$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft File: Klbs8PH_OfsVFWANEgo0cr4UtzI.mft (raw, json) Hash identifier: PjH8oQk8r7mbzRi7ii6FE8Cugkvt8GqxfS8Cx1kBHZQ= Subject key identifier: 17:D1:43:4B:64:27:09:27:61:F8:1E:B1:7E:7D:41:0A:0A:82:0C:0D Authority key identifier: 2A:56:EC:F0:F1:FF:39:FB:15:15:60:0D:12:0A:34:72:BE:14:B7:32 Certificate issuer: /CN=A91EA485/serialNumber=2A56ECF0F1FF39FB1515600D120A3472BE14B732 Certificate serial: 019D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Klbs8PH_OfsVFWANEgo0cr4UtzI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft Manifest number: 0199 Signing time: Mon 03 Nov 2025 03:23:28 +0000 Manifest this update: Mon 03 Nov 2025 03:23:28 +0000 Manifest next update: Mon 10 Nov 2025 03:23:28 +0000 Files and hashes: 1: Klbs8PH_OfsVFWANEgo0cr4UtzI.crl (hash: Z3lAJ3aD31Tm2xtlGH/s9WxMkdofieSiMH5alh2k5As=) 2: EF31E31847CE11EEB588375DC4F9AE02.roa (hash: kILGmUlpt7DdHWZSLztcZSmK4D+q9rXXCv0iWxnKi6I=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.crl rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Klbs8PH_OfsVFWANEgo0cr4UtzI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 03:23:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 413 (0x19d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA485, serialNumber=2A56ECF0F1FF39FB1515600D120A3472BE14B732 Validity Not Before: Nov 3 03:23:28 2025 GMT Not After : Nov 10 03:23:28 2025 GMT Subject: CN=69082030-97d5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:ac:60:10:27:10:a6:80:ad:89:14:ed:d8:de: d0:29:0a:68:5f:9a:52:fe:b6:62:a9:ad:d2:ca:29: a4:68:28:7e:d4:62:57:d8:51:e2:3a:55:39:84:a0: c9:8e:55:48:19:f4:e8:a1:a3:30:9a:e1:27:9c:7b: 12:94:ab:43:a2:89:d3:34:ef:27:86:b6:73:c3:b0: bb:f3:b9:86:c6:74:cb:49:03:fa:e0:76:0f:a5:3c: b0:c6:13:60:41:b5:54:7c:49:c3:c6:80:5b:39:9c: 83:cc:d0:f4:56:35:d8:30:d4:b0:24:3c:18:3a:33: 2c:46:fe:04:ba:78:0f:8c:63:92:fd:ab:6b:00:2b: 2b:91:b3:dd:19:dc:44:15:2e:ae:ab:e7:0a:1b:12: 60:ec:ba:53:33:ce:10:32:d0:22:1c:1f:95:2a:7b: a8:d0:13:5a:56:fb:8c:04:22:c6:50:4b:81:92:9d: 53:e0:cc:7f:e6:af:06:59:61:34:1e:0c:f0:de:81: 17:41:f2:d7:05:ae:25:aa:45:53:a6:86:73:cd:eb: e8:f8:78:46:17:11:b3:73:3c:11:67:72:d9:af:2e: 59:b5:7d:9d:93:a0:a6:a8:28:2f:3d:ea:88:3f:1e: c4:52:fc:e2:07:3c:11:27:e8:fe:56:51:2d:d5:8b: 6d:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:D1:43:4B:64:27:09:27:61:F8:1E:B1:7E:7D:41:0A:0A:82:0C:0D X509v3 Authority Key Identifier: keyid:2A:56:EC:F0:F1:FF:39:FB:15:15:60:0D:12:0A:34:72:BE:14:B7:32 