$ rpki-client -vvf rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft File: bOklSpy_oHBCJDc13OT79-VGEWY.mft (raw, json) Hash identifier: 5Zt/pla1bXfpoz5IV8plCbwPmFI0u9fd2gDXiY6FIvE= Subject key identifier: 36:06:20:B7:1F:B6:1A:B7:43:20:12:8D:86:85:DF:F6:78:AA:D3:46 Authority key identifier: 6C:E9:25:4A:9C:BF:A0:70:42:24:37:35:DC:E4:FB:F7:E5:46:11:66 Certificate issuer: /CN=A91454F3/serialNumber=6CE9254A9CBFA07042243735DCE4FBF7E5461166 Certificate serial: 0C5B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft Manifest number: 0C55 Signing time: Fri 18 Jul 2025 18:35:42 +0000 Manifest this update: Fri 18 Jul 2025 18:35:41 +0000 Manifest next update: Fri 25 Jul 2025 18:35:41 +0000 Files and hashes: 1: bOklSpy_oHBCJDc13OT79-VGEWY.crl (hash: yYWRt6vdpNnmLJR+eENAQ3s8VYJds5Suw4r1qzyFlxA=) 2: 9DDA09EC05DC11EA9B6B0560C4F9AE02.roa (hash: tBcP96oatlX28aHZ2XCL2w+PP5ZPCSpD4OOUZWfI8Ds=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.crl rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 18:35:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3163 (0xc5b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91454F3, serialNumber=6CE9254A9CBFA07042243735DCE4FBF7E5461166 Validity Not Before: Jul 18 18:35:41 2025 GMT Not After : Jul 25 18:35:41 2025 GMT Subject: CN=687a93fd-fbf0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:8e:22:75:63:9b:42:c6:9b:9a:3b:90:55:15: d0:ba:fb:7a:5b:b8:66:f7:cf:b0:7c:f9:28:bb:76: 60:e8:11:73:56:f5:29:b9:ae:56:82:36:f7:0d:aa: 6c:df:12:70:c8:1b:9d:a8:bb:92:7e:1d:02:ed:48: e6:07:2a:48:ec:2d:eb:e2:d1:e5:c8:a7:fd:eb:d2: e5:c3:99:05:f5:cc:70:74:55:13:6c:f0:f7:7d:b2: 59:2e:3a:91:c4:1b:f2:ba:29:24:1e:ec:a7:7a:69: 99:b0:d6:82:4f:cc:5a:0c:eb:65:80:ea:3f:57:9a: 80:2d:4b:04:3b:d6:a1:20:f5:ab:56:ef:4f:59:3c: 2a:f0:78:1b:cb:c3:59:14:fc:4e:78:f0:2d:74:16: 6c:5e:8b:a5:fa:74:fc:b8:88:4b:7c:71:2b:46:63: 9b:3a:82:2b:3a:ef:91:e1:aa:39:c4:44:ed:aa:f7: df:ff:11:da:6e:0c:f7:88:57:2a:72:d4:5d:9e:dd: 82:25:b6:2c:e5:03:e0:62:ad:36:01:90:86:cd:dd: 6f:4f:b0:0c:67:29:cb:1e:c4:db:26:b1:d8:69:3b: 31:2c:cb:6f:35:64:22:8d:9c:a6:7e:be:48:5a:e7: e1:1f:b4:54:76:53:bf:de:32:68:28:19:69:bb:4d: 25:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:06:20:B7:1F:B6:1A:B7:43:20:12:8D:86:85:DF:F6:78:AA:D3:46 X509v3 Authority Key Identifier: keyid:6C:E9:25:4A:9C:BF:A0:70:42:24:37:35:DC:E4:FB:F7:E5:46:11:66 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 