$ rpki-client -vvf rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft File: RiOppNLqhemPtaEaDSywgDiHjw8.mft (raw, json) Hash identifier: Dr+ygIv8CYb42VfBco6Q8CEmv2glQrwSIf8My6TMiws= Subject key identifier: 61:4D:22:1A:DC:DC:E9:58:A3:D3:E0:1B:62:E3:ED:F6:DE:EF:E4:73 Authority key identifier: 46:23:A9:A4:D2:EA:85:E9:8F:B5:A1:1A:0D:2C:B0:80:38:87:8F:0F Certificate issuer: /CN=A9128DE9/serialNumber=4623A9A4D2EA85E98FB5A11A0D2CB08038878F0F Certificate serial: 0BC3 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RiOppNLqhemPtaEaDSywgDiHjw8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft Manifest number: 0BBD Signing time: Mon 28 Apr 2025 19:14:35 +0000 Manifest this update: Mon 28 Apr 2025 19:14:34 +0000 Manifest next update: Mon 05 May 2025 19:14:34 +0000 Files and hashes: 1: RiOppNLqhemPtaEaDSywgDiHjw8.crl (hash: yQi4si/5F1wYf88ReA1m5WIBCW1EK9xjfF/OPMaDf20=) 2: 75E6DD481BDA11EAB3F45D44C4F9AE02.roa (hash: rIKErlmiWA8+S4ht3UIu2T4gm2uHnfIxSPm+f5gxatE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.crl rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RiOppNLqhemPtaEaDSywgDiHjw8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 05 May 2025 19:14:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3011 (0xbc3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9128DE9, serialNumber=4623A9A4D2EA85E98FB5A11A0D2CB08038878F0F Validity Not Before: Apr 28 19:14:34 2025 GMT Not After : May 5 19:14:34 2025 GMT Subject: CN=680fd39b-b6a7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:24:7e:1b:73:0e:9c:2a:f0:d2:85:50:db:e1: 2b:82:4a:0a:07:7e:ac:50:57:1c:56:d6:bb:3f:d2: 37:1a:2b:84:fd:12:5f:78:1a:95:59:69:f7:43:b2: 3a:fd:e4:9e:1c:d9:82:6c:a0:9e:02:c4:69:e6:27: 54:cf:55:53:41:d5:73:39:0f:90:ec:60:9a:b0:bd: 01:55:e4:70:36:63:72:8d:c4:49:b3:82:47:c5:89: df:e7:11:02:fe:12:03:83:d5:05:3b:97:7a:00:0e: b2:43:ca:b5:32:71:a2:ec:28:3d:ac:b3:17:b4:14: c5:7e:bf:4d:3e:6e:e0:54:7f:57:41:04:98:83:f3: e8:c0:ac:ba:29:ec:49:34:ad:25:4b:0d:23:75:16: 2c:94:ae:06:c2:dd:e3:c1:9b:4e:7a:ac:3c:f6:74: b9:00:91:3e:f7:1d:4e:5c:26:fb:53:54:a4:5e:e8: bb:61:4f:20:e3:6c:e6:a5:06:52:b4:77:65:df:03: 30:24:f3:62:48:4e:9d:7e:5a:dc:4b:7c:66:c6:9e: 59:6b:6a:d3:29:ac:77:60:c4:e1:93:42:d0:e7:25: 51:19:38:0b:43:f0:74:aa:0f:64:38:e3:b1:56:a6: 6d:3e:e2:7d:a5:15:69:c9:bb:bc:b9:ae:34:9e:74: a5:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:4D:22:1A:DC:DC:E9:58:A3:D3:E0:1B:62:E3:ED:F6:DE:EF:E4:73 X509v3 Authority Key Identifier: keyid:46:23:A9:A4:D2:EA:85:E9:8F:B5:A1:1A:0D:2C:B0:80:38:87:8F:0F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RiOppNLqhemPtaEaDSywgDiHjw8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7c:43:97:8e:c4:e9:ae:cb:ba:85:be:7c:1f:2d:56:a0:9d:16: 97:5e:dd:b0:12:f5:34:e0:30:2b:98:9d:ba:70:65:cc:69:8b: 3b:c1:7d:69:46:f7:29:a5:b0:5c:85:d6:98:00:42:fd:4b:c1: 67:43:f4:a0:fc:a2:ed:33:3b:27:d2:e4:81:05:94:9d:07:f2: de:b1:c9:88:76:03:24:46:a8:72:57:a4:2d:e5:36:73:19:45: e3:95:cf:79:67:43:bf:40:e3:ce:24:e2:59:de:cf:5b:41:54: 7a:1f:27:5d:b0:56:be:c3:ee:03:21:38:fc:da:73:94:3a:b9: 99:92:42:63:d0:58:bd:dc:70:2e:4f:77:85:fb:52:ef:c1:79: 60:86:53:2e:04:15:1f:a6:19:cb:fe:5d:78:c2:71:55:3d:06: be:45:80:18:a6:45:2e:5f:fd:dc:5a:41:2e:ec:47:5b:ac:27: 30:d0:83:ad:10:09:5c:ef:b0:53:89:3c:7b:02:cd:a5:cb:15: 88:6e:7c:fa:04:15:e7:b9:97:c2:11:67:96:d5:fc:71:f3:20: 07:46:df:12:d3:c1:a2:c8:ad:9a:aa:1e:eb:0c:ce:ca:ed:09: 3c:83:3f:06:15:fe:4e:04:1f:45:95:8b:55:e3:8f:fe:e2:b0: 87:f9:65:a6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC8MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjhERTkxMTAvBgNVBAUTKDQ2MjNBOUE0RDJFQTg1RTk4RkI1QTExQTBEMkNCMDgw Mzg4NzhGMEYwHhcNMjUwNDI4MTkxNDM0WhcNMjUwNTA1MTkxNDM0WjAYMRYwFAYD VQQDEw02ODBmZDM5Yi1iNmE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8yR+G3MOnCrw0oVQ2+ErgkoKB36sUFccVta7P9I3GiuE/RJfeBqVWWn3Q7I6 /eSeHNmCbKCeAsRp5idUz1VTQdVzOQ+Q7GCasL0BVeRwNmNyjcRJs4JHxYnf5xEC /hIDg9UFO5d6AA6yQ8q1MnGi7Cg9rLMXtBTFfr9NPm7gVH9XQQSYg/PowKy6KexJ NK0lSw0jdRYslK4Gwt3jwZtOeqw89nS5AJE+9x1OXCb7U1SkXui7YU8g42zmpQZS tHdl3wMwJPNiSE6dflrcS3xmxp5Za2rTKax3YMThk0LQ5yVRGTgLQ/B0qg9kOOOx VqZtPuJ9pRVpybu8ua40nnSluwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGFNIhrc 3OlYo9PgG2Lj7fbe7+RzMB8GA1UdIwQYMBaAFEYjqaTS6oXpj7WhGg0ssIA4h48P MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOERFOS9EMDA0OUY4NjFC RDUxMUVBODBDQkNGMzZDNEY5QUUwMi9SaU9wcE5McWhlbVB0YUVhRFN5d2dEaUhq dzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1JpT3BwTkxxaGVtUHRhRWFEU3l3Z0RpSGp3OC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy OERFOS9EMDA0OUY4NjFCRDUxMUVBODBDQkNGMzZDNEY5QUUwMi9SaU9wcE5McWhl bVB0YUVhRFN5d2dEaUhqdzgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB8Q5eOxOmuy7qFvnwfLVagnRaXXt2wEvU04DArmJ26cGXMaYs7wX1p RvcppbBchdaYAEL9S8FnQ/Sg/KLtMzsn0uSBBZSdB/LescmIdgMkRqhyV6Qt5TZz GUXjlc95Z0O/QOPOJOJZ3s9bQVR6HyddsFa+w+4DITj82nOUOrmZkkJj0Fi93HAu T3eF+1LvwXlghlMuBBUfphnL/l14wnFVPQa+RYAYpkUuX/3cWkEu7EdbrCcw0IOt EAlc77BTiTx7As2lyxWIbnz6BBXnuZfCEWeW1fxx8yAHRt8S08GiyK2aqh7rDM7K 7Qk8gz8GFf5OBB9FlYtV44/+4rCH+WWm -----END CERTIFICATE-----Generated at Mon Apr 28 23:04:57 2025 by rpki-client on console.sobornost.net