$ rpki-client -vvf rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft File: RiOppNLqhemPtaEaDSywgDiHjw8.mft (raw, json) Hash identifier: oKdN+DvEabSGdjB9M2qyCFUzEIenCCdRGxOZLpGiMvM= Subject key identifier: 0F:96:16:71:BD:F9:63:71:66:E9:49:60:5A:8B:8F:59:A5:38:B6:AD Authority key identifier: 46:23:A9:A4:D2:EA:85:E9:8F:B5:A1:1A:0D:2C:B0:80:38:87:8F:0F Certificate issuer: /CN=A9128DE9/serialNumber=4623A9A4D2EA85E98FB5A11A0D2CB08038878F0F Certificate serial: 0BEC Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RiOppNLqhemPtaEaDSywgDiHjw8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft Manifest number: 0BE6 Signing time: Sun 20 Jul 2025 18:53:36 +0000 Manifest this update: Sun 20 Jul 2025 18:53:35 +0000 Manifest next update: Sun 27 Jul 2025 18:53:35 +0000 Files and hashes: 1: RiOppNLqhemPtaEaDSywgDiHjw8.crl (hash: rh6+vVANeCNTkezzkmtmosWikPh4/5cv5/Gf2idoUlQ=) 2: 75E6DD481BDA11EAB3F45D44C4F9AE02.roa (hash: rIKErlmiWA8+S4ht3UIu2T4gm2uHnfIxSPm+f5gxatE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.crl rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RiOppNLqhemPtaEaDSywgDiHjw8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Jul 2025 18:53:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3052 (0xbec) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9128DE9, serialNumber=4623A9A4D2EA85E98FB5A11A0D2CB08038878F0F Validity Not Before: Jul 20 18:53:35 2025 GMT Not After : Jul 27 18:53:35 2025 GMT Subject: CN=687d3b30-6ffa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:83:9b:4e:34:70:c6:ae:6a:7a:0d:1c:d0:71: af:eb:fc:42:dc:f8:d1:79:d1:de:49:fd:dd:26:b7: e7:05:54:4b:87:72:a4:86:41:97:d5:d5:ce:d8:a2: c8:f8:83:d9:1b:56:53:0e:37:bb:b5:1a:36:fe:2d: 7d:03:fe:fb:d1:81:7b:b1:d1:aa:f6:e8:ad:a7:b8: 47:07:28:de:9c:b8:8d:d7:52:fc:49:7c:db:9d:40: 34:2e:9d:bf:6e:2b:9f:b1:92:af:6a:42:e0:d7:68: db:c1:56:89:f8:ba:79:3a:9c:20:a4:79:91:3c:b6: 61:82:41:44:76:03:2b:58:f5:04:a8:fa:29:c8:57: a3:b1:9a:75:f5:7f:fe:81:cc:38:4e:c1:f0:01:19: 06:24:a3:ab:9c:9a:f4:4f:7a:be:ec:f1:60:c6:c0: 6b:d2:28:05:6a:96:14:04:f3:0b:e5:d7:74:76:58: 26:48:9e:14:d5:13:9f:5d:c2:a5:a8:60:d6:3b:31: 98:6b:af:6a:bd:0f:9c:6f:4e:54:af:88:3e:99:bb: 73:60:3f:be:fa:f6:7a:91:c2:94:ca:7c:11:01:a8: 99:d8:df:fd:13:c0:e3:9d:8b:53:86:ed:8d:09:f6: d7:50:bd:11:78:9a:d8:d0:72:c9:a2:15:08:9d:6c: a8:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:96:16:71:BD:F9:63:71:66:E9:49:60:5A:8B:8F:59:A5:38:B6:AD X509v3 Authority Key Identifier: