$ rpki-client -vvf rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.mft File: AflcxfCmuelnxvjzbH9k1CRLrHI.mft (raw, json) Hash identifier: oyOA8Lv8+s4b31Ac09zZChDIaIwIVcSLPhyG6oJt4aA= Subject key identifier: 40:14:0D:3B:0A:C5:F6:B5:B8:87:E8:A8:C1:FD:E2:5E:5F:95:7B:E8 Authority key identifier: 01:F9:5C:C5:F0:A6:B9:E9:67:C6:F8:F3:6C:7F:64:D4:24:4B:AC:72 Certificate issuer: /CN=A9169451/serialNumber=01F95CC5F0A6B9E967C6F8F36C7F64D4244BAC72 Certificate serial: 0202 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AflcxfCmuelnxvjzbH9k1CRLrHI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.mft Manifest number: 01FF Signing time: Sat 17 May 2025 02:15:35 +0000 Manifest this update: Sat 17 May 2025 02:15:34 +0000 Manifest next update: Sat 24 May 2025 02:15:34 +0000 Files and hashes: 1: AflcxfCmuelnxvjzbH9k1CRLrHI.crl (hash: qOC7jmpAQjeiZyyDKbah7zQoR+NO9u/TDjFd/4gwFpQ=) 2: 0C1EB10A3A5011ED8B4A2570C4F9AE02.roa (hash: 8tU0+bWbTseOr25wJKvheZneGGhgRMUkg1uHcFDydtY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.crl rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AflcxfCmuelnxvjzbH9k1CRLrHI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 24 May 2025 02:15:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 514 (0x202) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9169451, serialNumber=01F95CC5F0A6B9E967C6F8F36C7F64D4244BAC72 Validity Not Before: May 17 02:15:34 2025 GMT Not After : May 24 02:15:34 2025 GMT Subject: CN=6827f146-4144 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:d8:7c:6e:85:e5:d9:50:3b:98:ca:9a:c7:e0: 1f:60:79:83:da:c9:00:25:dd:94:d1:bc:a5:60:95: 60:58:8c:2f:e7:a5:b0:cc:ae:54:e9:a2:94:52:02: 0d:93:d6:0c:ae:7d:96:4f:e8:c3:ce:64:62:42:df: 4c:27:05:83:20:53:27:93:ef:3b:47:3c:af:cf:19: 47:a7:5d:61:f1:d4:76:45:69:68:ae:56:4a:a6:98: 0f:e5:0d:8d:f6:31:d2:54:ff:a2:70:0f:ba:4e:43: 7d:70:22:2a:21:89:77:65:07:59:87:b7:e7:91:73: e3:23:45:bf:27:a9:19:ab:24:1f:db:cb:d6:a2:60: a0:2b:75:6b:a9:a2:d9:32:d4:c7:d3:b5:73:99:f3: e7:94:62:6f:93:1e:42:06:90:4e:1e:26:63:e8:29: 44:09:21:d6:9a:28:ff:05:b6:83:d8:3b:83:a1:11: 0d:2d:3c:97:a5:e2:39:ee:2a:b5:ef:4f:a1:3e:97: fa:d4:b3:d9:04:f7:17:59:f0:be:15:f7:cf:1c:f4: 96:0c:93:11:6b:8f:1e:e3:67:ce:e2:56:e8:40:f8: 0b:b4:f0:24:95:99:5c:8d:25:60:26:25:1e:bc:69: a2:b5:93:86:50:a1:be:3f:ec:d3:0a:b7:97:ae:ca: 61:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:14:0D:3B:0A:C5:F6:B5:B8:87:E8:A8:C1:FD:E2:5E:5F:95:7B:E8 X509v3 Authority Key Identifier: keyid:01:F9:5C:C5:F0:A6:B9:E9:67:C6:F8:F3:6C:7F:64:D4:24:4B:AC:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AflcxfCmuelnxvjzbH9k1CRLrHI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 89:52:43:32:39:80:e6:cf:70:da:75:ac:72:97:7c:20:27:ae: 41:1a:b0:8e:59:1f:cd:7e:91:31:2f:7b:d8:0d:99:51:48:24: 5b:a3:5d:e9:af:2d:1d:66:ed:f9:c2:1f:d0:74:ff:46:9c:7f: 96:a2:19:4b:b6:e6:b8:d2:6d:96:f3:d3:f3:39:c3:e6:87:c0: 37:72:eb:33:b6:d7:9b:53:fb:66:9a:9e:33:fc:ed:f1:f1:d3: a5:53:d0:57:8a:c8:66:02:0f:69:28:d5:33:69:44:9d:da:68: 60:dc:e9:51:82:76:60:6d:13:22:13:d6:77:ea:fe:66:8b:b8: df:91:fc:2b:fa:5a:db:4a:20:68:99:53:4a:1c:3b:49:23:67: 73:36:cc:df:b1:e9:7a:c1:43:ef:2a:9c:ea:a9:11:70:88:05: 5a:12:71:22:40:f2:7d:7f:91:b2:27:d6:04:65:f7:8d:cf:fd: 0f:f3:ab:b6:15:dc:d1:67:91:ea:47:9d:cd:e8:d4:d2:24:e9: dc:37:e6:78:39:d0:74:14:d4:91:9e:8a:8f:62:da:1b:f2:35: cd:40:0c:b1:67:20:26:ea:97:a8:e6:83:32:40:d2:8a:6d:64: 80:b8:7a:df:64:0a:f8:81:74:b1:bc:b1:8c:a1:bd:cd:8f:8a: 26:63:6e:de -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAgIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Njk0NTExMTAvBgNVBAUTKDAxRjk1Q0M1RjBBNkI5RTk2N0M2RjhGMzZDN0Y2NEQ0 MjQ0QkFDNzIwHhcNMjUwNTE3MDIxNTM0WhcNMjUwNTI0MDIxNTM0WjAYMRYwFAYD VQQDEw02ODI3ZjE0Ni00MTQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxth8boXl2VA7mMqax+AfYHmD2skAJd2U0bylYJVgWIwv56WwzK5U6aKUUgIN k9YMrn2WT+jDzmRiQt9MJwWDIFMnk+87RzyvzxlHp11h8dR2RWlorlZKppgP5Q2N 9jHSVP+icA+6TkN9cCIqIYl3ZQdZh7fnkXPjI0W/J6kZqyQf28vWomCgK3VrqaLZ MtTH07VzmfPnlGJvkx5CBpBOHiZj6ClECSHWmij/BbaD2DuDoRENLTyXpeI57iq1 70+hPpf61LPZBPcXWfC+FffPHPSWDJMRa48e42fO4lboQPgLtPAklZlcjSVgJiUe vGmitZOGUKG+P+zTCreXrsphGQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEAUDTsK xfa1uIfoqMH94l5flXvoMB8GA1UdIwQYMBaAFAH5XMXwprnpZ8b482x/ZNQkS6xy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2OTQ1MS83MURCNjdENDNB NEQxMUVEOTAwREUyNkVDNEY5QUUwMi9BZmxjeGZDbXVlbG54dmp6Ykg5azFDUkxy SEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0FmbGN4ZkNtdWVsbnh2anpiSDlrMUNSTHJISS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 OTQ1MS83MURCNjdENDNBNEQxMUVEOTAwREUyNkVDNEY5QUUwMi9BZmxjeGZDbXVl bG54dmp6Ykg5azFDUkxySEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCJUkMyOYDmz3Dadaxyl3wgJ65BGrCOWR/NfpExL3vYDZlRSCRbo13p ry0dZu35wh/QdP9GnH+WohlLtua40m2W89PzOcPmh8A3cuszttebU/tmmp4z/O3x 8dOlU9BXishmAg9pKNUzaUSd2mhg3OlRgnZgbRMiE9Z36v5mi7jfkfwr+lrbSiBo mVNKHDtJI2dzNszfsel6wUPvKpzqqRFwiAVaEnEiQPJ9f5GyJ9YEZfeNz/0P86u2 FdzRZ5HqR53N6NTSJOncN+Z4OdB0FNSRnoqPYtob8jXNQAyxZyAm6peo5oMyQNKK bWSAuHrfZAr4gXSxvLGMob3Nj4omY27e -----END CERTIFICATE-----Generated at Sat May 17 10:42:53 2025 by rpki-client