$ rpki-client -vvf rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.mft File: AflcxfCmuelnxvjzbH9k1CRLrHI.mft (raw, json) Hash identifier: 5qOeqqVx5kiAjpZLOC+P3cOZYeMyxGWkEe8vu5xc6gs= Subject key identifier: 1E:B3:ED:E0:18:59:5A:2F:16:22:DF:7D:2B:D0:5A:C6:F8:30:F0:3C Authority key identifier: 01:F9:5C:C5:F0:A6:B9:E9:67:C6:F8:F3:6C:7F:64:D4:24:4B:AC:72 Certificate issuer: /CN=A9169451/serialNumber=01F95CC5F0A6B9E967C6F8F36C7F64D4244BAC72 Certificate serial: 025B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AflcxfCmuelnxvjzbH9k1CRLrHI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.mft Manifest number: 0257 Signing time: Wed 05 Nov 2025 01:49:51 +0000 Manifest this update: Wed 05 Nov 2025 01:49:50 +0000 Manifest next update: Wed 12 Nov 2025 01:49:50 +0000 Files and hashes: 1: AflcxfCmuelnxvjzbH9k1CRLrHI.crl (hash: 4Zj8kjKwvFactEDnFJX3QgLfV2S8hSJ6hL/bLOc6gZw=) 2: 0C1EB10A3A5011ED8B4A2570C4F9AE02.roa (hash: R3jRDvm0E8vyU2n+jY+lrRNs85d0z5lzmVh9QqpC5jI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.crl rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AflcxfCmuelnxvjzbH9k1CRLrHI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 01:49:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 603 (0x25b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9169451, serialNumber=01F95CC5F0A6B9E967C6F8F36C7F64D4244BAC72 Validity Not Before: Nov 5 01:49:50 2025 GMT Not After : Nov 12 01:49:50 2025 GMT Subject: CN=690aad3e-7587 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:84:1f:1c:b3:c2:44:1f:af:f9:eb:37:d2:d1: 65:ec:bb:6c:54:6b:97:f6:4d:1f:01:cd:6d:c7:58: c9:d5:15:10:3b:c4:a8:c4:63:a0:b9:93:19:d0:27: 0f:70:75:19:f8:4e:18:53:b8:ec:88:2a:aa:4f:1d: a1:36:d4:67:76:b5:77:4a:7d:c1:a8:ab:ac:3a:7e: 85:fb:f3:b8:a4:fd:bc:ad:c1:91:d5:74:a5:45:a3: c8:41:cb:e6:64:7b:c9:de:17:52:b5:a1:8b:18:9f: f7:0f:ec:95:d6:bb:1b:1b:43:79:9d:c8:0b:a2:f0: 5e:60:12:41:69:27:be:78:1f:e8:f1:34:7b:4c:3a: 45:a7:8d:96:33:be:02:6c:5a:2b:3b:18:b4:0c:99: 82:c1:78:ca:3c:82:b4:bb:e3:8f:fb:ca:9a:6a:d1: 5f:de:07:7c:f7:39:78:35:fd:17:cf:ab:db:d9:83: 29:53:0c:f5:f1:be:72:81:3b:9d:f9:cc:5d:25:7d: 03:c1:23:7a:8d:43:ff:a6:2f:1f:fc:b2:72:d3:1e: 14:b9:d1:37:0d:b3:07:c2:fd:1e:c6:e8:12:7c:67: 5d:14:af:34:23:6a:36:f0:d8:e3:99:e6:89:c6:f5: c0:2f:9a:fb:7d:b8:fd:1e:1d:69:db:b6:5f:30:27: 0b:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:B3:ED:E0:18:59:5A:2F:16:22:DF:7D:2B:D0:5A:C6:F8:30:F0:3C X509v3 Authority Key Identifier: keyid:01:F9:5C:C5:F0:A6:B9:E9:67:C6:F8:F3:6C:7F:64:D4:24:4B:AC:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AflcxfCmuelnxvjzbH9k1CRLrHI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6e:ea:6a:ae:fd:a9:22:02:d0:16:bb:ee:dd:61:bf:58:fb:21: 7d:56:f4:7b:d2:7b:6e:b6:fb:12:88:bf:a6:7e:9e:5e:d7:56: ca:b5:bb:40:2c:b2:54:f6:8b:45:d0:bb:3d:b6:68:a5:ef:48: c1:23:21:30:e4:c6:2c:be:e9:58:f5:fe:27:f6:10:8c:3a:ca: a1:7e:3a:bd:c1:3d:bb:87:bf:a0:f1:45:4f:36:0a:d2:4a:73: 90:bf:f1:46:bf:d0:a2:78:a7:22:07:a5:d2:35:a1:c9:f5:18: df:57:e0:bd:75:c2:04:bb:5b:9d:9e:3c:29:c2:17:37:43:f2: 08:16:87:bc:48:22:4a:30:e3:40:36:87:9d:0d:33:40:4d:72: 3b:8f:ed:a8:17:83:6d:b2:66:4f:8b:ba:2d:46:79:4a:c9:19: 9f:cf:77:60:ff:38:a5:e9:f8:f1:9f:3d:07:0b:07:ad:02:13: 44:da:76:d6:71:28:9a:41:c9:f1:93:bb:46:8a:88:db:bc:64: df:6b:67:20:f3:53:ac:76:86:03:53:c2:10:cf:bf:94:f5:56: 48:e5:92:d9:be:1c:aa:99:9c:61:da:cd:87:8c:68:24:e5:d2: b0:c7:b2:3b:ae:80:f9:8c:58:4c:e6:80:03:17:68:01:b6:57: 46:c7:df:db -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAlswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Njk0NTExMTAvBgNVBAUTKDAxRjk1Q0M1RjBBNkI5RTk2N0M2RjhGMzZDN0Y2NEQ0 MjQ0QkFDNzIwHhcNMjUxMTA1MDE0OTUwWhcNMjUxMTEyMDE0OTUwWjAYMRYwFAYD VQQDEw02OTBhYWQzZS03NTg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3IQfHLPCRB+v+es30tFl7LtsVGuX9k0fAc1tx1jJ1RUQO8SoxGOguZMZ0CcP cHUZ+E4YU7jsiCqqTx2hNtRndrV3Sn3BqKusOn6F+/O4pP28rcGR1XSlRaPIQcvm ZHvJ3hdStaGLGJ/3D+yV1rsbG0N5ncgLovBeYBJBaSe+eB/o8TR7TDpFp42WM74C bForOxi0DJmCwXjKPIK0u+OP+8qaatFf3gd89zl4Nf0Xz6vb2YMpUwz18b5ygTud +cxdJX0DwSN6jUP/pi8f/LJy0x4UudE3DbMHwv0exugSfGddFK80I2o28NjjmeaJ xvXAL5r7fbj9Hh1p27ZfMCcLnQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFB6z7eAY WVovFiLffSvQWsb4MPA8MB8GA1UdIwQYMBaAFAH5XMXwprnpZ8b482x/ZNQkS6xy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2OTQ1MS83MURCNjdENDNB NEQxMUVEOTAwREUyNkVDNEY5QUUwMi9BZmxjeGZDbXVlbG54dmp6Ykg5azFDUkxy SEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0FmbGN4ZkNtdWVsbnh2anpiSDlrMUNSTHJISS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 OTQ1MS83MURCNjdENDNBNEQxMUVEOTAwREUyNkVDNEY5QUUwMi9BZmxjeGZDbXVl bG54dmp6Ykg5azFDUkxySEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBu6mqu/akiAtAWu+7dYb9Y+yF9VvR70ntutvsSiL+mfp5e11bKtbtA LLJU9otF0Ls9tmil70jBIyEw5MYsvulY9f4n9hCMOsqhfjq9wT27h7+g8UVPNgrS SnOQv/FGv9CieKciB6XSNaHJ9RjfV+C9dcIEu1udnjwpwhc3Q/IIFoe8SCJKMONA NoedDTNATXI7j+2oF4NtsmZPi7otRnlKyRmfz3dg/zil6fjxnz0HCwetAhNE2nbW cSiaQcnxk7tGiojbvGTfa2cg81OsdoYDU8IQz7+U9VZI5ZLZvhyqmZxh2s2HjGgk 5dKwx7I7roD5jFhM5oADF2gBtldGx9/b -----END CERTIFICATE-----Generated at Wed Nov 5 12:05:48 2025 by rpki-client