$ rpki-client -vvf rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft File: bOklSpy_oHBCJDc13OT79-VGEWY.mft (raw, json) Hash identifier: b2BQoAfYLWnK1puGCYcjHG7Y2jYVj7lTv7yYrBZMDMg= Subject key identifier: 15:C8:39:55:F9:63:4E:AC:A9:B3:33:14:9A:46:AE:85:CB:FD:1E:18 Authority key identifier: 6C:E9:25:4A:9C:BF:A0:70:42:24:37:35:DC:E4:FB:F7:E5:46:11:66 Certificate issuer: /CN=A91454F3/serialNumber=6CE9254A9CBFA07042243735DCE4FBF7E5461166 Certificate serial: 0C8A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft Manifest number: 0C84 Signing time: Sat 18 Oct 2025 19:06:35 +0000 Manifest this update: Sat 18 Oct 2025 19:06:35 +0000 Manifest next update: Sat 25 Oct 2025 19:06:35 +0000 Files and hashes: 1: bOklSpy_oHBCJDc13OT79-VGEWY.crl (hash: M9IhWQ6/DFjFcH8IKbo/v08/nnA4cqcwiWD7rktErIY=) 2: 9DDA09EC05DC11EA9B6B0560C4F9AE02.roa (hash: tBcP96oatlX28aHZ2XCL2w+PP5ZPCSpD4OOUZWfI8Ds=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.crl rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 19:06:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3210 (0xc8a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91454F3, serialNumber=6CE9254A9CBFA07042243735DCE4FBF7E5461166 Validity Not Before: Oct 18 19:06:35 2025 GMT Not After : Oct 25 19:06:35 2025 GMT Subject: CN=68f3e53b-39cd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:00:cc:bb:48:43:7e:04:88:9f:b1:aa:a2:11: 8f:1e:e4:3d:d3:01:f5:a7:54:9a:37:02:94:bc:7b: 5e:73:1a:0f:0d:6a:9f:13:5f:b5:32:9c:41:0d:b3: c9:f5:fd:74:b7:29:8a:f9:c5:71:be:c8:54:04:4d: dd:1b:f0:22:ed:fb:2a:5a:0e:d4:ac:1d:e0:78:c3: a9:67:16:fb:a6:28:b9:44:f5:97:40:f2:64:3a:32: a7:4d:0e:cd:dc:23:e6:41:91:f4:03:f2:08:be:08: a8:33:fb:ce:0a:79:0e:84:f6:d4:b6:89:fd:d8:44: c8:c2:a5:cd:7d:0d:14:51:a8:53:e1:21:6a:b0:88: cf:af:86:49:8d:0d:52:21:87:5f:ce:16:63:bc:dd: 6e:02:a0:ad:49:6e:86:76:aa:4a:dc:2c:6c:a1:a6: cc:f1:c4:c4:09:8b:2f:85:86:19:3f:a8:9d:34:49: c8:c5:b1:93:09:2f:3d:c8:05:2a:63:68:d1:bb:16: b1:27:dc:82:f1:64:e1:76:e5:c5:fd:8f:18:6a:0b: 66:9a:ee:3c:7d:6e:20:16:c3:e4:a5:72:ee:08:0f: 32:9a:c5:55:ef:f3:39:67:1e:39:2c:38:a6:5b:b5: 76:d3:a7:3e:83:e9:cc:4f:24:17:20:40:42:75:33: dd:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:C8:39:55:F9:63:4E:AC:A9:B3:33:14:9A:46:AE:85:CB:FD:1E:18 X509v3 Authority Key Identifier: keyid:6C:E9:25:4A:9C:BF:A0:70:42:24:37:35:DC:E4:FB:F7:E5:46:11:66 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 