$ rpki-client -vvf rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft File: bOklSpy_oHBCJDc13OT79-VGEWY.mft (raw, json) Hash identifier: lbBF8cFiiNHyX9RJy8iAkf3BjkHEwymBnqbKyDurq0o= Subject key identifier: 1F:B2:14:97:11:4B:AF:35:6B:E7:91:E9:94:75:54:52:87:3E:60:FD Authority key identifier: 6C:E9:25:4A:9C:BF:A0:70:42:24:37:35:DC:E4:FB:F7:E5:46:11:66 Certificate issuer: /CN=A91454F3/serialNumber=6CE9254A9CBFA07042243735DCE4FBF7E5461166 Certificate serial: 0C4B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft Manifest number: 0C45 Signing time: Mon 16 Jun 2025 18:22:54 +0000 Manifest this update: Mon 16 Jun 2025 18:22:54 +0000 Manifest next update: Mon 23 Jun 2025 18:22:54 +0000 Files and hashes: 1: bOklSpy_oHBCJDc13OT79-VGEWY.crl (hash: c4nEcH50fJj/oHM7ECz30o/ztxdHOxnDzgcI1Dc/GB0=) 2: 9DDA09EC05DC11EA9B6B0560C4F9AE02.roa (hash: tBcP96oatlX28aHZ2XCL2w+PP5ZPCSpD4OOUZWfI8Ds=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.crl rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 23 Jun 2025 18:22:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3147 (0xc4b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91454F3, serialNumber=6CE9254A9CBFA07042243735DCE4FBF7E5461166 Validity Not Before: Jun 16 18:22:54 2025 GMT Not After : Jun 23 18:22:54 2025 GMT Subject: CN=685060fe-322e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:1d:fb:2c:46:73:e4:e3:6c:8e:25:aa:9d:93: a5:69:0b:f8:78:ff:f0:aa:1d:0b:f7:a1:f4:23:42: 13:7e:6d:4f:1d:4a:be:ac:bf:ce:5f:60:94:b5:38: 9b:cb:84:66:49:05:dd:00:40:3f:f2:f9:3f:f3:1a: 81:8a:e2:20:3d:7c:18:12:41:d4:f6:6e:a8:6d:1a: db:3e:85:8d:bb:60:d9:ea:81:06:23:65:45:e2:7e: d8:13:5a:da:80:81:60:02:7b:c7:8b:5c:56:76:ed: 41:40:ae:16:37:c5:8b:98:bb:bc:92:e7:49:cd:7f: 53:9d:3a:ea:2c:1a:84:e0:a4:c3:0e:d1:37:a5:a5: e3:cf:07:51:99:e5:44:00:c3:08:9d:a4:dd:6a:5e: 9f:f6:d2:45:b8:0b:5c:5c:3e:35:18:02:00:45:6f: b5:24:e4:a8:a6:32:61:17:71:87:69:75:9a:54:6d: 95:6c:2e:a2:e4:9d:72:5d:4b:c0:38:40:fe:53:1d: 9d:ab:e3:cd:79:b8:e7:2e:3e:ac:37:94:ef:7e:6b: 26:41:b6:be:a0:65:8d:f4:f4:78:bb:16:a3:98:64: b3:56:da:1e:f9:ec:9f:a4:e5:6f:6a:75:1d:77:44: 99:14:38:8a:e5:82:20:1b:5c:c4:47:f9:86:88:8a: 0f:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:B2:14:97:11:4B:AF:35:6B:E7:91:E9:94:75:54:52:87:3E:60:FD X509v3 Authority Key Identifier: keyid:6C:E9:25:4A:9C:BF:A0:70:42:24:37:35:DC:E4:FB:F7:E5:46:11:66 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ae:93:04:25:71:80:04:e0:50:14:62:bc:ac:c9:5d:c5:14:6c: 