$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft File: Klbs8PH_OfsVFWANEgo0cr4UtzI.mft (raw, json) Hash identifier: bsMbnTlRWpHiCxrzM7DOePo54jd22gMyx7CJ13zzbgU= Subject key identifier: 5D:FF:CC:E0:B4:1C:0D:75:FE:7E:1C:D0:ED:98:2B:A2:7C:2D:28:CB Authority key identifier: 2A:56:EC:F0:F1:FF:39:FB:15:15:60:0D:12:0A:34:72:BE:14:B7:32 Certificate issuer: /CN=A91EA485/serialNumber=2A56ECF0F1FF39FB1515600D120A3472BE14B732 Certificate serial: 0172 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Klbs8PH_OfsVFWANEgo0cr4UtzI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft Manifest number: 016E Signing time: Sat 09 Aug 2025 04:13:54 +0000 Manifest this update: Sat 09 Aug 2025 04:13:53 +0000 Manifest next update: Sat 16 Aug 2025 04:13:53 +0000 Files and hashes: 1: Klbs8PH_OfsVFWANEgo0cr4UtzI.crl (hash: na+W8g0qEKDCM1kCkqTG6hmASML1vOECyMHyQAYySRw=) 2: EF31E31847CE11EEB588375DC4F9AE02.roa (hash: kILGmUlpt7DdHWZSLztcZSmK4D+q9rXXCv0iWxnKi6I=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.crl rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Klbs8PH_OfsVFWANEgo0cr4UtzI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 370 (0x172) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA485, serialNumber=2A56ECF0F1FF39FB1515600D120A3472BE14B732 Validity Not Before: Aug 9 04:13:53 2025 GMT Not After : Aug 16 04:13:53 2025 GMT Subject: CN=6896cb02-034c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:6d:76:c5:19:6a:18:0b:fb:96:30:10:3c:cb: 67:71:12:20:d8:a9:e4:10:20:e4:6d:5a:bd:07:e0: a4:ca:df:fd:65:1f:f4:58:a7:8a:49:bb:97:98:10: 17:7e:f6:05:5f:de:35:cd:de:a7:25:d7:3d:62:75: 9b:d3:6e:57:29:23:60:23:1e:bd:21:a1:14:8d:ba: 83:c7:f2:63:79:a5:e7:7f:ea:3c:ba:7a:63:7a:d6: 63:80:85:1b:05:38:cd:17:a1:ac:31:24:1c:b6:47: b9:50:a9:49:9b:e1:f1:28:00:5d:0e:97:c5:3e:95: 28:e3:81:af:d8:74:c1:af:70:8c:e3:b9:9d:b2:f1: 5c:83:cf:29:99:8a:ec:c6:6e:3c:7d:20:3f:62:66: cd:ed:11:16:cf:07:df:17:7e:7a:50:67:e1:ac:f9: 0f:4c:b9:11:da:30:06:84:cc:56:79:83:52:6e:a9: c7:fa:5e:d7:03:39:45:90:c2:e2:31:59:21:3a:1d: 54:e6:19:20:2e:d6:89:d2:12:7c:a5:73:71:86:2d: 5a:51:12:86:bf:46:ec:6f:40:fa:83:ea:bc:4b:ac: c7:f1:ef:e4:f4:76:62:fd:b4:24:d3:8f:f1:8f:1b: dd:b0:0f:7e:17:bb:15:37:36:f0:ce:64:23:e4:6a: 2d:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:FF:CC:E0:B4:1C:0D:75:FE:7E:1C:D0:ED:98:2B:A2:7C:2D:28:CB X509v3 Authority Key Identifier: keyid:2A:56:EC:F0:F1:FF:39:FB:15:15:60:0D:12:0A:34:72:BE:14:B7:32 