$ rpki-client -vvf rpki.apnic.net/member_repository/A9127523/12B997E89AE311E3A5A257A75911EA32/imgd0MQ3MdD0djpNvdXUzAH9ZMI.mft File: imgd0MQ3MdD0djpNvdXUzAH9ZMI.mft (raw, json) Hash identifier: xKtyBLNAAMlTYFyTf7/WONm+8H2dadz7+37qX6cbblY= Subject key identifier: CB:BF:E2:8C:2D:4A:CE:72:0B:BD:2E:90:63:4B:99:1B:9A:FC:2F:6F Authority key identifier: 8A:68:1D:D0:C4:37:31:D0:F4:76:3A:4D:BD:D5:D4:CC:01:FD:64:C2 Certificate issuer: /CN=A9127523/serialNumber=8A681DD0C43731D0F4763A4DBDD5D4CC01FD64C2 Certificate serial: 2E45 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/imgd0MQ3MdD0djpNvdXUzAH9ZMI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9127523/12B997E89AE311E3A5A257A75911EA32/imgd0MQ3MdD0djpNvdXUzAH9ZMI.mft Manifest number: 2DC5 Signing time: Thu 26 Mar 2026 15:31:26 +0000 Manifest this update: Thu 26 Mar 2026 15:31:25 +0000 Manifest next update: Thu 02 Apr 2026 15:31:25 +0000 Files and hashes: 1: imgd0MQ3MdD0djpNvdXUzAH9ZMI.crl (hash: g/q4MkFCXajgu4HKZBNJvgEWg2WixJOVfeiD5R0ADuE=) 2: 3E0A6ED49E7B11EFBD44280AC4F9AE02.roa (hash: I9utLoQOo+FgrMzcmZ+nktkwChduEwkgHWKAKFKVei8=) 3: 4221CE240EC211EB9F6B1914C4F9AE02.roa (hash: 98d7Szz1xVrKOjRtTK04BwOwzNCfjc24NwJ5XcHSo3Y=) 4: EAB11C569E7A11EF9C2A9E09C4F9AE02.roa (hash: WjyM3KD8j7LYktjGDYnf9TzfHp76S+j3QqZZ2zALeh0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9127523/12B997E89AE311E3A5A257A75911EA32/imgd0MQ3MdD0djpNvdXUzAH9ZMI.crl rsync://rpki.apnic.net/member_repository/A9127523/12B997E89AE311E3A5A257A75911EA32/imgd0MQ3MdD0djpNvdXUzAH9ZMI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/imgd0MQ3MdD0djpNvdXUzAH9ZMI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 02 Apr 2026 14:54:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11845 (0x2e45) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9127523, serialNumber=8A681DD0C43731D0F4763A4DBDD5D4CC01FD64C2 Validity Not Before: Mar 26 15:31:25 2026 GMT Not After : Apr 2 15:31:25 2026 GMT Subject: CN=69c5514e-b5cc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:1c:ef:e8:d5:ac:fd:e2:d5:81:9f:4d:dd:16: df:5b:68:4f:f3:dc:c3:30:e2:23:3a:2d:8b:6f:e7: 4d:06:d9:e8:ac:72:af:bf:7e:08:1b:0a:06:3e:07: 85:c1:c5:18:c5:9a:b5:53:d2:a2:4b:0e:23:ff:d5: 88:d7:83:70:5e:63:f7:bf:e9:56:2a:09:3c:c4:d6: 8b:b0:b7:67:3c:9a:e9:e0:05:95:ec:fc:01:03:04: 22:c3:d9:a1:52:60:fd:d4:ab:98:f0:63:69:7f:71: 37:13:3b:b8:58:64:f1:60:3d:e4:56:49:79:b3:ae: c1:3c:db:c7:51:16:fa:bc:5c:ff:28:d1:11:a0:6b: 09:83:37:f7:f1:10:48:9a:96:98:6d:57:9a:d3:8b: 53:d1:a5:b9:57:2d:00:d2:0c:e1:2a:64:54:bc:b2: 94:db:1d:18:85:be:13:00:0d:1e:06:af:fd:56:91: 60:d1:a1:2e:95:2d:d8:6c:88:32:c9:85:a9:e9:5a: 00:5d:be:21:38:09:f2:fe:62:ed:f0:e3:01:35:b5: 74:41:df:ab:26:a8:58:0a:4c:8b:74:22:ed:89:9c: 60:2f:a1:ca:1b:f1:6c:53:b5:1f:9e:f9:2f:49:82: c6:76:be:19:11:db:83:d9:1b:27:23:db:60:75:4b: 24:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:BF:E2:8C:2D:4A:CE:72:0B:BD:2E:90:63:4B:99:1B:9A:FC:2F:6F X509v3 Authority Key Identifier: keyid:8A:68:1D:D0:C4:37:31:D0:F4:76:3A:4D:BD:D5:D4:CC:01:FD:64:C2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9127523/12B997E89AE311E3A5A257A75911EA32/imgd0MQ3MdD0djpNvdXUzAH9ZMI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/imgd0MQ3MdD0djpNvdXUzAH9ZMI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9127523/12B997E89AE311E3A5A257A75911EA32/imgd0MQ3MdD0djpNvdXUzAH9ZMI.