$ rpki-client -vvf rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.mft File: AflcxfCmuelnxvjzbH9k1CRLrHI.mft (raw, json) Hash identifier: tO7jGTeJVcjBP2+Gyhm49C9Xmm+JAPEhaMejfFxkrnY= Subject key identifier: 1E:63:4B:5A:7A:40:C4:F6:23:4D:32:3A:66:22:AE:8B:3F:3D:F7:DA Authority key identifier: 01:F9:5C:C5:F0:A6:B9:E9:67:C6:F8:F3:6C:7F:64:D4:24:4B:AC:72 Certificate issuer: /CN=A9169451/serialNumber=01F95CC5F0A6B9E967C6F8F36C7F64D4244BAC72 Certificate serial: 0240 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AflcxfCmuelnxvjzbH9k1CRLrHI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.mft Manifest number: 023D Signing time: Wed 17 Sep 2025 02:21:42 +0000 Manifest this update: Wed 17 Sep 2025 02:21:41 +0000 Manifest next update: Wed 24 Sep 2025 02:21:41 +0000 Files and hashes: 1: AflcxfCmuelnxvjzbH9k1CRLrHI.crl (hash: i8pm0voX3fAahSrf0yz/iOdgzU3dPe+snHB2KnxTYPg=) 2: 0C1EB10A3A5011ED8B4A2570C4F9AE02.roa (hash: 8tU0+bWbTseOr25wJKvheZneGGhgRMUkg1uHcFDydtY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.crl rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AflcxfCmuelnxvjzbH9k1CRLrHI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 24 Sep 2025 02:21:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 576 (0x240) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9169451, serialNumber=01F95CC5F0A6B9E967C6F8F36C7F64D4244BAC72 Validity Not Before: Sep 17 02:21:41 2025 GMT Not After : Sep 24 02:21:41 2025 GMT Subject: CN=68ca1b35-b31f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:36:14:22:10:0b:d3:18:ea:69:2d:a3:f5:cc: 4d:ff:87:d0:ce:cd:b0:ae:ad:43:cd:6b:d1:d7:18: 43:b1:4c:0f:05:7a:bf:8b:3b:c3:98:f9:a7:ea:5b: 06:1e:9a:b2:9f:2f:00:eb:e4:27:d4:9a:d9:f9:9f: 44:85:98:89:30:35:83:2f:0b:63:2e:48:40:65:70: 91:b7:11:1f:59:05:8d:9d:01:a8:f5:6e:b0:61:50: 62:49:5a:3e:00:63:aa:64:07:3f:7f:cf:31:51:26: 7d:26:30:23:b1:ae:0b:0a:10:02:f8:49:d5:42:b2: 44:63:a0:4f:07:1b:c9:f9:03:9e:dd:d9:58:97:73: 8e:4f:8e:ef:4b:81:e6:65:76:28:ef:4f:9f:21:63: a7:04:75:88:89:21:0a:22:e6:dc:b6:d4:91:10:24: d5:04:8b:8d:9f:83:78:0b:75:09:70:cb:04:c9:73: 21:cb:54:4e:fa:a8:eb:3e:cb:73:f9:29:47:67:84: 42:57:44:f7:78:07:b5:0a:73:5d:fa:4f:28:c8:e7: 6f:3c:48:bf:4a:8b:54:43:5a:b5:a1:e4:4b:26:74: 5e:69:25:6d:7b:87:b9:fb:e9:c6:bd:b4:42:db:8f: 98:2d:05:d6:d2:7a:e1:68:9a:2e:c6:95:11:dc:f8: 4d:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:63:4B:5A:7A:40:C4:F6:23:4D:32:3A:66:22:AE:8B:3F:3D:F7:DA X509v3 Authority Key Identifier: keyid:01:F9:5C:C5:F0:A6:B9:E9:67:C6:F8:F3:6C:7F:64:D4:24:4B:AC:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AflcxfCmuelnxvjzbH9k1CRLrHI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9d:36:13:7c:af:20:6c:77:22:09:3f:ec:2c:1a:88:d4:e2:15: 91:b7:8c:5b:83:5d:54:ed:35:97:51:cf:4f:6e:2f:23:78:e0: 61:b5:8a:57:23:85:cd:cd:ec:dd:f2:d9:d1:82:f2:7c:1f:1a: 8e:bc:32:3c:7f:39:d9:78:27:a4:af:93:18:f2:22:06:59:2f: 45:ea:2d:77:a2:2c:21:bf:b7:3f:5e:93:17:21:3e:fb:80:8c: d3:d7:85:64:77:42:7b:04:a5:45:cc:94:53:57:80:c9:32:9d: 72:f6:e5:db:30:3d:53:fd:38:fa:77:83:9a:6d:d1:e9:0f:aa: b3:06:fe:5b:0c:85:f2:ef:a0:f5:b5:3f:6a:d5:2e:22:a1:3b: 08:14:00:3e:44:91:6a:0a:1b:94:65:1b:e9:20:6a:25:98:1b: 25:0e:ca:78:c3:35:2d:69:ff:db:0e:14:34:49:2e:bb:75:bf: 2f:1d:9b:72:c9:cd:85:6f:01:8c:50:57:84:f4:40:c4:f7:35: 81:36:74:9f:ee:b2:c5:c1:d1:2d:c0:03:2c:ca:87:b7:56:fe: c0:51:17:df:ed:4a:07:a3:4f:2b:b1:a5:df:58:d0:be:11:4c: 53:5e:5d:28:38:05:03:5e:0a:7d:92:c2:30:8b:80:11:bf:f6: eb:44:82:06 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAkAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Njk0NTExMTAvBgNVBAUTKDAxRjk1Q0M1RjBBNkI5RTk2N0M2RjhGMzZDN0Y2NEQ0 MjQ0QkFDNzIwHhcNMjUwOTE3MDIyMTQxWhcNMjUwOTI0MDIyMTQxWjAYMRYwFAYD VQQDEw02OGNhMWIzNS1iMzFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6jYUIhAL0xjqaS2j9cxN/4fQzs2wrq1DzWvR1xhDsUwPBXq/izvDmPmn6lsG Hpqyny8A6+Qn1JrZ+Z9EhZiJMDWDLwtjLkhAZXCRtxEfWQWNnQGo9W6wYVBiSVo+ AGOqZAc/f88xUSZ9JjAjsa4LChAC+EnVQrJEY6BPBxvJ+QOe3dlYl3OOT47vS4Hm ZXYo70+fIWOnBHWIiSEKIubcttSRECTVBIuNn4N4C3UJcMsEyXMhy1RO+qjrPstz +SlHZ4RCV0T3eAe1CnNd+k8oyOdvPEi/SotUQ1q1oeRLJnReaSVte4e5++nGvbRC 24+YLQXW0nrhaJouxpUR3PhN8QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFB5jS1p6 QMT2I00yOmYiros/PffaMB8GA1UdIwQYMBaAFAH5XMXwprnpZ8b482x/ZNQkS6xy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2OTQ1MS83MURCNjdENDNB NEQxMUVEOTAwREUyNkVDNEY5QUUwMi9BZmxjeGZDbXVlbG54dmp6Ykg5azFDUkxy SEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0FmbGN4ZkNtdWVsbnh2anpiSDlrMUNSTHJISS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 OTQ1MS83MURCNjdENDNBNEQxMUVEOTAwREUyNkVDNEY5QUUwMi9BZmxjeGZDbXVl bG54dmp6Ykg5azFDUkxySEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCdNhN8ryBsdyIJP+wsGojU4hWRt4xbg11U7TWXUc9Pbi8jeOBhtYpX I4XNzezd8tnRgvJ8HxqOvDI8fznZeCekr5MY8iIGWS9F6i13oiwhv7c/XpMXIT77 gIzT14Vkd0J7BKVFzJRTV4DJMp1y9uXbMD1T/Tj6d4OabdHpD6qzBv5bDIXy76D1 tT9q1S4ioTsIFAA+RJFqChuUZRvpIGolmBslDsp4wzUtaf/bDhQ0SS67db8vHZty yc2FbwGMUFeE9EDE9zWBNnSf7rLFwdEtwAMsyoe3Vv7AURff7UoHo08rsaXfWNC+ EUxTXl0oOAUDXgp9ksIwi4ARv/brRIIG -----END CERTIFICATE-----Generated at Fri Sep 19 02:38:10 2025 by rpki-client