$ rpki-client -vvf rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft File: bOklSpy_oHBCJDc13OT79-VGEWY.mft (raw, json) Hash identifier: 8Rk01AQRsrEWdGTEvMdwN6Bfd0xLd1RnGOzo5DnU6BU= Subject key identifier: C0:33:F2:47:93:39:CC:9E:B2:DF:4D:EA:22:AF:A5:17:BC:FD:75:66 Authority key identifier: 6C:E9:25:4A:9C:BF:A0:70:42:24:37:35:DC:E4:FB:F7:E5:46:11:66 Certificate issuer: /CN=A91454F3/serialNumber=6CE9254A9CBFA07042243735DCE4FBF7E5461166 Certificate serial: 0C52 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft Manifest number: 0C4C Signing time: Mon 30 Jun 2025 18:37:45 +0000 Manifest this update: Mon 30 Jun 2025 18:37:44 +0000 Manifest next update: Mon 07 Jul 2025 18:37:44 +0000 Files and hashes: 1: bOklSpy_oHBCJDc13OT79-VGEWY.crl (hash: 9pzqsF8LZqN1FMif9fn+P1Xl0uxpMDikqQBAvA/M0KQ=) 2: 9DDA09EC05DC11EA9B6B0560C4F9AE02.roa (hash: tBcP96oatlX28aHZ2XCL2w+PP5ZPCSpD4OOUZWfI8Ds=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.crl rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Jul 2025 18:37:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3154 (0xc52) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91454F3, serialNumber=6CE9254A9CBFA07042243735DCE4FBF7E5461166 Validity Not Before: Jun 30 18:37:44 2025 GMT Not After : Jul 7 18:37:44 2025 GMT Subject: CN=6862d979-604e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:a3:97:32:da:d1:f1:63:c8:38:17:8a:9e:bb: e4:26:ac:57:81:18:3a:ee:e9:95:3c:d7:0a:37:bd: 33:8c:b0:af:9c:64:26:5b:8d:4c:99:e3:1f:23:aa: 93:7b:78:e2:cf:ac:fd:47:7d:ee:f1:d3:fe:01:5d: c5:ee:21:67:86:bc:e9:58:49:9b:c4:49:4d:ec:e3: f5:ad:c7:88:d6:69:84:4c:c8:da:f9:61:b6:c0:6a: d8:5a:e6:50:00:3f:20:38:cc:62:8a:58:33:fa:ca: e5:ec:85:60:58:56:6a:7f:07:53:6f:70:0b:95:08: 59:3e:80:ee:35:a6:7d:c2:49:c7:67:fb:63:fd:00: d4:2b:5e:e4:fe:6c:e7:ae:e5:ca:4d:f4:cf:8a:3c: 13:28:69:78:9f:ab:ae:5b:45:11:de:fc:4b:78:2b: 5a:f7:8d:a1:ef:1d:4c:bd:3a:10:54:5f:cb:81:e0: 7f:1b:ac:35:f0:cc:b5:ab:b8:76:cc:d5:cc:9a:61: 60:6d:65:7d:38:8f:42:3e:5e:fb:5c:7b:ec:d6:7e: de:68:bb:5d:db:e1:80:e6:df:bd:d5:5a:e6:18:7b: 14:48:65:9f:2c:3e:c1:7c:9e:ed:f8:26:39:b6:bd: 5f:21:fc:c4:76:f0:47:c9:01:52:a4:06:ea:44:48: ee:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:33:F2:47:93:39:CC:9E:B2:DF:4D:EA:22:AF:A5:17:BC:FD:75:66 X509v3 Authority Key Identifier: keyid:6C:E9:25:4A:9C:BF:A0:70:42:24:37:35:DC:E4:FB:F7:E5:46:11:66 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9d:c7:84:c3:90:43:83:4a:29:d9:c1:16:b5:f4:cd:47:f2:47: 