$ rpki-client -vvf rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft File: bOklSpy_oHBCJDc13OT79-VGEWY.mft (raw, json) Hash identifier: ylFF0deSf8AasquGbbhMe4IH89hvucN1snOLwu4H8Oo= Subject key identifier: 1E:10:FA:08:B9:21:1E:F9:63:54:20:95:8D:64:66:F7:69:7B:EA:E7 Authority key identifier: 6C:E9:25:4A:9C:BF:A0:70:42:24:37:35:DC:E4:FB:F7:E5:46:11:66 Certificate issuer: /CN=A91454F3/serialNumber=6CE9254A9CBFA07042243735DCE4FBF7E5461166 Certificate serial: 0C7B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft Manifest number: 0C75 Signing time: Thu 18 Sep 2025 18:34:11 +0000 Manifest this update: Thu 18 Sep 2025 18:34:10 +0000 Manifest next update: Thu 25 Sep 2025 18:34:10 +0000 Files and hashes: 1: bOklSpy_oHBCJDc13OT79-VGEWY.crl (hash: s5PPWKBQSaI9zJg6mNScZ1ZgBe09nJFKypjGCiqd8L8=) 2: 9DDA09EC05DC11EA9B6B0560C4F9AE02.roa (hash: tBcP96oatlX28aHZ2XCL2w+PP5ZPCSpD4OOUZWfI8Ds=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.crl rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Sep 2025 18:34:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3195 (0xc7b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91454F3, serialNumber=6CE9254A9CBFA07042243735DCE4FBF7E5461166 Validity Not Before: Sep 18 18:34:10 2025 GMT Not After : Sep 25 18:34:10 2025 GMT Subject: CN=68cc50a3-beb5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:2d:68:7a:94:3d:cd:23:5b:49:7d:f5:1f:77: b1:9b:3c:96:3c:b3:bc:54:80:64:fd:46:61:3d:13: 76:f3:21:e8:bc:24:35:54:2a:99:d5:34:b5:8b:08: a1:ad:63:c0:0c:46:c2:b5:28:61:19:e3:8f:cc:98: 5f:e2:bf:a8:a4:a8:49:da:3f:1b:75:0f:d9:01:9b: c1:b8:a4:a6:2f:04:50:60:d4:9a:40:b1:76:fd:a8: 83:61:4a:99:63:b4:69:23:95:5e:b6:08:a9:21:9b: 68:67:35:72:33:1a:3a:02:58:54:b7:b9:44:82:3f: bc:ba:63:1d:f6:69:fa:cb:be:71:56:44:4e:31:67: a3:64:65:06:4f:7f:57:e7:c9:8a:a1:2d:b3:6e:ef: e0:47:07:77:c3:da:e4:50:7b:5b:ce:57:22:00:f7: fa:ff:a1:ba:90:c7:cf:37:7e:a1:1f:18:6c:a4:23: c0:c0:90:b3:5c:25:9e:5f:3e:8d:fc:60:6d:cb:7e: 8b:28:8d:0e:c5:6a:ce:72:3b:9d:84:b3:d3:9f:06: 80:12:fa:65:f3:ab:36:26:9a:fc:2c:c2:6c:bc:c3: ee:77:cf:3b:ca:77:5d:89:a5:2a:10:96:92:0b:d8: d7:9f:c2:74:7b:06:be:47:30:54:5c:42:3c:3f:5b: 49:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:10:FA:08:B9:21:1E:F9:63:54:20:95:8D:64:66:F7:69:7B:EA:E7 X509v3 Authority Key Identifier: keyid:6C:E9:25:4A:9C:BF:A0:70:42:24:37:35:DC:E4:FB:F7:E5:46:11:66 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0d:86:71:9c:fe:51:ec:4d:47:07:80:2a:ba:4c:34:01:67:cf: 