$ rpki-client -vvf rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.mft File: AflcxfCmuelnxvjzbH9k1CRLrHI.mft (raw, json) Hash identifier: Xfq2w0HVpIhBhzNBs7Ffm7k2/Hwqqlc0NRj3TqIe85g= Subject key identifier: E9:B5:0B:23:64:31:D4:D5:87:BF:E4:5C:7E:83:13:45:C9:98:F5:8F Authority key identifier: 01:F9:5C:C5:F0:A6:B9:E9:67:C6:F8:F3:6C:7F:64:D4:24:4B:AC:72 Certificate issuer: /CN=A9169451/serialNumber=01F95CC5F0A6B9E967C6F8F36C7F64D4244BAC72 Certificate serial: 0233 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AflcxfCmuelnxvjzbH9k1CRLrHI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.mft Manifest number: 0230 Signing time: Sat 23 Aug 2025 02:08:05 +0000 Manifest this update: Sat 23 Aug 2025 02:08:05 +0000 Manifest next update: Sat 30 Aug 2025 02:08:05 +0000 Files and hashes: 1: AflcxfCmuelnxvjzbH9k1CRLrHI.crl (hash: wshobC0WmfDXZ9DwLfHEiYk6YhaGN09jghaHOc6LiXI=) 2: 0C1EB10A3A5011ED8B4A2570C4F9AE02.roa (hash: 8tU0+bWbTseOr25wJKvheZneGGhgRMUkg1uHcFDydtY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.crl rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AflcxfCmuelnxvjzbH9k1CRLrHI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 02:08:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 563 (0x233) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9169451, serialNumber=01F95CC5F0A6B9E967C6F8F36C7F64D4244BAC72 Validity Not Before: Aug 23 02:08:05 2025 GMT Not After : Aug 30 02:08:05 2025 GMT Subject: CN=68a92285-0a52 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:96:9f:49:5f:2f:14:50:ac:9f:4a:2e:86:cc: f4:d5:b5:89:70:4a:9b:8b:68:22:ff:9b:aa:62:66: 5f:95:69:c1:cc:19:c0:57:f0:06:8f:4e:9b:e6:49: 0e:41:ef:87:4b:20:d2:32:56:dd:33:50:9e:26:af: ba:9e:de:6d:18:17:92:58:45:49:0a:f1:9d:eb:f3: 96:2a:c8:d7:e7:6f:e5:13:fa:81:a4:06:5b:02:5e: 6b:f1:e6:85:44:5d:9e:5c:e5:f7:2f:46:43:8f:6e: 72:6f:f4:85:b2:fb:e9:b6:3c:31:e8:3b:27:a3:29: 8c:93:5d:20:67:5d:7a:74:ef:fe:80:1b:d3:75:2e: 3f:ea:b4:f1:5f:b0:aa:b9:88:18:9d:b1:41:4e:84: 1a:b9:b6:8d:1e:7a:4a:b2:ff:b2:a2:3e:3b:45:9d: bf:c4:d2:db:0e:33:ee:c1:d7:50:c4:11:64:07:e9: d5:d6:f1:b4:4f:cc:36:57:2a:af:5d:1f:45:e6:00: a0:6f:9e:c3:cd:66:16:26:32:10:b7:7b:f5:93:07: bb:bf:ab:a4:14:5d:6e:8e:9d:d9:c7:f4:c8:5a:a4: ac:5d:2a:af:9b:ef:44:d6:23:d1:73:cb:85:7c:5a: a9:d0:ad:03:de:40:80:e2:c4:5f:80:26:1d:47:65: 62:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:B5:0B:23:64:31:D4:D5:87:BF:E4:5C:7E:83:13:45:C9:98:F5:8F X509v3 Authority Key Identifier: