$ rpki-client -vvf rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft File: RiOppNLqhemPtaEaDSywgDiHjw8.mft (raw, json) Hash identifier: 32jgckSK8DIheGZk46p+AXKVlVBxMf9P/WW+iMmESH8= Subject key identifier: 8B:DA:78:EE:28:34:59:C9:2C:AD:09:4C:56:CB:5B:32:3B:CC:94:2A Authority key identifier: 46:23:A9:A4:D2:EA:85:E9:8F:B5:A1:1A:0D:2C:B0:80:38:87:8F:0F Certificate issuer: /CN=A9128DE9/serialNumber=4623A9A4D2EA85E98FB5A11A0D2CB08038878F0F Certificate serial: 0C73 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RiOppNLqhemPtaEaDSywgDiHjw8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft Manifest number: 0C6A Signing time: Tue 24 Mar 2026 18:27:51 +0000 Manifest this update: Tue 24 Mar 2026 18:27:51 +0000 Manifest next update: Tue 31 Mar 2026 18:27:51 +0000 Files and hashes: 1: RiOppNLqhemPtaEaDSywgDiHjw8.crl (hash: yBcdu18/E1suvvWW3AOeiurCjnI45hFfTM2BQYqlLQk=) 2: 75E6DD481BDA11EAB3F45D44C4F9AE02.roa (hash: n9Crm/X8BIyWrbtx9XSuVfzuzzUyJa39Yk0aZo9vy/0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.crl rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RiOppNLqhemPtaEaDSywgDiHjw8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 18:27:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3187 (0xc73) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9128DE9, serialNumber=4623A9A4D2EA85E98FB5A11A0D2CB08038878F0F Validity Not Before: Mar 24 18:27:51 2026 GMT Not After : Mar 31 18:27:51 2026 GMT Subject: CN=69c2d7a7-2788 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:43:ec:4d:68:bc:11:56:9f:a0:c0:36:72:68: b3:53:f2:cb:95:de:55:88:f6:11:31:50:24:d5:ff: 73:07:e5:59:2b:7a:49:c9:e1:ce:2e:b3:dc:d3:31: 5e:eb:b2:dc:7a:a4:28:ca:b9:72:69:3c:92:3f:7c: 14:fa:fa:0b:ca:7a:11:fd:32:cd:e3:c4:57:20:99: 39:13:5b:8f:a4:6a:cb:95:41:d6:46:51:6a:e5:7f: c0:eb:6a:76:c9:e0:c4:e3:1a:9d:24:68:b0:8a:82: 94:03:8d:62:b8:88:7c:e9:2c:c0:e5:8c:d8:d9:51: 88:8d:4d:8e:2e:dd:ec:19:33:d1:ea:1a:c7:5a:14: 5f:8c:72:ee:f7:1a:52:c7:cf:d3:5d:13:d3:3a:c2: 97:03:c1:52:01:48:1f:cf:b3:b1:26:b6:a6:c5:a3: ec:5d:d8:5e:73:f3:c0:72:d1:ee:88:52:1f:b1:9d: 32:55:fb:92:10:15:65:c6:ab:03:24:dc:f8:a9:e0: 7f:91:36:ec:83:b9:bd:34:74:72:80:2f:76:80:50: 3e:56:ec:df:8d:a2:61:7c:87:ae:3e:5d:af:fa:f8: 60:c4:a3:d7:61:41:e3:a2:90:db:5d:6a:7b:99:0e: 26:1a:98:ed:0b:8f:c1:05:9a:0e:03:a2:32:dc:df: aa:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:DA:78:EE:28:34:59:C9:2C:AD:09:4C:56:CB:5B:32:3B:CC:94:2A X509v3 Authority Key Identifier: