$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft File: Klbs8PH_OfsVFWANEgo0cr4UtzI.mft (raw, json) Hash identifier: B7GkuJPmIzslcxTpLwubfsvOiItpkSf0ChQqqxClqwg= Subject key identifier: 32:B3:28:E1:DE:36:CB:00:F3:84:0F:21:64:46:5F:A2:52:0F:F7:F3 Authority key identifier: 2A:56:EC:F0:F1:FF:39:FB:15:15:60:0D:12:0A:34:72:BE:14:B7:32 Certificate issuer: /CN=A91EA485/serialNumber=2A56ECF0F1FF39FB1515600D120A3472BE14B732 Certificate serial: 0143 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Klbs8PH_OfsVFWANEgo0cr4UtzI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft Manifest number: 0140 Signing time: Tue 13 May 2025 03:34:06 +0000 Manifest this update: Tue 13 May 2025 03:34:06 +0000 Manifest next update: Tue 20 May 2025 03:34:06 +0000 Files and hashes: 1: Klbs8PH_OfsVFWANEgo0cr4UtzI.crl (hash: N4M/EjjKclHg/0fVnUUnZAHpvBSEqV3zQrO54e3UPGE=) 2: EF31E31847CE11EEB588375DC4F9AE02.roa (hash: D2jnJ061deT1FgcnPcnAa54o8jUyuQQ7FJDAZ8ZL8D4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.crl rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Klbs8PH_OfsVFWANEgo0cr4UtzI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 03:34:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 323 (0x143) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA485, serialNumber=2A56ECF0F1FF39FB1515600D120A3472BE14B732 Validity Not Before: May 13 03:34:06 2025 GMT Not After : May 20 03:34:06 2025 GMT Subject: CN=6822bdae-f623 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:ac:40:86:4c:af:f9:e3:72:da:17:7a:21:f3: 8b:de:3a:e7:e0:ac:f6:6e:fa:60:de:74:9b:35:6e: 5f:73:80:e1:5c:65:bf:3e:b3:b0:39:b2:c2:a9:66: 51:02:3e:90:df:bd:03:0f:21:f6:6b:14:a0:dd:99: 2b:12:54:0e:ed:fe:fd:a9:ba:77:82:f9:f4:e1:d5: 00:ff:91:22:91:2d:f2:18:07:1e:8c:63:a5:e1:4c: e3:bf:72:ad:74:56:cd:63:b4:ad:10:37:60:9b:c3: 19:1f:dc:5e:6e:01:c4:95:08:d0:58:0f:1a:d2:29: 20:05:f8:f3:22:02:be:69:29:68:02:b5:b6:7a:e4: 81:6b:9e:96:6e:c5:a9:05:b3:50:2c:9e:4b:c5:45: c4:c5:cc:4b:e4:70:53:d7:74:a6:6c:65:9c:83:e2: fe:c5:5e:52:2c:b8:65:2a:72:bf:5f:e8:fb:11:bf: 9e:9f:c0:d7:4d:cf:81:31:53:84:e2:2c:4d:eb:06: 40:47:4c:89:38:d7:78:03:8b:37:e3:ef:34:c3:87: 8f:9a:7a:76:68:d3:0e:fe:fa:ff:3c:f3:5c:4a:56: 66:94:e6:b9:6a:df:00:91:d3:68:31:63:96:88:7e: c0:a9:ef:86:f2:4a:e5:bb:02:13:72:de:8b:c0:c6: 08:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:B3:28:E1:DE:36:CB:00:F3:84:0F:21:64:46:5F:A2:52:0F:F7:F3 X509v3 Authority Key Identifier: keyid:2A:56:EC:F0:F1:FF:39:FB:15:15:60:0D:12:0A:34:72:BE:14:B7:32 