$ rpki-client -vvf rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft File: RiOppNLqhemPtaEaDSywgDiHjw8.mft (raw, json) Hash identifier: D+KU0nWrroZQkX1nNjeYgChBjAs9RFO8J3b1pTB6Qd0= Subject key identifier: 12:A4:C8:9E:33:C5:37:88:49:9B:E1:3F:F3:FD:60:B8:C1:D2:6B:0F Authority key identifier: 46:23:A9:A4:D2:EA:85:E9:8F:B5:A1:1A:0D:2C:B0:80:38:87:8F:0F Certificate issuer: /CN=A9128DE9/serialNumber=4623A9A4D2EA85E98FB5A11A0D2CB08038878F0F Certificate serial: 0C00 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RiOppNLqhemPtaEaDSywgDiHjw8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft Manifest number: 0BF9 Signing time: Fri 22 Aug 2025 18:54:35 +0000 Manifest this update: Fri 22 Aug 2025 18:54:35 +0000 Manifest next update: Fri 29 Aug 2025 18:54:35 +0000 Files and hashes: 1: RiOppNLqhemPtaEaDSywgDiHjw8.crl (hash: dAs+4VLhO2ymVQs1gmxyqJGtZ+EG5TEzl9I4SgtAzz0=) 2: 75E6DD481BDA11EAB3F45D44C4F9AE02.roa (hash: CqtlIV8oyS/ltG/c7wrvUbZ8dS3VADjXiEg/AjA1Uu4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.crl rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RiOppNLqhemPtaEaDSywgDiHjw8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 18:54:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3072 (0xc00) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9128DE9, serialNumber=4623A9A4D2EA85E98FB5A11A0D2CB08038878F0F Validity Not Before: Aug 22 18:54:35 2025 GMT Not After : Aug 29 18:54:35 2025 GMT Subject: CN=68a8bceb-176e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:de:31:6c:c6:76:72:65:82:a7:34:fc:59:7f: 12:62:85:c4:e9:65:3a:bf:59:5c:6b:36:bc:cb:c6: c8:80:2d:3c:08:ab:0b:51:42:9f:3b:d6:3b:7d:dd: e5:1a:bc:06:ab:a8:6c:5d:a9:07:3d:d1:48:e2:f3: 93:3b:8e:f5:10:2a:74:2d:30:27:d2:ac:34:55:47: 1a:bc:dc:fe:c8:26:97:70:14:fe:f3:cd:03:94:71: 54:ef:86:b4:1b:27:44:c2:a2:4d:90:9f:72:41:0a: 01:93:11:18:83:19:d4:d8:ed:65:11:a6:ee:5d:a1: 5e:de:90:ba:88:95:9f:84:62:6b:4d:be:51:a1:cb: 2b:df:0a:59:d9:cb:76:61:b4:7d:37:8d:dc:89:61: 4c:aa:be:61:8e:49:eb:58:c8:1e:43:1b:27:7f:ac: 21:9a:51:6a:0b:dc:d9:17:37:37:a4:73:1e:ee:7e: 7d:d8:40:84:14:90:ca:68:4d:e0:a4:f5:2c:fa:49: 6c:b6:c9:63:54:bd:ea:58:91:9d:42:55:d8:15:61: 19:32:f2:8d:28:0d:11:55:61:53:84:9c:0d:24:78: 1d:a0:d4:f2:ed:0a:9e:fe:fb:f7:58:a4:a8:99:bf: 89:8b:e1:8a:ba:fc:c9:da:97:6f:ca:8f:79:46:43: 5e:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:A4:C8:9E:33:C5:37:88:49:9B:E1:3F:F3:FD:60:B8:C1:D2:6B:0F X509v3 Authority Key Identifier: keyid:46:23:A9:A4:D2:EA:85:E9:8F:B5:A1:1A:0D:2C:B0:80:38:87:8F:0F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RiOppNLqhemPtaEaDSywgDiHjw8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3d:ef:67:47:b1:5e:c9:86:ee:b9:af:ce:32:b7:3d:15:e1:e3: 13:b1:ea:1a:66:f1:66:33:72:69:fe:1a:d9:e3:08:1b:40:de: 59:8d:db:b3:a8:7e:a3:69:48:f8:6f:3e:eb:ce:a0:bc:b1:df: 0e:59:fc:3f:eb:df:2a:e3:7d:50:3a:9b:03:90:39:15:5e:01: f7:ed:de:75:22:1e:41:da:91:fa:76:1d:13:05:c0:83:ca:9a: f8:8f:fe:8e:61:f1:25:e1:2f:b8:b1:a2:7c:86:fd:c5:20:cc: 62:85:fb:ed:56:8d:ff:27:b6:18:e9:27:ca:49:f2:06:c5:0f: a2:e4:13:98:ae:86:4f:7d:48:d9:74:19:a5:49:57:77:a4:83: a0:28:f6:c8:28:16:1f:d2:52:c1:20:15:5a:69:5b:6c:2c:db: 72:5f:e1:0d:ab:65:e0:1e:fe:71:c4:5c:ac:95:5c:a7:79:72: 8d:8f:15:79:e3:87:ba:da:6e:f1:0c:69:b4:d6:ce:01:2f:de: 64:86:58:9d:d1:8a:e7:9b:a2:f8:c7:63:54:5a:cf:56:39:fe: f0:01:36:4e:21:93:da:07:e8:70:b1:93:c4:41:dc:b8:34:97: cc:d2:d3:9b:eb:9a:aa:c4:f0:b6:de:bc:34:12:67:01:48:88: 62:46:20:cc -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDAAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjhERTkxMTAvBgNVBAUTKDQ2MjNBOUE0RDJFQTg1RTk4RkI1QTExQTBEMkNCMDgw Mzg4NzhGMEYwHhcNMjUwODIyMTg1NDM1WhcNMjUwODI5MTg1NDM1WjAYMRYwFAYD VQQDEw02OGE4YmNlYi0xNzZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyd4xbMZ2cmWCpzT8WX8SYoXE6WU6v1lcaza8y8bIgC08CKsLUUKfO9Y7fd3l GrwGq6hsXakHPdFI4vOTO471ECp0LTAn0qw0VUcavNz+yCaXcBT+880DlHFU74a0 GydEwqJNkJ9yQQoBkxEYgxnU2O1lEabuXaFe3pC6iJWfhGJrTb5Rocsr3wpZ2ct2 YbR9N43ciWFMqr5hjknrWMgeQxsnf6whmlFqC9zZFzc3pHMe7n592ECEFJDKaE3g pPUs+klstsljVL3qWJGdQlXYFWEZMvKNKA0RVWFThJwNJHgdoNTy7Qqe/vv3WKSo mb+Ji+GKuvzJ2pdvyo95RkNeuQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBKkyJ4z xTeISZvhP/P9YLjB0msPMB8GA1UdIwQYMBaAFEYjqaTS6oXpj7WhGg0ssIA4h48P MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOERFOS9EMDA0OUY4NjFC RDUxMUVBODBDQkNGMzZDNEY5QUUwMi9SaU9wcE5McWhlbVB0YUVhRFN5d2dEaUhq dzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1JpT3BwTkxxaGVtUHRhRWFEU3l3Z0RpSGp3OC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy OERFOS9EMDA0OUY4NjFCRDUxMUVBODBDQkNGMzZDNEY5QUUwMi9SaU9wcE5McWhl bVB0YUVhRFN5d2dEaUhqdzgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA972dHsV7Jhu65r84ytz0V4eMTseoaZvFmM3Jp/hrZ4wgbQN5Zjduz qH6jaUj4bz7rzqC8sd8OWfw/698q431QOpsDkDkVXgH37d51Ih5B2pH6dh0TBcCD ypr4j/6OYfEl4S+4saJ8hv3FIMxihfvtVo3/J7YY6SfKSfIGxQ+i5BOYroZPfUjZ dBmlSVd3pIOgKPbIKBYf0lLBIBVaaVtsLNtyX+ENq2XgHv5xxFyslVyneXKNjxV5 44e62m7xDGm01s4BL95khlid0Yrnm6L4x2NUWs9WOf7wATZOIZPaB+hwsZPEQdy4 NJfM0tOb65qqxPC23rw0EmcBSIhiRiDM -----END CERTIFICATE-----Generated at Sat Aug 23 20:27:34 2025 by rpki-client