67:10:87:5c:dc:c5:65:31:e6:fd:71:62:88:2b:e4:b1:cf:a1: 53:57:69:d9:4d:a9:b4:88:94:ac:7e:7e:3c:cf:92:cb:d5:a5: fa:7f:df:8d:29:3a:6e:f0:4f:a3:5d:aa:d9:9e:2e:21:0e:43: e3:f4:ae:93:61:55:5d:b6:5e:03:0b:00:f9:4e:51:a5:5a:3c: 40:10:1c:66:42:73:8c:69:b9:54:c1:45:53:57:8e:02:20:72: 07:94:ef:dc:72:71:ba:a6:5a:fb:c0:da:e2:b5:32:a9:30:dd: 6c:08:95:72:42:0a:9a:6b:eb:eb:fc:fa:0e:a8:9b:73:d7:8a: 90:8e:04:02:61:ff:d5:ac:1e:f3:ed:b1:7b:6b:1c:f6:50:39: de:f3:71:65:73:81:0b:95:56:3d:a2:a3:b3:6d:9c:2a:f3:e6: 68:3d:4b:27:75:fa:72:27:d2:f5:a7:fe:4e:09:9f:4d:16:fd: 73:40:79:38:06:9d:1b:25:cd:0f:ee:7c:82:e3:27:14:4f:84: 70:68:66:37:e5:ac:36:0d:50:89:bb:28:3f:93:5c:c3:60:02: 00:00:0b:0c:6b:6c:1a:8c:74:93:01:7d:81:11:f2:9d:6d:43: f1:57:89:d1:84:2f:d4:d7:f9:46:da:4c:da:7f:2b:4f:69:2d: 83:a1:53:fe -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDIowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDU0RjMxMTAvBgNVBAUTKDZDRTkyNTRBOUNCRkEwNzA0MjI0MzczNURDRTRGQkY3 RTU0NjExNjYwHhcNMjUxMDE4MTkwNjM1WhcNMjUxMDI1MTkwNjM1WjAYMRYwFAYD VQQDEw02OGYzZTUzYi0zOWNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAogDMu0hDfgSIn7GqohGPHuQ90wH1p1SaNwKUvHtecxoPDWqfE1+1MpxBDbPJ 9f10tymK+cVxvshUBE3dG/Ai7fsqWg7UrB3geMOpZxb7pii5RPWXQPJkOjKnTQ7N 3CPmQZH0A/IIvgioM/vOCnkOhPbUton92ETIwqXNfQ0UUahT4SFqsIjPr4ZJjQ1S IYdfzhZjvN1uAqCtSW6GdqpK3CxsoabM8cTECYsvhYYZP6idNEnIxbGTCS89yAUq Y2jRuxaxJ9yC8WThduXF/Y8Yagtmmu48fW4gFsPkpXLuCA8ymsVV7/M5Zx45LDim W7V206c+g+nMTyQXIEBCdTPdPwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBXIOVX5 Y06sqbMzFJpGroXL/R4YMB8GA1UdIwQYMBaAFGzpJUqcv6BwQiQ3Ndzk+/flRhFm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NTRGMy8xRUY3ODY2ODA1 REMxMUVBOTc0M0JBNUZDNEY5QUUwMi9iT2tsU3B5X29IQkNKRGMxM09UNzktVkdF V1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2JPa2xTcHlfb0hCQ0pEYzEzT1Q3OS1WR0VXWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 NTRGMy8xRUY3ODY2ODA1REMxMUVBOTc0M0JBNUZDNEY5QUUwMi9iT2tsU3B5X29I QkNKRGMxM09UNzktVkdFV1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBnEIdc3MVlMeb9cWKIK+Sxz6FTV2nZTam0iJSsfn48z5LL1aX6f9+N KTpu8E+jXarZni4hDkPj9K6TYVVdtl4DCwD5TlGlWjxAEBxmQnOMablUwUVTV44C IHIHlO/ccnG6plr7wNritTKpMN1sCJVyQgqaa+vr/PoOqJtz14qQjgQCYf/VrB7z 7bF7axz2UDne83Flc4ELlVY9oqOzbZwq8+ZoPUsndfpyJ9L1p/5OCZ9NFv1zQHk4 Bp0bJc0P7nyC4ycUT4RwaGY35aw2DVCJuyg/k1zDYAIAAAsMa2wajHSTAX2BEfKd bUPxV4nRhC/U1/lG2kzafytPaS2DoVP+ -----END CERTIFICATE-----Generated at Sun Oct 19 23:31:16 2025 by rpki-client