keyid:46:23:A9:A4:D2:EA:85:E9:8F:B5:A1:1A:0D:2C:B0:80:38:87:8F:0F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RiOppNLqhemPtaEaDSywgDiHjw8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 05:0f:ba:22:a9:55:08:e4:b1:39:90:de:ec:f0:8d:15:19:84: bf:e4:2d:2b:e6:e8:ea:1e:41:25:44:55:ff:47:a6:44:a1:7d: ad:eb:f6:aa:0d:10:a6:ab:1f:bd:88:2e:06:b1:8a:77:2d:f8: 75:eb:f3:0c:c3:ca:dc:99:c8:31:17:e4:5a:05:99:a2:96:0b: 3e:c0:23:bf:1b:72:ed:f9:70:9e:33:28:c3:22:88:01:6e:f2: 6d:42:10:6b:52:31:65:c4:e9:23:c1:4d:7c:fd:3c:91:75:b9: 52:15:c4:7f:e6:ab:a2:e6:b7:57:f7:71:5b:a0:f4:4e:c0:23: 1e:28:74:ce:04:42:71:19:6c:b7:60:c6:57:0c:42:ac:31:21: 83:28:71:39:b9:33:49:d1:7f:9e:16:95:da:23:ba:db:50:d3: 3f:49:75:28:1c:8c:2c:d8:f2:f5:8a:17:26:15:8a:42:8d:d4: cb:78:0c:a5:08:92:76:d6:0f:f3:f3:6e:c6:e5:fe:8c:fc:ae: cf:41:a0:fe:43:2c:2d:02:0f:13:dd:ff:fe:2a:db:51:e2:a5: 9d:21:ca:b3:e3:25:70:1d:b7:68:02:16:c1:22:60:f7:80:cd: 98:26:8e:c8:01:ef:60:f6:93:1c:f5:a6:70:98:3d:b5:73:be: e4:73:b5:24 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC+wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjhERTkxMTAvBgNVBAUTKDQ2MjNBOUE0RDJFQTg1RTk4RkI1QTExQTBEMkNCMDgw Mzg4NzhGMEYwHhcNMjUwNzIwMTg1MzM1WhcNMjUwNzI3MTg1MzM1WjAYMRYwFAYD VQQDEw02ODdkM2IzMC02ZmZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuIObTjRwxq5qeg0c0HGv6/xC3PjRedHeSf3dJrfnBVRLh3KkhkGX1dXO2KLI +IPZG1ZTDje7tRo2/i19A/770YF7sdGq9uitp7hHByjenLiN11L8SXzbnUA0Lp2/ biufsZKvakLg12jbwVaJ+Lp5OpwgpHmRPLZhgkFEdgMrWPUEqPopyFejsZp19X/+ gcw4TsHwARkGJKOrnJr0T3q+7PFgxsBr0igFapYUBPML5dd0dlgmSJ4U1ROfXcKl qGDWOzGYa69qvQ+cb05Ur4g+mbtzYD+++vZ6kcKUynwRAaiZ2N/9E8DjnYtThu2N CfbXUL0ReJrY0HLJohUInWyoyQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFA+WFnG9 +WNxZulJYFqLj1mlOLatMB8GA1UdIwQYMBaAFEYjqaTS6oXpj7WhGg0ssIA4h48P MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOERFOS9EMDA0OUY4NjFC RDUxMUVBODBDQkNGMzZDNEY5QUUwMi9SaU9wcE5McWhlbVB0YUVhRFN5d2dEaUhq dzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1JpT3BwTkxxaGVtUHRhRWFEU3l3Z0RpSGp3OC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy OERFOS9EMDA0OUY4NjFCRDUxMUVBODBDQkNGMzZDNEY5QUUwMi9SaU9wcE5McWhl bVB0YUVhRFN5d2dEaUhqdzgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAFD7oiqVUI5LE5kN7s8I0VGYS/5C0r5ujqHkElRFX/R6ZEoX2t6/aq DRCmqx+9iC4GsYp3Lfh16/MMw8rcmcgxF+RaBZmilgs+wCO/G3Lt+XCeMyjDIogB bvJtQhBrUjFlxOkjwU18/TyRdblSFcR/5qui5rdX93FboPROwCMeKHTOBEJxGWy3 YMZXDEKsMSGDKHE5uTNJ0X+eFpXaI7rbUNM/SXUoHIws2PL1ihcmFYpCjdTLeAyl CJJ21g/z827G5f6M/K7PQaD+QywtAg8T3f/+KttR4qWdIcqz4yVwHbdoAhbBImD3 gM2YJo7IAe9g9pMc9aZwmD21c77kc7Uk -----END CERTIFICATE-----Generated at Mon Jul 21 18:29:59 2025 by rpki-client