$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft File: Klbs8PH_OfsVFWANEgo0cr4UtzI.mft (raw, json) Hash identifier: j69I88YaGccv0Uv/0/czuJGe3hdfI0Tkw0QkMbu0Oyk= Subject key identifier: 88:4E:09:C5:1C:76:7C:17:66:30:17:A4:A3:13:39:E9:A3:58:2C:C9 Authority key identifier: 2A:56:EC:F0:F1:FF:39:FB:15:15:60:0D:12:0A:34:72:BE:14:B7:32 Certificate issuer: /CN=A91EA485/serialNumber=2A56ECF0F1FF39FB1515600D120A3472BE14B732 Certificate serial: 014B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Klbs8PH_OfsVFWANEgo0cr4UtzI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft Manifest number: 0148 Signing time: Sat 31 May 2025 03:54:56 +0000 Manifest this update: Sat 31 May 2025 03:54:56 +0000 Manifest next update: Sat 07 Jun 2025 03:54:56 +0000 Files and hashes: 1: Klbs8PH_OfsVFWANEgo0cr4UtzI.crl (hash: K+o2dpEnnieRmnmjkG9TyIBoMlGvuZigH9rjuBNkHQo=) 2: EF31E31847CE11EEB588375DC4F9AE02.roa (hash: D2jnJ061deT1FgcnPcnAa54o8jUyuQQ7FJDAZ8ZL8D4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.crl rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Klbs8PH_OfsVFWANEgo0cr4UtzI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 03:54:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 331 (0x14b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA485, serialNumber=2A56ECF0F1FF39FB1515600D120A3472BE14B732 Validity Not Before: May 31 03:54:56 2025 GMT Not After : Jun 7 03:54:56 2025 GMT Subject: CN=683a7d90-a8fb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:be:57:17:99:e8:79:f2:fd:ad:84:8e:af:b3: 65:6c:38:31:92:35:0d:0e:12:7c:4b:14:20:b9:7a: 98:e7:e2:88:f4:59:24:2b:7c:7b:73:68:e2:12:11: b6:c0:86:65:48:13:8f:82:2c:3d:fe:7b:eb:9c:42: 4d:ba:86:be:23:08:47:65:96:f0:8d:17:6a:08:f5: d7:67:85:df:e8:4a:52:9f:4b:2b:db:83:ff:d4:66: d8:23:6a:6a:52:0e:87:8b:52:51:6f:39:76:ec:ae: bb:ab:b2:0d:5a:9f:2a:e6:0f:eb:ee:19:af:6a:41: 78:f9:ef:e4:13:55:a9:70:5a:23:21:c9:1d:7c:41: 9f:a9:46:1c:7b:0b:8e:0c:57:49:52:a5:df:f6:67: eb:a2:75:43:eb:c7:4d:4b:db:08:2f:00:a1:b6:53: 4f:44:e2:6d:b4:9c:19:70:23:e2:6c:f1:f0:ad:09: 8c:0a:07:ab:8a:67:35:a2:03:e1:33:aa:87:72:cc: cd:63:bc:e9:3f:9c:52:39:a5:81:bd:db:a5:57:ca: bd:56:7a:04:b7:8f:2a:8a:25:c4:f9:73:63:04:7c: d8:8c:98:00:ed:a6:c0:75:62:f2:e8:19:a6:9d:5c: db:3c:99:83:46:cd:58:e6:13:6b:0d:54:d0:72:ef: 63:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:4E:09:C5:1C:76:7C:17:66:30:17:A4:A3:13:39:E9:A3:58:2C:C9 X509v3 Authority Key Identifier: keyid:2A:56:EC:F0:F1:FF:39:FB:15:15:60:0D:12:0A:34:72:BE:14:B7:32 