$ rpki-client -vvf rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.mft File: AflcxfCmuelnxvjzbH9k1CRLrHI.mft (raw, json) Hash identifier: HQvN3x6yG+40DKwh35xjQv3Aw8zNzi98+wCUa9DlRws= Subject key identifier: D5:97:40:44:5C:03:96:C7:AE:0D:91:C6:50:7B:DA:BA:DD:99:7E:A8 Authority key identifier: 01:F9:5C:C5:F0:A6:B9:E9:67:C6:F8:F3:6C:7F:64:D4:24:4B:AC:72 Certificate issuer: /CN=A9169451/serialNumber=01F95CC5F0A6B9E967C6F8F36C7F64D4244BAC72 Certificate serial: 025A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AflcxfCmuelnxvjzbH9k1CRLrHI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.mft Manifest number: 0256 Signing time: Mon 03 Nov 2025 01:40:35 +0000 Manifest this update: Mon 03 Nov 2025 01:40:34 +0000 Manifest next update: Mon 10 Nov 2025 01:40:34 +0000 Files and hashes: 1: AflcxfCmuelnxvjzbH9k1CRLrHI.crl (hash: RfBsOV2vmbLQRJOVwjBW5edi/TWMxaULfk1w2rIwQ1g=) 2: 0C1EB10A3A5011ED8B4A2570C4F9AE02.roa (hash: R3jRDvm0E8vyU2n+jY+lrRNs85d0z5lzmVh9QqpC5jI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.crl rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AflcxfCmuelnxvjzbH9k1CRLrHI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 01:40:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 602 (0x25a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9169451, serialNumber=01F95CC5F0A6B9E967C6F8F36C7F64D4244BAC72 Validity Not Before: Nov 3 01:40:34 2025 GMT Not After : Nov 10 01:40:34 2025 GMT Subject: CN=69080812-e875 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:6b:a5:ef:b5:c3:20:f1:14:97:b2:fd:fd:74: ce:57:6c:9b:ff:d5:c9:ab:73:6f:5b:1b:3f:91:5d: e1:70:ed:3d:f9:e0:5a:e2:65:4b:45:07:45:25:23: 9c:24:df:12:2e:18:1a:bc:1a:9d:25:33:3b:05:fb: e5:85:ea:1a:e7:f8:cd:7c:8a:a4:b3:23:cf:97:b9: 50:d2:60:19:b1:82:0f:be:65:0c:bb:f6:19:b0:61: e8:e0:5c:8a:58:77:99:91:db:0f:21:d5:9d:37:06: ce:7d:b0:d0:e9:13:90:03:5c:14:66:65:71:15:08: 95:12:91:04:5d:ab:1a:35:10:80:c1:5a:7a:fe:9d: 55:f5:ee:9a:5c:41:1b:c9:04:fa:c5:ab:3b:08:67: c7:10:84:99:d9:22:9c:bf:17:32:a9:91:76:bb:1a: 8f:41:7c:66:a1:fd:81:3f:36:d2:77:0f:e9:ef:50: b0:88:47:7d:d1:05:fb:03:78:e7:7b:07:47:ce:c3: ab:40:01:94:e8:9b:d5:db:c5:b5:d5:d7:16:79:4e: e6:3d:5c:35:09:34:b5:3e:50:93:bc:fa:dd:17:7a: 11:02:d7:ab:4f:20:b8:e2:74:56:94:be:85:0a:3d: 53:74:0f:00:44:82:29:76:cb:78:9d:a9:c7:8e:49: 12:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:97:40:44:5C:03:96:C7:AE:0D:91:C6:50:7B:DA:BA:DD:99:7E:A8 X509v3 Authority Key Identifier: keyid:01:F9:5C:C5:F0:A6:B9:E9:67:C6:F8:F3:6C:7F:64:D4:24:4B:AC:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AflcxfCmuelnxvjzbH9k1CRLrHI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4c:bc:a9:9e:bf:ad:72:67:29:4b:5b:b9:11:67:9d:64:26:16: 10:c6:83:3d:43:d3:36:60:50:35:b7:a0:14:a2:bd:b1:98:82: 1f:9a:90:40:d8:aa:16:f4:5c:db:56:e6:93:54:78:eb:d2:e3: d6:b7:f6:66:44:24:22:b1:f4:1a:a2:7d:78:6e:bf:11:16:24: 40:ac:bf:b2:ca:79:5f:f0:da:64:f9:e3:c6:bc:12:84:04:fa: 8a:a1:2a:7d:2e:4d:83:3d:29:7a:52:0a:64:13:7d:c2:a8:92: 35:32:28:32:2b:d8:9d:be:13:ad:d9:7b:51:ba:97:2b:6c:0e: 54:28:42:89:9e:dd:98:fd:20:27:ef:d2:d8:2c:bf:d0:74:05: b8:75:cb:ec:5d:ef:e6:ae:55:cb:c2:15:cb:dd:04:a3:27:42: 32:db:07:cb:15:7c:1c:4c:77:16:e5:99:96:f0:3d:69:b1:bd: 50:99:55:d0:38:34:16:34:21:5a:fd:06:04:3d:f1:46:13:84: c5:a1:85:71:78:00:53:8f:7c:e9:37:6f:63:63:9e:1c:cf:80: 9e:88:90:f7:d5:a7:df:5d:50:e8:44:3f:9c:20:96:10:3f:0f: c3:7b:57:9c:b5:df:6a:9a:e3:22:2f:cc:51:7f:cb:f5:35:14: 4e:0c:f7:2a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAlowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Njk0NTExMTAvBgNVBAUTKDAxRjk1Q0M1RjBBNkI5RTk2N0M2RjhGMzZDN0Y2NEQ0 MjQ0QkFDNzIwHhcNMjUxMTAzMDE0MDM0WhcNMjUxMTEwMDE0MDM0WjAYMRYwFAYD VQQDEw02OTA4MDgxMi1lODc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvWul77XDIPEUl7L9/XTOV2yb/9XJq3NvWxs/kV3hcO09+eBa4mVLRQdFJSOc JN8SLhgavBqdJTM7Bfvlheoa5/jNfIqksyPPl7lQ0mAZsYIPvmUMu/YZsGHo4FyK WHeZkdsPIdWdNwbOfbDQ6ROQA1wUZmVxFQiVEpEEXasaNRCAwVp6/p1V9e6aXEEb yQT6xas7CGfHEISZ2SKcvxcyqZF2uxqPQXxmof2BPzbSdw/p71CwiEd90QX7A3jn ewdHzsOrQAGU6JvV28W11dcWeU7mPVw1CTS1PlCTvPrdF3oRAterTyC44nRWlL6F Cj1TdA8ARIIpdst4nanHjkkSDQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNWXQERc A5bHrg2RxlB72rrdmX6oMB8GA1UdIwQYMBaAFAH5XMXwprnpZ8b482x/ZNQkS6xy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2OTQ1MS83MURCNjdENDNB NEQxMUVEOTAwREUyNkVDNEY5QUUwMi9BZmxjeGZDbXVlbG54dmp6Ykg5azFDUkxy SEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0FmbGN4ZkNtdWVsbnh2anpiSDlrMUNSTHJISS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 OTQ1MS83MURCNjdENDNBNEQxMUVEOTAwREUyNkVDNEY5QUUwMi9BZmxjeGZDbXVl bG54dmp6Ykg5azFDUkxySEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBMvKmev61yZylLW7kRZ51kJhYQxoM9Q9M2YFA1t6AUor2xmIIfmpBA 2KoW9FzbVuaTVHjr0uPWt/ZmRCQisfQaon14br8RFiRArL+yynlf8Npk+ePGvBKE BPqKoSp9Lk2DPSl6UgpkE33CqJI1MigyK9idvhOt2XtRupcrbA5UKEKJnt2Y/SAn 79LYLL/QdAW4dcvsXe/mrlXLwhXL3QSjJ0Iy2wfLFXwcTHcW5ZmW8D1psb1QmVXQ ODQWNCFa/QYEPfFGE4TFoYVxeABTj3zpN29jY54cz4CeiJD31affXVDoRD+cIJYQ Pw/De1ectd9qmuMiL8xRf8v1NRRODPcq -----END CERTIFICATE-----Generated at Tue Nov 4 08:31:18 2025 by rpki-client