$ rpki-client -vvf rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft File: bOklSpy_oHBCJDc13OT79-VGEWY.mft (raw, json) Hash identifier: 7nHRecQsLTIn7U1CygkrO02xAY7iMy8hBmXCs+LPQ3Q= Subject key identifier: 75:85:C8:19:C8:72:7E:35:92:B8:54:A3:A8:AB:4C:02:1B:BD:E9:85 Authority key identifier: 6C:E9:25:4A:9C:BF:A0:70:42:24:37:35:DC:E4:FB:F7:E5:46:11:66 Certificate issuer: /CN=A91454F3/serialNumber=6CE9254A9CBFA07042243735DCE4FBF7E5461166 Certificate serial: 0CE2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft Manifest number: 0CD9 Signing time: Tue 24 Mar 2026 18:07:31 +0000 Manifest this update: Tue 24 Mar 2026 18:07:31 +0000 Manifest next update: Tue 31 Mar 2026 18:07:31 +0000 Files and hashes: 1: bOklSpy_oHBCJDc13OT79-VGEWY.crl (hash: Xw7XnCArFaAZijUnh161O4SqKyhA/18CxStxKuwgqrQ=) 2: 9DDA09EC05DC11EA9B6B0560C4F9AE02.roa (hash: jOASJy08cQtiHT2anaDk0d4CR9FN0kGkmWrO2dstaFQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.crl rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 18:07:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3298 (0xce2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91454F3, serialNumber=6CE9254A9CBFA07042243735DCE4FBF7E5461166 Validity Not Before: Mar 24 18:07:31 2026 GMT Not After : Mar 31 18:07:31 2026 GMT Subject: CN=69c2d2e3-38b1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:db:9d:75:02:82:06:d5:a0:85:2b:5c:aa:f6: 4b:88:ed:75:6b:53:67:b4:2f:7c:5f:50:80:5a:9e: 4e:9f:52:5f:21:96:df:d1:34:4f:ce:d2:a6:17:16: 59:34:81:72:0e:dd:3a:39:68:7d:55:90:54:12:97: ac:dc:2e:b9:0d:96:35:50:6c:bf:93:fb:66:77:33: c8:c8:cf:07:b2:34:c8:23:ed:4d:95:e0:54:cf:2d: 3b:ce:53:77:28:94:8a:b2:37:07:74:65:05:49:d7: b5:23:ef:2f:b6:17:73:8a:96:0b:3b:50:f2:c1:f9: a1:7a:9b:d0:b8:99:54:69:ee:1a:00:9e:26:8f:43: f4:f0:82:a1:98:66:68:47:1b:37:51:63:64:cd:8f: 75:1e:4a:ea:4c:35:db:64:08:32:b1:c5:8a:1d:77: a0:b3:1c:d8:53:09:4c:98:8d:58:f2:f5:de:80:93: b4:36:8f:aa:2f:ff:c3:da:b3:b9:96:3f:1a:50:d1: 6d:c2:5d:1f:e0:a5:14:ea:9a:90:3a:9b:cc:d9:99: a3:cb:58:3a:c2:01:8f:48:ce:40:24:f0:76:61:24: 95:6d:81:e0:5a:7b:75:89:bc:22:e3:54:aa:89:aa: db:bb:e5:cf:d9:09:c3:ce:1c:5c:9e:8a:5b:fa:35: 24:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:85:C8:19:C8:72:7E:35:92:B8:54:A3:A8:AB:4C:02:1B:BD:E9:85 X509v3 Authority Key Identifier: keyid:6C:E9:25:4A:9C:BF:A0:70:42:24:37:35:DC:E4:FB:F7:E5:46:11:66 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b4:e6:9c:17:f2:60:0b:2b:a8:d9:e6:a6:24:6c:28:56:3c:6c: 