$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft File: Klbs8PH_OfsVFWANEgo0cr4UtzI.mft (raw, json) Hash identifier: WeUI0cYotg6L5f1wX+c+41QFN0cUGidMgCeCuZ9+XUE= Subject key identifier: 91:86:CA:DB:D3:2F:62:29:5E:0C:EA:12:B3:02:DF:49:BF:5D:A4:4B Authority key identifier: 2A:56:EC:F0:F1:FF:39:FB:15:15:60:0D:12:0A:34:72:BE:14:B7:32 Certificate issuer: /CN=A91EA485/serialNumber=2A56ECF0F1FF39FB1515600D120A3472BE14B732 Certificate serial: 013A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Klbs8PH_OfsVFWANEgo0cr4UtzI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft Manifest number: 0137 Signing time: Fri 25 Apr 2025 03:33:25 +0000 Manifest this update: Fri 25 Apr 2025 03:33:25 +0000 Manifest next update: Fri 02 May 2025 03:33:25 +0000 Files and hashes: 1: Klbs8PH_OfsVFWANEgo0cr4UtzI.crl (hash: DsBqxbwF+AhheIgw4uwgbNBWMPfjJYmzqiqshmBehao=) 2: EF31E31847CE11EEB588375DC4F9AE02.roa (hash: D2jnJ061deT1FgcnPcnAa54o8jUyuQQ7FJDAZ8ZL8D4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.crl rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Klbs8PH_OfsVFWANEgo0cr4UtzI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 03:33:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 314 (0x13a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA485, serialNumber=2A56ECF0F1FF39FB1515600D120A3472BE14B732 Validity Not Before: Apr 25 03:33:25 2025 GMT Not After : May 2 03:33:25 2025 GMT Subject: CN=680b0285-5467 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:24:99:13:52:fb:38:b0:e2:60:a4:43:31:b8: 53:7f:7a:90:1e:12:fa:df:e6:ec:4c:27:7f:52:15: 75:f6:a5:3d:3b:ef:99:b6:3a:e5:10:0c:02:a8:4b: 99:24:ab:26:44:62:34:0b:97:31:77:cd:64:e4:6f: 49:be:51:fc:29:a7:25:40:b8:d9:f4:49:1e:a2:17: 6c:9c:43:f2:08:94:2b:77:d6:2e:c2:4a:39:02:43: 6b:23:fd:40:d4:5b:44:81:ec:b2:1e:ab:29:cc:44: 34:eb:cb:bc:b5:8b:84:fe:66:9f:a7:8c:1d:46:a7: 8a:06:0a:3d:85:da:71:f9:b8:ef:5b:32:ac:e2:ec: 3f:73:51:16:39:03:33:bf:af:13:5e:55:b4:50:35: 2b:e9:21:0a:28:e4:30:ce:97:e3:4e:7c:10:12:c3: d7:c7:a5:da:e1:df:72:c1:ac:8d:1c:9e:42:fb:b2: 3d:1f:cf:9f:19:89:af:6d:65:10:10:bc:9b:75:bc: 37:cf:42:22:04:bc:e4:35:ff:1c:2d:7a:2c:91:3e: 85:0c:14:db:91:fa:2f:94:57:3a:fd:a3:5a:a7:80: 82:8c:e5:f4:81:6c:47:19:b1:9b:6c:dd:74:92:c5: 50:26:f8:7b:d9:c2:07:23:b1:1e:23:42:7d:c0:01: 7e:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:86:CA:DB:D3:2F:62:29:5E:0C:EA:12:B3:02:DF:49:BF:5D:A4:4B X509v3 Authority Key Identifier: keyid:2A:56:EC:F0:F1:FF:39:FB:15:15:60:0D:12:0A:34:72:BE:14:B7:32 