keyid:01:F9:5C:C5:F0:A6:B9:E9:67:C6:F8:F3:6C:7F:64:D4:24:4B:AC:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AflcxfCmuelnxvjzbH9k1CRLrHI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 85:91:6c:62:34:7f:af:c7:bb:c3:06:36:a9:46:55:d6:da:05: c9:78:33:3d:ea:a4:fa:f2:69:b9:2a:62:56:db:ac:07:fa:ac: c7:8b:ba:80:69:30:d4:1e:40:04:da:6e:df:d2:e5:a3:52:dc: b3:cd:f6:ba:2e:22:f3:77:82:b8:14:64:fb:09:f5:67:59:b6: 33:e8:1d:ec:48:a3:13:3e:d2:0e:59:b1:68:7d:e3:d4:54:cd: b4:26:d8:d7:a1:81:0e:b2:b1:e9:02:e4:fd:e9:37:05:98:5d: d6:89:d5:17:f8:70:95:d5:10:0f:5e:3c:7c:22:8f:37:75:98: d4:2c:c4:c2:90:50:fd:5b:c8:63:c2:79:34:d9:46:8e:97:fe: 8c:fe:0b:1c:db:76:29:11:f0:c5:90:8c:2a:0b:82:d4:4b:2a: 98:a5:f9:dc:7c:42:90:08:58:83:6c:04:4c:9f:f4:61:2c:f8: ca:e4:d0:79:10:67:5c:fe:51:01:fa:d4:c7:76:bd:9b:27:66: 32:11:33:5d:8d:11:15:20:74:ce:a7:44:0e:65:09:65:61:54: 6c:75:e6:0e:92:9d:09:7f:b2:95:f4:c1:ae:fd:30:99:5b:40: 54:ed:56:3b:fc:7d:8a:cc:41:86:cc:51:a6:32:36:8c:34:80: 01:3b:2f:cf -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAjMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Njk0NTExMTAvBgNVBAUTKDAxRjk1Q0M1RjBBNkI5RTk2N0M2RjhGMzZDN0Y2NEQ0 MjQ0QkFDNzIwHhcNMjUwODIzMDIwODA1WhcNMjUwODMwMDIwODA1WjAYMRYwFAYD VQQDEw02OGE5MjI4NS0wYTUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAppafSV8vFFCsn0ouhsz01bWJcEqbi2gi/5uqYmZflWnBzBnAV/AGj06b5kkO Qe+HSyDSMlbdM1CeJq+6nt5tGBeSWEVJCvGd6/OWKsjX52/lE/qBpAZbAl5r8eaF RF2eXOX3L0ZDj25yb/SFsvvptjwx6DsnoymMk10gZ116dO/+gBvTdS4/6rTxX7Cq uYgYnbFBToQaubaNHnpKsv+yoj47RZ2/xNLbDjPuwddQxBFkB+nV1vG0T8w2Vyqv XR9F5gCgb57DzWYWJjIQt3v1kwe7v6ukFF1ujp3Zx/TIWqSsXSqvm+9E1iPRc8uF fFqp0K0D3kCA4sRfgCYdR2VipQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOm1CyNk MdTVh7/kXH6DE0XJmPWPMB8GA1UdIwQYMBaAFAH5XMXwprnpZ8b482x/ZNQkS6xy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2OTQ1MS83MURCNjdENDNB NEQxMUVEOTAwREUyNkVDNEY5QUUwMi9BZmxjeGZDbXVlbG54dmp6Ykg5azFDUkxy SEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0FmbGN4ZkNtdWVsbnh2anpiSDlrMUNSTHJISS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 OTQ1MS83MURCNjdENDNBNEQxMUVEOTAwREUyNkVDNEY5QUUwMi9BZmxjeGZDbXVl bG54dmp6Ykg5azFDUkxySEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCFkWxiNH+vx7vDBjapRlXW2gXJeDM96qT68mm5KmJW26wH+qzHi7qA aTDUHkAE2m7f0uWjUtyzzfa6LiLzd4K4FGT7CfVnWbYz6B3sSKMTPtIOWbFofePU VM20JtjXoYEOsrHpAuT96TcFmF3WidUX+HCV1RAPXjx8Io83dZjULMTCkFD9W8hj wnk02UaOl/6M/gsc23YpEfDFkIwqC4LUSyqYpfncfEKQCFiDbARMn/RhLPjK5NB5 EGdc/lEB+tTHdr2bJ2YyETNdjREVIHTOp0QOZQllYVRsdeYOkp0Jf7KV9MGu/TCZ W0BU7VY7/H2KzEGGzFGmMjaMNIABOy/P -----END CERTIFICATE-----Generated at Sun Aug 24 00:52:32 2025 by rpki-client