$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft File: Klbs8PH_OfsVFWANEgo0cr4UtzI.mft (raw, json) Hash identifier: L0AQtkWlW9D58RM/jtfycDeftwh7HAeeEbSaRERd7dk= Subject key identifier: F5:01:83:29:91:8C:7F:46:A0:BB:C5:FF:BB:74:5C:24:9F:DE:8B:F7 Authority key identifier: 2A:56:EC:F0:F1:FF:39:FB:15:15:60:0D:12:0A:34:72:BE:14:B7:32 Certificate issuer: /CN=A91EA485/serialNumber=2A56ECF0F1FF39FB1515600D120A3472BE14B732 Certificate serial: 013B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Klbs8PH_OfsVFWANEgo0cr4UtzI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft Manifest number: 0138 Signing time: Sun 27 Apr 2025 03:22:51 +0000 Manifest this update: Sun 27 Apr 2025 03:22:51 +0000 Manifest next update: Sun 04 May 2025 03:22:51 +0000 Files and hashes: 1: Klbs8PH_OfsVFWANEgo0cr4UtzI.crl (hash: AUsABg9HG1AaOyShmqngw/rIik88g7SAVcW3Y+WlpEU=) 2: EF31E31847CE11EEB588375DC4F9AE02.roa (hash: D2jnJ061deT1FgcnPcnAa54o8jUyuQQ7FJDAZ8ZL8D4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.crl rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Klbs8PH_OfsVFWANEgo0cr4UtzI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 04 May 2025 02:50:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 315 (0x13b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA485, serialNumber=2A56ECF0F1FF39FB1515600D120A3472BE14B732 Validity Not Before: Apr 27 03:22:51 2025 GMT Not After : May 4 03:22:51 2025 GMT Subject: CN=680da30b-286c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:a8:dd:bc:6a:4a:66:81:a5:4d:32:31:fd:03: 9e:aa:9d:f1:f4:48:d8:19:0e:26:55:9f:3f:83:6e: 86:b2:8a:06:24:46:4a:b5:1d:32:62:4c:3a:fa:bd: 18:f7:37:cd:b4:36:0d:23:8e:21:44:75:fd:e0:2c: 81:38:3f:4c:fc:ff:87:3e:d6:71:44:ed:74:e3:44: 64:45:e7:a4:c3:23:ec:8c:4d:43:36:48:5c:89:e7: 09:78:eb:39:a7:59:52:5d:99:a0:2d:61:da:98:a8: 7e:a8:56:b7:a5:46:97:2b:31:ce:75:76:b6:20:42: a9:b3:12:c5:00:84:d4:e8:63:19:8c:b2:b8:73:fc: 77:79:46:83:1b:28:28:fb:6f:53:e7:35:d9:c4:63: 2d:4d:a9:cd:a7:5d:9d:4c:f6:05:1a:36:e6:cd:b9: f5:35:d3:0f:37:06:02:93:77:c8:90:4b:ba:4b:db: 50:f1:b4:74:15:5d:e9:b1:d1:ac:60:42:2a:6e:99: 7a:4b:43:f2:70:24:e8:a0:b7:00:29:1b:47:24:c5: e1:42:8f:6f:c1:a0:87:4c:cb:5e:f2:65:9a:56:7e: b6:39:3a:8d:ae:55:2c:0d:21:28:c7:70:9e:33:5a: f8:fd:82:90:6e:61:35:e6:07:a5:eb:18:4d:e9:70: 0e:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F5:01:83:29:91:8C:7F:46:A0:BB:C5:FF:BB:74:5C:24:9F:DE:8B:F7 X509v3 Authority Key Identifier: keyid:2A:56:EC:F0:F1:FF:39:FB:15:15:60:0D:12:0A:34:72:BE:14:B7:32 