$ rpki-client -vvf rpki.apnic.net/member_repository/A91272F9/D2ED49C2C26D11E8BABE1165C4F9AE02/Icv-KamU2PngPkxNRObPW2SLeOw.mft File: Icv-KamU2PngPkxNRObPW2SLeOw.mft (raw, json) Hash identifier: PCEDE7YiBTmG5dbFC9PALS/PFa9lF50VPWo87F1kq1A= Subject key identifier: 3C:93:F8:18:82:3B:40:E8:62:79:C3:A6:48:31:6A:34:40:E2:41:0A Authority key identifier: 21:CB:FE:29:A9:94:D8:F9:E0:3E:4C:4D:44:E6:CF:5B:64:8B:78:EC Certificate issuer: /CN=A91272F9/serialNumber=21CBFE29A994D8F9E03E4C4D44E6CF5B648B78EC Certificate serial: 136A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Icv-KamU2PngPkxNRObPW2SLeOw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91272F9/D2ED49C2C26D11E8BABE1165C4F9AE02/Icv-KamU2PngPkxNRObPW2SLeOw.mft Manifest number: 1351 Signing time: Tue 24 Mar 2026 16:53:38 +0000 Manifest this update: Tue 24 Mar 2026 16:53:37 +0000 Manifest next update: Tue 31 Mar 2026 16:53:37 +0000 Files and hashes: 1: Icv-KamU2PngPkxNRObPW2SLeOw.crl (hash: DgaKhrNUzouXJm6WtHrLubcz/Ly0dPdGKRbh4xpgu40=) 2: A5393FF2E70911E8B4D19B84C4F9AE02.roa (hash: k+p0xtu7l+Ym0EwSnutl9VlQ16P8ym/648o14VPC7t8=) 3: AA5A77C88DB811EBA0613421C4F9AE02.roa (hash: Y5k6Nh1K8NNS0hPh5WTEjL7DqnEuLThuhCaWRqICeaE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91272F9/D2ED49C2C26D11E8BABE1165C4F9AE02/Icv-KamU2PngPkxNRObPW2SLeOw.crl rsync://rpki.apnic.net/member_repository/A91272F9/D2ED49C2C26D11E8BABE1165C4F9AE02/Icv-KamU2PngPkxNRObPW2SLeOw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Icv-KamU2PngPkxNRObPW2SLeOw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 16:53:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4970 (0x136a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91272F9, serialNumber=21CBFE29A994D8F9E03E4C4D44E6CF5B648B78EC Validity Not Before: Mar 24 16:53:37 2026 GMT Not After : Mar 31 16:53:37 2026 GMT Subject: CN=69c2c191-c5ed Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:61:a2:35:d9:a6:b7:ec:d5:f6:31:57:8a:eb: bc:95:2c:75:9d:2a:33:e3:86:55:2a:5f:ce:40:e0: 32:33:79:23:b8:ac:72:19:dd:66:29:20:06:46:18: da:c0:33:3b:66:0c:e0:fb:70:d2:c5:67:d5:a3:4c: 85:02:b0:98:f5:92:4a:9b:11:7d:b6:92:29:d0:29: 4b:08:c6:13:cc:4f:0b:36:68:c8:b6:e6:4f:b5:ed: c6:ff:95:69:84:d6:8c:0c:1d:7d:aa:75:e9:d5:dc: 22:9f:5b:dd:f4:7b:0c:28:85:dd:64:76:ef:2e:c5: 97:a7:2d:6b:19:25:97:70:0f:43:b5:be:2e:34:79: 36:e0:af:25:5b:10:a4:76:11:7f:08:d4:9b:1c:15: 33:b9:c1:74:ee:e3:70:39:77:03:be:48:1d:4d:e8: 96:3b:ea:20:b4:4d:fb:75:2f:5d:26:14:f8:0b:a4: 0e:77:e0:37:fa:fe:ba:a7:38:6e:3c:c6:aa:48:c8: 23:14:a1:67:91:84:9e:9f:a7:da:00:88:b4:73:a5: b5:53:6c:c2:24:55:75:40:b7:42:3e:0a:54:19:27: 5a:44:7e:c9:a7:22:30:62:b6:af:73:2c:c8:1b:96: 32:3a:b0:5a:36:31:de:68:e6:5c:28:5c:14:57:bb: 6e:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:93:F8:18:82:3B:40:E8:62:79:C3:A6:48:31:6A:34:40:E2:41:0A X509v3 Authority Key Identifier: keyid:21:CB:FE:29:A9:94:D8:F9:E0:3E:4C:4D:44:E6:CF:5B:64:8B:78:EC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91272F9/D2ED49C2C26D11E8BABE1165C4F9AE02/Icv-KamU2PngPkxNRObPW2SLeOw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Icv-KamU2PngPkxNRObPW2SLeOw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91272F9/D2ED49C2C26D11E8BABE1165C4F9AE02/Icv-KamU2PngPkxNRObPW2SLeOw.