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Klbs8PH_OfsVFWANEgo0cr4UtzI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 91:90:7c:95:b9:52:24:49:f6:1e:91:1f:10:4c:63:21:15:8b: 64:00:a3:dc:fc:a7:28:0f:1d:00:d5:b4:8f:87:bf:6d:7c:19: 1e:3b:fc:23:4f:6c:89:81:ef:31:66:ba:8e:c0:60:f3:e2:18: ec:c2:ab:18:99:09:29:5d:ba:9d:50:d6:92:f2:b4:c3:be:ec: 80:f9:0f:43:3b:f9:a7:25:d4:b1:8d:1e:7f:5b:d3:1b:82:60: df:59:23:ec:3a:87:a4:fc:51:3b:78:3f:16:e6:42:8c:c1:87: b6:c7:fd:38:0e:50:60:1a:89:c1:7c:11:18:9b:40:6f:a2:db: 54:8d:f0:a1:7c:db:8e:e9:96:7f:a2:b7:76:10:1d:01:27:38: e9:c2:ee:76:db:c8:ae:36:32:5b:c2:27:0a:a0:95:f1:ab:7d: 76:b1:3c:73:ab:d6:1b:a8:a1:85:69:da:84:72:61:a1:11:b4: e7:9b:ba:bd:bf:83:4a:1f:ea:9c:b1:ee:14:12:2f:06:48:e0: d7:63:ed:a3:33:61:34:68:9d:b9:95:d1:d7:1e:83:fb:a1:9b: ea:87:aa:f9:85:18:a9:7d:fa:ce:7f:db:b7:11:d8:b4:d0:a6: 13:99:b0:7a:41:0d:16:a3:af:46:49:cb:5d:0c:e2:ed:bf:eb: 13:92:66:b8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAUMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUE0ODUxMTAvBgNVBAUTKDJBNTZFQ0YwRjFGRjM5RkIxNTE1NjAwRDEyMEEzNDcy QkUxNEI3MzIwHhcNMjUwNTEzMDMzNDA2WhcNMjUwNTIwMDMzNDA2WjAYMRYwFAYD VQQDEw02ODIyYmRhZS1mNjIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwaxAhkyv+eNy2hd6IfOL3jrn4Kz2bvpg3nSbNW5fc4DhXGW/PrOwObLCqWZR Aj6Q370DDyH2axSg3ZkrElQO7f79qbp3gvn04dUA/5EikS3yGAcejGOl4Uzjv3Kt dFbNY7StEDdgm8MZH9xebgHElQjQWA8a0ikgBfjzIgK+aSloArW2euSBa56WbsWp BbNQLJ5LxUXExcxL5HBT13SmbGWcg+L+xV5SLLhlKnK/X+j7Eb+en8DXTc+BMVOE 4ixN6wZAR0yJONd4A4s34+80w4ePmnp2aNMO/vr/PPNcSlZmlOa5at8AkdNoMWOW iH7Aqe+G8krluwITct6LwMYIywIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDKzKOHe NssA84QPIWRGX6JSD/fzMB8GA1UdIwQYMBaAFCpW7PDx/zn7FRVgDRIKNHK+FLcy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTQ4NS82MkE5Mjg2NjQ3 Q0UxMUVFODZDMjM4NUNDNEY5QUUwMi9LbGJzOFBIX09mc1ZGV0FORWdvMGNyNFV0 ekkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tsYnM4UEhfT2ZzVkZXQU5FZ28wY3I0VXR6SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QTQ4NS82MkE5Mjg2NjQ3Q0UxMUVFODZDMjM4NUNDNEY5QUUwMi9LbGJzOFBIX09m c1ZGV0FORWdvMGNyNFV0ekkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCRkHyVuVIkSfYekR8QTGMhFYtkAKPc/KcoDx0A1bSPh79tfBkeO/wj T2yJge8xZrqOwGDz4hjswqsYmQkpXbqdUNaS8rTDvuyA+Q9DO/mnJdSxjR5/W9Mb gmDfWSPsOoek/FE7eD8W5kKMwYe2x/04DlBgGonBfBEYm0BvottUjfChfNuO6ZZ/ ord2EB0BJzjpwu5228iuNjJbwicKoJXxq312sTxzq9YbqKGFadqEcmGhEbTnm7q9 v4NKH+qcse4UEi8GSODXY+2jM2E0aJ25ldHXHoP7oZvqh6r5hRipffrOf9u3Edi0 0KYTmbB6QQ0Wo69GSctdDOLtv+sTkma4 -----END CERTIFICATE-----Generated at Wed May 14 01:17:30 2025 by rpki-client