$ rpki-client -vvf rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft File: bOklSpy_oHBCJDc13OT79-VGEWY.mft (raw, json) Hash identifier: Fgy9m8HtWx+AbJE1zVMxCegvYgQ3Z/w9hUQWpUmtED4= Subject key identifier: FB:7E:6C:E7:77:D6:F3:EC:AC:CF:6C:68:42:DE:20:2F:96:9D:45:3E Authority key identifier: 6C:E9:25:4A:9C:BF:A0:70:42:24:37:35:DC:E4:FB:F7:E5:46:11:66 Certificate issuer: /CN=A91454F3/serialNumber=6CE9254A9CBFA07042243735DCE4FBF7E5461166 Certificate serial: 0C30 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft Manifest number: 0C2A Signing time: Thu 24 Apr 2025 18:25:27 +0000 Manifest this update: Thu 24 Apr 2025 18:25:27 +0000 Manifest next update: Thu 01 May 2025 18:25:27 +0000 Files and hashes: 1: bOklSpy_oHBCJDc13OT79-VGEWY.crl (hash: pUOelIaVHxS0bQQxAi9l/H4nNdM8RLgObhuEVGSQBXo=) 2: 9DDA09EC05DC11EA9B6B0560C4F9AE02.roa (hash: tBcP96oatlX28aHZ2XCL2w+PP5ZPCSpD4OOUZWfI8Ds=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.crl rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 18:25:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3120 (0xc30) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91454F3, serialNumber=6CE9254A9CBFA07042243735DCE4FBF7E5461166 Validity Not Before: Apr 24 18:25:27 2025 GMT Not After : May 1 18:25:27 2025 GMT Subject: CN=680a8217-c9fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:26:2a:30:b2:94:b5:9f:a8:e5:07:ea:5f:c6: 9d:2b:2e:57:1f:80:e4:09:3e:97:e3:d4:ff:a4:1c: 24:a6:66:83:ac:f4:2e:cf:8b:cd:2b:36:51:37:77: 6a:3c:e1:e4:35:72:01:cc:07:8b:2b:ae:3a:f6:79: 76:e5:d3:00:f9:95:ef:c5:ec:0a:8b:07:93:e0:c6: d7:2d:6b:53:09:ab:d1:c0:e3:db:fc:92:17:e3:27: dd:23:d3:41:40:df:8f:95:db:85:95:c1:3b:0a:a3: ef:02:ad:1d:32:4e:33:e4:25:be:ae:83:74:de:23: 15:b8:c4:68:0d:2e:da:ec:9a:40:a2:cb:37:89:9f: 36:3f:bc:1f:e8:81:2d:5d:6a:bf:d1:aa:16:0c:22: 2d:9b:bf:a1:fc:2b:2d:ee:39:ad:4f:04:fd:34:c6: aa:8c:2f:ef:81:dc:6d:07:15:5d:8f:ef:a9:d9:2d: 59:33:e3:68:06:99:cd:92:27:95:47:64:58:59:b0: 4b:9f:2d:b8:39:df:26:2c:d8:3d:76:74:5e:7a:fe: c4:07:35:ec:f4:27:a7:67:d3:07:ea:87:a9:9c:b6: 9d:88:d7:ca:f4:e0:2d:ae:d6:7b:ac:b9:ec:57:8f: 04:ef:16:c7:68:35:9f:ae:7d:7d:00:a6:33:25:d9: 72:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:7E:6C:E7:77:D6:F3:EC:AC:CF:6C:68:42:DE:20:2F:96:9D:45:3E X509v3 Authority Key Identifier: keyid:6C:E9:25:4A:9C:BF:A0:70:42:24:37:35:DC:E4:FB:F7:E5:46:11:66 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 