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Klbs8PH_OfsVFWANEgo0cr4UtzI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9b:aa:64:f2:b7:ec:6c:c5:3a:12:03:bf:5e:e7:7a:a1:50:4c: b3:27:a7:cf:06:a3:d4:23:3f:31:c3:00:3c:07:1f:4a:77:70: cf:68:87:77:96:ca:80:60:5c:de:53:fe:d2:a2:ed:52:97:6c: 64:c6:74:63:8f:58:55:37:08:29:96:e4:01:9f:17:8f:f9:2e: bb:df:ef:77:c6:af:aa:06:98:e1:70:26:8a:3f:9a:16:0a:a7: 49:83:dc:b8:8b:7d:8c:0f:bd:23:ef:c1:6f:18:b4:2c:54:bb: 75:b5:68:e9:1a:b1:8d:17:8c:bf:f6:d0:74:aa:b2:8e:0c:0f: f1:39:18:6c:ce:51:33:66:31:e5:b6:41:99:97:88:5b:6f:cf: ec:1a:2e:58:72:3e:3b:87:da:3c:5f:ae:05:76:7f:17:81:7c: d9:50:17:a1:c4:bb:1f:98:6e:b3:be:54:d7:f8:7d:c6:38:09: c2:a9:16:90:2e:93:f2:8c:61:26:91:7f:91:bb:a9:db:35:00: 42:ad:8b:ea:b1:3a:bc:32:26:1f:f6:55:d1:f6:1b:b5:f8:a1: 79:75:57:48:50:38:93:7d:81:37:67:1b:22:fb:9a:17:82:99: d8:6b:27:9c:69:e7:6e:1b:2b:e0:69:34:8f:93:86:8f:f1:60: 71:41:dc:7c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAUswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUE0ODUxMTAvBgNVBAUTKDJBNTZFQ0YwRjFGRjM5RkIxNTE1NjAwRDEyMEEzNDcy QkUxNEI3MzIwHhcNMjUwNTMxMDM1NDU2WhcNMjUwNjA3MDM1NDU2WjAYMRYwFAYD VQQDEw02ODNhN2Q5MC1hOGZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8r5XF5noefL9rYSOr7NlbDgxkjUNDhJ8SxQguXqY5+KI9FkkK3x7c2jiEhG2 wIZlSBOPgiw9/nvrnEJNuoa+IwhHZZbwjRdqCPXXZ4Xf6EpSn0sr24P/1GbYI2pq Ug6Hi1JRbzl27K67q7INWp8q5g/r7hmvakF4+e/kE1WpcFojIckdfEGfqUYcewuO DFdJUqXf9mfronVD68dNS9sILwChtlNPROJttJwZcCPibPHwrQmMCgerimc1ogPh M6qHcszNY7zpP5xSOaWBvdulV8q9VnoEt48qiiXE+XNjBHzYjJgA7abAdWLy6Bmm nVzbPJmDRs1Y5hNrDVTQcu9jCQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIhOCcUc dnwXZjAXpKMTOemjWCzJMB8GA1UdIwQYMBaAFCpW7PDx/zn7FRVgDRIKNHK+FLcy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTQ4NS82MkE5Mjg2NjQ3 Q0UxMUVFODZDMjM4NUNDNEY5QUUwMi9LbGJzOFBIX09mc1ZGV0FORWdvMGNyNFV0 ekkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tsYnM4UEhfT2ZzVkZXQU5FZ28wY3I0VXR6SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QTQ4NS82MkE5Mjg2NjQ3Q0UxMUVFODZDMjM4NUNDNEY5QUUwMi9LbGJzOFBIX09m c1ZGV0FORWdvMGNyNFV0ekkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCbqmTyt+xsxToSA79e53qhUEyzJ6fPBqPUIz8xwwA8Bx9Kd3DPaId3 lsqAYFzeU/7Sou1Sl2xkxnRjj1hVNwgpluQBnxeP+S673+93xq+qBpjhcCaKP5oW CqdJg9y4i32MD70j78FvGLQsVLt1tWjpGrGNF4y/9tB0qrKODA/xORhszlEzZjHl tkGZl4hbb8/sGi5Ycj47h9o8X64Fdn8XgXzZUBehxLsfmG6zvlTX+H3GOAnCqRaQ LpPyjGEmkX+Ru6nbNQBCrYvqsTq8MiYf9lXR9hu1+KF5dVdIUDiTfYE3Zxsi+5oX gpnYayecaeduGyvgaTSPk4aP8WBxQdx8 -----END CERTIFICATE-----Generated at Sat May 31 15:49:59 2025 by rpki-client