$ rpki-client -vvf rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft File: RiOppNLqhemPtaEaDSywgDiHjw8.mft (raw, json) Hash identifier: 6NKV/UYwenqXTlJZd/1rcKfEHrBQACYOZ97hZiPLoNY= Subject key identifier: 4B:AF:5C:9C:0A:55:42:07:19:20:EF:EE:2B:F4:CB:45:43:31:56:4E Authority key identifier: 46:23:A9:A4:D2:EA:85:E9:8F:B5:A1:1A:0D:2C:B0:80:38:87:8F:0F Certificate issuer: /CN=A9128DE9/serialNumber=4623A9A4D2EA85E98FB5A11A0D2CB08038878F0F Certificate serial: 0BD3 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RiOppNLqhemPtaEaDSywgDiHjw8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft Manifest number: 0BCD Signing time: Sat 31 May 2025 18:56:09 +0000 Manifest this update: Sat 31 May 2025 18:56:09 +0000 Manifest next update: Sat 07 Jun 2025 18:56:09 +0000 Files and hashes: 1: RiOppNLqhemPtaEaDSywgDiHjw8.crl (hash: Ok+2nzeIr/t/Yd9iY80xvJQ1Y1jHcEEuHnHlGjzm++A=) 2: 75E6DD481BDA11EAB3F45D44C4F9AE02.roa (hash: rIKErlmiWA8+S4ht3UIu2T4gm2uHnfIxSPm+f5gxatE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.crl rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RiOppNLqhemPtaEaDSywgDiHjw8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 18:56:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3027 (0xbd3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9128DE9, serialNumber=4623A9A4D2EA85E98FB5A11A0D2CB08038878F0F Validity Not Before: May 31 18:56:09 2025 GMT Not After : Jun 7 18:56:09 2025 GMT Subject: CN=683b50c9-7430 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:77:1d:6e:56:c3:2d:4f:e0:e9:50:3f:5f:75: 3d:a4:7a:99:08:f8:2f:cc:01:f1:65:74:17:69:ab: 62:23:24:81:70:26:90:6d:a5:a5:2e:d1:2c:16:2d: fd:25:76:bc:56:54:56:5d:1b:b7:e8:ff:b0:cd:91: 40:18:ac:db:82:90:ba:ad:0e:9f:4e:d0:59:32:da: 21:9c:f4:57:2e:c0:d4:23:95:cb:f6:a3:4e:e5:09: 01:94:9f:f3:3a:88:54:ea:60:1e:c5:34:c9:01:47: 6a:71:a7:3e:dd:4c:5d:75:87:da:ae:de:d1:c6:f3: f3:ba:5a:7a:df:ec:6e:d8:e9:e1:ba:89:f9:f0:c0: 4d:6f:3f:0b:97:b1:4f:96:49:60:bd:0a:b0:40:47: 3c:93:57:11:70:ab:4d:56:8a:db:e0:a7:a5:66:d9: 11:0d:68:94:a3:f9:1e:0d:1e:14:76:f4:fc:59:05: 93:d9:70:ae:b5:fe:b5:03:0c:ff:79:43:87:5c:b9: 98:fa:fd:aa:6f:af:ce:91:95:21:6b:9b:3f:cb:8b: d4:09:ef:c0:2f:b0:1f:02:3e:3c:86:f0:5f:7b:3f: 8e:06:d6:64:6d:7d:ee:f8:3d:2e:ea:e5:9d:ab:5c: ee:81:37:57:91:6c:e8:0a:fa:3a:e7:8a:79:c3:a0: 92:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:AF:5C:9C:0A:55:42:07:19:20:EF:EE:2B:F4:CB:45:43:31:56:4E X509v3 Authority Key Identifier: keyid:46:23:A9:A4:D2:EA:85:E9:8F:B5:A1:1A:0D:2C:B0:80:38:87:8F:0F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RiOppNLqhemPtaEaDSywgDiHjw8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3e:21:77:d1:05:bc:3e:fa:5a:67:34:94:45:32:b7:e1:fe:8b: ee:f1:60:76:19:20:5e:e4:66:78:d3:d9:ff:11:b2:ce:bb:1c: 3f:b5:39:01:e7:8b:95:d0:09:6c:dc:2c:09:76:ae:10:bb:49: 17:02:62:c6:ba:f6:df:7d:3b:c4:3c:f2:e6:d1:dd:ac:61:9a: cd:7c:f5:bf:00:c1:57:8e:a3:45:83:1c:54:56:77:7b:6c:3a: d8:58:3a:1a:22:64:87:bf:26:6c:e8:33:1c:d0:74:9c:f5:07: f1:cc:e0:9d:70:16:af:72:af:fe:3e:68:5b:ae:06:e7:cb:d0: 6c:5c:12:a1:99:02:e0:51:51:d3:cd:cc:3a:2e:3f:a8:45:92: 94:50:0d:76:85:da:95:c4:ce:ae:4e:cb:79:f3:9a:a1:d0:e2: b8:69:d1:76:f9:c2:56:f9:ff:ea:38:b3:17:76:2d:c5:85:28: 02:38:3e:1d:a5:4e:86:4e:07:83:53:c7:15:da:39:65:7f:5c: 47:08:0d:9d:5a:76:23:65:8c:a6:66:71:64:a8:5d:94:7f:aa: 3b:fe:e7:88:fd:92:06:09:6b:09:a4:2c:2e:b0:d3:5d:5b:d2: ae:10:47:9c:cb:c7:7b:fa:9b:83:82:c8:19:71:ee:9a:c3:5a: d6:e5:94:41 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC9MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjhERTkxMTAvBgNVBAUTKDQ2MjNBOUE0RDJFQTg1RTk4RkI1QTExQTBEMkNCMDgw Mzg4NzhGMEYwHhcNMjUwNTMxMTg1NjA5WhcNMjUwNjA3MTg1NjA5WjAYMRYwFAYD VQQDEw02ODNiNTBjOS03NDMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsHcdblbDLU/g6VA/X3U9pHqZCPgvzAHxZXQXaatiIySBcCaQbaWlLtEsFi39 JXa8VlRWXRu36P+wzZFAGKzbgpC6rQ6fTtBZMtohnPRXLsDUI5XL9qNO5QkBlJ/z OohU6mAexTTJAUdqcac+3UxddYfart7RxvPzulp63+xu2Onhuon58MBNbz8Ll7FP lklgvQqwQEc8k1cRcKtNVorb4KelZtkRDWiUo/keDR4UdvT8WQWT2XCutf61Awz/ eUOHXLmY+v2qb6/OkZUha5s/y4vUCe/AL7AfAj48hvBfez+OBtZkbX3u+D0u6uWd q1zugTdXkWzoCvo654p5w6CSXwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEuvXJwK VUIHGSDv7iv0y0VDMVZOMB8GA1UdIwQYMBaAFEYjqaTS6oXpj7WhGg0ssIA4h48P MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOERFOS9EMDA0OUY4NjFC RDUxMUVBODBDQkNGMzZDNEY5QUUwMi9SaU9wcE5McWhlbVB0YUVhRFN5d2dEaUhq dzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1JpT3BwTkxxaGVtUHRhRWFEU3l3Z0RpSGp3OC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy OERFOS9EMDA0OUY4NjFCRDUxMUVBODBDQkNGMzZDNEY5QUUwMi9SaU9wcE5McWhl bVB0YUVhRFN5d2dEaUhqdzgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA+IXfRBbw++lpnNJRFMrfh/ovu8WB2GSBe5GZ409n/EbLOuxw/tTkB 54uV0Als3CwJdq4Qu0kXAmLGuvbffTvEPPLm0d2sYZrNfPW/AMFXjqNFgxxUVnd7 bDrYWDoaImSHvyZs6DMc0HSc9QfxzOCdcBavcq/+Pmhbrgbny9BsXBKhmQLgUVHT zcw6Lj+oRZKUUA12hdqVxM6uTst585qh0OK4adF2+cJW+f/qOLMXdi3FhSgCOD4d pU6GTgeDU8cV2jllf1xHCA2dWnYjZYymZnFkqF2Uf6o7/ueI/ZIGCWsJpCwusNNd W9KuEEecy8d7+puDgsgZce6aw1rW5ZRB -----END CERTIFICATE-----Generated at Mon Jun 2 20:53:38 2025 by rpki-client