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0b:a5:70:bd:e1:b8:a9:07:72:56:6f:aa:da:ff:f6:a1:4a:70: 50:24:ef:0f:ee:c7:49:44:34:d7:de:b0:14:92:2b:f9:d6:a7: 3d:a5:9d:b1:c3:94:c4:17:ae:e8:80:ab:37:62:3a:5e:be:6d: 41:65:1e:a7:ed:9f:b7:be:a8:16:3c:db:ea:19:44:eb:3a:bb: c5:e5:1f:13:69:6c:d2:60:52:84:76:f5:70:d4:4c:53:eb:f3: de:fb:06:64:b7:a0:0b:43:bb:1d:de:f2:f8:5d:c8:2f:43:5e: 0f:d4:a9:30:d8:c2:7b:df:58:c8:dc:17:cb:db:0a:41:fd:28: ad:cf:22:24:d9:29:0c:fb:24:27:9b:53:a0:01:64:e9:7a:ea: bd:41:31:e5:4b:7e:07:d5:05:ab:5c:c0:b3:52:45:83:4c:aa: dd:25:b0:c3:21:b8:5c:07:92:6d:3a:0b:0b:41:bf:e3:e5:ca: 32:eb:09:bc:8c:5b:31:29:ef:b9:7a:46:fa:69:bf:66:d7:3d: af:20:d6:36:72:d0:8f:5d:37:14:d7:9d:b5:9b:e2:89:1f:19: 74:bf:89:20:9a:ee:f6:ec:78:a8:e4:5f:ad:66:f6:b6:8f:7a: a1:c8:d8:16:65:a6:bb:41:51:f2:41:9c:b6:eb:d2:76:3c:2d: 56:1d:e3:7d -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICE2owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjcyRjkxMTAvBgNVBAUTKDIxQ0JGRTI5QTk5NEQ4RjlFMDNFNEM0RDQ0RTZDRjVC NjQ4Qjc4RUMwHhcNMjYwMzI0MTY1MzM3WhcNMjYwMzMxMTY1MzM3WjAYMRYwFAYD VQQDEw02OWMyYzE5MS1jNWVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvGGiNdmmt+zV9jFXiuu8lSx1nSoz44ZVKl/OQOAyM3kjuKxyGd1mKSAGRhja wDM7Zgzg+3DSxWfVo0yFArCY9ZJKmxF9tpIp0ClLCMYTzE8LNmjItuZPte3G/5Vp hNaMDB19qnXp1dwin1vd9HsMKIXdZHbvLsWXpy1rGSWXcA9Dtb4uNHk24K8lWxCk dhF/CNSbHBUzucF07uNwOXcDvkgdTeiWO+ogtE37dS9dJhT4C6QOd+A3+v66pzhu PMaqSMgjFKFnkYSen6faAIi0c6W1U2zCJFV1QLdCPgpUGSdaRH7JpyIwYravcyzI G5YyOrBaNjHeaOZcKFwUV7tuPQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFDyT+BiC O0DoYnnDpkgxajRA4kEKMB8GA1UdIwQYMBaAFCHL/implNj54D5MTUTmz1tki3js MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNzJGOS9EMkVENDlDMkMy NkQxMUU4QkFCRTExNjVDNEY5QUUwMi9JY3YtS2FtVTJQbmdQa3hOUk9iUFcyU0xl T3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ljdi1LYW1VMlBuZ1BreE5ST2JQVzJTTGVPdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy NzJGOS9EMkVENDlDMkMyNkQxMUU4QkFCRTExNjVDNEY5QUUwMi9JY3YtS2FtVTJQ bmdQa3hOUk9iUFcyU0xlT3cubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAC6VwveG4qQdyVm+q2v/2oUpwUCTvD+7HSUQ0196wFJIr+danPaWdscOUxBeu 6ICrN2I6Xr5tQWUep+2ft76oFjzb6hlE6zq7xeUfE2ls0mBShHb1cNRMU+vz3vsG ZLegC0O7Hd7y+F3IL0NeD9SpMNjCe99YyNwXy9sKQf0orc8iJNkpDPskJ5tToAFk 6XrqvUEx5Ut+B9UFq1zAs1JFg0yq3SWwwyG4XAeSbToLC0G/4+XKMusJvIxbMSnv uXpG+mm/Ztc9ryDWNnLQj103FNedtZviiR8ZdL+JIJru9ux4qORfrWb2to96ocjY FmWmu0FR8kGctuvSdjwtVh3jfQ== -----END CERTIFICATE-----Generated at Thu Mar 26 12:55:04 2026 by rpki-client