$ rpki-client -vvf rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.mft File: AflcxfCmuelnxvjzbH9k1CRLrHI.mft (raw, json) Hash identifier: kCN2vAFhyjMElD9EfY4ws2Lguo1eyELsTvbz3lmI8h0= Subject key identifier: 58:8F:9D:E0:80:0E:03:9C:C8:74:23:06:78:E0:B9:9D:D8:A3:60:92 Authority key identifier: 01:F9:5C:C5:F0:A6:B9:E9:67:C6:F8:F3:6C:7F:64:D4:24:4B:AC:72 Certificate issuer: /CN=A9169451/serialNumber=01F95CC5F0A6B9E967C6F8F36C7F64D4244BAC72 Certificate serial: 022D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AflcxfCmuelnxvjzbH9k1CRLrHI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.mft Manifest number: 022A Signing time: Mon 11 Aug 2025 02:10:49 +0000 Manifest this update: Mon 11 Aug 2025 02:10:48 +0000 Manifest next update: Mon 18 Aug 2025 02:10:48 +0000 Files and hashes: 1: AflcxfCmuelnxvjzbH9k1CRLrHI.crl (hash: uJZWUhHPYWUUNSUOWlgRK/pHvHXlqDcG9bbWsku4sIo=) 2: 0C1EB10A3A5011ED8B4A2570C4F9AE02.roa (hash: 8tU0+bWbTseOr25wJKvheZneGGhgRMUkg1uHcFDydtY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.crl rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AflcxfCmuelnxvjzbH9k1CRLrHI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 557 (0x22d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9169451, serialNumber=01F95CC5F0A6B9E967C6F8F36C7F64D4244BAC72 Validity Not Before: Aug 11 02:10:48 2025 GMT Not After : Aug 18 02:10:48 2025 GMT Subject: CN=68995129-a803 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:32:0b:ea:37:73:cd:df:a5:a9:a7:84:93:19: 09:4c:70:26:64:f7:06:8a:c0:a2:4f:d7:bc:75:06: fb:e0:14:82:9a:90:94:a6:93:b3:1a:ef:b0:36:6e: f4:39:3d:0a:42:a4:87:11:2b:64:6f:e9:ae:c8:9b: e2:4a:53:57:b4:4a:a4:df:6d:52:48:1f:b3:2d:89: 28:b3:2d:99:5a:55:54:0c:7a:8c:12:98:43:fe:29: f6:ab:de:f7:cc:71:ae:63:35:e8:01:e1:1b:db:6f: 0b:d7:c2:71:f3:6a:86:c4:4b:4b:d6:c9:78:ae:77: ee:1d:be:8f:6f:76:62:97:dd:4e:6e:09:71:62:54: 27:0e:9d:62:e5:06:8b:53:9b:e2:03:07:3f:c9:e4: ca:35:77:55:12:84:6e:ee:0b:51:23:fc:52:c1:c5: a3:b6:e0:31:17:22:f0:6e:aa:4b:19:c3:16:f0:07: 92:f0:90:ff:80:49:e3:a0:e6:a4:56:9e:f4:e7:f1: 16:b7:54:fc:d5:ff:f6:62:03:85:b4:3e:53:ad:7c: 93:62:b6:a9:9c:07:f6:a1:99:39:3c:7b:16:05:9a: 15:07:42:42:a1:27:f8:8e:84:bb:b3:36:a7:37:7c: 7f:96:85:09:0f:30:2c:01:cc:fe:2d:0c:d2:47:15: 3b:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:8F:9D:E0:80:0E:03:9C:C8:74:23:06:78:E0:B9:9D:D8:A3:60:92 X509v3 Authority Key Identifier: