$ rpki-client -vvf rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft File: bOklSpy_oHBCJDc13OT79-VGEWY.mft (raw, json) Hash identifier: aiijBJ5i3R47pO+2C6cfCZkxsWN9whPhmV4+veIn6Q4= Subject key identifier: ED:1C:B1:BE:BD:6C:A5:7F:FC:9F:CD:60:81:36:9E:BF:F6:D1:4C:EB Authority key identifier: 6C:E9:25:4A:9C:BF:A0:70:42:24:37:35:DC:E4:FB:F7:E5:46:11:66 Certificate issuer: /CN=A91454F3/serialNumber=6CE9254A9CBFA07042243735DCE4FBF7E5461166 Certificate serial: 0C38 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft Manifest number: 0C32 Signing time: Sat 10 May 2025 18:17:17 +0000 Manifest this update: Sat 10 May 2025 18:17:16 +0000 Manifest next update: Sat 17 May 2025 18:17:16 +0000 Files and hashes: 1: bOklSpy_oHBCJDc13OT79-VGEWY.crl (hash: 7eHD12O/vVGLURioHiDIiXiy6rTcosDj3+AKNMLFHP8=) 2: 9DDA09EC05DC11EA9B6B0560C4F9AE02.roa (hash: tBcP96oatlX28aHZ2XCL2w+PP5ZPCSpD4OOUZWfI8Ds=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.crl rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 18:17:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3128 (0xc38) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91454F3, serialNumber=6CE9254A9CBFA07042243735DCE4FBF7E5461166 Validity Not Before: May 10 18:17:16 2025 GMT Not After : May 17 18:17:16 2025 GMT Subject: CN=681f982d-23b6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:17:11:76:85:25:92:14:f1:16:d6:d5:98:2b: c1:e5:25:3b:0a:6c:e4:78:fa:a4:6f:44:42:22:38: 06:7a:76:e7:bf:9b:fb:d3:5d:d4:63:1b:a5:1b:21: 00:29:96:61:a3:cb:e5:23:ad:d6:81:ad:cb:76:ae: bb:91:08:bc:6d:b6:e0:de:23:58:43:92:70:d7:e9: 89:ca:0a:7d:e1:f6:ba:ff:69:7e:4c:38:18:be:89: 67:ce:7c:f9:ca:12:f7:57:a2:05:03:a7:fa:4d:98: bb:d1:68:87:14:65:6b:0b:d9:3e:a8:db:dc:b8:f4: af:7b:1a:0c:3f:99:48:7a:f2:8c:77:4f:34:0f:da: ce:a9:4e:48:c3:02:38:b8:7f:f5:ea:12:35:9c:76: cb:9e:41:ad:86:91:4b:65:e1:d7:6c:f0:e0:42:cd: dc:10:12:d9:f1:bb:73:14:a0:48:a3:89:8b:37:fc: fc:3f:3f:62:ca:50:c9:b2:07:77:90:4d:d3:82:0c: b1:50:8a:c8:a5:37:a2:eb:cd:69:ee:86:56:3e:17: 95:78:fd:d2:8e:df:c5:3f:31:91:09:14:5d:b9:11: 36:dd:c8:c6:6f:3b:35:51:79:55:f1:b3:72:7b:e4: 71:ef:7b:7a:1a:20:f6:31:1c:7b:fe:e4:7f:19:36: a3:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:1C:B1:BE:BD:6C:A5:7F:FC:9F:CD:60:81:36:9E:BF:F6:D1:4C:EB X509v3 Authority Key Identifier: keyid:6C:E9:25:4A:9C:BF:A0:70:42:24:37:35:DC:E4:FB:F7:E5:46:11:66 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 