$ rpki-client -vvf rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft File: RiOppNLqhemPtaEaDSywgDiHjw8.mft (raw, json) Hash identifier: +c6CrtKKRtxswMB9aTH8mfD3SF2hWPLPRQzKVo966zw= Subject key identifier: FA:4F:B3:19:7B:07:49:E9:74:B1:C1:FD:03:D2:3F:46:67:FF:B2:8F Authority key identifier: 46:23:A9:A4:D2:EA:85:E9:8F:B5:A1:1A:0D:2C:B0:80:38:87:8F:0F Certificate issuer: /CN=A9128DE9/serialNumber=4623A9A4D2EA85E98FB5A11A0D2CB08038878F0F Certificate serial: 0C97 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RiOppNLqhemPtaEaDSywgDiHjw8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft Manifest number: 0C8E Signing time: Tue 02 Jun 2026 18:35:26 +0000 Manifest this update: Tue 02 Jun 2026 18:35:25 +0000 Manifest next update: Tue 09 Jun 2026 18:35:25 +0000 Files and hashes: 1: RiOppNLqhemPtaEaDSywgDiHjw8.crl (hash: cqk4dfDyDM0fTt+OL+QbuDHezXpFLPBmAixG8DQiXCQ=) 2: 75E6DD481BDA11EAB3F45D44C4F9AE02.roa (hash: n9Crm/X8BIyWrbtx9XSuVfzuzzUyJa39Yk0aZo9vy/0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.crl rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RiOppNLqhemPtaEaDSywgDiHjw8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Jun 2026 15:18:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3223 (0xc97) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9128DE9, serialNumber=4623A9A4D2EA85E98FB5A11A0D2CB08038878F0F Validity Not Before: Jun 2 18:35:25 2026 GMT Not After : Jun 9 18:35:25 2026 GMT Subject: CN=6a1f226d-163a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:c0:44:d7:8f:e3:d6:1a:27:0f:f7:76:fd:0f: 5b:96:60:10:b0:72:16:45:42:0f:a2:03:c0:a0:3c: 59:c5:6a:de:34:ee:e6:30:1e:43:c3:ff:d6:25:7d: b8:88:a4:49:03:b6:19:ce:8f:c2:e5:4c:e8:e3:de: a3:0f:ea:de:1e:70:13:5f:5a:41:0f:11:09:cf:a0: 6a:a3:f2:6f:44:b4:fa:0b:80:fa:2d:2d:d6:34:ce: 9d:c2:b9:f7:0b:22:97:4d:b9:47:d2:af:10:2f:ba: e3:2f:b9:ce:9e:c2:dc:91:6a:0f:3d:23:4d:fc:1a: 64:10:a2:14:95:5d:57:76:a0:ac:55:8b:dd:71:cf: 7a:ac:59:50:db:5d:ef:63:8e:ba:8c:85:5a:8b:33: 42:73:99:60:27:ab:de:bc:df:b6:1c:1d:de:a7:a3: 42:e1:83:82:c0:83:4e:ff:55:95:25:05:87:1f:2d: d0:91:0a:4a:8b:45:d9:03:32:81:d9:02:0b:9a:58: 8a:b5:ed:ed:63:2e:f2:22:3c:73:26:60:c5:83:5d: cd:28:71:39:e9:cb:bc:4f:a3:96:c8:8f:7a:5c:e2: e3:7a:f8:77:31:00:04:b9:e6:a8:b1:70:cb:79:6e: 99:45:d0:f8:f1:77:aa:1e:89:69:4b:9a:6d:40:9c: 20:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:4F:B3:19:7B:07:49:E9:74:B1:C1:FD:03:D2:3F:46:67:FF:B2:8F X509v3 Authority Key Identifier: keyid:46:23:A9:A4:D2:EA:85:E9:8F:B5:A1:1A:0D:2C:B0:80:38:87:8F:0F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RiOppNLqhemPtaEaDSywgDiHjw8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3a:ab:68:94:26:86:3b:c7:90:e4:ab:58:b3:b1:c0:ed:27:69: 35:fe:da:3c:c1:0f:a8:28:35:f1:3b:52:c7:ba:67:1e:94:34: ce:01:e3:52:44:72:93:31:fa:72:a6:f9:7f:0b:9e:eb:f0:fc: 8f:44:b7:53:ec:d6:bf:0d:24:50:26:83:9c:9c:01:22:58:e9: ea:00:fd:c1:fb:0e:f7:46:bb:87:22:f3:f6:e6:85:be:ef:5f: 31:8f:04:bd:37:ea:29:d4:10:55:b4:74:87:8b:0b:db:50:96: 86:e7:29:c9:40:d3:15:8b:56:0c:80:3d:e4:a6:0d:7b:b1:ca: 45:d1:eb:87:8c:b6:8c:7f:df:97:9d:d3:cf:ab:a3:30:83:6a: 0a:6e:dd:6d:c5:0a:b9:61:dc:0b:41:bd:2e:b6:df:54:e2:2d: 16:3d:db:cd:89:8a:71:b2:69:15:77:9c:6e:55:80:82:b7:9d: e7:a7:dd:0b:55:5f:30:0b:dc:6e:c8:57:19:e8:7d:e2:43:35: 1f:27:e6:6e:8a:95:84:f9:64:0a:30:f0:43:94:63:44:56:e1: 08:4b:37:21:e5:2b:59:f2:ac:b8:eb:80:fa:38:80:fb:21:ed: d0:aa:a3:55:9b:1b:87:1a:c0:bc:79:54:d3:7b:2a:ca:11:2f: 72:81:7b:e4 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICDJcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjhERTkxMTAvBgNVBAUTKDQ2MjNBOUE0RDJFQTg1RTk4RkI1QTExQTBEMkNCMDgw Mzg4NzhGMEYwHhcNMjYwNjAyMTgzNTI1WhcNMjYwNjA5MTgzNTI1WjAYMRYwFAYD VQQDEw02YTFmMjI2ZC0xNjNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4MBE14/j1honD/d2/Q9blmAQsHIWRUIPogPAoDxZxWreNO7mMB5Dw//WJX24 iKRJA7YZzo/C5Uzo496jD+reHnATX1pBDxEJz6Bqo/JvRLT6C4D6LS3WNM6dwrn3 CyKXTblH0q8QL7rjL7nOnsLckWoPPSNN/BpkEKIUlV1XdqCsVYvdcc96rFlQ213v Y466jIVaizNCc5lgJ6vevN+2HB3ep6NC4YOCwINO/1WVJQWHHy3QkQpKi0XZAzKB 2QILmliKte3tYy7yIjxzJmDFg13NKHE56cu8T6OWyI96XOLjevh3MQAEueaosXDL eW6ZRdD48XeqHolpS5ptQJwgVwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFPpPsxl7 B0npdLHB/QPSP0Zn/7KPMB8GA1UdIwQYMBaAFEYjqaTS6oXpj7WhGg0ssIA4h48P MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOERFOS9EMDA0OUY4NjFC RDUxMUVBODBDQkNGMzZDNEY5QUUwMi9SaU9wcE5McWhlbVB0YUVhRFN5d2dEaUhq dzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1JpT3BwTkxxaGVtUHRhRWFEU3l3Z0RpSGp3OC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy OERFOS9EMDA0OUY4NjFCRDUxMUVBODBDQkNGMzZDNEY5QUUwMi9SaU9wcE5McWhl bVB0YUVhRFN5d2dEaUhqdzgubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAOqtolCaGO8eQ5KtYs7HA7SdpNf7aPMEPqCg18TtSx7pnHpQ0zgHjUkRykzH6 cqb5fwue6/D8j0S3U+zWvw0kUCaDnJwBIljp6gD9wfsO90a7hyLz9uaFvu9fMY8E vTfqKdQQVbR0h4sL21CWhucpyUDTFYtWDIA95KYNe7HKRdHrh4y2jH/fl53Tz6uj MINqCm7dbcUKuWHcC0G9LrbfVOItFj3bzYmKcbJpFXecblWAgred56fdC1VfMAvc bshXGeh94kM1HyfmboqVhPlkCjDwQ5RjRFbhCEs3IeUrWfKsuOuA+jiA+yHt0Kqj VZsbhxrAvHlU03sqyhEvcoF75A== -----END CERTIFICATE-----Generated at Tue Jun 2 21:20:08 2026 by rpki-client