$ rpki-client -vvf rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft File: bOklSpy_oHBCJDc13OT79-VGEWY.mft (raw, json) Hash identifier: GDfir+Eks+C3BYWeOREL/07S0tBPjWwSqJZ+VzA1jOQ= Subject key identifier: 7E:11:BE:AA:8A:9D:F4:92:7B:45:62:65:72:19:B8:17:D7:CC:FB:6F Authority key identifier: 6C:E9:25:4A:9C:BF:A0:70:42:24:37:35:DC:E4:FB:F7:E5:46:11:66 Certificate issuer: /CN=A91454F3/serialNumber=6CE9254A9CBFA07042243735DCE4FBF7E5461166 Certificate serial: 0C6D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft Manifest number: 0C67 Signing time: Fri 22 Aug 2025 18:31:28 +0000 Manifest this update: Fri 22 Aug 2025 18:31:27 +0000 Manifest next update: Fri 29 Aug 2025 18:31:27 +0000 Files and hashes: 1: bOklSpy_oHBCJDc13OT79-VGEWY.crl (hash: GTWEo1Ei7O6a1XJYtOToUhIZSGHD2kvvz4mG7dxeH5s=) 2: 9DDA09EC05DC11EA9B6B0560C4F9AE02.roa (hash: tBcP96oatlX28aHZ2XCL2w+PP5ZPCSpD4OOUZWfI8Ds=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.crl rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 18:31:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3181 (0xc6d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91454F3, serialNumber=6CE9254A9CBFA07042243735DCE4FBF7E5461166 Validity Not Before: Aug 22 18:31:27 2025 GMT Not After : Aug 29 18:31:27 2025 GMT Subject: CN=68a8b77f-a441 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:4c:a7:fd:8a:e2:c7:81:0d:fc:96:27:08:fd: 00:91:ba:ff:33:ec:ff:a4:11:3a:bf:d7:ed:13:c0: 70:1c:e4:ff:35:25:3b:4c:08:56:c2:40:0d:d6:e2: 12:25:71:81:09:ff:b9:61:49:3d:a6:8a:9a:ad:e0: ac:63:3a:a4:24:30:e6:d0:01:84:dc:70:fc:7b:22: e8:7e:25:a5:44:8c:3f:20:5d:92:b1:fd:36:cc:f4: c2:1e:2b:32:e6:2b:2b:b0:51:72:ed:06:f0:07:02: ee:4a:15:cf:fd:ef:60:5b:c4:19:97:a4:ac:31:16: 1a:76:20:49:01:63:e5:18:7d:8a:53:44:ba:ea:fa: a6:7e:3a:76:90:d2:c0:26:98:50:a5:1d:32:87:01: c7:90:17:a8:17:dd:cd:47:49:02:73:63:fb:c5:d6: 9e:46:ed:28:63:31:66:be:ed:2d:ba:0a:24:57:5e: 57:81:a5:fa:9b:e5:52:a6:07:a4:93:cd:f1:f4:8d: 12:e6:19:4b:dc:5b:09:3e:a1:eb:54:46:7c:66:9e: 85:76:12:5d:80:1e:8a:1a:e7:a7:cf:fb:81:67:45: 40:63:6c:3a:1e:4f:70:0a:90:15:a1:85:cc:f9:9f: da:8f:3c:20:8e:e6:3b:78:7c:53:da:a8:8c:d5:25: a5:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:11:BE:AA:8A:9D:F4:92:7B:45:62:65:72:19:B8:17:D7:CC:FB:6F X509v3 Authority Key Identifier: keyid:6C:E9:25:4A:9C:BF:A0:70:42:24:37:35:DC:E4:FB:F7:E5:46:11:66 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9c:09:ed:82:bd:97:b6:be:77:3e:97:8e:e0:e6:be:26:0a:1c: b3:c4:7b:9f:21:06:94:55:87:3e:55:2a:fd:05:a3:31:b3:8c: 2d:7a:f9:62:d9:c8:5e:cd:88:d4:82:f3:03:26:14:d7:19:62: 6a:af:cf:19:4d:4b:01:b6:36:7b:41:f5:5c:06:4e:a3:55:13: ad:bd:a4:0a:2f:6a:66:19:6b:56:71:6d:1c:46:3e:8e:a5:d8: 4e:15:e5:14:ec:33:3c:e6:77:11:bc:ac:23:72:df:82:68:cb: 5a:c9:5d:4a:72:ff:8c:92:f2:b2:ba:33:26:bf:78:2e:e2:60: 85:d3:c7:9e:9d:06:22:77:3b:dd:0f:e4:51:b7:41:73:99:a6: 7d:43:f1:11:dc:af:24:8e:58:92:30:ec:ad:f1:27:e9:87:76: 97:7c:0b:8d:f9:0f:40:a3:48:a9:08:60:ba:53:8b:98:6e:86: 64:fe:27:80:b4:07:c9:a7:19:07:5b:5d:6f:06:be:f1:06:1b: 75:11:cb:1f:0d:23:78:8b:6d:ad:dd:a3:c9:0d:f9:54:5a:02: 2e:cd:4f:0f:25:ac:a0:df:69:a3:30:f5:cd:b8:88:be:25:70: 7f:55:be:6c:9b:60:ec:cb:18:4b:a9:77:e8:f8:0c:ab:99:fe: 63:78:90:68 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDG0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDU0RjMxMTAvBgNVBAUTKDZDRTkyNTRBOUNCRkEwNzA0MjI0MzczNURDRTRGQkY3 RTU0NjExNjYwHhcNMjUwODIyMTgzMTI3WhcNMjUwODI5MTgzMTI3WjAYMRYwFAYD VQQDEw02OGE4Yjc3Zi1hNDQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnEyn/Yrix4EN/JYnCP0Akbr/M+z/pBE6v9ftE8BwHOT/NSU7TAhWwkAN1uIS JXGBCf+5YUk9poqareCsYzqkJDDm0AGE3HD8eyLofiWlRIw/IF2Ssf02zPTCHisy 5isrsFFy7QbwBwLuShXP/e9gW8QZl6SsMRYadiBJAWPlGH2KU0S66vqmfjp2kNLA JphQpR0yhwHHkBeoF93NR0kCc2P7xdaeRu0oYzFmvu0tugokV15XgaX6m+VSpgek k83x9I0S5hlL3FsJPqHrVEZ8Zp6FdhJdgB6KGuenz/uBZ0VAY2w6Hk9wCpAVoYXM +Z/ajzwgjuY7eHxT2qiM1SWlxQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFH4RvqqK nfSSe0ViZXIZuBfXzPtvMB8GA1UdIwQYMBaAFGzpJUqcv6BwQiQ3Ndzk+/flRhFm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NTRGMy8xRUY3ODY2ODA1 REMxMUVBOTc0M0JBNUZDNEY5QUUwMi9iT2tsU3B5X29IQkNKRGMxM09UNzktVkdF V1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2JPa2xTcHlfb0hCQ0pEYzEzT1Q3OS1WR0VXWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 NTRGMy8xRUY3ODY2ODA1REMxMUVBOTc0M0JBNUZDNEY5QUUwMi9iT2tsU3B5X29I QkNKRGMxM09UNzktVkdFV1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCcCe2CvZe2vnc+l47g5r4mChyzxHufIQaUVYc+VSr9BaMxs4wtevli 2chezYjUgvMDJhTXGWJqr88ZTUsBtjZ7QfVcBk6jVROtvaQKL2pmGWtWcW0cRj6O pdhOFeUU7DM85ncRvKwjct+CaMtayV1Kcv+MkvKyujMmv3gu4mCF08eenQYidzvd D+RRt0FzmaZ9Q/ER3K8kjliSMOyt8Sfph3aXfAuN+Q9Ao0ipCGC6U4uYboZk/ieA tAfJpxkHW11vBr7xBht1EcsfDSN4i22t3aPJDflUWgIuzU8PJayg32mjMPXNuIi+ JXB/Vb5sm2DsyxhLqXfo+Ayrmf5jeJBo -----END CERTIFICATE-----Generated at Sat Aug 23 15:16:54 2025 by rpki-client