$ rpki-client -vvf rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.mft File: AflcxfCmuelnxvjzbH9k1CRLrHI.mft (raw, json) Hash identifier: HG/E3L8JeYPAUl19DyqV/bKCKGUGfXm10kiC3lO8LCQ= Subject key identifier: E6:37:23:15:50:AE:3B:E0:C2:7B:DF:D7:2F:00:7D:CD:8C:39:6C:87 Authority key identifier: 01:F9:5C:C5:F0:A6:B9:E9:67:C6:F8:F3:6C:7F:64:D4:24:4B:AC:72 Certificate issuer: /CN=A9169451/serialNumber=01F95CC5F0A6B9E967C6F8F36C7F64D4244BAC72 Certificate serial: 01F7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AflcxfCmuelnxvjzbH9k1CRLrHI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.mft Manifest number: 01F4 Signing time: Fri 25 Apr 2025 01:50:26 +0000 Manifest this update: Fri 25 Apr 2025 01:50:26 +0000 Manifest next update: Fri 02 May 2025 01:50:26 +0000 Files and hashes: 1: AflcxfCmuelnxvjzbH9k1CRLrHI.crl (hash: dRDdwEDyx6LahscGl66yS0e6DSV99yfgyhGrOS5fV9g=) 2: 0C1EB10A3A5011ED8B4A2570C4F9AE02.roa (hash: 8tU0+bWbTseOr25wJKvheZneGGhgRMUkg1uHcFDydtY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.crl rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AflcxfCmuelnxvjzbH9k1CRLrHI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 01:50:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 503 (0x1f7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9169451, serialNumber=01F95CC5F0A6B9E967C6F8F36C7F64D4244BAC72 Validity Not Before: Apr 25 01:50:26 2025 GMT Not After : May 2 01:50:26 2025 GMT Subject: CN=680aea62-5460 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:d5:cf:3d:26:2a:b2:e9:9b:3f:d4:af:58:68: 3a:41:12:39:8a:df:ec:90:b8:64:e4:91:55:07:17: 94:3f:60:bb:22:6e:15:77:4e:96:aa:65:9f:9d:bf: d0:9b:d7:1d:54:23:db:e2:fd:a7:30:07:78:b7:9b: 10:65:3f:46:7b:12:10:46:39:37:d2:7d:97:fb:da: 5b:1e:d7:a0:74:4e:3b:da:d6:9a:b5:37:f7:14:7d: 72:96:c2:da:39:72:5f:b9:68:3d:1e:6c:f5:7e:ae: 98:a5:db:7a:92:6b:48:ff:eb:2b:d3:18:9c:1a:2a: a6:15:e8:1d:6b:37:f0:8e:a7:ce:db:21:6c:5a:e6: f8:3b:d0:ac:18:f5:4e:d3:7d:df:2e:b9:86:10:b7: 57:5b:7d:18:d4:43:e6:d6:17:73:12:60:8c:17:03: 31:4e:29:da:c3:2f:eb:93:d2:e1:ac:c4:2c:12:05: 0c:77:59:0a:b3:21:cc:15:59:cc:f1:ea:be:84:4e: 5d:57:96:71:a5:3d:88:22:63:f2:1a:0a:e4:63:81: 74:07:e7:6c:b6:51:0c:98:fe:f4:6b:31:32:82:bf: eb:9d:96:84:57:50:8b:e0:33:3c:58:46:85:59:a3: c5:9a:e2:4d:29:95:8a:37:4a:1b:6e:09:a9:96:c3: 88:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:37:23:15:50:AE:3B:E0:C2:7B:DF:D7:2F:00:7D:CD:8C:39:6C:87 X509v3 Authority Key Identifier: