$ rpki-client -vvf rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft File: RiOppNLqhemPtaEaDSywgDiHjw8.mft (raw, json) Hash identifier: 1tEcFY7Y32nM1SiMY7jGgJxptvfTydvrxfOCc1uiHjQ= Subject key identifier: 6F:58:A9:AF:AE:BB:4E:81:A8:A3:BF:B3:69:C6:7E:EE:6E:C6:55:A8 Authority key identifier: 46:23:A9:A4:D2:EA:85:E9:8F:B5:A1:1A:0D:2C:B0:80:38:87:8F:0F Certificate issuer: /CN=A9128DE9/serialNumber=4623A9A4D2EA85E98FB5A11A0D2CB08038878F0F Certificate serial: 0BB9 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RiOppNLqhemPtaEaDSywgDiHjw8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft Manifest number: 0BB3 Signing time: Tue 08 Apr 2025 18:48:48 +0000 Manifest this update: Tue 08 Apr 2025 18:48:48 +0000 Manifest next update: Tue 15 Apr 2025 18:48:48 +0000 Files and hashes: 1: RiOppNLqhemPtaEaDSywgDiHjw8.crl (hash: L3K0Lwqfd7c5ll9ah2nJ5litDp1BC8hc4ANZw92q2ZE=) 2: 75E6DD481BDA11EAB3F45D44C4F9AE02.roa (hash: rIKErlmiWA8+S4ht3UIu2T4gm2uHnfIxSPm+f5gxatE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.crl rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RiOppNLqhemPtaEaDSywgDiHjw8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 15 Apr 2025 18:48:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3001 (0xbb9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9128DE9 Validity Not Before: Apr 8 18:48:48 2025 GMT Not After : Apr 15 18:48:48 2025 GMT Subject: CN=67f56f90-927b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:4a:15:cd:04:4b:06:46:f0:d7:b6:09:f7:8b: 50:e8:82:66:bd:ab:9c:be:d7:e2:cf:93:a9:96:3e: 00:e7:5a:25:45:8a:51:4d:68:d4:8f:13:aa:e1:f5: b1:09:e7:6f:93:04:08:c3:ce:61:a8:f4:f9:e7:9e: e1:38:01:46:3f:ed:42:58:51:61:b4:fd:8b:dd:d1: 9d:08:d8:91:b8:2b:8d:4a:68:6b:f4:56:cf:2a:29: a4:fd:a2:77:07:0c:49:1e:c6:e3:67:8a:c8:45:ed: f6:a7:78:fe:8d:fa:a8:df:37:9d:95:37:a1:64:ce: db:77:a5:a3:d6:72:b0:e1:78:73:19:9f:da:3c:62: ee:5e:70:cd:60:59:c6:3b:55:e6:0c:d5:64:d6:13: ad:29:d9:0d:c5:e2:94:3b:b9:85:32:27:99:72:b2: aa:95:fd:9a:5d:1d:7f:7d:89:31:df:ba:1f:a0:c5: 8e:73:12:45:65:af:bd:51:f2:74:a9:3c:df:fb:b7: 57:e0:3f:bc:23:a6:6e:71:40:64:bb:51:ca:c3:68: 58:12:c9:eb:03:a0:76:18:04:33:e1:19:21:08:3d: 61:89:6c:40:db:07:4e:81:23:9e:6c:03:ca:74:bf: 29:b9:c0:2f:f7:d0:9e:f2:a8:eb:25:f5:67:bd:5b: 89:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:58:A9:AF:AE:BB:4E:81:A8:A3:BF:B3:69:C6:7E:EE:6E:C6:55:A8 X509v3 Authority Key Identifier: keyid:46:23:A9:A4:D2:EA:85:E9:8F:B5:A1:1A:0D:2C:B0:80:38:87:8F:0F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RiOppNLqhemPtaEaDSywgDiHjw8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 