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Klbs8PH_OfsVFWANEgo0cr4UtzI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 28:63:ae:2e:cd:92:cb:ad:51:fa:27:53:0c:0b:ec:26:37:7e: f8:ed:fe:b7:f7:87:cb:05:5d:34:e1:4f:3d:f3:db:6a:6d:fc: 58:20:64:00:e2:11:a9:c6:d6:08:15:ed:cb:6e:dc:24:0f:30: 9a:30:a1:2d:1b:26:da:2f:56:15:d0:bb:19:f5:32:39:aa:d9: 31:62:d7:20:df:ed:9e:1b:27:27:46:f0:f9:39:ce:4e:b9:97: 99:1e:d4:01:fb:27:d1:c7:3a:b8:f9:b6:f6:96:10:28:86:41: 85:b2:0d:6b:d0:7a:f4:57:95:92:73:5c:02:48:a6:d7:d5:a0: fb:9f:1a:63:16:7a:06:1d:56:85:5b:40:61:5f:59:a4:f4:fa: 17:79:a9:64:3b:25:b6:35:e8:67:62:47:65:8b:4f:06:9f:e1: 24:b2:fc:d5:4f:c6:4e:a7:fb:14:ac:93:3e:99:1b:76:2f:4f: 6f:3f:4a:13:a6:f5:3c:4a:f2:36:53:26:a1:62:45:bf:58:6c: f9:31:b3:ae:a7:e1:20:41:d1:d7:10:6b:fd:f0:d3:bf:bb:a0: 3c:9c:3b:b5:31:02:29:6b:51:f3:ca:3d:3a:84:e5:83:c1:eb: 8c:06:c3:24:36:39:7b:d6:f1:10:b8:d5:91:eb:ac:db:a0:87: 9b:6d:5b:2d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICATowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUE0ODUxMTAvBgNVBAUTKDJBNTZFQ0YwRjFGRjM5RkIxNTE1NjAwRDEyMEEzNDcy QkUxNEI3MzIwHhcNMjUwNDI1MDMzMzI1WhcNMjUwNTAyMDMzMzI1WjAYMRYwFAYD VQQDEw02ODBiMDI4NS01NDY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArSSZE1L7OLDiYKRDMbhTf3qQHhL63+bsTCd/UhV19qU9O++ZtjrlEAwCqEuZ JKsmRGI0C5cxd81k5G9JvlH8KaclQLjZ9EkeohdsnEPyCJQrd9Yuwko5AkNrI/1A 1FtEgeyyHqspzEQ068u8tYuE/mafp4wdRqeKBgo9hdpx+bjvWzKs4uw/c1EWOQMz v68TXlW0UDUr6SEKKOQwzpfjTnwQEsPXx6Xa4d9ywayNHJ5C+7I9H8+fGYmvbWUQ ELybdbw3z0IiBLzkNf8cLXoskT6FDBTbkfovlFc6/aNap4CCjOX0gWxHGbGbbN10 ksVQJvh72cIHI7EeI0J9wAF+EQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJGGytvT L2IpXgzqErMC30m/XaRLMB8GA1UdIwQYMBaAFCpW7PDx/zn7FRVgDRIKNHK+FLcy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTQ4NS82MkE5Mjg2NjQ3 Q0UxMUVFODZDMjM4NUNDNEY5QUUwMi9LbGJzOFBIX09mc1ZGV0FORWdvMGNyNFV0 ekkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tsYnM4UEhfT2ZzVkZXQU5FZ28wY3I0VXR6SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QTQ4NS82MkE5Mjg2NjQ3Q0UxMUVFODZDMjM4NUNDNEY5QUUwMi9LbGJzOFBIX09m c1ZGV0FORWdvMGNyNFV0ekkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAoY64uzZLLrVH6J1MMC+wmN3747f6394fLBV004U8989tqbfxYIGQA 4hGpxtYIFe3LbtwkDzCaMKEtGybaL1YV0LsZ9TI5qtkxYtcg3+2eGycnRvD5Oc5O uZeZHtQB+yfRxzq4+bb2lhAohkGFsg1r0Hr0V5WSc1wCSKbX1aD7nxpjFnoGHVaF W0BhX1mk9PoXealkOyW2NehnYkdli08Gn+EksvzVT8ZOp/sUrJM+mRt2L09vP0oT pvU8SvI2UyahYkW/WGz5MbOup+EgQdHXEGv98NO/u6A8nDu1MQIpa1Hzyj06hOWD weuMBsMkNjl71vEQuNWR66zboIebbVst -----END CERTIFICATE-----Generated at Sat Apr 26 03:48:29 2025 by rpki-client