$ rpki-client -vvf rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft File: RiOppNLqhemPtaEaDSywgDiHjw8.mft (raw, json) Hash identifier: g1IVdQeb8SP+QmW2JQEgCBy9c1ylXBD15dau9LkyxTM= Subject key identifier: 5B:BB:A2:28:9B:08:B2:D4:12:AD:57:74:1C:D9:49:32:2E:C2:B4:E5 Authority key identifier: 46:23:A9:A4:D2:EA:85:E9:8F:B5:A1:1A:0D:2C:B0:80:38:87:8F:0F Certificate issuer: /CN=A9128DE9/serialNumber=4623A9A4D2EA85E98FB5A11A0D2CB08038878F0F Certificate serial: 0C1D Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RiOppNLqhemPtaEaDSywgDiHjw8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft Manifest number: 0C16 Signing time: Sat 18 Oct 2025 19:32:40 +0000 Manifest this update: Sat 18 Oct 2025 19:32:39 +0000 Manifest next update: Sat 25 Oct 2025 19:32:39 +0000 Files and hashes: 1: RiOppNLqhemPtaEaDSywgDiHjw8.crl (hash: G0W8IW6QmtxBx0h7LVyymKsrG0mpcHVlhORTJhb/kuo=) 2: 75E6DD481BDA11EAB3F45D44C4F9AE02.roa (hash: CqtlIV8oyS/ltG/c7wrvUbZ8dS3VADjXiEg/AjA1Uu4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.crl rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RiOppNLqhemPtaEaDSywgDiHjw8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 19:32:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3101 (0xc1d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9128DE9, serialNumber=4623A9A4D2EA85E98FB5A11A0D2CB08038878F0F Validity Not Before: Oct 18 19:32:39 2025 GMT Not After : Oct 25 19:32:39 2025 GMT Subject: CN=68f3eb58-2fbc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:09:a6:d0:ad:ee:63:b0:27:1e:63:15:e9:10: dc:5b:e7:d6:77:d2:34:58:10:55:6f:03:85:84:f3: 87:13:53:76:a5:3e:ed:6d:d5:7d:22:2b:8f:8b:ab: c8:9b:5c:98:fc:22:66:8f:f9:dc:d1:78:b8:d0:a5: 81:5c:98:5b:93:6c:a6:99:3f:dc:ee:55:bc:b8:c5: 71:6e:6a:75:11:66:fc:64:61:ed:94:8f:0f:c9:fe: fe:d5:a5:36:77:c2:b3:bd:68:03:e5:c4:b4:67:54: ed:be:d1:00:5c:eb:ea:ca:14:4c:01:91:e4:03:c6: cd:74:47:19:f4:40:da:5b:61:33:b8:ea:ed:df:00: be:68:7b:f8:ae:b2:c1:22:38:f1:a8:5d:2e:01:cc: bc:d0:21:a3:13:b0:58:5a:a7:2b:5d:12:9e:ad:98: 22:31:e6:e2:ae:40:a3:26:16:b0:84:de:21:63:2d: ac:49:21:aa:dc:db:94:40:47:ca:23:1d:11:bb:d6: 3d:2a:21:6f:f2:cb:1a:4f:07:c2:87:5b:36:90:ac: 55:4e:ca:11:82:74:2c:2b:92:97:a3:56:3c:4c:22: 23:bb:9f:ce:ea:f1:6e:93:5e:d6:08:a8:ba:47:e3: 5c:4d:cc:60:b8:f8:49:26:48:1c:ee:af:81:3a:49: 39:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:BB:A2:28:9B:08:B2:D4:12:AD:57:74:1C:D9:49:32:2E:C2:B4:E5 X509v3 Authority Key Identifier: keyid:46:23:A9:A4:D2:EA:85:E9:8F:B5:A1:1A:0D:2C:B0:80:38:87:8F:0F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RiOppNLqhemPtaEaDSywgDiHjw8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption d2:1b:72:e6:2a:e4:ae:5f:06:cf:cd:21:37:76:e6:84:41:dd: 55:39:2b:5d:e5:28:52:41:98:6e:e3:3d:0d:5d:f0:b2:f5:20: 63:0d:30:86:20:97:c6:42:63:9d:a3:de:e0:3e:c5:0a:8a:ed: 62:cc:f3:38:fe:88:c3:23:15:23:f7:14:c0:4b:72:50:64:84: 87:71:0a:a9:b9:9c:28:cc:07:fa:ef:cd:87:44:9d:f7:7e:03: 48:41:9e:6b:e6:6a:8d:16:a3:06:de:b3:a3:3a:53:e4:dd:52: 95:b6:89:3f:dd:97:3c:b6:43:4b:e8:81:42:e9:94:68:45:f9: 0c:f0:7f:48:7b:b9:d0:2e:d4:26:1c:29:c5:27:d8:73:ae:61: 3a:32:4d:1a:f2:f8:13:75:eb:e6:6b:35:c2:92:cb:52:ca:02: 5b:95:35:49:a2:b3:8e:e4:62:53:19:74:a8:2b:4e:eb:24:a3: 49:d7:1b:4b:2f:49:c5:b9:83:d4:24:3c:03:93:00:fb:10:8d: 6c:ba:20:f5:f5:99:41:2a:1d:6d:76:82:47:41:76:07:4c:bb: 76:f3:a9:71:ae:da:69:92:02:99:5f:02:16:6a:ba:12:a8:74: d5:b1:8f:62:a1:7c:de:28:c8:9c:9e:72:3e:81:7f:24:94:30: fb:6a:28:24 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDB0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjhERTkxMTAvBgNVBAUTKDQ2MjNBOUE0RDJFQTg1RTk4RkI1QTExQTBEMkNCMDgw Mzg4NzhGMEYwHhcNMjUxMDE4MTkzMjM5WhcNMjUxMDI1MTkzMjM5WjAYMRYwFAYD VQQDEw02OGYzZWI1OC0yZmJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4gmm0K3uY7AnHmMV6RDcW+fWd9I0WBBVbwOFhPOHE1N2pT7tbdV9IiuPi6vI m1yY/CJmj/nc0Xi40KWBXJhbk2ymmT/c7lW8uMVxbmp1EWb8ZGHtlI8Pyf7+1aU2 d8KzvWgD5cS0Z1TtvtEAXOvqyhRMAZHkA8bNdEcZ9EDaW2EzuOrt3wC+aHv4rrLB IjjxqF0uAcy80CGjE7BYWqcrXRKerZgiMebirkCjJhawhN4hYy2sSSGq3NuUQEfK Ix0Ru9Y9KiFv8ssaTwfCh1s2kKxVTsoRgnQsK5KXo1Y8TCIju5/O6vFuk17WCKi6 R+NcTcxguPhJJkgc7q+BOkk5qQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFu7oiib CLLUEq1XdBzZSTIuwrTlMB8GA1UdIwQYMBaAFEYjqaTS6oXpj7WhGg0ssIA4h48P MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOERFOS9EMDA0OUY4NjFC RDUxMUVBODBDQkNGMzZDNEY5QUUwMi9SaU9wcE5McWhlbVB0YUVhRFN5d2dEaUhq dzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1JpT3BwTkxxaGVtUHRhRWFEU3l3Z0RpSGp3OC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy OERFOS9EMDA0OUY4NjFCRDUxMUVBODBDQkNGMzZDNEY5QUUwMi9SaU9wcE5McWhl bVB0YUVhRFN5d2dEaUhqdzgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDSG3LmKuSuXwbPzSE3duaEQd1VOStd5ShSQZhu4z0NXfCy9SBjDTCG IJfGQmOdo97gPsUKiu1izPM4/ojDIxUj9xTAS3JQZISHcQqpuZwozAf6782HRJ33 fgNIQZ5r5mqNFqMG3rOjOlPk3VKVtok/3Zc8tkNL6IFC6ZRoRfkM8H9Ie7nQLtQm HCnFJ9hzrmE6Mk0a8vgTdevmazXCkstSygJblTVJorOO5GJTGXSoK07rJKNJ1xtL L0nFuYPUJDwDkwD7EI1suiD19ZlBKh1tdoJHQXYHTLt286lxrtppkgKZXwIWaroS qHTVsY9ioXzeKMicnnI+gX8klDD7aigk -----END CERTIFICATE-----Generated at Mon Oct 20 17:05:07 2025 by rpki-client