87:c4:78:62:d0:79:36:d4:5e:56:cf:61:ee:43:52:13:18:c0: 3e:90:51:33:e9:31:cc:6d:e8:9c:c8:0c:cf:98:4a:6d:2e:e7: 98:48:d1:b7:95:f0:48:42:c8:1f:d9:16:58:74:0c:70:04:ff: 24:93:13:f6:e0:07:dc:2b:bb:80:29:1b:22:10:da:e9:db:2c: df:8b:57:9a:6b:f9:4e:3c:20:f0:80:65:70:f2:ef:73:17:a8: af:01:52:05:be:fd:94:06:70:69:6d:63:7d:0c:a0:ef:14:1e: 08:b4:cf:f7:87:1b:6c:d1:b2:31:80:95:ed:a7:ac:7e:18:26: 68:c1:59:12:6c:e1:0a:cb:02:da:cd:8c:33:09:3a:e4:d7:6b: c6:94:a6:da:29:2d:24:85:f1:90:a9:c6:55:a6:b8:fe:2c:ac: 0a:af:db:35:93:20:68:79:25:10:46:2d:43:57:32:64:f8:22: e6:1e:76:fb:84:0f:5b:3f:a3:f1:e9:71:8b:04:19:0d:66:eb: a7:cd:d6:2c:cc:d5:55:5e:6f:3c:13:bf:78:82:93:ee:11:96: f4:5c:cf:e2:3e:6b:15:86:48:46:2b:f3:f2:36:1c:6d:1e:72: 8c:da:9e:51 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDFIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDU0RjMxMTAvBgNVBAUTKDZDRTkyNTRBOUNCRkEwNzA0MjI0MzczNURDRTRGQkY3 RTU0NjExNjYwHhcNMjUwNjMwMTgzNzQ0WhcNMjUwNzA3MTgzNzQ0WjAYMRYwFAYD VQQDEw02ODYyZDk3OS02MDRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvaOXMtrR8WPIOBeKnrvkJqxXgRg67umVPNcKN70zjLCvnGQmW41MmeMfI6qT e3jiz6z9R33u8dP+AV3F7iFnhrzpWEmbxElN7OP1rceI1mmETMja+WG2wGrYWuZQ AD8gOMxiilgz+srl7IVgWFZqfwdTb3ALlQhZPoDuNaZ9wknHZ/tj/QDUK17k/mzn ruXKTfTPijwTKGl4n6uuW0UR3vxLeCta942h7x1MvToQVF/LgeB/G6w18My1q7h2 zNXMmmFgbWV9OI9CPl77XHvs1n7eaLtd2+GA5t+91VrmGHsUSGWfLD7BfJ7t+CY5 tr1fIfzEdvBHyQFSpAbqREju1QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMAz8keT Ocyest9N6iKvpRe8/XVmMB8GA1UdIwQYMBaAFGzpJUqcv6BwQiQ3Ndzk+/flRhFm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NTRGMy8xRUY3ODY2ODA1 REMxMUVBOTc0M0JBNUZDNEY5QUUwMi9iT2tsU3B5X29IQkNKRGMxM09UNzktVkdF V1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2JPa2xTcHlfb0hCQ0pEYzEzT1Q3OS1WR0VXWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 NTRGMy8xRUY3ODY2ODA1REMxMUVBOTc0M0JBNUZDNEY5QUUwMi9iT2tsU3B5X29I QkNKRGMxM09UNzktVkdFV1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCdx4TDkEODSinZwRa19M1H8keHxHhi0Hk21F5Wz2HuQ1ITGMA+kFEz 6THMbeicyAzPmEptLueYSNG3lfBIQsgf2RZYdAxwBP8kkxP24AfcK7uAKRsiENrp 2yzfi1eaa/lOPCDwgGVw8u9zF6ivAVIFvv2UBnBpbWN9DKDvFB4ItM/3hxts0bIx gJXtp6x+GCZowVkSbOEKywLazYwzCTrk12vGlKbaKS0khfGQqcZVprj+LKwKr9s1 kyBoeSUQRi1DVzJk+CLmHnb7hA9bP6Px6XGLBBkNZuunzdYszNVVXm88E794gpPu EZb0XM/iPmsVhkhGK/PyNhxtHnKM2p5R -----END CERTIFICATE-----Generated at Wed Jul 2 06:25:40 2025 by rpki-client