$ rpki-client -vvf rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft File: RiOppNLqhemPtaEaDSywgDiHjw8.mft (raw, json) Hash identifier: bXQb2Huu5tIME1Mm54Vmq/XqCxd9ryIT1iqbmZi2Kio= Subject key identifier: 01:6D:B9:EC:4F:3C:91:FE:B5:8E:97:D0:31:B6:88:1B:08:C1:C9:52 Authority key identifier: 46:23:A9:A4:D2:EA:85:E9:8F:B5:A1:1A:0D:2C:B0:80:38:87:8F:0F Certificate issuer: /CN=A9128DE9/serialNumber=4623A9A4D2EA85E98FB5A11A0D2CB08038878F0F Certificate serial: 0BCB Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RiOppNLqhemPtaEaDSywgDiHjw8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft Manifest number: 0BC5 Signing time: Wed 14 May 2025 18:59:45 +0000 Manifest this update: Wed 14 May 2025 18:59:44 +0000 Manifest next update: Wed 21 May 2025 18:59:44 +0000 Files and hashes: 1: RiOppNLqhemPtaEaDSywgDiHjw8.crl (hash: hemc6sbfR44uQyOq4zucbomCi9NAb16iLvZ7IRto5mg=) 2: 75E6DD481BDA11EAB3F45D44C4F9AE02.roa (hash: rIKErlmiWA8+S4ht3UIu2T4gm2uHnfIxSPm+f5gxatE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.crl rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RiOppNLqhemPtaEaDSywgDiHjw8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 21 May 2025 18:59:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3019 (0xbcb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9128DE9, serialNumber=4623A9A4D2EA85E98FB5A11A0D2CB08038878F0F Validity Not Before: May 14 18:59:44 2025 GMT Not After : May 21 18:59:44 2025 GMT Subject: CN=6824e821-9559 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:1e:47:e0:0b:5a:48:f2:0f:c9:29:63:78:f5: c9:aa:e6:65:06:8c:a9:af:aa:e6:c8:ea:6c:f0:46: ae:4c:0a:34:98:c9:ab:af:d7:09:86:37:6d:11:88: 1d:2a:46:e3:c8:29:be:21:17:c0:3f:97:b4:4b:04: 60:39:02:50:33:af:25:11:d8:66:12:6d:55:2a:3b: 96:36:05:76:dc:03:a5:bc:cb:a8:1a:12:0e:51:c1: c8:4a:7c:0a:d4:60:40:48:2b:8b:44:40:9b:3c:0b: 86:3d:77:9a:cb:1a:fa:87:dd:95:01:60:4e:b1:8c: 5b:e3:71:4c:a2:bf:ac:b3:82:91:d9:26:d9:58:c5: 17:bf:80:05:58:44:56:6e:61:7f:f8:24:ee:d0:79: 23:8f:22:f2:cc:54:7a:38:12:48:89:de:42:94:b9: f9:a2:d8:5d:7b:e7:fc:8d:a1:a3:6b:30:4a:e9:90: 19:1b:2f:64:4f:cb:10:8d:4c:d8:71:d9:fe:d1:ea: fe:21:76:e9:b8:81:85:d2:69:58:46:da:fe:95:50: 4f:74:2c:33:8c:d0:d6:2e:1d:2f:6f:38:9b:52:e0: 12:c8:02:02:21:1e:b7:c1:f2:94:71:21:74:1b:75: c8:ac:28:1c:d3:32:c6:22:9f:bd:29:a9:d4:6e:2d: 3c:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:6D:B9:EC:4F:3C:91:FE:B5:8E:97:D0:31:B6:88:1B:08:C1:C9:52 X509v3 Authority Key Identifier: keyid:46:23:A9:A4:D2:EA:85:E9:8F:B5:A1:1A:0D:2C:B0:80:38:87:8F:0F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RiOppNLqhemPtaEaDSywgDiHjw8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9d:d7:de:b7:a5:f9:08:08:29:6c:8a:c0:23:42:3a:76:a0:d4: b2:7b:11:68:31:f7:f1:e4:19:81:c7:a2:b8:7a:69:71:31:df: ee:65:a8:2c:71:d2:55:8b:41:0f:fc:bb:cb:23:52:62:7f:0a: 81:5b:b5:18:40:fd:e8:65:26:03:5d:0c:64:10:80:ad:7e:97: 64:5b:24:90:25:8f:b7:42:3c:52:c8:0b:a0:a3:40:9a:f2:51: fb:37:e8:ca:6d:1b:69:e2:a3:1c:72:b5:5f:33:d0:9d:e7:0d: 31:0b:e4:4c:c2:1d:17:28:a5:fd:5a:bb:30:3e:58:2c:f8:83: f3:75:b2:a9:aa:fd:22:21:ba:b3:fd:2d:19:33:69:39:1c:67: 06:65:d5:2a:93:1f:3e:15:9b:0f:1f:17:d8:a9:d5:3b:9b:71: 96:a2:ca:91:4a:56:42:81:75:20:55:62:0c:31:22:9d:b2:a4: 17:ce:e2:31:2f:60:61:59:7e:06:d1:2d:48:16:ca:f7:c2:a3: 24:32:b5:a2:87:f2:b6:f9:17:24:de:49:62:7d:fa:d1:4d:8d: 6b:29:9c:8f:ac:43:75:7b:c1:3b:a9:2a:1c:ef:b1:88:1b:d4: 9e:be:41:18:0e:1b:03:57:a2:00:aa:64:f3:8b:e4:e4:5c:a8: 1f:81:17:58 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC8swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjhERTkxMTAvBgNVBAUTKDQ2MjNBOUE0RDJFQTg1RTk4RkI1QTExQTBEMkNCMDgw Mzg4NzhGMEYwHhcNMjUwNTE0MTg1OTQ0WhcNMjUwNTIxMTg1OTQ0WjAYMRYwFAYD VQQDEw02ODI0ZTgyMS05NTU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAth5H4AtaSPIPySljePXJquZlBoypr6rmyOps8EauTAo0mMmrr9cJhjdtEYgd KkbjyCm+IRfAP5e0SwRgOQJQM68lEdhmEm1VKjuWNgV23AOlvMuoGhIOUcHISnwK 1GBASCuLRECbPAuGPXeayxr6h92VAWBOsYxb43FMor+ss4KR2SbZWMUXv4AFWERW bmF/+CTu0HkjjyLyzFR6OBJIid5ClLn5othde+f8jaGjazBK6ZAZGy9kT8sQjUzY cdn+0er+IXbpuIGF0mlYRtr+lVBPdCwzjNDWLh0vbzibUuASyAICIR63wfKUcSF0 G3XIrCgc0zLGIp+9KanUbi08awIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAFtuexP PJH+tY6X0DG2iBsIwclSMB8GA1UdIwQYMBaAFEYjqaTS6oXpj7WhGg0ssIA4h48P MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOERFOS9EMDA0OUY4NjFC RDUxMUVBODBDQkNGMzZDNEY5QUUwMi9SaU9wcE5McWhlbVB0YUVhRFN5d2dEaUhq dzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1JpT3BwTkxxaGVtUHRhRWFEU3l3Z0RpSGp3OC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy OERFOS9EMDA0OUY4NjFCRDUxMUVBODBDQkNGMzZDNEY5QUUwMi9SaU9wcE5McWhl bVB0YUVhRFN5d2dEaUhqdzgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCd1963pfkICClsisAjQjp2oNSyexFoMffx5BmBx6K4emlxMd/uZags cdJVi0EP/LvLI1JifwqBW7UYQP3oZSYDXQxkEICtfpdkWySQJY+3QjxSyAugo0Ca 8lH7N+jKbRtp4qMccrVfM9Cd5w0xC+RMwh0XKKX9WrswPlgs+IPzdbKpqv0iIbqz /S0ZM2k5HGcGZdUqkx8+FZsPHxfYqdU7m3GWosqRSlZCgXUgVWIMMSKdsqQXzuIx L2BhWX4G0S1IFsr3wqMkMrWih/K2+Rck3kliffrRTY1rKZyPrEN1e8E7qSoc77GI G9SevkEYDhsDV6IAqmTzi+TkXKgfgRdY -----END CERTIFICATE-----Generated at Fri May 16 09:28:02 2025 by rpki-client