62:b5:a7:a5:f7:a5:d1:5f:81:4a:67:ba:15:f5:5a:7e:d7:c5: 8f:09:46:d7:d1:c1:08:fb:ff:85:4c:8d:d6:1e:f9:bc:5f:71: 48:9c:3d:0a:6c:6b:43:0b:a6:5f:6a:bc:69:c4:32:67:c7:55: 90:1d:32:c5:9f:ba:a6:8d:62:3f:44:bc:fe:c2:77:92:76:65: d9:fd:b4:cd:fa:d3:ba:8e:18:61:0e:4e:1e:1f:8a:92:34:26: b3:aa:07:c7:50:d9:52:27:c7:29:9c:61:e6:53:00:a0:8e:6c: 3e:10:73:ce:d3:3c:f1:e0:f5:10:a7:91:a2:56:c0:b3:1a:74: 82:d8:41:97:71:22:ea:f9:59:5e:b5:07:f3:24:05:95:7e:fa: b9:db:19:34:e2:e8:7b:56:23:b9:8e:a9:dc:49:c2:b6:64:a0: c6:93:43:69:81:85:f9:b3:35:e6:e5:5a:62:aa:40:85:ad:aa: 19:77:8e:39:e0:4c:b7:ad:df:4f:d1:93:6e:90:19:8e:44:84: 6b:3a:12:eb:a5:cc:34:df:54:30:f0:b0:a0:70:81:15:2e:f5: 50:0e:47:ca:fa:dd:4c:e6:0b:23:85:20:ba:74:60:6b:11:e5: 99:19:88:39:ab:d7:54:32:8e:13:45:24:1f:1a:aa:6a:14:d3: e8:29:b0:62 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDDgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDU0RjMxMTAvBgNVBAUTKDZDRTkyNTRBOUNCRkEwNzA0MjI0MzczNURDRTRGQkY3 RTU0NjExNjYwHhcNMjUwNTEwMTgxNzE2WhcNMjUwNTE3MTgxNzE2WjAYMRYwFAYD VQQDEw02ODFmOTgyZC0yM2I2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvBcRdoUlkhTxFtbVmCvB5SU7CmzkePqkb0RCIjgGenbnv5v7013UYxulGyEA KZZho8vlI63Wga3Ldq67kQi8bbbg3iNYQ5Jw1+mJygp94fa6/2l+TDgYvolnznz5 yhL3V6IFA6f6TZi70WiHFGVrC9k+qNvcuPSvexoMP5lIevKMd080D9rOqU5IwwI4 uH/16hI1nHbLnkGthpFLZeHXbPDgQs3cEBLZ8btzFKBIo4mLN/z8Pz9iylDJsgd3 kE3TggyxUIrIpTei681p7oZWPheVeP3Sjt/FPzGRCRRduRE23cjGbzs1UXlV8bNy e+Rx73t6GiD2MRx7/uR/GTaj+QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFO0csb69 bKV//J/NYIE2nr/20UzrMB8GA1UdIwQYMBaAFGzpJUqcv6BwQiQ3Ndzk+/flRhFm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NTRGMy8xRUY3ODY2ODA1 REMxMUVBOTc0M0JBNUZDNEY5QUUwMi9iT2tsU3B5X29IQkNKRGMxM09UNzktVkdF V1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2JPa2xTcHlfb0hCQ0pEYzEzT1Q3OS1WR0VXWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 NTRGMy8xRUY3ODY2ODA1REMxMUVBOTc0M0JBNUZDNEY5QUUwMi9iT2tsU3B5X29I QkNKRGMxM09UNzktVkdFV1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBitael96XRX4FKZ7oV9Vp+18WPCUbX0cEI+/+FTI3WHvm8X3FInD0K bGtDC6ZfarxpxDJnx1WQHTLFn7qmjWI/RLz+wneSdmXZ/bTN+tO6jhhhDk4eH4qS NCazqgfHUNlSJ8cpnGHmUwCgjmw+EHPO0zzx4PUQp5GiVsCzGnSC2EGXcSLq+Vle tQfzJAWVfvq52xk04uh7ViO5jqncScK2ZKDGk0NpgYX5szXm5VpiqkCFraoZd445 4Ey3rd9P0ZNukBmORIRrOhLrpcw031Qw8LCgcIEVLvVQDkfK+t1M5gsjhSC6dGBr EeWZGYg5q9dUMo4TRSQfGqpqFNPoKbBi -----END CERTIFICATE-----Generated at Mon May 12 15:26:29 2025 by rpki-client