$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft File: Klbs8PH_OfsVFWANEgo0cr4UtzI.mft (raw, json) Hash identifier: iuk9xZB9mwL9Feq280IZ1dTHlTksqmm4EmpEndfPWHw= Subject key identifier: 92:B7:A6:F6:A3:68:87:FE:14:99:32:B2:21:90:02:22:65:17:C6:E7 Authority key identifier: 2A:56:EC:F0:F1:FF:39:FB:15:15:60:0D:12:0A:34:72:BE:14:B7:32 Certificate issuer: /CN=A91EA485/serialNumber=2A56ECF0F1FF39FB1515600D120A3472BE14B732 Certificate serial: 0185 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Klbs8PH_OfsVFWANEgo0cr4UtzI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft Manifest number: 0181 Signing time: Mon 15 Sep 2025 03:59:28 +0000 Manifest this update: Mon 15 Sep 2025 03:59:27 +0000 Manifest next update: Mon 22 Sep 2025 03:59:27 +0000 Files and hashes: 1: Klbs8PH_OfsVFWANEgo0cr4UtzI.crl (hash: qGthU/LqbtqK9kMv5cViVhBmeoYedpSUFiEGEZxu8WM=) 2: EF31E31847CE11EEB588375DC4F9AE02.roa (hash: kILGmUlpt7DdHWZSLztcZSmK4D+q9rXXCv0iWxnKi6I=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.crl rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Klbs8PH_OfsVFWANEgo0cr4UtzI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 22 Sep 2025 03:59:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 389 (0x185) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA485, serialNumber=2A56ECF0F1FF39FB1515600D120A3472BE14B732 Validity Not Before: Sep 15 03:59:27 2025 GMT Not After : Sep 22 03:59:27 2025 GMT Subject: CN=68c78f20-6d93 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:e4:9c:d9:33:72:d9:3b:98:2d:d2:d5:cc:9d: 3e:dd:61:70:06:ed:ae:4b:5c:60:76:b7:b1:e6:10: 4c:a4:e0:c9:4f:85:b3:01:fa:de:21:5f:88:2f:b5: 34:d1:99:12:fd:ba:66:f4:7a:be:35:c0:63:6a:0a: 8e:f9:db:5d:a0:ec:2c:bf:b9:0e:3a:74:99:94:51: 46:bf:79:93:7e:59:67:b1:31:77:02:4e:92:d3:96: e8:39:e5:35:23:04:ba:9c:35:2f:58:4a:31:e9:c8: 8d:a9:18:62:74:f8:2e:60:75:84:dd:35:eb:a7:98: 04:24:1a:76:c7:1f:30:2b:a8:16:0a:d8:be:86:87: 57:c0:cd:e3:54:81:a6:cb:73:50:42:9c:0f:11:56: a1:96:43:03:38:e3:94:5e:e1:2e:0c:4e:ee:e4:d1: a8:c4:08:81:31:3b:37:1b:30:bb:46:45:10:c2:96: e1:ad:cc:76:91:d9:14:86:f2:74:d9:de:de:b7:c7: 74:28:6e:aa:7d:54:8a:ab:6c:30:1d:ae:fc:d9:a2: 06:01:b5:1e:69:2b:6f:5d:31:d1:20:75:a7:c9:63: 75:1b:a7:13:f6:10:f6:39:7f:af:27:b9:a0:b8:39: 0b:34:c5:b9:37:56:06:19:c8:25:c9:42:a2:42:a7: ae:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:B7:A6:F6:A3:68:87:FE:14:99:32:B2:21:90:02:22:65:17:C6:E7 X509v3 Authority Key Identifier: keyid:2A:56:EC:F0:F1:FF:39:FB:15:15:60:0D:12:0A:34:72:BE:14:B7:32 