$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft File: Klbs8PH_OfsVFWANEgo0cr4UtzI.mft (raw, json) Hash identifier: LP1ggjqyImzS4di2S0yAlDLhseddJbK72pznvunWG2o= Subject key identifier: 9D:6B:98:0A:BD:39:D3:47:F7:DB:66:83:D5:F2:71:86:77:80:DB:C9 Authority key identifier: 2A:56:EC:F0:F1:FF:39:FB:15:15:60:0D:12:0A:34:72:BE:14:B7:32 Certificate issuer: /CN=A91EA485/serialNumber=2A56ECF0F1FF39FB1515600D120A3472BE14B732 Certificate serial: 015F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Klbs8PH_OfsVFWANEgo0cr4UtzI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft Manifest number: 015B Signing time: Thu 03 Jul 2025 04:09:52 +0000 Manifest this update: Thu 03 Jul 2025 04:09:51 +0000 Manifest next update: Thu 10 Jul 2025 04:09:51 +0000 Files and hashes: 1: Klbs8PH_OfsVFWANEgo0cr4UtzI.crl (hash: +SXTF8pMyJw12ihRQmkBhHWcTijXkkD3a9wMKqx9W4M=) 2: EF31E31847CE11EEB588375DC4F9AE02.roa (hash: kILGmUlpt7DdHWZSLztcZSmK4D+q9rXXCv0iWxnKi6I=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.crl rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Klbs8PH_OfsVFWANEgo0cr4UtzI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 351 (0x15f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA485, serialNumber=2A56ECF0F1FF39FB1515600D120A3472BE14B732 Validity Not Before: Jul 3 04:09:51 2025 GMT Not After : Jul 10 04:09:51 2025 GMT Subject: CN=6866028f-3e3c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:e5:27:5d:be:45:7c:eb:ee:76:6c:ed:dd:ff: 92:fc:42:e2:ce:f8:07:e9:aa:37:5b:14:6c:14:f5: 48:9b:72:eb:13:81:22:a4:bf:f4:59:4c:15:01:a7: d5:a3:82:d7:fc:fc:1a:ef:02:35:62:0b:dd:91:6f: eb:41:29:d8:09:1d:9e:30:14:82:dd:cf:bb:e1:76: 64:a6:c7:df:17:e4:dc:8b:00:81:b6:ae:b3:07:39: d6:f1:43:98:50:79:6f:c9:ce:48:3e:2a:33:e7:54: ed:7d:d9:45:63:10:1b:18:2d:de:dd:4f:83:78:5c: 43:81:5c:b4:f0:06:f3:c2:c6:fb:9f:31:df:14:0a: fc:52:61:a6:39:8d:91:80:46:da:df:51:98:22:33: e0:37:7c:d0:a6:eb:bb:75:10:bc:67:13:cd:e7:17: ef:7b:94:d9:06:d6:99:44:6a:15:19:a4:d0:6f:d1: 18:91:a3:10:4e:f6:d4:66:f3:b4:d2:97:ae:ad:01: 46:84:9b:ec:bc:1e:01:48:3b:48:3e:bc:08:ed:fe: ac:a1:31:03:5f:c9:38:77:2b:e7:af:96:40:6b:a9: 04:0b:88:2e:14:77:db:a9:90:09:59:07:76:21:c3: 2d:5e:b1:fc:2d:c3:8c:b5:bc:04:5d:19:f3:3a:a1: be:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:6B:98:0A:BD:39:D3:47:F7:DB:66:83:D5:F2:71:86:77:80:DB:C9 X509v3 Authority Key Identifier: keyid:2A:56:EC:F0:F1:FF:39:FB:15:15:60:0D:12:0A:34:72:BE:14:B7:32 