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 55:c2:65:2c:79:28:e7:66:94:28:0c:52:dc:e8:66:61:23:30: c6:d7:e7:6a:12:84:59:c1:a2:ad:1c:69:08:de:1f:f3:03:22: cb:08:3f:6f:4c:75:c0:5c:d6:17:1e:22:44:31:ac:a2:8c:64: 8c:63:94:b6:75:55:79:7c:8a:32:be:84:68:11:db:df:c9:44: 29:d6:3f:4e:48:b6:9d:f5:e9:27:04:6e:69:c1:dc:e5:00:9d: a9:bd:ba:6e:ac:af:80:8b:3c:ac:85:83:b7:3b:12:37:7a:2b: 20:2b:44:b1:e4:95:52:91:21:71:a4:46:60:db:b7:d7:76:cc: a5:d1:ce:8f:7e:0a:dd:4c:5f:47:53:d5:1b:3e:cc:05:12:8e: b9:dd:83:9f:c9:fc:e7:cd:81:51:71:51:74:ec:42:43:b0:8b: f3:76:94:30:3f:83:29:77:a5:08:52:df:04:f2:d0:a9:82:52: 29:c8:89:34:c7:bc:7e:43:27:08:cc:41:4f:59:71:dd:f2:6b: 3c:b6:f2:70:ba:c9:e5:e8:9e:5f:6e:f9:0b:a2:d3:e1:14:09: 64:5e:61:0b:a2:17:2a:31:ed:ca:94:46:30:dd:9e:b4:89:c3: ac:f5:e1:73:fa:f7:6b:7e:e0:0f:bb:21:3f:bf:1b:0f:3f:8a: ef:b2:22:84 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICLkUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Mjc1MjMxMTAvBgNVBAUTKDhBNjgxREQwQzQzNzMxRDBGNDc2M0E0REJERDVENEND MDFGRDY0QzIwHhcNMjYwMzI2MTUzMTI1WhcNMjYwNDAyMTUzMTI1WjAYMRYwFAYD VQQDEw02OWM1NTE0ZS1iNWNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArBzv6NWs/eLVgZ9N3RbfW2hP89zDMOIjOi2Lb+dNBtnorHKvv34IGwoGPgeF wcUYxZq1U9KiSw4j/9WI14NwXmP3v+lWKgk8xNaLsLdnPJrp4AWV7PwBAwQiw9mh UmD91KuY8GNpf3E3Ezu4WGTxYD3kVkl5s67BPNvHURb6vFz/KNERoGsJgzf38RBI mpaYbVea04tT0aW5Vy0A0gzhKmRUvLKU2x0Yhb4TAA0eBq/9VpFg0aEulS3YbIgy yYWp6VoAXb4hOAny/mLt8OMBNbV0Qd+rJqhYCkyLdCLtiZxgL6HKG/FsU7Ufnvkv SYLGdr4ZEduD2RsnI9tgdUskIQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFMu/4owt Ss5yC70ukGNLmRua/C9vMB8GA1UdIwQYMBaAFIpoHdDENzHQ9HY6Tb3V1MwB/WTC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNzUyMy8xMkI5OTdFODlB RTMxMUUzQTVBMjU3QTc1OTExRUEzMi9pbWdkME1RM01kRDBkanBOdmRYVXpBSDla TUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ltZ2QwTVEzTWREMGRqcE52ZFhVekFIOVpNSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy NzUyMy8xMkI5OTdFODlBRTMxMUUzQTVBMjU3QTc1OTExRUEzMi9pbWdkME1RM01k RDBkanBOdmRYVXpBSDlaTUkubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAVcJlLHko52aUKAxS3OhmYSMwxtfnahKEWcGirRxpCN4f8wMiywg/b0x1wFzW Fx4iRDGsooxkjGOUtnVVeXyKMr6EaBHb38lEKdY/Tki2nfXpJwRuacHc5QCdqb26 bqyvgIs8rIWDtzsSN3orICtEseSVUpEhcaRGYNu313bMpdHOj34K3UxfR1PVGz7M BRKOud2Dn8n8582BUXFRdOxCQ7CL83aUMD+DKXelCFLfBPLQqYJSKciJNMe8fkMn CMxBT1lx3fJrPLbycLrJ5eieX275C6LT4RQJZF5hC6IXKjHtypRGMN2etInDrPXh c/r3a37gD7shP78bDz+K77IihA== -----END CERTIFICATE-----Generated at Thu Mar 26 23:07:45 2026 by rpki-client