$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft File: Klbs8PH_OfsVFWANEgo0cr4UtzI.mft (raw, json) Hash identifier: Il4aM1wfSfng044N16TdXDPHyvZANcSXNR8UYXBD3a0= Subject key identifier: 65:20:DF:A4:12:ED:18:7C:F9:EB:A5:D6:11:E7:F1:92:57:FA:C7:E1 Authority key identifier: 2A:56:EC:F0:F1:FF:39:FB:15:15:60:0D:12:0A:34:72:BE:14:B7:32 Certificate issuer: /CN=A91EA485/serialNumber=2A56ECF0F1FF39FB1515600D120A3472BE14B732 Certificate serial: 88 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Klbs8PH_OfsVFWANEgo0cr4UtzI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft Manifest number: 86 Signing time: Wed 15 May 2024 07:13:26 +0000 Manifest this update: Wed 15 May 2024 07:13:26 +0000 Manifest next update: Wed 22 May 2024 07:13:26 +0000 Files and hashes: 1: Klbs8PH_OfsVFWANEgo0cr4UtzI.crl (hash: 00MX7okP8h4Vyif0hhzrp9Q6hfm2FlVcDtB9+0yVYLs=) 2: EF31E31847CE11EEB588375DC4F9AE02.roa (hash: QXH5hAugaFjvEdnEVywy5kmJrtY3XKt8VoVhSSAgxFw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.crl rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Klbs8PH_OfsVFWANEgo0cr4UtzI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 May 2024 07:13:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 136 (0x88) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA485/serialNumber=2A56ECF0F1FF39FB1515600D120A3472BE14B732 Validity Not Before: May 15 07:13:26 2024 GMT Not After : May 22 07:13:26 2024 GMT Subject: CN=66446096-6386 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:b8:fe:35:11:5f:34:5f:c8:5b:54:1c:a4:9e: cb:69:0e:d4:bc:f3:38:b9:30:c7:cd:68:d7:51:cf: 10:09:c4:38:4b:49:0d:4d:c0:3c:35:8a:2c:2c:ba: e1:15:ab:9d:6f:cf:f1:18:e1:5f:ba:ca:e6:ca:95: 6d:ea:14:63:f2:ff:e2:d5:23:4f:4c:c7:ac:62:83: 5b:61:c3:8e:48:21:f6:5d:7c:d2:2a:0c:61:69:73: bb:6f:e7:54:0d:09:13:69:b5:d1:81:6d:64:a3:cf: 9b:32:34:08:9e:99:3f:53:2c:2a:90:45:9c:a8:96: 09:93:ad:7c:8d:6e:ae:7c:e5:00:bd:fd:60:92:c3: f6:de:3e:d4:75:e5:dc:8d:c6:85:e9:93:d0:16:07: 37:2a:51:62:57:96:54:6d:3c:4f:3c:1c:80:92:e2: 4b:3f:bb:c0:10:04:ac:12:2c:a2:7e:7c:be:6f:37: 80:c0:ec:35:f7:67:96:aa:8a:d7:d5:27:6a:eb:3b: d3:b6:14:13:50:96:5e:33:29:1b:65:4b:56:6e:08: 5b:c7:aa:21:34:b2:d9:48:db:de:7d:28:9d:55:e4: eb:4b:82:19:8c:9f:c8:6d:7d:d0:df:2b:bd:f2:bd: 64:f1:b0:46:6f:59:9e:af:1c:50:26:dd:8d:9d:75: ee:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:20:DF:A4:12:ED:18:7C:F9:EB:A5:D6:11:E7:F1:92:57:FA:C7:E1 X509v3 Authority Key Identifier: keyid:2A:56:EC:F0:F1:FF:39:FB:15:15:60:0D:12:0A:34:72:BE:14:B7:32 