20:f2:ec:2a:e2:a0:09:74:22:77:0a:e1:12:71:47:58:60:35: 79:86:6f:b9:07:29:ba:39:86:b7:49:ab:a1:4e:ae:0c:b5:7d: c8:63:7e:03:5a:ee:17:2b:f5:94:d6:87:5c:67:59:88:40:f1: 61:e0:37:67:07:b2:8d:a4:7d:ba:12:f9:5e:d8:b2:d6:8b:e2: 6c:55:68:12:e4:d9:75:82:b9:4b:cb:98:44:09:f6:89:fa:a6: 5f:6a:2c:70:9c:35:f0:33:59:3e:83:2f:04:b0:8b:80:49:99: 82:4c:4a:8f:9d:d0:b8:56:a1:b1:2f:ea:05:a1:da:e9:8d:27: 1f:71:89:bd:f9:73:5b:b1:44:6d:de:a3:77:0c:2a:7d:ec:c8: 64:e9:8c:98:6b:ff:d0:92:af:ee:06:68:12:cb:e5:33:b4:45: 6d:9a:ee:a7:23:89:6b:30:5e:2b:38:02:31:4f:6b:d4:ad:6d: c2:f8:ed:64:f7:3c:f8:9a:95:d8:72:12:56:2b:d4:75:16:58: f2:eb:6f:a3:7b:26:95:c5:1d:9f:5d:4f:ca:01:37:2a:3d:78: 8e:50:47:6c:74:5c:e6:65:9f:a2:0f:7a:a6:f5:48:77:47:0f: 37:cf:ce:db -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDHswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDU0RjMxMTAvBgNVBAUTKDZDRTkyNTRBOUNCRkEwNzA0MjI0MzczNURDRTRGQkY3 RTU0NjExNjYwHhcNMjUwOTE4MTgzNDEwWhcNMjUwOTI1MTgzNDEwWjAYMRYwFAYD VQQDEw02OGNjNTBhMy1iZWI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvy1oepQ9zSNbSX31H3exmzyWPLO8VIBk/UZhPRN28yHovCQ1VCqZ1TS1iwih rWPADEbCtShhGeOPzJhf4r+opKhJ2j8bdQ/ZAZvBuKSmLwRQYNSaQLF2/aiDYUqZ Y7RpI5VetgipIZtoZzVyMxo6AlhUt7lEgj+8umMd9mn6y75xVkROMWejZGUGT39X 58mKoS2zbu/gRwd3w9rkUHtbzlciAPf6/6G6kMfPN36hHxhspCPAwJCzXCWeXz6N /GBty36LKI0OxWrOcjudhLPTnwaAEvpl86s2Jpr8LMJsvMPud887ynddiaUqEJaS C9jXn8J0ewa+RzBUXEI8P1tJIwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFB4Q+gi5 IR75Y1QglY1kZvdpe+rnMB8GA1UdIwQYMBaAFGzpJUqcv6BwQiQ3Ndzk+/flRhFm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NTRGMy8xRUY3ODY2ODA1 REMxMUVBOTc0M0JBNUZDNEY5QUUwMi9iT2tsU3B5X29IQkNKRGMxM09UNzktVkdF V1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2JPa2xTcHlfb0hCQ0pEYzEzT1Q3OS1WR0VXWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 NTRGMy8xRUY3ODY2ODA1REMxMUVBOTc0M0JBNUZDNEY5QUUwMi9iT2tsU3B5X29I QkNKRGMxM09UNzktVkdFV1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQANhnGc/lHsTUcHgCq6TDQBZ88g8uwq4qAJdCJ3CuEScUdYYDV5hm+5 Bym6OYa3SauhTq4MtX3IY34DWu4XK/WU1odcZ1mIQPFh4DdnB7KNpH26Evle2LLW i+JsVWgS5Nl1grlLy5hECfaJ+qZfaixwnDXwM1k+gy8EsIuASZmCTEqPndC4VqGx L+oFodrpjScfcYm9+XNbsURt3qN3DCp97Mhk6YyYa//Qkq/uBmgSy+UztEVtmu6n I4lrMF4rOAIxT2vUrW3C+O1k9zz4mpXYchJWK9R1Fljy62+jeyaVxR2fXU/KATcq PXiOUEdsdFzmZZ+iD3qm9Uh3Rw83z87b -----END CERTIFICATE-----Generated at Fri Sep 19 00:46:57 2025 by rpki-client