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Klbs8PH_OfsVFWANEgo0cr4UtzI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 60:3a:c2:70:30:bf:a0:86:72:b6:75:c3:08:a0:20:9e:56:dd: 42:ff:7f:49:74:09:41:94:dc:9f:45:cb:5b:86:47:ca:2e:11: 31:f5:0a:61:83:db:c5:91:54:5f:05:0d:c1:ab:82:14:8b:67: 02:a6:9f:5d:77:3b:f1:c6:98:a2:45:54:47:8f:7e:8e:53:72: 13:c5:b7:6b:e7:3a:50:da:16:4b:57:ae:1a:81:15:d7:9a:83: 9e:c6:48:70:97:4f:6d:a6:dc:73:20:70:32:c7:9c:2a:45:e3: cd:13:49:0b:f9:15:bf:d6:ea:09:ca:41:44:1f:68:c1:ae:37: 8b:72:d0:c0:15:49:45:de:c9:f6:f6:d4:ed:d5:c7:f3:ce:55: 32:16:7f:72:a5:62:fd:49:ad:46:5e:a9:0b:62:d0:2f:f1:03: 7d:7f:35:81:c1:63:92:43:14:6d:d6:8d:91:92:f3:ce:c5:cb: bb:e0:bd:ac:94:29:9c:ae:c7:c5:71:0c:5f:64:c2:2c:ea:b4: e8:b4:1c:c0:69:0f:f6:37:e1:9b:24:9e:2d:21:74:78:8c:b1: 4f:f3:9e:f5:d5:56:bd:d8:ff:6b:57:68:5d:23:4b:da:f8:9b: 97:dd:54:00:cd:73:c7:db:e4:dc:c9:f9:a2:eb:63:1e:1f:4a: 0a:28:16:03 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICATswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUE0ODUxMTAvBgNVBAUTKDJBNTZFQ0YwRjFGRjM5RkIxNTE1NjAwRDEyMEEzNDcy QkUxNEI3MzIwHhcNMjUwNDI3MDMyMjUxWhcNMjUwNTA0MDMyMjUxWjAYMRYwFAYD VQQDEw02ODBkYTMwYi0yODZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwqjdvGpKZoGlTTIx/QOeqp3x9EjYGQ4mVZ8/g26GsooGJEZKtR0yYkw6+r0Y 9zfNtDYNI44hRHX94CyBOD9M/P+HPtZxRO1040RkReekwyPsjE1DNkhciecJeOs5 p1lSXZmgLWHamKh+qFa3pUaXKzHOdXa2IEKpsxLFAITU6GMZjLK4c/x3eUaDGygo +29T5zXZxGMtTanNp12dTPYFGjbmzbn1NdMPNwYCk3fIkEu6S9tQ8bR0FV3psdGs YEIqbpl6S0PycCTooLcAKRtHJMXhQo9vwaCHTMte8mWaVn62OTqNrlUsDSEox3Ce M1r4/YKQbmE15gel6xhN6XAOfQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPUBgymR jH9GoLvF/7t0XCSf3ov3MB8GA1UdIwQYMBaAFCpW7PDx/zn7FRVgDRIKNHK+FLcy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTQ4NS82MkE5Mjg2NjQ3 Q0UxMUVFODZDMjM4NUNDNEY5QUUwMi9LbGJzOFBIX09mc1ZGV0FORWdvMGNyNFV0 ekkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tsYnM4UEhfT2ZzVkZXQU5FZ28wY3I0VXR6SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QTQ4NS82MkE5Mjg2NjQ3Q0UxMUVFODZDMjM4NUNDNEY5QUUwMi9LbGJzOFBIX09m c1ZGV0FORWdvMGNyNFV0ekkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBgOsJwML+ghnK2dcMIoCCeVt1C/39JdAlBlNyfRctbhkfKLhEx9Qph g9vFkVRfBQ3Bq4IUi2cCpp9ddzvxxpiiRVRHj36OU3ITxbdr5zpQ2hZLV64agRXX moOexkhwl09tptxzIHAyx5wqRePNE0kL+RW/1uoJykFEH2jBrjeLctDAFUlF3sn2 9tTt1cfzzlUyFn9ypWL9Sa1GXqkLYtAv8QN9fzWBwWOSQxRt1o2RkvPOxcu74L2s lCmcrsfFcQxfZMIs6rTotBzAaQ/2N+GbJJ4tIXR4jLFP85711Va92P9rV2hdI0va +JuX3VQAzXPH2+Tcyfmi62MeH0oKKBYD -----END CERTIFICATE-----Generated at Sun Apr 27 05:43:16 2025 by rpki-client on console.sobornost.net