6a:7c:65:e3:d6: 63:06:de:9c:88:f5:32:53:4d:03:be:95:19:aa:77: d1:ac:5b:8c:9b:3f:82:43:70:a5:b6:9a:4f:b9:d8: 25:b3:e9:e4:50:22:a4:35:31:00:8e:2c:10:60:2e: 5a:34:7b:3f:0e:37:89:41:be:6b:e4:ac:f0:8a:8a: 7e:88:bc:f8:66:96:39:16:f9:d4:00:3b:26:6e:e9: 47:a0:38:3b:5d:ca:eb:7f:84:1a:13:cd:b1:d1:c3: 89:65:23:fe:88:df:d5:4f:93:c5:67:af:e8:20:ad: 53:da:37:37:2c:fe:09:0d:2e:69:10:d8:1a:29:85: a8:b9:1a:7d:83:ec:e6:da:71:7c:20:33:7d:ae:61: ea:2d:ce:8d:2c:65:58:2d:bc:65:3c:27:81:b2:b6: 31:7f:59:17:21:ab:ab:42:21:0d:16:55:d2:3a:45: 92:7d:43:c8:b0:30:35:87:70:5a:2e:49:ec:2b:f5: b5:5f:2e:2b:98:30:6b:f6:5d:ed:30:16:2b:85:1f: 4e:6f:94:f6:cb:2d:66:54:f3:33:e6:6b:a8:52:91: 0a:8f:4a:72:6f:27:2f:4d:85:87:ec:91:c7:74:1d: bc:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:73:27:ED:B1:9C:2D:9F:82:38:72:14:EA:16:93:A6:22:95:15:BB X509v3 Authority Key Identifier: keyid:2A:56:EC:F0:F1:FF:39:FB:15:15:60:0D:12:0A:34:72:BE:14:B7:32 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Klbs8PH_OfsVFWANEgo0cr4UtzI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 65:93:f6:c9:5f:83:b0:d1:45:b6:ce:fd:62:39:82:30:37:ab: af:15:f9:63:74:d4:1c:3a:b2:e7:be:6b:e8:5b:98:c2:42:6f: 9d:5b:57:ce:aa:5c:5b:64:a1:01:1f:2c:55:1d:05:d0:d5:6f: 9c:ee:43:a9:c8:f2:a5:d5:dc:eb:f8:0b:2d:9e:dd:68:71:08: aa:08:2a:6c:62:aa:69:af:e5:61:9a:c6:27:30:81:47:ac:b7: cc:83:2f:2c:a1:a4:f7:14:12:73:09:6a:b9:24:78:20:17:2e: 35:0b:1c:b9:b0:d0:03:fb:57:28:9e:6d:0a:43:82:e1:04:cc: a2:6a:8c:8e:e1:3b:5e:da:43:aa:00:28:60:f3:1b:fc:db:92: e3:fc:53:48:d3:71:5c:0a:82:b9:a7:df:c4:bd:cc:81:70:8b: 7f:c7:3b:26:a8:8d:e8:10:5a:62:da:ab:ff:c8:a6:5a:f5:8a: e0:45:3f:5e:4c:90:e9:d8:0f:ce:da:95:92:4b:d9:ae:07:ba: c7:55:45:2c:fa:59:d3:f1:d5:a2:52:68:4b:47:dc:dc:a5:0e: fc:30:65:6f:a2:b2:5d:3d:17:3b:d6:9d:ca:2b:84:58:64:29: f3:4c:1b:51:fe:05:c7:f4:0e:6a:8b:67:25:3d:ec:0c:bc:5f: f3:c9:ef:59 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAIowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUE0ODUxMTAvBgNVBAUTKDJBNTZFQ0YwRjFGRjM5RkIxNTE1NjAwRDEyMEEzNDcy QkUxNEI3MzIwHhcNMjQwNTE5MDcwNjMzWhcNMjQwNTI2MDcwNjMzWjAYMRYwFAYD VQQDEw02NjQ5YTRmYS1jOWExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA663uJhMICXtc0y792hlzKbETPqbukDPQanxl49ZjBt6ciPUyU00DvpUZqnfR rFuMmz+CQ3CltppPudgls+nkUCKkNTEAjiwQYC5aNHs/DjeJQb5r5Kzwiop+iLz4 ZpY5FvnUADsmbulHoDg7Xcrrf4QaE82x0cOJZSP+iN/VT5PFZ6/oIK1T2jc3LP4J DS5pENgaKYWouRp9g+zm2nF8IDN9rmHqLc6NLGVYLbxlPCeBsrYxf1kXIaurQiEN FlXSOkWSfUPIsDA1h3BaLknsK/W1Xy4rmDBr9l3tMBYrhR9Ob5T2yy1mVPMz5muo UpEKj0pybycvTYWH7JHHdB28FQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOpzJ+2x nC2fgjhyFOoWk6YilRW7MB8GA1UdIwQYMBaAFCpW7PDx/zn7FRVgDRIKNHK+FLcy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTQ4NS82MkE5Mjg2NjQ3 Q0UxMUVFODZDMjM4NUNDNEY5QUUwMi9LbGJzOFBIX09mc1ZGV0FORWdvMGNyNFV0 ekkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tsYnM4UEhfT2ZzVkZXQU5FZ28wY3I0VXR6SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QTQ4NS82MkE5Mjg2NjQ3Q0UxMUVFODZDMjM4NUNDNEY5QUUwMi9LbGJzOFBIX09m c1ZGV0FORWdvMGNyNFV0ekkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBlk/bJX4Ow0UW2zv1iOYIwN6uvFfljdNQcOrLnvmvoW5jCQm+dW1fO qlxbZKEBHyxVHQXQ1W+c7kOpyPKl1dzr+Astnt1ocQiqCCpsYqppr+VhmsYnMIFH rLfMgy8soaT3FBJzCWq5JHggFy41Cxy5sNAD+1conm0KQ4LhBMyiaoyO4Tte2kOq AChg8xv825Lj/FNI03FcCoK5p9/EvcyBcIt/xzsmqI3oEFpi2qv/yKZa9YrgRT9e TJDp2A/O2pWSS9muB7rHVUUs+lnT8dWiUmhLR9zcpQ78MGVvorJdPRc71p3KK4RY ZCnzTBtR/gXH9A5qi2clPewMvF/zye9Z -----END CERTIFICATE-----Generated at Sun May 19 08:25:11 2024 by rpki-client on console-ams.rpki-client.org