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Klbs8PH_OfsVFWANEgo0cr4UtzI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 86:95:37:3b:91:c8:03:93:31:7a:fd:bd:76:7a:4f:ca:16:a0: eb:88:d7:0e:62:49:8f:4f:4d:c0:84:fa:c1:19:74:4e:83:53: 49:c0:57:18:56:3f:5f:a0:1a:74:d6:07:b7:76:55:4a:16:e4: 55:d0:3c:7c:7e:c5:9f:2c:f6:03:0f:bf:ed:df:e2:23:ee:b4: 75:73:0d:38:09:59:96:07:d5:c3:c5:b5:88:3e:98:ba:0d:7e: 2d:a9:5e:a9:93:2e:6a:18:71:fb:ea:54:12:f2:92:62:8c:fd: eb:71:55:58:52:59:bc:37:7c:8e:5a:ca:07:c2:14:d8:6e:be: 50:f6:e6:35:c8:b1:98:8f:31:a0:18:ee:c1:43:3e:6f:4b:97: 8c:db:38:44:7d:16:40:33:fa:70:7c:3a:b8:28:84:32:bc:15: e7:bc:a7:18:a7:f6:63:77:75:d6:45:84:c9:4f:06:44:5b:a4: b8:88:fd:60:44:8c:3d:21:58:5f:bd:81:7e:2e:3d:4e:52:b4: f0:44:e5:f9:91:e0:5b:07:a4:4a:a0:f9:9d:22:39:75:4a:f7: 28:4a:a3:81:b1:94:71:17:c7:97:e0:c6:26:bf:a3:6e:98:da: 44:b5:fc:eb:df:97:87:0b:63:66:a3:86:31:2f:2e:02:82:70: 52:eb:e6:4e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAXIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUE0ODUxMTAvBgNVBAUTKDJBNTZFQ0YwRjFGRjM5RkIxNTE1NjAwRDEyMEEzNDcy QkUxNEI3MzIwHhcNMjUwODA5MDQxMzUzWhcNMjUwODE2MDQxMzUzWjAYMRYwFAYD VQQDEw02ODk2Y2IwMi0wMzRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnW12xRlqGAv7ljAQPMtncRIg2KnkECDkbVq9B+Ckyt/9ZR/0WKeKSbuXmBAX fvYFX941zd6nJdc9YnWb025XKSNgIx69IaEUjbqDx/JjeaXnf+o8unpjetZjgIUb BTjNF6GsMSQctke5UKlJm+HxKABdDpfFPpUo44Gv2HTBr3CM47mdsvFcg88pmYrs xm48fSA/YmbN7REWzwffF356UGfhrPkPTLkR2jAGhMxWeYNSbqnH+l7XAzlFkMLi MVkhOh1U5hkgLtaJ0hJ8pXNxhi1aURKGv0bsb0D6g+q8S6zH8e/k9HZi/bQk04/x jxvdsA9+F7sVNzbwzmQj5GotQQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFF3/zOC0 HA11/n4c0O2YK6J8LSjLMB8GA1UdIwQYMBaAFCpW7PDx/zn7FRVgDRIKNHK+FLcy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTQ4NS82MkE5Mjg2NjQ3 Q0UxMUVFODZDMjM4NUNDNEY5QUUwMi9LbGJzOFBIX09mc1ZGV0FORWdvMGNyNFV0 ekkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tsYnM4UEhfT2ZzVkZXQU5FZ28wY3I0VXR6SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QTQ4NS82MkE5Mjg2NjQ3Q0UxMUVFODZDMjM4NUNDNEY5QUUwMi9LbGJzOFBIX09m c1ZGV0FORWdvMGNyNFV0ekkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCGlTc7kcgDkzF6/b12ek/KFqDriNcOYkmPT03AhPrBGXROg1NJwFcY Vj9foBp01ge3dlVKFuRV0Dx8fsWfLPYDD7/t3+Ij7rR1cw04CVmWB9XDxbWIPpi6 DX4tqV6pky5qGHH76lQS8pJijP3rcVVYUlm8N3yOWsoHwhTYbr5Q9uY1yLGYjzGg GO7BQz5vS5eM2zhEfRZAM/pwfDq4KIQyvBXnvKcYp/Zjd3XWRYTJTwZEW6S4iP1g RIw9IVhfvYF+Lj1OUrTwROX5keBbB6RKoPmdIjl1SvcoSqOBsZRxF8eX4MYmv6Nu mNpEtfzr35eHC2Nmo4YxLy4CgnBS6+ZO -----END CERTIFICATE-----Generated at Sat Aug 9 23:12:00 2025 by rpki-client