$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft File: Klbs8PH_OfsVFWANEgo0cr4UtzI.mft (raw, json) Hash identifier: 6kEVQPVDoCV5dABTZHYhSNGJ0HQt0OkAB7euRO6ldQw= Subject key identifier: AA:8D:3F:88:BB:6A:F0:54:89:E9:24:8F:7E:29:8B:12:01:60:ED:32 Authority key identifier: 2A:56:EC:F0:F1:FF:39:FB:15:15:60:0D:12:0A:34:72:BE:14:B7:32 Certificate issuer: /CN=A91EA485/serialNumber=2A56ECF0F1FF39FB1515600D120A3472BE14B732 Certificate serial: 0196 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Klbs8PH_OfsVFWANEgo0cr4UtzI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft Manifest number: 0192 Signing time: Sun 19 Oct 2025 06:03:16 +0000 Manifest this update: Sun 19 Oct 2025 06:03:15 +0000 Manifest next update: Sun 26 Oct 2025 06:03:15 +0000 Files and hashes: 1: Klbs8PH_OfsVFWANEgo0cr4UtzI.crl (hash: HilhbpizBHS9QA1NktkZHCYBJqNO2Cwq/4zUlTEA7lY=) 2: EF31E31847CE11EEB588375DC4F9AE02.roa (hash: kILGmUlpt7DdHWZSLztcZSmK4D+q9rXXCv0iWxnKi6I=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.crl rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Klbs8PH_OfsVFWANEgo0cr4UtzI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 06:03:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 406 (0x196) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA485, serialNumber=2A56ECF0F1FF39FB1515600D120A3472BE14B732 Validity Not Before: Oct 19 06:03:15 2025 GMT Not After : Oct 26 06:03:15 2025 GMT Subject: CN=68f47f24-5fc0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f5:59:65:23:8f:13:87:bd:d3:8a:a8:ba:02:e0: 5e:e4:3b:18:cd:f4:25:43:d8:b1:6e:cd:45:34:e3: 8c:40:2d:68:45:cc:c4:dc:ee:f3:87:4b:71:8d:e1: ff:bc:27:52:d8:7c:eb:81:3e:40:83:aa:90:e2:7e: a1:ed:92:87:d7:ca:24:68:c5:67:1d:a7:7c:94:48: 71:59:06:67:c4:1a:0a:c9:e2:9b:d7:ca:51:46:7d: 5b:ca:73:87:1c:43:c1:49:be:fb:e1:eb:4d:4a:b2: 55:9f:c6:c0:5c:bb:60:08:eb:19:f5:c9:fe:a5:5a: 8e:4f:f6:df:f1:2d:eb:6b:2b:0b:2b:d1:ae:40:c5: 90:d7:7b:71:0a:a0:94:68:21:24:3d:7f:34:e3:c4: 6c:c8:56:88:c0:43:90:c4:b4:2b:78:7e:e9:93:b9: 23:57:81:51:27:0b:a5:c8:a8:81:09:3e:50:b3:a5: bd:ae:f0:f5:7f:08:c7:96:50:dc:2d:17:8b:7b:54: 29:0d:fe:a8:6f:3c:2d:27:04:ea:48:30:df:da:cf: 88:88:ec:9c:f8:cd:32:04:d2:b4:f4:11:a1:1e:01: aa:52:f8:b3:1e:bd:0c:e6:17:fb:84:5e:6b:ff:c7: 43:19:8b:6b:e1:e2:be:3e:24:5e:1d:57:d5:26:b0: e3:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:8D:3F:88:BB:6A:F0:54:89:E9:24:8F:7E:29:8B:12:01:60:ED:32 X509v3 Authority Key Identifier: keyid:2A:56:EC:F0:F1:FF:39:FB:15:15:60:0D:12:0A:34:72:BE:14:B7:32 