$ rpki-client -vvf rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft File: bOklSpy_oHBCJDc13OT79-VGEWY.mft (raw, json) Hash identifier: JoCDTo+6BKkzR1wu/4EzTFkhEfrG1UZHS+WY9VPD50U= Subject key identifier: 77:CB:CD:2B:29:54:2E:90:5E:7B:F5:40:51:B1:D0:E3:40:72:93:5C Authority key identifier: 6C:E9:25:4A:9C:BF:A0:70:42:24:37:35:DC:E4:FB:F7:E5:46:11:66 Certificate issuer: /CN=A91454F3/serialNumber=6CE9254A9CBFA07042243735DCE4FBF7E5461166 Certificate serial: 0CEE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft Manifest number: 0CE5 Signing time: Thu 16 Apr 2026 18:11:17 +0000 Manifest this update: Thu 16 Apr 2026 18:11:17 +0000 Manifest next update: Thu 23 Apr 2026 18:11:17 +0000 Files and hashes: 1: bOklSpy_oHBCJDc13OT79-VGEWY.crl (hash: fmS0+kkm2iBGUknQuvAJzxyk+xBbDw0+NHM2710ySds=) 2: 9DDA09EC05DC11EA9B6B0560C4F9AE02.roa (hash: jOASJy08cQtiHT2anaDk0d4CR9FN0kGkmWrO2dstaFQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.crl rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Apr 2026 18:11:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3310 (0xcee) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91454F3, serialNumber=6CE9254A9CBFA07042243735DCE4FBF7E5461166 Validity Not Before: Apr 16 18:11:17 2026 GMT Not After : Apr 23 18:11:17 2026 GMT Subject: CN=69e12645-9b94 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:0b:59:6a:14:57:cb:ba:d9:a8:e8:52:47:e6: f0:5e:c7:6a:90:08:90:ad:76:0c:9b:2c:17:a5:e1: d5:7d:e7:16:8c:22:1d:65:0e:78:1c:93:09:0a:21: 0f:02:40:12:b5:a6:bb:77:93:fa:d9:44:7d:5b:b6: 34:b6:90:ce:4f:ed:98:81:89:8d:0b:8e:47:ba:b4: 3c:65:55:36:58:0d:a9:dd:8c:d5:d8:f7:b6:fa:7d: 50:c4:9c:0b:30:9c:e2:fc:77:f1:ac:b2:d1:67:db: 4e:9c:5a:66:01:34:aa:99:0b:aa:cb:e8:f0:89:67: 82:f1:59:80:cc:15:ca:bd:13:73:39:c7:ab:5b:db: c4:f2:4e:90:8d:67:75:12:1c:1f:d7:23:98:ef:4f: f1:81:e2:66:9a:a0:50:83:5b:61:2f:dc:ed:e6:d2: 5f:ad:fa:50:0e:ee:d6:ca:a6:06:09:db:4d:f3:e6: 2e:9d:4d:c4:a3:02:1e:80:11:4a:0c:85:84:b5:62: e6:91:c2:3b:51:54:ea:e1:cd:60:5a:36:2e:46:1d: b8:28:16:ff:f5:96:79:c6:e9:be:71:39:50:4e:eb: fc:c1:1f:bb:c4:c9:d1:a7:54:56:10:42:1b:f3:7c: 05:1b:30:29:a3:2e:c1:3c:30:e6:a0:15:80:d6:76: 77:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:CB:CD:2B:29:54:2E:90:5E:7B:F5:40:51:B1:D0:E3:40:72:93:5C X509v3 Authority Key Identifier: keyid:6C:E9:25:4A:9C:BF:A0:70:42:24:37:35:DC:E4:FB:F7:E5:46:11:66 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ad:63:b9:c3:16:13:55:49:41:67:15:71:cf:c8:7f:75:a9:e0: 