36:a0:36:e9:86:07:d7:fd:88:7a:39:e5:ac:55:02:08:ce:cf: 18:d7:f4:b7:97:51:3c:a9:e1:92:4b:b4:df:fb:b7:83:52:c4: 05:89:c6:a7:56:6f:18:da:f5:2f:b6:58:d5:5b:8a:da:67:11: 68:3a:aa:9f:a7:e4:46:05:4a:0d:d1:21:c7:74:6e:fb:88:2f: 75:0d:e3:ae:d1:db:17:62:7f:cd:0a:ae:de:a1:6c:8a:8d:d8: 99:f6:3d:d2:57:e8:9e:80:93:e8:9e:2f:1d:01:dc:19:1e:ad: 56:35:12:ef:46:21:03:cd:73:81:7d:90:dc:47:46:4a:d6:d5: 2b:2e:59:2b:26:eb:c1:56:da:3b:bb:5b:ab:a8:d8:d5:77:3d: 27:74:5b:f1:0c:e5:83:fe:db:53:c6:dd:f7:42:ec:ea:2d:71: 4a:c9:b0:e4:de:18:a7:d5:cc:c7:a7:6b:4b:c8:c9:f0:e1:ef: 79:9d:fb:21:d6:dd:d5:4e:01:81:67:1f:35:95:be:c7:8a:fe: aa:4d:0c:45:dd:c6:7b:05:72:0f:1a:8b:d5:ba:a3:50:0c:89: 18:f4:2d:3c:e3:df:e7:9d:ba:6a:4a:91:c6:3e:a5:10:2e:fd: 09:db:b2:95:80:3e:27:d3:e9:0f:92:5a:a2:e5:0e:58:26:f0: a7:05:6e:b1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDFswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDU0RjMxMTAvBgNVBAUTKDZDRTkyNTRBOUNCRkEwNzA0MjI0MzczNURDRTRGQkY3 RTU0NjExNjYwHhcNMjUwNzE4MTgzNTQxWhcNMjUwNzI1MTgzNTQxWjAYMRYwFAYD VQQDEw02ODdhOTNmZC1mYmYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs44idWObQsabmjuQVRXQuvt6W7hm98+wfPkou3Zg6BFzVvUpua5Wgjb3Daps 3xJwyBudqLuSfh0C7UjmBypI7C3r4tHlyKf969Llw5kF9cxwdFUTbPD3fbJZLjqR xBvyuikkHuynemmZsNaCT8xaDOtlgOo/V5qALUsEO9ahIPWrVu9PWTwq8Hgby8NZ FPxOePAtdBZsXoul+nT8uIhLfHErRmObOoIrOu+R4ao5xETtqvff/xHabgz3iFcq ctRdnt2CJbYs5QPgYq02AZCGzd1vT7AMZynLHsTbJrHYaTsxLMtvNWQijZymfr5I WufhH7RUdlO/3jJoKBlpu00lTQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDYGILcf thq3QyASjYaF3/Z4qtNGMB8GA1UdIwQYMBaAFGzpJUqcv6BwQiQ3Ndzk+/flRhFm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NTRGMy8xRUY3ODY2ODA1 REMxMUVBOTc0M0JBNUZDNEY5QUUwMi9iT2tsU3B5X29IQkNKRGMxM09UNzktVkdF V1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2JPa2xTcHlfb0hCQ0pEYzEzT1Q3OS1WR0VXWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 NTRGMy8xRUY3ODY2ODA1REMxMUVBOTc0M0JBNUZDNEY5QUUwMi9iT2tsU3B5X29I QkNKRGMxM09UNzktVkdFV1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA2oDbphgfX/Yh6OeWsVQIIzs8Y1/S3l1E8qeGSS7Tf+7eDUsQFican Vm8Y2vUvtljVW4raZxFoOqqfp+RGBUoN0SHHdG77iC91DeOu0dsXYn/NCq7eoWyK jdiZ9j3SV+iegJPoni8dAdwZHq1WNRLvRiEDzXOBfZDcR0ZK1tUrLlkrJuvBVto7 u1urqNjVdz0ndFvxDOWD/ttTxt33QuzqLXFKybDk3hin1czHp2tLyMnw4e95nfsh 1t3VTgGBZx81lb7Hiv6qTQxF3cZ7BXIPGovVuqNQDIkY9C0849/nnbpqSpHGPqUQ Lv0J27KVgD4n0+kPklqi5Q5YJvCnBW6x -----END CERTIFICATE-----Generated at Sun Jul 20 06:50:03 2025 by rpki-client