92:25:fe:65:6d:cb:95:52:a2:b0:ae:ea:6f:34:cc:6c:80:77: 70:97:17:3f:f0:7d:e3:c3:f3:f0:2b:25:90:c0:f9:22:86:5e: b2:51:0c:0f:7f:2e:93:b9:a5:01:5e:7a:3c:ae:d0:e9:9d:7d: c9:74:2a:f5:1e:b9:f9:7e:4c:e9:18:04:88:2d:04:62:3a:8f: f4:93:af:42:40:76:fd:03:f1:46:81:3a:ab:14:63:f7:a6:9d: 4a:6e:46:22:59:0e:6a:77:92:43:f5:e0:2f:1f:98:3e:f8:3c: dd:ed:b1:c7:76:d5:37:ae:8a:9e:90:d9:f4:67:84:59:e6:77: fc:56:24:1b:36:aa:07:1d:49:99:c7:d7:33:61:58:d2:c3:b1: 4a:e6:ab:38:30:e8:7a:da:23:15:1a:55:00:c5:61:3d:e9:e6: 3e:1a:b0:96:a2:5a:c5:6b:5f:d2:68:67:41:9f:75:9a:c4:6c: 04:b6:4b:f0:5c:fe:ff:8e:62:56:b0:0e:ab:5e:d8:6f:dc:96: 87:7b:bd:36:79:06:06:01:22:69:80:52:f0:e5:b6:c5:5c:f4: 9e:ea:d9:21:0a:3c:7b:05:4b:47:be:7a:3f:f9:be:f8:13:a6: 1f:d7:28:68 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICDOIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDU0RjMxMTAvBgNVBAUTKDZDRTkyNTRBOUNCRkEwNzA0MjI0MzczNURDRTRGQkY3 RTU0NjExNjYwHhcNMjYwMzI0MTgwNzMxWhcNMjYwMzMxMTgwNzMxWjAYMRYwFAYD VQQDEw02OWMyZDJlMy0zOGIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAkduddQKCBtWghStcqvZLiO11a1NntC98X1CAWp5On1JfIZbf0TRPztKmFxZZ NIFyDt06OWh9VZBUEpes3C65DZY1UGy/k/tmdzPIyM8HsjTII+1NleBUzy07zlN3 KJSKsjcHdGUFSde1I+8vthdzipYLO1DywfmhepvQuJlUae4aAJ4mj0P08IKhmGZo Rxs3UWNkzY91HkrqTDXbZAgyscWKHXegsxzYUwlMmI1Y8vXegJO0No+qL//D2rO5 lj8aUNFtwl0f4KUU6pqQOpvM2Zmjy1g6wgGPSM5AJPB2YSSVbYHgWnt1ibwi41Sq iarbu+XP2QnDzhxcnopb+jUkIwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFHWFyBnI cn41krhUo6irTAIbvemFMB8GA1UdIwQYMBaAFGzpJUqcv6BwQiQ3Ndzk+/flRhFm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NTRGMy8xRUY3ODY2ODA1 REMxMUVBOTc0M0JBNUZDNEY5QUUwMi9iT2tsU3B5X29IQkNKRGMxM09UNzktVkdF V1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2JPa2xTcHlfb0hCQ0pEYzEzT1Q3OS1WR0VXWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 NTRGMy8xRUY3ODY2ODA1REMxMUVBOTc0M0JBNUZDNEY5QUUwMi9iT2tsU3B5X29I QkNKRGMxM09UNzktVkdFV1kubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAtOacF/JgCyuo2eamJGwoVjxskiX+ZW3LlVKisK7qbzTMbIB3cJcXP/B948Pz 8CslkMD5IoZeslEMD38uk7mlAV56PK7Q6Z19yXQq9R65+X5M6RgEiC0EYjqP9JOv QkB2/QPxRoE6qxRj96adSm5GIlkOaneSQ/XgLx+YPvg83e2xx3bVN66KnpDZ9GeE WeZ3/FYkGzaqBx1JmcfXM2FY0sOxSuarODDoetojFRpVAMVhPenmPhqwlqJaxWtf 0mhnQZ91msRsBLZL8Fz+/45iVrAOq17Yb9yWh3u9NnkGBgEiaYBS8OW2xVz0nurZ IQo8ewVLR756P/m++BOmH9coaA== -----END CERTIFICATE-----Generated at Thu Mar 26 07:18:50 2026 by rpki-client