$ rpki-client -vvf rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft File: RiOppNLqhemPtaEaDSywgDiHjw8.mft (raw, json) Hash identifier: bEpkWbMUu7DXTyb+/TjoSvkRQ4Tazz/jcj8TStg270g= Subject key identifier: 28:64:CC:81:25:72:77:54:D3:FF:A8:2B:B6:99:7E:A6:E1:54:FA:8D Authority key identifier: 46:23:A9:A4:D2:EA:85:E9:8F:B5:A1:1A:0D:2C:B0:80:38:87:8F:0F Certificate issuer: /CN=A9128DE9/serialNumber=4623A9A4D2EA85E98FB5A11A0D2CB08038878F0F Certificate serial: 0BE3 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RiOppNLqhemPtaEaDSywgDiHjw8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft Manifest number: 0BDD Signing time: Wed 02 Jul 2025 19:03:22 +0000 Manifest this update: Wed 02 Jul 2025 19:03:22 +0000 Manifest next update: Wed 09 Jul 2025 19:03:22 +0000 Files and hashes: 1: RiOppNLqhemPtaEaDSywgDiHjw8.crl (hash: mI8kS6BhUS7cxROWDTrWcpS/BxaO0B+Ud+v/iIPaknw=) 2: 75E6DD481BDA11EAB3F45D44C4F9AE02.roa (hash: rIKErlmiWA8+S4ht3UIu2T4gm2uHnfIxSPm+f5gxatE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.crl rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RiOppNLqhemPtaEaDSywgDiHjw8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 19:03:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3043 (0xbe3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9128DE9, serialNumber=4623A9A4D2EA85E98FB5A11A0D2CB08038878F0F Validity Not Before: Jul 2 19:03:22 2025 GMT Not After : Jul 9 19:03:22 2025 GMT Subject: CN=6865827a-d2e4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:d8:01:fd:e1:e9:ff:92:ff:08:26:2e:64:50: 40:e6:f0:0d:82:ec:84:56:07:54:01:31:d5:71:e0: f8:e9:fd:8b:68:ce:f9:18:1a:d0:68:17:c7:f8:25: 6a:32:00:53:24:53:b5:cd:de:5d:b5:f2:e6:39:33: 95:0a:f7:f5:03:15:7e:07:59:a9:a5:ca:5a:24:fb: 1c:fa:7a:70:73:da:0d:13:60:ac:65:12:87:e5:e9: f8:d1:13:ad:21:f0:e4:2f:1f:9d:84:97:2f:63:20: bc:88:96:bf:81:ea:c7:ab:df:18:e8:b8:3f:7c:41: 13:9a:07:05:2c:17:f9:4e:f2:29:c2:03:c5:d8:58: 90:f8:05:53:af:ef:ba:8e:8f:91:e7:a6:c7:c0:d6: 47:12:a2:6e:ef:34:7c:40:00:d6:b8:a7:ae:44:5b: 12:ec:31:3a:a3:de:d9:e2:2b:a3:74:57:4d:7b:90: 28:5b:4e:06:b3:d6:af:77:72:a6:a3:e7:ae:e7:3b: a2:2f:db:10:e6:9b:66:77:a1:ff:44:40:b7:ab:30: f5:18:d0:9e:b6:1e:fa:4c:28:c8:13:f8:f3:25:0e: 57:e6:74:4a:ec:06:89:21:c0:62:0c:51:5d:76:dc: 64:99:52:71:67:08:a7:bc:bf:5e:aa:16:5c:d9:20: 27:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:64:CC:81:25:72:77:54:D3:FF:A8:2B:B6:99:7E:A6:E1:54:FA:8D X509v3 Authority Key Identifier: keyid:46:23:A9:A4:D2:EA:85:E9:8F:B5:A1:1A:0D:2C:B0:80:38:87:8F:0F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RiOppNLqhemPtaEaDSywgDiHjw8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c2:73:00:76:c0:96:87:ed:87:99:9c:5f:2e:9c:73:68:ba:fc: 20:87:3f:b8:30:ed:7b:90:d5:1f:2b:85:e2:6d:f3:ed:4b:a9: 5e:5a:60:e9:b7:56:f5:65:57:ea:6d:5b:65:8c:e6:f0:64:dc: 99:ed:aa:71:ba:d8:7c:d3:f1:78:2f:2a:83:65:6d:89:dd:fe: c4:a0:60:aa:3c:5d:be:2e:bf:70:1d:7e:ad:ad:26:30:27:f0: a4:63:93:34:7a:3b:49:ff:14:5a:30:8e:78:91:71:19:6d:99: c6:b5:f1:46:d0:06:d0:d1:ee:b1:82:c3:cc:a9:62:a8:1e:93: b3:b2:09:fe:2c:c0:58:8e:4e:d6:af:1c:09:a0:81:bc:ac:61: 44:1c:60:78:7b:cd:59:c2:cb:e5:c4:37:15:ac:f9:f0:3a:49: dc:8b:95:1d:4e:06:27:fc:ae:0e:23:dd:a8:d6:5d:38:bb:48: fe:83:09:1a:5d:3d:b8:b9:d1:d5:d4:89:c6:b4:43:5c:3e:4d: c2:e1:ac:12:cf:e0:ad:39:3e:66:e2:a0:51:f2:f5:fb:e2:79: ba:d3:55:a8:ad:26:aa:b6:ec:5b:de:01:b4:91:95:e0:89:f7: 8f:fb:a4:83:dc:87:c7:6a:a6:8a:c2:ed:f2:1c:5f:c1:d2:aa: 25:45:40:3f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC+MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjhERTkxMTAvBgNVBAUTKDQ2MjNBOUE0RDJFQTg1RTk4RkI1QTExQTBEMkNCMDgw Mzg4NzhGMEYwHhcNMjUwNzAyMTkwMzIyWhcNMjUwNzA5MTkwMzIyWjAYMRYwFAYD VQQDEw02ODY1ODI3YS1kMmU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAp9gB/eHp/5L/CCYuZFBA5vANguyEVgdUATHVceD46f2LaM75GBrQaBfH+CVq MgBTJFO1zd5dtfLmOTOVCvf1AxV+B1mppcpaJPsc+npwc9oNE2CsZRKH5en40ROt IfDkLx+dhJcvYyC8iJa/gerHq98Y6Lg/fEETmgcFLBf5TvIpwgPF2FiQ+AVTr++6 jo+R56bHwNZHEqJu7zR8QADWuKeuRFsS7DE6o97Z4iujdFdNe5AoW04Gs9avd3Km o+eu5zuiL9sQ5ptmd6H/REC3qzD1GNCeth76TCjIE/jzJQ5X5nRK7AaJIcBiDFFd dtxkmVJxZwinvL9eqhZc2SAnKwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFChkzIEl cndU0/+oK7aZfqbhVPqNMB8GA1UdIwQYMBaAFEYjqaTS6oXpj7WhGg0ssIA4h48P MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOERFOS9EMDA0OUY4NjFC RDUxMUVBODBDQkNGMzZDNEY5QUUwMi9SaU9wcE5McWhlbVB0YUVhRFN5d2dEaUhq dzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1JpT3BwTkxxaGVtUHRhRWFEU3l3Z0RpSGp3OC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy OERFOS9EMDA0OUY4NjFCRDUxMUVBODBDQkNGMzZDNEY5QUUwMi9SaU9wcE5McWhl bVB0YUVhRFN5d2dEaUhqdzgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDCcwB2wJaH7YeZnF8unHNouvwghz+4MO17kNUfK4XibfPtS6leWmDp t1b1ZVfqbVtljObwZNyZ7apxuth80/F4LyqDZW2J3f7EoGCqPF2+Lr9wHX6trSYw J/CkY5M0ejtJ/xRaMI54kXEZbZnGtfFG0AbQ0e6xgsPMqWKoHpOzsgn+LMBYjk7W rxwJoIG8rGFEHGB4e81ZwsvlxDcVrPnwOknci5UdTgYn/K4OI92o1l04u0j+gwka XT24udHV1InGtENcPk3C4awSz+CtOT5m4qBR8vX74nm601WorSaqtuxb3gG0kZXg ifeP+6SD3IfHaqaKwu3yHF/B0qolRUA/ -----END CERTIFICATE-----Generated at Fri Jul 4 11:14:11 2025 by rpki-client