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Klbs8PH_OfsVFWANEgo0cr4UtzI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 04:70:98:e2:ed:c8:be:ed:87:5b:50:b9:d8:8a:59:7b:48:c0: 17:54:29:66:cb:2b:6e:61:b1:36:91:aa:c4:b9:2d:d6:48:c2: 5e:b4:fa:54:7d:04:f1:c2:6d:98:de:05:02:2b:a6:7e:ae:96: b8:32:3b:0b:8b:e2:21:c8:e7:f6:21:e2:3b:5d:28:fc:9e:7c: 64:d3:6a:d7:01:60:85:d8:b3:6e:63:36:e6:be:ee:80:b0:56: 9d:5b:b1:8a:a7:7b:5c:a0:59:29:a9:79:78:a3:a8:6e:9d:93: ff:14:c0:da:ee:5b:c9:62:53:bb:c2:94:20:38:9b:ac:cd:4e: f5:56:a5:a1:19:1b:ed:85:5c:f0:2d:b0:5b:b5:b0:41:7b:e6: e0:92:1f:63:5a:89:28:f1:37:1a:dc:43:d9:a3:c1:02:71:8f: 74:8b:89:fd:76:34:a7:75:ac:78:2f:d7:64:72:b4:b9:cf:46: 75:66:66:3f:c4:17:6b:b8:4b:1c:11:ad:20:8f:cc:3e:24:ae: 16:3c:7e:68:b0:e8:4f:ac:11:69:2c:b5:de:ee:f7:ef:4e:87: 0c:9e:88:67:42:b4:08:6c:39:85:14:88:04:f8:f8:b8:4a:95: 5d:f2:5c:e3:2f:75:e5:15:fe:cf:77:d0:24:4a:fb:2a:d7:27: b3:18:d8:53 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAV8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUE0ODUxMTAvBgNVBAUTKDJBNTZFQ0YwRjFGRjM5RkIxNTE1NjAwRDEyMEEzNDcy QkUxNEI3MzIwHhcNMjUwNzAzMDQwOTUxWhcNMjUwNzEwMDQwOTUxWjAYMRYwFAYD VQQDEw02ODY2MDI4Zi0zZTNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuuUnXb5FfOvudmzt3f+S/ELizvgH6ao3WxRsFPVIm3LrE4EipL/0WUwVAafV o4LX/Pwa7wI1YgvdkW/rQSnYCR2eMBSC3c+74XZkpsffF+TciwCBtq6zBznW8UOY UHlvyc5IPioz51TtfdlFYxAbGC3e3U+DeFxDgVy08Abzwsb7nzHfFAr8UmGmOY2R gEba31GYIjPgN3zQpuu7dRC8ZxPN5xfve5TZBtaZRGoVGaTQb9EYkaMQTvbUZvO0 0peurQFGhJvsvB4BSDtIPrwI7f6soTEDX8k4dyvnr5ZAa6kEC4guFHfbqZAJWQd2 IcMtXrH8LcOMtbwEXRnzOqG+6QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJ1rmAq9 OdNH99tmg9XycYZ3gNvJMB8GA1UdIwQYMBaAFCpW7PDx/zn7FRVgDRIKNHK+FLcy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTQ4NS82MkE5Mjg2NjQ3 Q0UxMUVFODZDMjM4NUNDNEY5QUUwMi9LbGJzOFBIX09mc1ZGV0FORWdvMGNyNFV0 ekkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tsYnM4UEhfT2ZzVkZXQU5FZ28wY3I0VXR6SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QTQ4NS82MkE5Mjg2NjQ3Q0UxMUVFODZDMjM4NUNDNEY5QUUwMi9LbGJzOFBIX09m c1ZGV0FORWdvMGNyNFV0ekkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAEcJji7ci+7YdbULnYill7SMAXVClmyytuYbE2karEuS3WSMJetPpU fQTxwm2Y3gUCK6Z+rpa4MjsLi+IhyOf2IeI7XSj8nnxk02rXAWCF2LNuYzbmvu6A sFadW7GKp3tcoFkpqXl4o6hunZP/FMDa7lvJYlO7wpQgOJuszU71VqWhGRvthVzw LbBbtbBBe+bgkh9jWoko8Tca3EPZo8ECcY90i4n9djSndax4L9dkcrS5z0Z1ZmY/ xBdruEscEa0gj8w+JK4WPH5osOhPrBFpLLXe7vfvTocMnohnQrQIbDmFFIgE+Pi4 SpVd8lzjL3XlFf7Pd9AkSvsq1yezGNhT -----END CERTIFICATE-----Generated at Thu Jul 3 07:52:28 2025 by rpki-client