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Klbs8PH_OfsVFWANEgo0cr4UtzI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 72:15:f1:a1:c3:bf:dd:3a:72:29:47:02:2d:c6:6c:c9:38:3d: 65:0f:c7:8e:ce:5b:9e:8b:70:c2:8d:aa:6c:aa:b9:b7:4f:75: 5e:55:31:75:87:09:e7:89:60:79:72:b3:06:83:78:3f:81:6c: 8f:57:df:29:74:e5:14:84:38:13:fd:a8:b7:70:67:9f:67:4b: 67:b6:3e:26:9a:13:32:39:0f:64:a1:67:aa:8a:62:54:b9:ee: 30:99:02:19:4f:43:28:d4:4b:55:38:0f:8a:ed:30:cb:07:12: 02:06:3e:0e:c6:c5:45:f7:7f:dc:18:38:df:d0:45:2c:96:f6: b6:7d:f4:f6:e0:a7:2e:52:96:ce:ba:22:b1:b4:76:9d:d2:b1: b5:78:d6:8f:ac:98:2f:fb:44:73:70:52:5d:6e:47:e2:18:1b: 01:aa:4f:58:43:a1:3f:c4:87:2a:8a:05:21:2c:ee:df:be:db: 37:2f:65:66:d1:00:57:0d:3b:eb:d8:46:b3:f4:55:d8:72:c0: 2c:3f:29:53:d5:49:39:bd:1c:91:18:a1:02:43:bf:f9:48:6a: 6b:86:e5:4d:88:6c:1a:77:0a:d2:8d:f0:9d:7c:20:09:e3:79: ec:3a:11:e8:94:88:d5:63:1f:79:6c:28:78:16:0e:23:0e:ba: dc:c5:53:18 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAYUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUE0ODUxMTAvBgNVBAUTKDJBNTZFQ0YwRjFGRjM5RkIxNTE1NjAwRDEyMEEzNDcy QkUxNEI3MzIwHhcNMjUwOTE1MDM1OTI3WhcNMjUwOTIyMDM1OTI3WjAYMRYwFAYD VQQDEw02OGM3OGYyMC02ZDkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4+Sc2TNy2TuYLdLVzJ0+3WFwBu2uS1xgdrex5hBMpODJT4WzAfreIV+IL7U0 0ZkS/bpm9Hq+NcBjagqO+dtdoOwsv7kOOnSZlFFGv3mTfllnsTF3Ak6S05boOeU1 IwS6nDUvWEox6ciNqRhidPguYHWE3TXrp5gEJBp2xx8wK6gWCti+hodXwM3jVIGm y3NQQpwPEVahlkMDOOOUXuEuDE7u5NGoxAiBMTs3GzC7RkUQwpbhrcx2kdkUhvJ0 2d7et8d0KG6qfVSKq2wwHa782aIGAbUeaStvXTHRIHWnyWN1G6cT9hD2OX+vJ7mg uDkLNMW5N1YGGcglyUKiQqeu+wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJK3pvaj aIf+FJkysiGQAiJlF8bnMB8GA1UdIwQYMBaAFCpW7PDx/zn7FRVgDRIKNHK+FLcy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTQ4NS82MkE5Mjg2NjQ3 Q0UxMUVFODZDMjM4NUNDNEY5QUUwMi9LbGJzOFBIX09mc1ZGV0FORWdvMGNyNFV0 ekkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tsYnM4UEhfT2ZzVkZXQU5FZ28wY3I0VXR6SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QTQ4NS82MkE5Mjg2NjQ3Q0UxMUVFODZDMjM4NUNDNEY5QUUwMi9LbGJzOFBIX09m c1ZGV0FORWdvMGNyNFV0ekkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQByFfGhw7/dOnIpRwItxmzJOD1lD8eOzluei3DCjapsqrm3T3VeVTF1 hwnniWB5crMGg3g/gWyPV98pdOUUhDgT/ai3cGefZ0tntj4mmhMyOQ9koWeqimJU ue4wmQIZT0Mo1EtVOA+K7TDLBxICBj4OxsVF93/cGDjf0EUslva2ffT24KcuUpbO uiKxtHad0rG1eNaPrJgv+0RzcFJdbkfiGBsBqk9YQ6E/xIcqigUhLO7fvts3L2Vm 0QBXDTvr2Eaz9FXYcsAsPylT1Uk5vRyRGKECQ7/5SGprhuVNiGwadwrSjfCdfCAJ 43nsOhHolIjVYx95bCh4Fg4jDrrcxVMY -----END CERTIFICATE-----Generated at Mon Sep 15 12:10:57 2025 by rpki-client