keyid:46:23:A9:A4:D2:EA:85:E9:8F:B5:A1:1A:0D:2C:B0:80:38:87:8F:0F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RiOppNLqhemPtaEaDSywgDiHjw8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 54:06:a3:ee:cd:90:70:bc:ce:7f:ce:c6:3a:eb:cd:9b:55:f2: f1:19:0e:49:54:52:12:ed:de:9c:4b:ee:56:44:2e:9e:aa:0a: 3c:6b:99:ad:36:7b:e7:c5:7e:3e:61:a3:02:70:5f:d4:3e:f3: 54:11:02:8b:53:62:c9:66:10:1c:db:18:75:76:cc:b1:b2:0c: d8:7c:1e:63:9e:6e:3b:c7:cb:69:35:3b:fc:28:3b:62:d4:24: 9b:5c:69:c4:fb:c5:9d:05:f9:96:60:c7:67:e3:e2:41:53:c0: 75:b4:b3:cb:6b:9e:6d:64:95:88:d2:d0:62:1b:2f:08:90:22: d3:3e:e9:41:d3:26:af:c5:8d:de:e0:d1:46:3b:fe:0e:75:10: 24:c1:c5:f0:a8:7b:15:b2:10:3d:83:96:30:fa:54:96:84:ea: 82:b2:3c:e8:49:9f:68:4b:fe:02:1c:e2:07:65:fc:20:9b:6f: ae:3c:b2:0b:ad:d7:7e:a0:ae:63:54:6e:6c:d7:8b:61:f3:12: 6e:47:b3:5c:1e:e9:db:9d:03:2f:32:54:c4:46:b7:e9:c8:e1: ae:62:00:bc:d8:95:b3:17:aa:fc:f4:a5:d2:41:76:8b:05:96: ab:3f:61:e7:fe:58:79:d3:54:08:df:69:e6:89:51:4e:24:72: 06:0b:11:fd -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICDHMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjhERTkxMTAvBgNVBAUTKDQ2MjNBOUE0RDJFQTg1RTk4RkI1QTExQTBEMkNCMDgw Mzg4NzhGMEYwHhcNMjYwMzI0MTgyNzUxWhcNMjYwMzMxMTgyNzUxWjAYMRYwFAYD VQQDEw02OWMyZDdhNy0yNzg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzEPsTWi8EVafoMA2cmizU/LLld5ViPYRMVAk1f9zB+VZK3pJyeHOLrPc0zFe 67LceqQoyrlyaTySP3wU+voLynoR/TLN48RXIJk5E1uPpGrLlUHWRlFq5X/A62p2 yeDE4xqdJGiwioKUA41iuIh86SzA5YzY2VGIjU2OLt3sGTPR6hrHWhRfjHLu9xpS x8/TXRPTOsKXA8FSAUgfz7OxJramxaPsXdhec/PActHuiFIfsZ0yVfuSEBVlxqsD JNz4qeB/kTbsg7m9NHRygC92gFA+VuzfjaJhfIeuPl2v+vhgxKPXYUHjopDbXWp7 mQ4mGpjtC4/BBZoOA6Iy3N+q/QIDAQABo4ICczCCAm8wHQYDVR0OBBYEFIvaeO4o NFnJLK0JTFbLWzI7zJQqMB8GA1UdIwQYMBaAFEYjqaTS6oXpj7WhGg0ssIA4h48P MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOERFOS9EMDA0OUY4NjFC RDUxMUVBODBDQkNGMzZDNEY5QUUwMi9SaU9wcE5McWhlbVB0YUVhRFN5d2dEaUhq dzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1JpT3BwTkxxaGVtUHRhRWFEU3l3Z0RpSGp3OC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy OERFOS9EMDA0OUY4NjFCRDUxMUVBODBDQkNGMzZDNEY5QUUwMi9SaU9wcE5McWhl bVB0YUVhRFN5d2dEaUhqdzgubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAVAaj7s2QcLzOf87GOuvNm1Xy8RkOSVRSEu3enEvuVkQunqoKPGuZrTZ758V+ PmGjAnBf1D7zVBECi1NiyWYQHNsYdXbMsbIM2HweY55uO8fLaTU7/Cg7YtQkm1xp xPvFnQX5lmDHZ+PiQVPAdbSzy2uebWSViNLQYhsvCJAi0z7pQdMmr8WN3uDRRjv+ DnUQJMHF8Kh7FbIQPYOWMPpUloTqgrI86EmfaEv+AhziB2X8IJtvrjyyC63XfqCu Y1RubNeLYfMSbkezXB7p250DLzJUxEa36cjhrmIAvNiVsxeq/PSl0kF2iwWWqz9h 5/5YedNUCN9p5olRTiRyBgsR/Q== -----END CERTIFICATE-----Generated at Thu Mar 26 18:19:47 2026 by rpki-client