9f:fc:30:14:dd:9a:f7:d9:fe:da:c6:2c:ec:03:19:bb:b6:ba: ca:ca:8c:05:ba:fd:96:f7:ed:54:49:db:d5:6f:e4:a5:f0:41: 89:6a:46:f3:11:7d:7a:52:2b:b6:3b:46:af:80:0d:54:33:8a: 33:83:d9:15:d8:32:b8:66:dd:1d:10:62:6e:ae:3b:81:3f:f4: ed:53:81:7c:fd:7f:03:40:fc:7a:d3:b6:36:b3:c4:d4:4f:df: 7c:5a:c6:e6:f8:82:78:a6:b6:3a:f4:69:28:13:73:29:4f:99: ff:e6:f7:52:02:80:fd:64:d1:0f:cc:4d:bc:c8:28:f5:56:a6: 4d:2f:8b:65:8e:25:07:90:e5:4f:e2:a2:2a:1e:fa:41:df:58: 7a:fe:57:93:68:b6:8f:7d:a1:f7:f0:e6:89:29:dc:9c:1c:d1: 32:a8:ed:a5:32:2f:af:dc:c0:55:4a:cb:4a:c3:d7:be:c4:56: 23:09:36:8a:5b:bb:91:62:77:26:69:38:65:d2:32:df:9f:ca: 5c:fd:fb:93:da:3c:60:41:31:27:47:2a:23:34:89:90:21:4e: 93:c5:15:32:2d:db:52:ea:c4:f2:11:55:73:07:49:dc:4a:81: 7f:c9:7a:f6 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICDO4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDU0RjMxMTAvBgNVBAUTKDZDRTkyNTRBOUNCRkEwNzA0MjI0MzczNURDRTRGQkY3 RTU0NjExNjYwHhcNMjYwNDE2MTgxMTE3WhcNMjYwNDIzMTgxMTE3WjAYMRYwFAYD VQQDEw02OWUxMjY0NS05Yjk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApAtZahRXy7rZqOhSR+bwXsdqkAiQrXYMmywXpeHVfecWjCIdZQ54HJMJCiEP AkAStaa7d5P62UR9W7Y0tpDOT+2YgYmNC45HurQ8ZVU2WA2p3YzV2Pe2+n1QxJwL MJzi/HfxrLLRZ9tOnFpmATSqmQuqy+jwiWeC8VmAzBXKvRNzOcerW9vE8k6QjWd1 Ehwf1yOY70/xgeJmmqBQg1thL9zt5tJfrfpQDu7WyqYGCdtN8+YunU3EowIegBFK DIWEtWLmkcI7UVTq4c1gWjYuRh24KBb/9ZZ5xum+cTlQTuv8wR+7xMnRp1RWEEIb 83wFGzApoy7BPDDmoBWA1nZ3fQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFHfLzSsp VC6QXnv1QFGx0ONAcpNcMB8GA1UdIwQYMBaAFGzpJUqcv6BwQiQ3Ndzk+/flRhFm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NTRGMy8xRUY3ODY2ODA1 REMxMUVBOTc0M0JBNUZDNEY5QUUwMi9iT2tsU3B5X29IQkNKRGMxM09UNzktVkdF V1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2JPa2xTcHlfb0hCQ0pEYzEzT1Q3OS1WR0VXWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 NTRGMy8xRUY3ODY2ODA1REMxMUVBOTc0M0JBNUZDNEY5QUUwMi9iT2tsU3B5X29I QkNKRGMxM09UNzktVkdFV1kubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEArWO5wxYTVUlBZxVxz8h/dangn/wwFN2a99n+2sYs7AMZu7a6ysqMBbr9lvft VEnb1W/kpfBBiWpG8xF9elIrtjtGr4ANVDOKM4PZFdgyuGbdHRBibq47gT/07VOB fP1/A0D8etO2NrPE1E/ffFrG5viCeKa2OvRpKBNzKU+Z/+b3UgKA/WTRD8xNvMgo 9VamTS+LZY4lB5DlT+KiKh76Qd9Yev5Xk2i2j32h9/DmiSncnBzRMqjtpTIvr9zA VUrLSsPXvsRWIwk2ilu7kWJ3Jmk4ZdIy35/KXP37k9o8YEExJ0cqIzSJkCFOk8UV Mi3bUurE8hFVcwdJ3EqBf8l69g== -----END CERTIFICATE-----Generated at Fri Apr 17 09:55:10 2026 by rpki-client