$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft File: Klbs8PH_OfsVFWANEgo0cr4UtzI.mft (raw, json) Hash identifier: 9/EkmKZjY4zDGngEI4iHqIvNj67QLRyd2ae1L5tmSQY= Subject key identifier: 84:35:56:4D:98:4F:BF:E8:D0:DC:D2:C1:89:90:BD:72:93:D7:EF:E0 Authority key identifier: 2A:56:EC:F0:F1:FF:39:FB:15:15:60:0D:12:0A:34:72:BE:14:B7:32 Certificate issuer: /CN=A91EA485/serialNumber=2A56ECF0F1FF39FB1515600D120A3472BE14B732 Certificate serial: 0168 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Klbs8PH_OfsVFWANEgo0cr4UtzI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft Manifest number: 0164 Signing time: Mon 21 Jul 2025 04:02:22 +0000 Manifest this update: Mon 21 Jul 2025 04:02:22 +0000 Manifest next update: Mon 28 Jul 2025 04:02:22 +0000 Files and hashes: 1: Klbs8PH_OfsVFWANEgo0cr4UtzI.crl (hash: U/8UrIxmi9IYw5uIYmTLKRUBJ/NWvOeKUud3edRpj1w=) 2: EF31E31847CE11EEB588375DC4F9AE02.roa (hash: kILGmUlpt7DdHWZSLztcZSmK4D+q9rXXCv0iWxnKi6I=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.crl rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Klbs8PH_OfsVFWANEgo0cr4UtzI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 04:02:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 360 (0x168) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA485, serialNumber=2A56ECF0F1FF39FB1515600D120A3472BE14B732 Validity Not Before: Jul 21 04:02:22 2025 GMT Not After : Jul 28 04:02:22 2025 GMT Subject: CN=687dbbce-1b49 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:b2:29:52:ee:93:34:d7:c8:7f:47:5e:86:33: 9f:5c:16:98:6b:95:41:87:45:c7:41:9f:33:91:df: 75:5d:1c:ef:1f:2d:de:1f:db:8f:8f:47:98:1e:29: 73:04:ce:1c:3a:34:21:6a:dc:35:67:8f:4e:bc:95: ff:a8:7b:04:95:39:d2:1a:06:19:0f:ec:2b:e7:47: db:ee:91:bc:55:ee:84:c1:34:04:09:70:c6:27:a5: 38:50:7b:e3:74:7e:6e:0d:29:7f:14:58:cf:0d:c5: d6:fc:ab:03:aa:ec:5e:31:75:d9:52:1e:58:85:db: 74:81:03:8f:4a:ae:2d:e4:45:45:c1:88:41:c3:12: 2a:5d:c9:68:19:2d:4d:24:d7:d6:1f:7a:7f:2c:f7: 1d:fd:4c:a6:a3:97:e6:18:be:9c:67:bf:61:3e:31: 10:83:a3:23:43:69:9f:d9:1b:fb:3b:a0:b3:35:02: dd:06:8e:ce:8c:34:6b:e8:69:9c:49:0e:21:88:86: 5e:27:aa:ab:29:05:47:f4:f4:4d:cb:94:5c:da:43: d3:fa:94:f6:91:a0:95:6c:7c:1b:86:6f:12:70:d4: da:ab:0a:13:c5:42:bd:92:35:d0:d7:96:13:54:23: b8:c2:17:77:64:51:42:bd:3f:55:fe:60:0e:df:a1: 03:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:35:56:4D:98:4F:BF:E8:D0:DC:D2:C1:89:90:BD:72:93:D7:EF:E0 X509v3 Authority Key Identifier: keyid:2A:56:EC:F0:F1:FF:39:FB:15:15:60:0D:12:0A:34:72:BE:14:B7:32 