$ rpki-client -vvf rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft File: RiOppNLqhemPtaEaDSywgDiHjw8.mft (raw, json) Hash identifier: IedtJJ+4hm7/TW1HQXa8b2nKqL0HsxPk6fCekmBrnm4= Subject key identifier: 89:55:AD:82:16:E5:EE:82:CC:9E:8D:15:11:BB:12:AB:64:C1:67:0F Authority key identifier: 46:23:A9:A4:D2:EA:85:E9:8F:B5:A1:1A:0D:2C:B0:80:38:87:8F:0F Certificate issuer: /CN=A9128DE9/serialNumber=4623A9A4D2EA85E98FB5A11A0D2CB08038878F0F Certificate serial: 0BF9 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RiOppNLqhemPtaEaDSywgDiHjw8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft Manifest number: 0BF2 Signing time: Fri 08 Aug 2025 19:02:18 +0000 Manifest this update: Fri 08 Aug 2025 19:02:18 +0000 Manifest next update: Fri 15 Aug 2025 19:02:18 +0000 Files and hashes: 1: RiOppNLqhemPtaEaDSywgDiHjw8.crl (hash: eWanNSie9K/Brb/xzuBTCdIaVoP6j8RaJbVcHQrBJf8=) 2: 75E6DD481BDA11EAB3F45D44C4F9AE02.roa (hash: CqtlIV8oyS/ltG/c7wrvUbZ8dS3VADjXiEg/AjA1Uu4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.crl rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RiOppNLqhemPtaEaDSywgDiHjw8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3065 (0xbf9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9128DE9, serialNumber=4623A9A4D2EA85E98FB5A11A0D2CB08038878F0F Validity Not Before: Aug 8 19:02:18 2025 GMT Not After : Aug 15 19:02:18 2025 GMT Subject: CN=689649ba-3078 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:5b:e8:a4:f5:5b:fe:36:51:3c:3e:a5:de:8b: 26:ef:1f:67:52:77:0d:f4:9e:82:66:a7:ed:0a:ec: 8e:0a:15:04:1b:fb:f0:69:cc:2f:39:67:3b:e6:5a: aa:cb:b8:3f:cb:22:c3:23:9b:ee:bd:2a:8f:4e:0b: d6:a0:aa:72:95:58:29:21:9d:e5:9b:3a:b3:ea:52: 0c:d6:10:53:8f:70:3e:c0:52:ca:20:62:a8:f1:a9: d0:8a:83:7c:e4:77:a5:d5:1d:11:1c:db:c1:b9:29: 9c:ab:df:e6:cd:93:a9:9d:5c:aa:15:ff:d9:88:c0: a3:65:51:a5:eb:7e:65:68:02:9a:88:e2:e4:8b:55: f3:08:24:f5:25:fd:ec:ee:7a:4d:3a:5d:0d:83:f5: a5:0c:c3:eb:3d:00:57:15:30:ed:19:c4:a7:29:b9: bb:fc:04:c3:03:1c:39:b2:26:87:0b:97:47:3d:5c: 7a:7c:30:8a:66:aa:39:33:77:25:92:07:2d:b2:ca: 4e:33:b1:a6:7e:d1:c0:0b:90:61:d8:5d:6d:f0:de: 0f:9d:db:6d:f8:44:28:66:85:d6:2f:77:34:c8:13: 13:9a:70:f4:a5:e9:6d:50:d6:6a:84:16:04:46:02: 27:b0:52:af:3c:82:b0:87:9c:89:12:ac:d9:ac:75: d7:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:55:AD:82:16:E5:EE:82:CC:9E:8D:15:11:BB:12:AB:64:C1:67:0F X509v3 Authority Key Identifier: keyid:46:23:A9:A4:D2:EA:85:E9:8F:B5:A1:1A:0D:2C:B0:80:38:87:8F:0F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RiOppNLqhemPtaEaDSywgDiHjw8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 