06:c1:dc:53:b4:b8:92:dc:a6:0d:f2:80:25:92:fa:ad:52:3f: a2:11:5e:ab:f4:22:ba:59:df:3e:91:bd:f0:98:84:57:90:99: 56:fd:c0:a0:42:08:2c:30:41:5f:69:02:06:60:9f:8e:3d:ef: 7b:3d:27:98:b0:d3:9d:8f:8d:83:75:7b:65:9f:99:86:55:26: 51:61:3d:7a:25:6a:8d:d3:64:fc:50:e6:00:21:d0:9c:7c:65: 0b:f0:7b:61:94:fd:46:28:46:dc:1c:b9:39:3d:8a:c9:2a:4f: 10:33:6b:f3:59:ca:e8:d0:5f:2d:01:5a:10:2b:c2:ea:12:6f: c8:17:87:05:b1:65:9c:3e:60:5e:04:ae:08:ed:8d:22:c7:2a: e0:e3:67:11:e7:50:be:15:45:e1:c3:02:a4:a2:79:91:5b:09: 5c:4f:87:d5:33:1d:9d:0d:c0:55:d1:ff:b9:a1:f2:9f:e9:03: 42:67:fd:79:12:6c:89:12:07:74:c1:ef:1d:62:ac:2f:a1:b7: 2c:70:62:53:8f:54:7a:f7:35:17:88:63:b5:32:e2:c3:00:f9: 29:32:4c:3e:0d:c7:a8:54:8f:34:e8:72:58:89:be:15:ea:05: fd:1e:32:3c:a4:d8:6e:7d:76:e9:42:90:7f:d4:7d:86:56:63: 56:1a:b8:65 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC7kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjhERTkxMTAvBgNVBAUTKDQ2MjNBOUE0RDJFQTg1RTk4RkI1QTExQTBEMkNCMDgw Mzg4NzhGMEYwHhcNMjUwNDA4MTg0ODQ4WhcNMjUwNDE1MTg0ODQ4WjAYMRYwFAYD VQQDEw02N2Y1NmY5MC05MjdiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5koVzQRLBkbw17YJ94tQ6IJmvaucvtfiz5Oplj4A51olRYpRTWjUjxOq4fWx CedvkwQIw85hqPT5557hOAFGP+1CWFFhtP2L3dGdCNiRuCuNSmhr9FbPKimk/aJ3 BwxJHsbjZ4rIRe32p3j+jfqo3zedlTehZM7bd6Wj1nKw4XhzGZ/aPGLuXnDNYFnG O1XmDNVk1hOtKdkNxeKUO7mFMieZcrKqlf2aXR1/fYkx37ofoMWOcxJFZa+9UfJ0 qTzf+7dX4D+8I6ZucUBku1HKw2hYEsnrA6B2GAQz4RkhCD1hiWxA2wdOgSOebAPK dL8pucAv99Ce8qjrJfVnvVuJAQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFG9Yqa+u u06BqKO/s2nGfu5uxlWoMB8GA1UdIwQYMBaAFEYjqaTS6oXpj7WhGg0ssIA4h48P MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOERFOS9EMDA0OUY4NjFC RDUxMUVBODBDQkNGMzZDNEY5QUUwMi9SaU9wcE5McWhlbVB0YUVhRFN5d2dEaUhq dzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1JpT3BwTkxxaGVtUHRhRWFEU3l3Z0RpSGp3OC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy OERFOS9EMDA0OUY4NjFCRDUxMUVBODBDQkNGMzZDNEY5QUUwMi9SaU9wcE5McWhl bVB0YUVhRFN5d2dEaUhqdzgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAGwdxTtLiS3KYN8oAlkvqtUj+iEV6r9CK6Wd8+kb3wmIRXkJlW/cCg QggsMEFfaQIGYJ+OPe97PSeYsNOdj42DdXtln5mGVSZRYT16JWqN02T8UOYAIdCc fGUL8HthlP1GKEbcHLk5PYrJKk8QM2vzWcro0F8tAVoQK8LqEm/IF4cFsWWcPmBe BK4I7Y0ixyrg42cR51C+FUXhwwKkonmRWwlcT4fVMx2dDcBV0f+5ofKf6QNCZ/15 EmyJEgd0we8dYqwvobcscGJTj1R69zUXiGO1MuLDAPkpMkw+DceoVI806HJYib4V 6gX9HjI8pNhufXbpQpB/1H2GVmNWGrhl -----END CERTIFICATE-----Generated at Tue Apr 8 22:35:06 2025 by rpki-client