$ rpki-client -vvf rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft File: RiOppNLqhemPtaEaDSywgDiHjw8.mft (raw, json) Hash identifier: pDnianmvNfXX98LsSkJ+ldLlGeEXbjiLtJUteWNT84w= Subject key identifier: 31:76:4E:DF:94:C0:F4:44:44:1E:55:67:BB:E6:56:EF:28:C6:46:AC Authority key identifier: 46:23:A9:A4:D2:EA:85:E9:8F:B5:A1:1A:0D:2C:B0:80:38:87:8F:0F Certificate issuer: /CN=A9128DE9/serialNumber=4623A9A4D2EA85E98FB5A11A0D2CB08038878F0F Certificate serial: 0BC1 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RiOppNLqhemPtaEaDSywgDiHjw8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft Manifest number: 0BBB Signing time: Thu 24 Apr 2025 18:47:46 +0000 Manifest this update: Thu 24 Apr 2025 18:47:46 +0000 Manifest next update: Thu 01 May 2025 18:47:46 +0000 Files and hashes: 1: RiOppNLqhemPtaEaDSywgDiHjw8.crl (hash: qEzNqW/sa5Usg6vfq89xUlZDHpS0lOd7CDeaGJ4cMrk=) 2: 75E6DD481BDA11EAB3F45D44C4F9AE02.roa (hash: rIKErlmiWA8+S4ht3UIu2T4gm2uHnfIxSPm+f5gxatE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.crl rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RiOppNLqhemPtaEaDSywgDiHjw8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 18:47:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3009 (0xbc1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9128DE9, serialNumber=4623A9A4D2EA85E98FB5A11A0D2CB08038878F0F Validity Not Before: Apr 24 18:47:46 2025 GMT Not After : May 1 18:47:46 2025 GMT Subject: CN=680a8752-ffb1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:19:68:75:a6:8b:5c:f7:3f:0b:4f:e2:81:da: a9:5a:14:1b:5d:96:af:61:7f:4b:bb:82:c0:09:04: 46:1b:f6:79:c5:7f:72:21:c6:fc:d2:65:23:10:9f: 91:8b:23:3d:3c:e5:2d:a9:6c:55:28:96:45:15:29: 3b:ff:cb:b1:cf:bb:99:be:f8:d2:fc:8b:07:f4:f5: f2:03:19:d3:1b:82:d4:fe:cf:e4:b6:23:7e:ff:cf: fb:bd:0f:ee:ea:ac:bf:12:4f:12:6b:bd:63:82:a9: 2c:70:99:fd:cd:32:41:2d:e1:f5:8b:96:31:96:f4: 79:29:4c:74:eb:4b:ad:0b:92:12:37:5f:d9:1c:44: 2e:2e:ab:15:a1:fc:07:23:01:36:8a:5a:ac:a1:1e: d6:78:5f:93:b9:89:aa:b4:cb:fd:e8:08:df:f4:f3: 60:7a:37:7e:cf:ed:02:28:4c:6d:1d:50:09:e5:71: 4a:38:a7:d0:2e:21:8c:d8:31:1a:20:5a:27:66:97: 8a:bc:31:8c:c3:96:7b:29:ac:26:52:81:0c:f7:4d: a0:5b:12:08:7e:04:13:d3:6d:f2:58:af:b4:1b:21: 4d:3f:25:06:be:10:a1:5f:2e:66:6b:90:59:e3:5f: 8e:05:61:ee:64:59:06:5e:e8:bc:e9:12:73:63:95: 12:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:76:4E:DF:94:C0:F4:44:44:1E:55:67:BB:E6:56:EF:28:C6:46:AC X509v3 Authority Key Identifier: keyid:46:23:A9:A4:D2:EA:85:E9:8F:B5:A1:1A:0D:2C:B0:80:38:87:8F:0F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RiOppNLqhemPtaEaDSywgDiHjw8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bd:ff:b1:8d:76:66:45:0b:c5:06:fc:41:04:50:2c:a3:53:d7: 3f:7d:6b:2a:07:69:c7:d7:13:d2:dc:f7:02:94:17:ab:33:e2: 23:96:f6:f2:57:b3:96:61:bf:09:d5:c1:83:06:9f:68:8a:1c: 21:30:62:ca:80:06:37:af:53:2f:4b:dd:14:6d:2c:db:22:22: 16:b2:49:e6:4d:f2:1a:c4:db:ad:75:49:8b:f4:93:4e:5d:e7: 62:57:67:92:9d:a6:b6:ae:23:7b:54:40:d5:ca:a1:9f:c0:11: e4:34:65:ff:a0:d6:f4:69:d5:bf:3d:3a:76:c1:90:5a:3b:da: c9:e5:7a:4d:94:8e:45:71:e4:45:e0:e8:35:a5:d3:68:9f:31: 6b:3b:12:c1:c0:60:29:d3:0a:88:b6:64:a4:35:a4:6e:fb:60: bc:7b:b6:88:eb:80:b8:00:c1:5a:1c:33:8c:63:f4:cd:04:07: 0d:2c:ec:25:be:9a:63:49:55:ca:b5:43:ac:73:00:e5:00:1a: ed:76:2b:51:92:15:70:a1:6c:8b:47:22:a2:9e:69:f1:99:b6: cc:f0:9e:60:b1:cb:60:0e:d6:55:ff:ac:43:96:50:c9:cd:e8: 13:62:e6:74:69:66:a1:31:3c:d6:5f:7a:fc:64:15:33:0f:ad: 23:1c:a2:c1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC8EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjhERTkxMTAvBgNVBAUTKDQ2MjNBOUE0RDJFQTg1RTk4RkI1QTExQTBEMkNCMDgw Mzg4NzhGMEYwHhcNMjUwNDI0MTg0NzQ2WhcNMjUwNTAxMTg0NzQ2WjAYMRYwFAYD VQQDEw02ODBhODc1Mi1mZmIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyhlodaaLXPc/C0/igdqpWhQbXZavYX9Lu4LACQRGG/Z5xX9yIcb80mUjEJ+R iyM9POUtqWxVKJZFFSk7/8uxz7uZvvjS/IsH9PXyAxnTG4LU/s/ktiN+/8/7vQ/u 6qy/Ek8Sa71jgqkscJn9zTJBLeH1i5YxlvR5KUx060utC5ISN1/ZHEQuLqsVofwH IwE2ilqsoR7WeF+TuYmqtMv96Ajf9PNgejd+z+0CKExtHVAJ5XFKOKfQLiGM2DEa IFonZpeKvDGMw5Z7KawmUoEM902gWxIIfgQT023yWK+0GyFNPyUGvhChXy5ma5BZ 41+OBWHuZFkGXui86RJzY5USdwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDF2Tt+U wPRERB5VZ7vmVu8oxkasMB8GA1UdIwQYMBaAFEYjqaTS6oXpj7WhGg0ssIA4h48P MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOERFOS9EMDA0OUY4NjFC RDUxMUVBODBDQkNGMzZDNEY5QUUwMi9SaU9wcE5McWhlbVB0YUVhRFN5d2dEaUhq dzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1JpT3BwTkxxaGVtUHRhRWFEU3l3Z0RpSGp3OC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy OERFOS9EMDA0OUY4NjFCRDUxMUVBODBDQkNGMzZDNEY5QUUwMi9SaU9wcE5McWhl bVB0YUVhRFN5d2dEaUhqdzgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC9/7GNdmZFC8UG/EEEUCyjU9c/fWsqB2nH1xPS3PcClBerM+Ijlvby V7OWYb8J1cGDBp9oihwhMGLKgAY3r1MvS90UbSzbIiIWsknmTfIaxNutdUmL9JNO XediV2eSnaa2riN7VEDVyqGfwBHkNGX/oNb0adW/PTp2wZBaO9rJ5XpNlI5FceRF 4Og1pdNonzFrOxLBwGAp0wqItmSkNaRu+2C8e7aI64C4AMFaHDOMY/TNBAcNLOwl vppjSVXKtUOscwDlABrtditRkhVwoWyLRyKinmnxmbbM8J5gsctgDtZV/6xDllDJ zegTYuZ0aWahMTzWX3r8ZBUzD60jHKLB -----END CERTIFICATE-----Generated at Sat Apr 26 15:08:48 2025 by rpki-client