78:26:1c:27:cc:96:fb:ee:12:35:31:64:76:f2:a9:c1:70:81: 60:2e:4d:a7:64:ea:30:f3:56:2d:13:bc:e1:ca:68:37:33:35: e9:9e:07:55:36:a3:e8:56:d7:74:34:f4:6f:45:26:ab:97:6a: 7c:24:4b:40:c1:84:83:da:58:43:c9:3b:0f:1e:27:a3:a3:58: c8:4f:82:95:46:43:c5:b8:d2:d7:30:30:37:ac:ee:74:30:59: 62:12:ee:37:2e:88:0e:3e:38:cd:c6:2c:a4:48:90:89:d1:90: 61:3b:71:fb:92:b7:74:42:c3:ba:43:22:f4:20:23:e4:e0:35: dc:61:3b:f6:5f:18:89:64:71:44:b0:40:34:2a:06:07:cb:6b: 2a:e9:14:76:92:5f:72:01:a3:e7:a4:2d:6d:a7:f7:47:eb:24: f3:c6:59:50:e4:a8:2f:3d:ca:a3:f8:03:1c:f2:20:6f:bd:2c: c3:19:4e:c9:33:87:1e:c6:57:c2:91:de:98:aa:97:4f:d9:24: cf:83:ec:f1:dc:19:3e:67:93:7b:3d:0c:86:da:77:2e:93:9c: 11:36:7b:3d:a9:99:59:83:b2:b8:c9:83:63:63:67:a1:38:d0: 0e:f2:59:b0:d9:35:fd:fb:81:dc:d7:27:f2:e3:a6:a5:59:9c: e1:62:f0:90 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDDAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDU0RjMxMTAvBgNVBAUTKDZDRTkyNTRBOUNCRkEwNzA0MjI0MzczNURDRTRGQkY3 RTU0NjExNjYwHhcNMjUwNDI0MTgyNTI3WhcNMjUwNTAxMTgyNTI3WjAYMRYwFAYD VQQDEw02ODBhODIxNy1jOWZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzCYqMLKUtZ+o5QfqX8adKy5XH4DkCT6X49T/pBwkpmaDrPQuz4vNKzZRN3dq POHkNXIBzAeLK6469nl25dMA+ZXvxewKiweT4MbXLWtTCavRwOPb/JIX4yfdI9NB QN+PlduFlcE7CqPvAq0dMk4z5CW+roN03iMVuMRoDS7a7JpAoss3iZ82P7wf6IEt XWq/0aoWDCItm7+h/Cst7jmtTwT9NMaqjC/vgdxtBxVdj++p2S1ZM+NoBpnNkieV R2RYWbBLny24Od8mLNg9dnReev7EBzXs9CenZ9MH6oepnLadiNfK9OAtrtZ7rLns V48E7xbHaDWfrn19AKYzJdlyOQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPt+bOd3 1vPsrM9saELeIC+WnUU+MB8GA1UdIwQYMBaAFGzpJUqcv6BwQiQ3Ndzk+/flRhFm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NTRGMy8xRUY3ODY2ODA1 REMxMUVBOTc0M0JBNUZDNEY5QUUwMi9iT2tsU3B5X29IQkNKRGMxM09UNzktVkdF V1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2JPa2xTcHlfb0hCQ0pEYzEzT1Q3OS1WR0VXWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 NTRGMy8xRUY3ODY2ODA1REMxMUVBOTc0M0JBNUZDNEY5QUUwMi9iT2tsU3B5X29I QkNKRGMxM09UNzktVkdFV1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB4JhwnzJb77hI1MWR28qnBcIFgLk2nZOow81YtE7zhymg3MzXpngdV NqPoVtd0NPRvRSarl2p8JEtAwYSD2lhDyTsPHiejo1jIT4KVRkPFuNLXMDA3rO50 MFliEu43LogOPjjNxiykSJCJ0ZBhO3H7krd0QsO6QyL0ICPk4DXcYTv2XxiJZHFE sEA0KgYHy2sq6RR2kl9yAaPnpC1tp/dH6yTzxllQ5KgvPcqj+AMc8iBvvSzDGU7J M4cexlfCkd6YqpdP2STPg+zx3Bk+Z5N7PQyG2ncuk5wRNns9qZlZg7K4yYNjY2eh ONAO8lmw2TX9+4Hc1yfy46alWZzhYvCQ -----END CERTIFICATE-----Generated at Sat Apr 26 05:03:34 2025 by rpki-client