keyid:01:F9:5C:C5:F0:A6:B9:E9:67:C6:F8:F3:6C:7F:64:D4:24:4B:AC:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AflcxfCmuelnxvjzbH9k1CRLrHI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0d:b4:1c:6d:f9:0d:5c:ab:a5:25:93:f0:72:b6:55:de:47:30: 4d:9a:0c:1e:36:0b:e0:22:f3:fe:a9:a5:dd:4f:c7:43:b7:6b: ba:1d:6d:27:1b:8d:b3:2f:56:5c:d4:e9:1c:d8:5b:2d:83:3c: 1c:e4:4c:22:17:74:06:c7:4c:66:f7:7b:8c:47:7d:94:df:0e: 3f:d6:fd:ea:ac:fc:a4:95:29:83:e8:7a:b0:fb:12:00:6a:c6: c3:d2:22:ca:5c:1a:07:9c:07:57:b9:f2:fc:cb:c7:c9:90:6a: 84:69:d8:89:cc:14:2b:3b:bc:c6:1b:ba:a7:44:bf:58:e3:00: c2:0f:2c:dc:74:c8:f2:f0:1c:7f:51:df:8a:55:dd:41:63:50: 2d:5c:2e:f1:90:d9:3b:06:6d:f1:f0:4a:fa:63:e4:c3:d6:4b: 38:f9:f8:5c:39:a7:c0:2c:4a:7d:b5:2d:d5:9c:fb:ea:93:6e: 38:bd:d7:f4:51:a0:ad:38:c6:c0:ae:85:4a:cd:7a:e4:c8:a1: 0c:4e:ff:a8:51:7b:5d:d4:34:8a:29:40:02:d9:4a:dc:cd:90: 08:da:53:6e:f2:f7:89:b7:fa:cd:a2:df:93:85:e5:49:d6:70: 2c:bf:ad:1d:08:75:ae:0f:9a:b7:8b:d9:e7:57:fe:5c:ca:c2: f3:2d:a3:80 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAi0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Njk0NTExMTAvBgNVBAUTKDAxRjk1Q0M1RjBBNkI5RTk2N0M2RjhGMzZDN0Y2NEQ0 MjQ0QkFDNzIwHhcNMjUwODExMDIxMDQ4WhcNMjUwODE4MDIxMDQ4WjAYMRYwFAYD VQQDEw02ODk5NTEyOS1hODAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2TIL6jdzzd+lqaeEkxkJTHAmZPcGisCiT9e8dQb74BSCmpCUppOzGu+wNm70 OT0KQqSHEStkb+muyJviSlNXtEqk321SSB+zLYkosy2ZWlVUDHqMEphD/in2q973 zHGuYzXoAeEb228L18Jx82qGxEtL1sl4rnfuHb6Pb3Zil91ObglxYlQnDp1i5QaL U5viAwc/yeTKNXdVEoRu7gtRI/xSwcWjtuAxFyLwbqpLGcMW8AeS8JD/gEnjoOak Vp705/EWt1T81f/2YgOFtD5TrXyTYrapnAf2oZk5PHsWBZoVB0JCoSf4joS7szan N3x/loUJDzAsAcz+LQzSRxU7gwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFiPneCA DgOcyHQjBnjguZ3Yo2CSMB8GA1UdIwQYMBaAFAH5XMXwprnpZ8b482x/ZNQkS6xy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2OTQ1MS83MURCNjdENDNB NEQxMUVEOTAwREUyNkVDNEY5QUUwMi9BZmxjeGZDbXVlbG54dmp6Ykg5azFDUkxy SEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0FmbGN4ZkNtdWVsbnh2anpiSDlrMUNSTHJISS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 OTQ1MS83MURCNjdENDNBNEQxMUVEOTAwREUyNkVDNEY5QUUwMi9BZmxjeGZDbXVl bG54dmp6Ykg5azFDUkxySEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQANtBxt+Q1cq6Ulk/BytlXeRzBNmgweNgvgIvP+qaXdT8dDt2u6HW0n G42zL1Zc1Okc2Fstgzwc5EwiF3QGx0xm93uMR32U3w4/1v3qrPyklSmD6Hqw+xIA asbD0iLKXBoHnAdXufL8y8fJkGqEadiJzBQrO7zGG7qnRL9Y4wDCDyzcdMjy8Bx/ Ud+KVd1BY1AtXC7xkNk7Bm3x8Er6Y+TD1ks4+fhcOafALEp9tS3VnPvqk244vdf0 UaCtOMbAroVKzXrkyKEMTv+oUXtd1DSKKUAC2UrczZAI2lNu8veJt/rNot+TheVJ 1nAsv60dCHWuD5q3i9nnV/5cysLzLaOA -----END CERTIFICATE-----Generated at Mon Aug 11 07:53:36 2025 by rpki-client