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Klbs8PH_OfsVFWANEgo0cr4UtzI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 95:6e:77:e5:76:90:af:13:7b:90:ff:6d:90:fb:81:e4:68:86: 7a:3a:21:8f:05:47:df:a5:43:a5:4d:48:e0:ec:8a:fb:d3:d0: f0:fc:93:81:db:81:bf:fc:8f:21:e0:c2:91:89:9c:76:59:c7: cf:aa:e6:87:d9:c0:f1:a7:fa:2e:89:33:51:c2:36:8c:f3:23: 5b:63:52:18:c8:4b:61:46:01:08:d7:40:8e:fc:07:64:b6:51: a6:b6:95:66:b5:07:6f:cf:09:8d:af:d1:b3:a7:5a:d1:64:9f: ff:7d:64:15:0c:7b:bf:06:4c:21:87:90:31:b2:00:19:d7:b7: 6a:d9:4f:2b:99:0d:1f:b3:6c:fb:02:b5:18:45:29:f1:02:db: 3d:5d:00:29:ef:ed:8c:04:c3:18:1f:e3:64:98:dc:2d:01:6d: 16:16:7f:1b:9c:e3:3f:16:b6:1a:59:67:8d:65:d5:f8:d9:e6: 35:a0:98:0a:89:a2:b1:fb:23:90:37:5b:3b:fd:ce:92:f0:28: d6:ff:88:8c:2a:d1:08:00:ef:f3:60:2b:52:ec:82:a2:f1:8d: 29:ad:e7:04:1d:98:60:a5:95:57:f9:52:52:fa:d5:9b:d5:f4: fd:9e:3a:57:42:06:36:0b:94:49:f1:99:38:30:17:d9:e5:e0: bf:ce:16:48 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAWgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUE0ODUxMTAvBgNVBAUTKDJBNTZFQ0YwRjFGRjM5RkIxNTE1NjAwRDEyMEEzNDcy QkUxNEI3MzIwHhcNMjUwNzIxMDQwMjIyWhcNMjUwNzI4MDQwMjIyWjAYMRYwFAYD VQQDEw02ODdkYmJjZS0xYjQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuLIpUu6TNNfIf0dehjOfXBaYa5VBh0XHQZ8zkd91XRzvHy3eH9uPj0eYHilz BM4cOjQhatw1Z49OvJX/qHsElTnSGgYZD+wr50fb7pG8Ve6EwTQECXDGJ6U4UHvj dH5uDSl/FFjPDcXW/KsDquxeMXXZUh5Yhdt0gQOPSq4t5EVFwYhBwxIqXcloGS1N JNfWH3p/LPcd/Uymo5fmGL6cZ79hPjEQg6MjQ2mf2Rv7O6CzNQLdBo7OjDRr6Gmc SQ4hiIZeJ6qrKQVH9PRNy5Rc2kPT+pT2kaCVbHwbhm8ScNTaqwoTxUK9kjXQ15YT VCO4whd3ZFFCvT9V/mAO36EDSwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIQ1Vk2Y T7/o0NzSwYmQvXKT1+/gMB8GA1UdIwQYMBaAFCpW7PDx/zn7FRVgDRIKNHK+FLcy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTQ4NS82MkE5Mjg2NjQ3 Q0UxMUVFODZDMjM4NUNDNEY5QUUwMi9LbGJzOFBIX09mc1ZGV0FORWdvMGNyNFV0 ekkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tsYnM4UEhfT2ZzVkZXQU5FZ28wY3I0VXR6SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QTQ4NS82MkE5Mjg2NjQ3Q0UxMUVFODZDMjM4NUNDNEY5QUUwMi9LbGJzOFBIX09m c1ZGV0FORWdvMGNyNFV0ekkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCVbnfldpCvE3uQ/22Q+4HkaIZ6OiGPBUffpUOlTUjg7Ir709Dw/JOB 24G//I8h4MKRiZx2WcfPquaH2cDxp/ouiTNRwjaM8yNbY1IYyEthRgEI10CO/Adk tlGmtpVmtQdvzwmNr9Gzp1rRZJ//fWQVDHu/Bkwhh5AxsgAZ17dq2U8rmQ0fs2z7 ArUYRSnxAts9XQAp7+2MBMMYH+NkmNwtAW0WFn8bnOM/FrYaWWeNZdX42eY1oJgK iaKx+yOQN1s7/c6S8CjW/4iMKtEIAO/zYCtS7IKi8Y0precEHZhgpZVX+VJS+tWb 1fT9njpXQgY2C5RJ8Zk4MBfZ5eC/zhZI -----END CERTIFICATE-----Generated at Wed Jul 23 02:41:36 2025 by rpki-client