$ rpki-client -vvf rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft File: RiOppNLqhemPtaEaDSywgDiHjw8.mft (raw, json) Hash identifier: 7gy7NWNm1Jx0fu2gKguNja+JkBRvQNs06QKhuVqUPa0= Subject key identifier: E0:A0:0B:61:56:4D:30:49:98:1F:4D:94:1B:9A:A4:B4:DC:40:2F:13 Authority key identifier: 46:23:A9:A4:D2:EA:85:E9:8F:B5:A1:1A:0D:2C:B0:80:38:87:8F:0F Certificate issuer: /CN=A9128DE9/serialNumber=4623A9A4D2EA85E98FB5A11A0D2CB08038878F0F Certificate serial: 0C27 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RiOppNLqhemPtaEaDSywgDiHjw8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft Manifest number: 0C20 Signing time: Tue 04 Nov 2025 18:49:45 +0000 Manifest this update: Tue 04 Nov 2025 18:49:44 +0000 Manifest next update: Tue 11 Nov 2025 18:49:44 +0000 Files and hashes: 1: RiOppNLqhemPtaEaDSywgDiHjw8.crl (hash: XXWzlC+CSA+HE8ZiH6LMimcYwvc2OWcY/94WMDX+D14=) 2: 75E6DD481BDA11EAB3F45D44C4F9AE02.roa (hash: CqtlIV8oyS/ltG/c7wrvUbZ8dS3VADjXiEg/AjA1Uu4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.crl rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RiOppNLqhemPtaEaDSywgDiHjw8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 18:49:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3111 (0xc27) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9128DE9, serialNumber=4623A9A4D2EA85E98FB5A11A0D2CB08038878F0F Validity Not Before: Nov 4 18:49:44 2025 GMT Not After : Nov 11 18:49:44 2025 GMT Subject: CN=690a4ac9-d5a5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:71:da:ba:08:43:70:f4:ac:59:8b:6c:61:50: 4c:fa:1d:5a:f5:0a:34:19:1f:9c:f5:6a:22:bb:79: ff:22:29:cc:65:7d:b0:2a:de:13:28:6a:c1:a5:63: 6f:36:19:34:5d:05:47:01:8a:77:cd:60:f5:28:0c: c7:7d:da:1e:cd:8a:97:65:d1:df:6a:0c:a7:c0:1b: 32:9e:be:18:cd:42:c9:6b:eb:37:ec:40:86:ac:88: d1:07:a4:8c:34:1f:9c:eb:2c:39:37:b5:5f:89:81: c7:2a:2e:80:40:75:f3:67:3e:e2:79:07:16:17:60: 79:18:1f:37:57:06:0d:5c:b7:88:be:79:aa:68:e2: 1f:2e:4f:65:b0:da:39:a3:1a:dd:05:b0:f2:a9:77: 7e:81:ff:56:a6:ea:ae:9b:0c:a1:22:ed:6e:32:03: 99:95:38:d0:e2:03:78:1d:32:ad:6b:d4:aa:31:6d: 17:9a:c5:1c:f2:59:cb:a4:92:71:f8:c9:d5:a7:af: 50:25:e6:18:07:b6:41:b2:97:81:bc:80:cb:30:c2: 02:8c:97:b1:b9:b2:9a:bd:a7:cd:57:55:e1:86:ea: b8:2b:1a:84:29:cb:05:e7:56:40:b5:bf:a4:55:69: c2:49:28:f7:e0:ad:f6:3f:c1:30:cb:4e:ae:c5:44: 81:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:A0:0B:61:56:4D:30:49:98:1F:4D:94:1B:9A:A4:B4:DC:40:2F:13 X509v3 Authority Key Identifier: keyid:46:23:A9:A4:D2:EA:85:E9:8F:B5:A1:1A:0D:2C:B0:80:38:87:8F:0F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RiOppNLqhemPtaEaDSywgDiHjw8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7e:0a:99:8c:0b:c0:df:99:62:f6:8c:1e:bf:aa:3f:b9:44:32: e3:83:9a:2d:2a:0b:4c:0c:0b:22:2e:be:83:9c:8b:81:97:ab: 2c:39:3a:30:d4:15:56:c5:e1:4f:32:14:85:9e:1c:01:9f:91: cc:8d:e7:45:3f:6b:63:6d:e4:c4:dc:db:ad:76:ed:e1:41:58: 0a:26:f0:b1:7a:da:3d:da:7e:71:7f:da:ae:72:ff:4d:30:76: e8:19:71:76:9d:4b:22:cc:43:03:dd:86:3c:e7:ed:a7:ea:27: fe:d2:f4:58:a4:f3:13:00:aa:a6:f1:01:c0:33:d4:9a:24:2b: de:81:72:8e:58:7e:73:2a:3e:b4:02:b8:92:90:6d:ba:93:2a: 13:26:c1:9b:66:50:9a:00:86:aa:0c:2a:74:53:db:13:90:cb: 91:00:de:cc:c0:c3:fc:f4:c1:52:1f:e7:e2:8d:c9:46:35:85: 8a:95:c2:c0:d3:f4:47:2b:67:1f:6f:e7:7d:96:e4:a0:ee:84: cd:ed:b0:24:d5:9c:e4:30:63:22:04:df:8b:33:84:7d:73:91: b0:92:f8:16:e0:47:65:48:96:38:a1:bd:de:fc:3e:5f:e8:ad: 85:0e:f2:cb:37:ae:76:6f:6d:12:c6:82:2e:de:17:ee:8a:9c: 64:2e:c6:62 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDCcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjhERTkxMTAvBgNVBAUTKDQ2MjNBOUE0RDJFQTg1RTk4RkI1QTExQTBEMkNCMDgw Mzg4NzhGMEYwHhcNMjUxMTA0MTg0OTQ0WhcNMjUxMTExMTg0OTQ0WjAYMRYwFAYD VQQDEw02OTBhNGFjOS1kNWE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA23HaughDcPSsWYtsYVBM+h1a9Qo0GR+c9Woiu3n/IinMZX2wKt4TKGrBpWNv Nhk0XQVHAYp3zWD1KAzHfdoezYqXZdHfagynwBsynr4YzULJa+s37ECGrIjRB6SM NB+c6yw5N7VfiYHHKi6AQHXzZz7ieQcWF2B5GB83VwYNXLeIvnmqaOIfLk9lsNo5 oxrdBbDyqXd+gf9WpuqumwyhIu1uMgOZlTjQ4gN4HTKta9SqMW0XmsUc8lnLpJJx +MnVp69QJeYYB7ZBspeBvIDLMMICjJexubKavafNV1Xhhuq4KxqEKcsF51ZAtb+k VWnCSSj34K32P8Ewy06uxUSBNQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOCgC2FW TTBJmB9NlBuapLTcQC8TMB8GA1UdIwQYMBaAFEYjqaTS6oXpj7WhGg0ssIA4h48P MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOERFOS9EMDA0OUY4NjFC RDUxMUVBODBDQkNGMzZDNEY5QUUwMi9SaU9wcE5McWhlbVB0YUVhRFN5d2dEaUhq dzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1JpT3BwTkxxaGVtUHRhRWFEU3l3Z0RpSGp3OC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy OERFOS9EMDA0OUY4NjFCRDUxMUVBODBDQkNGMzZDNEY5QUUwMi9SaU9wcE5McWhl bVB0YUVhRFN5d2dEaUhqdzgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB+CpmMC8DfmWL2jB6/qj+5RDLjg5otKgtMDAsiLr6DnIuBl6ssOTow 1BVWxeFPMhSFnhwBn5HMjedFP2tjbeTE3Nutdu3hQVgKJvCxeto92n5xf9qucv9N MHboGXF2nUsizEMD3YY85+2n6if+0vRYpPMTAKqm8QHAM9SaJCvegXKOWH5zKj60 AriSkG26kyoTJsGbZlCaAIaqDCp0U9sTkMuRAN7MwMP89MFSH+fijclGNYWKlcLA 0/RHK2cfb+d9luSg7oTN7bAk1ZzkMGMiBN+LM4R9c5GwkvgW4EdlSJY4ob3e/D5f 6K2FDvLLN652b20SxoIu3hfuipxkLsZi -----END CERTIFICATE-----Generated at Wed Nov 5 05:14:27 2025 by rpki-client