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Klbs8PH_OfsVFWANEgo0cr4UtzI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 51:d7:dd:bf:6f:bd:06:e8:f2:5e:15:39:97:25:4e:9a:be:b1: 50:ea:72:9e:4f:2b:31:59:6c:91:79:e2:7c:c6:be:b0:7b:c1: 3b:3f:3b:9d:ee:54:34:ad:58:38:10:c0:ac:cc:54:1f:16:c2: 44:c6:8c:44:67:b9:07:03:19:2d:df:fe:cb:f5:94:0d:50:a1: 88:3e:83:c9:b9:31:6d:5d:e6:14:d2:3b:17:8b:07:86:20:30: 9a:ae:28:f1:a4:34:48:a7:81:67:9b:3d:6d:7c:94:b8:ac:fa: f3:4c:f3:d4:28:84:29:c7:e8:76:50:50:81:b2:c2:46:06:7a: 1f:30:17:ae:ad:c9:28:6c:a2:da:aa:bf:d5:8d:c4:ba:28:1f: ce:bd:ca:7f:11:da:dd:1c:19:ef:4a:22:b9:8d:8e:c3:ce:57: ed:dc:ee:f3:f7:50:6c:d7:d9:71:b6:9c:d7:4b:bd:cb:2d:21: cb:93:b7:ff:ee:a7:f3:5b:23:81:aa:b9:cb:60:26:67:0b:91: 49:5b:1a:f1:d8:29:c6:b6:cb:e2:ad:99:8d:88:38:c1:f3:e7: e9:90:e8:d2:ca:ea:1a:51:21:0a:15:cc:5a:57:fd:46:18:b0: ce:a1:3b:20:77:31:60:82:ff:63:de:ec:77:60:7d:46:61:91: 1d:7c:87:bd -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAZYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUE0ODUxMTAvBgNVBAUTKDJBNTZFQ0YwRjFGRjM5RkIxNTE1NjAwRDEyMEEzNDcy QkUxNEI3MzIwHhcNMjUxMDE5MDYwMzE1WhcNMjUxMDI2MDYwMzE1WjAYMRYwFAYD VQQDEw02OGY0N2YyNC01ZmMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA9VllI48Th73Tiqi6AuBe5DsYzfQlQ9ixbs1FNOOMQC1oRczE3O7zh0txjeH/ vCdS2HzrgT5Ag6qQ4n6h7ZKH18okaMVnHad8lEhxWQZnxBoKyeKb18pRRn1bynOH HEPBSb774etNSrJVn8bAXLtgCOsZ9cn+pVqOT/bf8S3raysLK9GuQMWQ13txCqCU aCEkPX8048RsyFaIwEOQxLQreH7pk7kjV4FRJwulyKiBCT5Qs6W9rvD1fwjHllDc LReLe1QpDf6obzwtJwTqSDDf2s+IiOyc+M0yBNK09BGhHgGqUvizHr0M5hf7hF5r /8dDGYtr4eK+PiReHVfVJrDjtQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKqNP4i7 avBUiekkj34pixIBYO0yMB8GA1UdIwQYMBaAFCpW7PDx/zn7FRVgDRIKNHK+FLcy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTQ4NS82MkE5Mjg2NjQ3 Q0UxMUVFODZDMjM4NUNDNEY5QUUwMi9LbGJzOFBIX09mc1ZGV0FORWdvMGNyNFV0 ekkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tsYnM4UEhfT2ZzVkZXQU5FZ28wY3I0VXR6SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QTQ4NS82MkE5Mjg2NjQ3Q0UxMUVFODZDMjM4NUNDNEY5QUUwMi9LbGJzOFBIX09m c1ZGV0FORWdvMGNyNFV0ekkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBR192/b70G6PJeFTmXJU6avrFQ6nKeTysxWWyReeJ8xr6we8E7Pzud 7lQ0rVg4EMCszFQfFsJExoxEZ7kHAxkt3/7L9ZQNUKGIPoPJuTFtXeYU0jsXiweG IDCarijxpDRIp4Fnmz1tfJS4rPrzTPPUKIQpx+h2UFCBssJGBnofMBeurckobKLa qr/VjcS6KB/Ovcp/EdrdHBnvSiK5jY7Dzlft3O7z91Bs19lxtpzXS73LLSHLk7f/ 7qfzWyOBqrnLYCZnC5FJWxrx2CnGtsvirZmNiDjB8+fpkOjSyuoaUSEKFcxaV/1G GLDOoTsgdzFggv9j3ux3YH1GYZEdfIe9 -----END CERTIFICATE-----Generated at Mon Oct 20 11:41:03 2025 by rpki-client