keyid:01:F9:5C:C5:F0:A6:B9:E9:67:C6:F8:F3:6C:7F:64:D4:24:4B:AC:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AflcxfCmuelnxvjzbH9k1CRLrHI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 86:72:1e:61:bc:97:0c:36:a8:75:2e:36:68:79:3d:b5:a0:00: 10:ec:a1:ed:68:6f:ca:d6:96:76:3b:25:59:de:cd:d4:3d:0d: 3f:0a:a1:8c:07:a0:59:96:0c:aa:92:63:7f:03:7f:4b:14:94: 81:11:ed:5d:13:1c:ef:ed:d5:c8:b9:b0:d3:c4:3f:95:da:c5: dc:f7:bc:5c:b6:85:45:ec:6c:71:ad:50:ae:8a:21:70:69:52: 72:71:1a:85:01:96:49:fa:bd:65:db:1f:8a:9b:cd:65:28:ae: 96:9b:27:e5:6d:2e:d0:87:e6:29:f0:92:40:3d:90:9d:9c:7b: a8:6b:cd:c0:a5:58:fc:2a:19:82:95:37:e2:3d:b6:b1:1e:d3: de:dd:cb:31:08:1d:fd:7d:0b:1b:4f:85:ab:e2:88:ae:4a:56: 27:6f:de:38:32:2a:ec:bf:dc:64:c5:5f:4c:f3:52:6b:b7:96: 12:02:b1:8e:a5:09:dd:ca:ee:b2:68:d0:8e:24:d5:92:89:82: 36:e7:07:63:56:3d:d7:3b:25:00:29:eb:ee:eb:14:5c:ed:29: ed:c7:a3:d0:75:9a:d3:05:a7:3d:2c:7f:7b:e4:47:7a:e0:e3: ca:91:cb:d9:aa:5f:0c:68:4b:2a:c8:88:e5:d7:61:f3:59:aa: 68:b2:50:17 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAfcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Njk0NTExMTAvBgNVBAUTKDAxRjk1Q0M1RjBBNkI5RTk2N0M2RjhGMzZDN0Y2NEQ0 MjQ0QkFDNzIwHhcNMjUwNDI1MDE1MDI2WhcNMjUwNTAyMDE1MDI2WjAYMRYwFAYD VQQDEw02ODBhZWE2Mi01NDYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt9XPPSYqsumbP9SvWGg6QRI5it/skLhk5JFVBxeUP2C7Im4Vd06WqmWfnb/Q m9cdVCPb4v2nMAd4t5sQZT9GexIQRjk30n2X+9pbHtegdE472taatTf3FH1ylsLa OXJfuWg9Hmz1fq6Ypdt6kmtI/+sr0xicGiqmFegdazfwjqfO2yFsWub4O9CsGPVO 033fLrmGELdXW30Y1EPm1hdzEmCMFwMxTinawy/rk9LhrMQsEgUMd1kKsyHMFVnM 8eq+hE5dV5ZxpT2IImPyGgrkY4F0B+dstlEMmP70azEygr/rnZaEV1CL4DM8WEaF WaPFmuJNKZWKN0obbgmplsOIVwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOY3IxVQ rjvgwnvf1y8Afc2MOWyHMB8GA1UdIwQYMBaAFAH5XMXwprnpZ8b482x/ZNQkS6xy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2OTQ1MS83MURCNjdENDNB NEQxMUVEOTAwREUyNkVDNEY5QUUwMi9BZmxjeGZDbXVlbG54dmp6Ykg5azFDUkxy SEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0FmbGN4ZkNtdWVsbnh2anpiSDlrMUNSTHJISS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 OTQ1MS83MURCNjdENDNBNEQxMUVEOTAwREUyNkVDNEY5QUUwMi9BZmxjeGZDbXVl bG54dmp6Ykg5azFDUkxySEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCGch5hvJcMNqh1LjZoeT21oAAQ7KHtaG/K1pZ2OyVZ3s3UPQ0/CqGM B6BZlgyqkmN/A39LFJSBEe1dExzv7dXIubDTxD+V2sXc97xctoVF7GxxrVCuiiFw aVJycRqFAZZJ+r1l2x+Km81lKK6WmyflbS7Qh+Yp8JJAPZCdnHuoa83ApVj8KhmC lTfiPbaxHtPe3csxCB39fQsbT4Wr4oiuSlYnb944Mirsv9xkxV9M81Jrt5YSArGO pQndyu6yaNCOJNWSiYI25wdjVj3XOyUAKevu6xRc7Sntx6PQdZrTBac9LH975Ed6 4OPKkcvZql8MaEsqyIjl12HzWaposlAX -----END CERTIFICATE-----Generated at Sat Apr 26 04:37:25 2025 by rpki-client