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Klbs8PH_OfsVFWANEgo0cr4UtzI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 93:20:c3:7a:7a:fb:0e:7c:64:2e:07:97:7f:b4:6e:90:e7:1a: 2a:62:25:7e:04:e0:3d:e2:48:c5:ee:df:4b:c0:d7:7c:45:9d: 01:9e:b0:55:de:b4:03:e6:c6:72:bf:ff:a6:1c:b2:3d:17:24: b2:4a:9b:8d:af:29:7a:ee:e6:b9:6c:4c:28:ea:ab:48:3c:c1: 2a:9f:df:8d:05:e9:70:f9:a8:c6:8d:bc:2c:3b:f0:1f:f5:9c: 77:b1:a6:16:01:c0:47:9a:2f:ce:c2:32:39:8f:32:f6:cb:e5: 51:de:27:51:a9:6a:29:51:02:4e:23:fd:a3:1d:d8:f9:6a:54: b8:dc:7b:ce:3c:66:46:e8:7c:cf:59:26:28:ce:40:fe:28:bb: ac:af:57:cb:cf:be:c7:0e:a9:fc:17:70:a5:33:f2:47:dc:04: ce:bc:b1:1f:5c:65:94:30:7f:f0:f7:9d:ff:8f:15:cd:b6:8f: da:ea:42:2a:af:66:4c:d6:6e:23:fb:71:ef:40:08:3d:12:b5: 06:61:d5:33:0a:a1:85:bb:f9:8d:71:33:a1:ae:cd:34:90:c9: 2b:04:22:d9:a5:1e:58:df:9d:02:a4:0f:83:be:d3:3e:b3:8c: 00:ba:a9:ee:93:91:56:01:78:b3:2c:13:4e:e3:e8:ed:3b:b7: 1a:4c:6c:fc -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAIgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUE0ODUxMTAvBgNVBAUTKDJBNTZFQ0YwRjFGRjM5RkIxNTE1NjAwRDEyMEEzNDcy QkUxNEI3MzIwHhcNMjQwNTE1MDcxMzI2WhcNMjQwNTIyMDcxMzI2WjAYMRYwFAYD VQQDEw02NjQ0NjA5Ni02Mzg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr7j+NRFfNF/IW1QcpJ7LaQ7UvPM4uTDHzWjXUc8QCcQ4S0kNTcA8NYosLLrh Faudb8/xGOFfusrmypVt6hRj8v/i1SNPTMesYoNbYcOOSCH2XXzSKgxhaXO7b+dU DQkTabXRgW1ko8+bMjQInpk/UywqkEWcqJYJk618jW6ufOUAvf1gksP23j7UdeXc jcaF6ZPQFgc3KlFiV5ZUbTxPPByAkuJLP7vAEASsEiyifny+bzeAwOw192eWqorX 1Sdq6zvTthQTUJZeMykbZUtWbghbx6ohNLLZSNvefSidVeTrS4IZjJ/IbX3Q3yu9 8r1k8bBGb1merxxQJt2NnXXujwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGUg36QS 7Rh8+eul1hHn8ZJX+sfhMB8GA1UdIwQYMBaAFCpW7PDx/zn7FRVgDRIKNHK+FLcy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTQ4NS82MkE5Mjg2NjQ3 Q0UxMUVFODZDMjM4NUNDNEY5QUUwMi9LbGJzOFBIX09mc1ZGV0FORWdvMGNyNFV0 ekkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tsYnM4UEhfT2ZzVkZXQU5FZ28wY3I0VXR6SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QTQ4NS82MkE5Mjg2NjQ3Q0UxMUVFODZDMjM4NUNDNEY5QUUwMi9LbGJzOFBIX09m c1ZGV0FORWdvMGNyNFV0ekkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCTIMN6evsOfGQuB5d/tG6Q5xoqYiV+BOA94kjF7t9LwNd8RZ0BnrBV 3rQD5sZyv/+mHLI9FySySpuNryl67ua5bEwo6qtIPMEqn9+NBelw+ajGjbwsO/Af 9Zx3saYWAcBHmi/OwjI5jzL2y+VR3idRqWopUQJOI/2jHdj5alS43HvOPGZG6HzP WSYozkD+KLusr1fLz77HDqn8F3ClM/JH3ATOvLEfXGWUMH/w953/jxXNto/a6kIq r2ZM1m4j+3HvQAg9ErUGYdUzCqGFu/mNcTOhrs00kMkrBCLZpR5Y350CpA+DvtM+ s4wAuqnuk5FWAXizLBNO4+jtO7caTGz8 -----END CERTIFICATE-----Generated at Wed May 15 09:04:46 2024 by rpki-client on console-ams.rpki-client.org