60:9e:39:60:2d:b1:56:57:52:98:0a:49:7a:76:c6:15:67:77: 32:bc:99:4a:4b:8d:f5:ac:0c:b4:3d:ef:76:ef:52:de:67:1c: 0d:d2:cb:ec:a3:da:e2:fd:e1:80:81:f8:6b:aa:fd:82:4e:1d: 50:bd:e4:61:df:68:ea:fd:2f:45:40:80:d5:22:ea:93:db:60: 4f:41:c8:e9:54:41:94:81:14:10:15:06:57:30:a8:e5:d9:03: 91:93:b2:0a:03:19:f9:e9:89:d1:c6:d0:ae:f4:57:22:03:1c: 60:3a:14:49:84:8d:a7:b9:a9:94:9a:f7:fa:60:ae:c4:86:1d: bd:22:d5:61:d2:e1:0b:54:08:3d:2d:6f:fc:00:f8:88:2f:47: 65:6b:48:8e:0c:c6:8e:ed:86:29:87:d9:fe:7e:02:49:a0:1e: 8e:fd:9e:d9:ac:e6:95:22:d1:0f:f8:ab:4b:7b:c2:aa:50:35: 36:94:29:1c:e1:a2:04:fa:f4:2d:5d:15:bf:aa:3c:cb:bc:02: 01:3d:2d:1a:a9:77:25:1a:29:0d:43:81:56:12:64:e8:bf:ea: 25:c8:48:50:e8:b5:be:39:4d:6c:e5:72:9a:07:7c:9a:cb:33: 40:ee:1e:01:3e:68:41:ad:79:8f:af:86:bc:b3:68:1d:0d:89: f5:a8:ad:07 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC/kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjhERTkxMTAvBgNVBAUTKDQ2MjNBOUE0RDJFQTg1RTk4RkI1QTExQTBEMkNCMDgw Mzg4NzhGMEYwHhcNMjUwODA4MTkwMjE4WhcNMjUwODE1MTkwMjE4WjAYMRYwFAYD VQQDEw02ODk2NDliYS0zMDc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAulvopPVb/jZRPD6l3osm7x9nUncN9J6CZqftCuyOChUEG/vwacwvOWc75lqq y7g/yyLDI5vuvSqPTgvWoKpylVgpIZ3lmzqz6lIM1hBTj3A+wFLKIGKo8anQioN8 5Hel1R0RHNvBuSmcq9/mzZOpnVyqFf/ZiMCjZVGl635laAKaiOLki1XzCCT1Jf3s 7npNOl0Ng/WlDMPrPQBXFTDtGcSnKbm7/ATDAxw5siaHC5dHPVx6fDCKZqo5M3cl kgctsspOM7GmftHAC5Bh2F1t8N4Pndtt+EQoZoXWL3c0yBMTmnD0peltUNZqhBYE RgInsFKvPIKwh5yJEqzZrHXXFQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIlVrYIW 5e6CzJ6NFRG7EqtkwWcPMB8GA1UdIwQYMBaAFEYjqaTS6oXpj7WhGg0ssIA4h48P MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOERFOS9EMDA0OUY4NjFC RDUxMUVBODBDQkNGMzZDNEY5QUUwMi9SaU9wcE5McWhlbVB0YUVhRFN5d2dEaUhq dzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1JpT3BwTkxxaGVtUHRhRWFEU3l3Z0RpSGp3OC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy OERFOS9EMDA0OUY4NjFCRDUxMUVBODBDQkNGMzZDNEY5QUUwMi9SaU9wcE5McWhl bVB0YUVhRFN5d2dEaUhqdzgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBgnjlgLbFWV1KYCkl6dsYVZ3cyvJlKS431rAy0Pe9271LeZxwN0svs o9ri/eGAgfhrqv2CTh1QveRh32jq/S9FQIDVIuqT22BPQcjpVEGUgRQQFQZXMKjl 2QORk7IKAxn56YnRxtCu9FciAxxgOhRJhI2nuamUmvf6YK7Ehh29ItVh0uELVAg9 LW/8APiIL0dla0iODMaO7YYph9n+fgJJoB6O/Z7ZrOaVItEP+KtLe8KqUDU2lCkc 4aIE+vQtXRW/qjzLvAIBPS0aqXclGikNQ4FWEmTov+olyEhQ6LW+OU1s5XKaB3ya yzNA7h4BPmhBrXmPr4a8s2gdDYn1qK0H -----END CERTIFICATE-----Generated at Sun Aug 10 18:54:06 2025 by rpki-client