14:99:67:9f:9b:be:ca:df:f9:06:55:da:12:86:67:40:02:2b: 7e:bc:c3:84:a8:39:c0:7d:bf:ef:85:9b:1c:a3:f5:c2:ec:3d: f3:3d:6d:46:11:73:9c:d8:a1:ff:d8:56:a5:c8:22:3d:bb:56: 23:e1:e3:ce:a0:d1:e2:9e:a6:83:0c:d0:96:00:e3:ba:50:a1: 88:ae:8c:5d:02:52:2e:59:28:9a:1a:cd:38:5c:52:36:69:15: b4:bb:87:6f:61:e2:7b:21:2d:0b:be:12:87:ca:f8:a4:72:82: bb:51:40:d3:74:ab:95:81:a4:bf:e8:39:ef:15:3c:8e:04:77: 2b:28:43:1c:fb:c5:6c:80:6a:c2:ca:b7:ba:07:ed:6c:9d:45: 10:e9:e6:83:f5:bc:b8:52:78:54:0f:b9:b4:68:d6:d0:1e:c6: 1f:5b:df:7b:14:84:ce:15:39:86:5f:ff:0a:2f:a2:e3:0e:72: f0:4b:e2:16:18:e3:59:f4:5d:0e:e0:80:a3:7c:00:0c:9f:c6: de:ac:14:20:18:48:54:31:2e:c9:d0:ad:c9:b2:4f:ef:4f:71: 9b:a8:64:4a:54:54:31:77:d8:76:ec:2b:1c:e0:07:16:7a:1c: 95:64:6b:93 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDEswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDU0RjMxMTAvBgNVBAUTKDZDRTkyNTRBOUNCRkEwNzA0MjI0MzczNURDRTRGQkY3 RTU0NjExNjYwHhcNMjUwNjE2MTgyMjU0WhcNMjUwNjIzMTgyMjU0WjAYMRYwFAYD VQQDEw02ODUwNjBmZS0zMjJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqx37LEZz5ONsjiWqnZOlaQv4eP/wqh0L96H0I0ITfm1PHUq+rL/OX2CUtTib y4RmSQXdAEA/8vk/8xqBiuIgPXwYEkHU9m6obRrbPoWNu2DZ6oEGI2VF4n7YE1ra gIFgAnvHi1xWdu1BQK4WN8WLmLu8kudJzX9TnTrqLBqE4KTDDtE3paXjzwdRmeVE AMMInaTdal6f9tJFuAtcXD41GAIARW+1JOSopjJhF3GHaXWaVG2VbC6i5J1yXUvA OED+Ux2dq+PNebjnLj6sN5TvfmsmQba+oGWN9PR4uxajmGSzVtoe+eyfpOVvanUd d0SZFDiK5YIgG1zER/mGiIoPiQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFB+yFJcR S681a+eR6ZR1VFKHPmD9MB8GA1UdIwQYMBaAFGzpJUqcv6BwQiQ3Ndzk+/flRhFm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NTRGMy8xRUY3ODY2ODA1 REMxMUVBOTc0M0JBNUZDNEY5QUUwMi9iT2tsU3B5X29IQkNKRGMxM09UNzktVkdF V1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2JPa2xTcHlfb0hCQ0pEYzEzT1Q3OS1WR0VXWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 NTRGMy8xRUY3ODY2ODA1REMxMUVBOTc0M0JBNUZDNEY5QUUwMi9iT2tsU3B5X29I QkNKRGMxM09UNzktVkdFV1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCukwQlcYAE4FAUYrysyV3FFGwUmWefm77K3/kGVdoShmdAAit+vMOE qDnAfb/vhZsco/XC7D3zPW1GEXOc2KH/2FalyCI9u1Yj4ePOoNHinqaDDNCWAOO6 UKGIroxdAlIuWSiaGs04XFI2aRW0u4dvYeJ7IS0LvhKHyvikcoK7UUDTdKuVgaS/ 6DnvFTyOBHcrKEMc+8VsgGrCyre6B+1snUUQ6eaD9by4UnhUD7m0aNbQHsYfW997 FITOFTmGX/8KL6LjDnLwS+IWGONZ9F0O4ICjfAAMn8berBQgGEhUMS7J0K3Jsk/v T3GbqGRKVFQxd9h27Csc4AcWehyVZGuT -----END CERTIFICATE-----Generated at Tue Jun 17 07:57:05 2025 by rpki-client