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Klbs8PH_OfsVFWANEgo0cr4UtzI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 50:0f:ac:39:55:53:4e:94:6e:f0:d3:42:d5:69:92:f0:e6:5d: 3d:f3:87:85:be:4b:b2:51:09:37:7c:62:a9:87:82:c4:1a:24: 1e:10:db:5d:62:36:89:a5:36:f4:62:c6:64:ab:2d:43:b4:73: d4:c6:6b:72:af:0b:e5:5e:c1:38:b1:25:56:ce:fb:24:e7:89: 37:85:53:6d:84:0b:c4:94:49:e6:21:f1:73:a8:5c:42:d1:33: 60:1e:d0:2b:aa:a2:b9:44:df:1a:42:d9:57:af:29:91:78:14: 3f:9f:11:eb:4c:bd:63:e4:5f:9f:3a:6a:a1:11:ee:93:02:52: 29:14:d1:de:4b:5c:69:3b:27:a2:6d:b9:f1:e3:2a:0d:3d:0a: 52:a3:9e:95:0e:69:89:17:e8:ff:c5:1b:40:01:8a:62:3d:1d: b3:c7:6e:04:f5:28:99:82:07:4c:96:ae:04:32:70:6a:88:30: a1:1e:14:23:33:c5:2c:d5:77:56:aa:08:81:da:4b:47:7d:17: 7d:df:47:73:4a:47:25:c8:09:a9:73:79:6b:aa:f4:87:65:62: f0:47:04:3a:1d:85:9f:93:1f:17:c1:52:93:48:57:ae:75:7a: 0e:86:3f:7f:63:55:ce:ef:2c:36:e6:11:15:39:60:47:d6:dc: d6:47:28:5b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAZ0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUE0ODUxMTAvBgNVBAUTKDJBNTZFQ0YwRjFGRjM5RkIxNTE1NjAwRDEyMEEzNDcy QkUxNEI3MzIwHhcNMjUxMTAzMDMyMzI4WhcNMjUxMTEwMDMyMzI4WjAYMRYwFAYD VQQDEw02OTA4MjAzMC05N2Q1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxqxgECcQpoCtiRTt2N7QKQpoX5pS/rZiqa3SyimkaCh+1GJX2FHiOlU5hKDJ jlVIGfTooaMwmuEnnHsSlKtDoonTNO8nhrZzw7C787mGxnTLSQP64HYPpTywxhNg QbVUfEnDxoBbOZyDzND0VjXYMNSwJDwYOjMsRv4EungPjGOS/atrACsrkbPdGdxE FS6uq+cKGxJg7LpTM84QMtAiHB+VKnuo0BNaVvuMBCLGUEuBkp1T4Mx/5q8GWWE0 Hgzw3oEXQfLXBa4lqkVTpoZzzevo+HhGFxGzczwRZ3LZry5ZtX2dk6CmqCgvPeqI Px7EUvziBzwRJ+j+VlEt1Ytt8wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBfRQ0tk JwknYfgesX59QQoKggwNMB8GA1UdIwQYMBaAFCpW7PDx/zn7FRVgDRIKNHK+FLcy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTQ4NS82MkE5Mjg2NjQ3 Q0UxMUVFODZDMjM4NUNDNEY5QUUwMi9LbGJzOFBIX09mc1ZGV0FORWdvMGNyNFV0 ekkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tsYnM4UEhfT2ZzVkZXQU5FZ28wY3I0VXR6SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QTQ4NS82MkE5Mjg2NjQ3Q0UxMUVFODZDMjM4NUNDNEY5QUUwMi9LbGJzOFBIX09m c1ZGV0FORWdvMGNyNFV0ekkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBQD6w5VVNOlG7w00LVaZLw5l0984eFvkuyUQk3fGKph4LEGiQeENtd YjaJpTb0YsZkqy1DtHPUxmtyrwvlXsE4sSVWzvsk54k3hVNthAvElEnmIfFzqFxC 0TNgHtArqqK5RN8aQtlXrymReBQ/nxHrTL1j5F+fOmqhEe6TAlIpFNHeS1xpOyei bbnx4yoNPQpSo56VDmmJF+j/xRtAAYpiPR2zx24E9SiZggdMlq4EMnBqiDChHhQj M8Us1XdWqgiB2ktHfRd930dzSkclyAmpc3lrqvSHZWLwRwQ6HYWfkx8XwVKTSFeu dXoOhj9/Y1XO7yw25hEVOWBH1tzWRyhb -----END CERTIFICATE-----Generated at Tue Nov 4 01:10:07 2025 by rpki-client