$ rpki-client -vvf rpki.apnic.net/member_repository/A9127523/12B997E89AE311E3A5A257A75911EA32/imgd0MQ3MdD0djpNvdXUzAH9ZMI.mft File: imgd0MQ3MdD0djpNvdXUzAH9ZMI.mft (raw, json) Hash identifier: JMxS02vIdjNmWbkbs4SSkZ1fn3984S3Qdguf4Qe5xdY= Subject key identifier: 55:0B:D4:82:A1:99:2C:C9:14:11:74:A3:A2:98:95:06:65:FB:27:9F Authority key identifier: 8A:68:1D:D0:C4:37:31:D0:F4:76:3A:4D:BD:D5:D4:CC:01:FD:64:C2 Certificate issuer: /CN=A9127523/serialNumber=8A681DD0C43731D0F4763A4DBDD5D4CC01FD64C2 Certificate serial: 2E5D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/imgd0MQ3MdD0djpNvdXUzAH9ZMI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9127523/12B997E89AE311E3A5A257A75911EA32/imgd0MQ3MdD0djpNvdXUzAH9ZMI.mft Manifest number: 2DDD Signing time: Tue 12 May 2026 15:30:51 +0000 Manifest this update: Tue 12 May 2026 15:30:50 +0000 Manifest next update: Tue 19 May 2026 15:30:50 +0000 Files and hashes: 1: imgd0MQ3MdD0djpNvdXUzAH9ZMI.crl (hash: 7uI/3DOmlhywS0G7/wWHp9Ej8fgcb2KT0+SYZzW7Jtg=) 2: 4221CE240EC211EB9F6B1914C4F9AE02.roa (hash: 98d7Szz1xVrKOjRtTK04BwOwzNCfjc24NwJ5XcHSo3Y=) 3: 3E0A6ED49E7B11EFBD44280AC4F9AE02.roa (hash: I9utLoQOo+FgrMzcmZ+nktkwChduEwkgHWKAKFKVei8=) 4: EAB11C569E7A11EF9C2A9E09C4F9AE02.roa (hash: WjyM3KD8j7LYktjGDYnf9TzfHp76S+j3QqZZ2zALeh0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9127523/12B997E89AE311E3A5A257A75911EA32/imgd0MQ3MdD0djpNvdXUzAH9ZMI.crl rsync://rpki.apnic.net/member_repository/A9127523/12B997E89AE311E3A5A257A75911EA32/imgd0MQ3MdD0djpNvdXUzAH9ZMI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/imgd0MQ3MdD0djpNvdXUzAH9ZMI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 19 May 2026 15:30:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11869 (0x2e5d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9127523, serialNumber=8A681DD0C43731D0F4763A4DBDD5D4CC01FD64C2 Validity Not Before: May 12 15:30:50 2026 GMT Not After : May 19 15:30:50 2026 GMT Subject: CN=6a0347ab-d501 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:4c:6e:19:6f:f6:98:be:0f:04:75:01:ce:a0: e8:98:8a:12:e6:06:76:e4:79:66:3f:23:86:c2:1b: c8:56:27:3c:b1:4b:75:78:08:6b:f3:b3:1c:cc:7a: 55:0c:78:d6:72:52:a8:df:33:17:7e:2f:99:7b:a6: f1:3e:a0:05:a0:66:09:03:d1:a6:e9:19:86:8b:bd: 2f:a1:9d:66:e4:c0:47:95:e8:87:20:fa:8b:d3:fd: 72:03:14:98:e0:2d:3b:a1:41:94:2c:83:a0:1c:63: cc:e5:77:b0:3c:c2:c5:f6:24:a6:23:82:b6:97:a4: 28:4f:1e:25:ba:bf:d8:fd:cb:16:f1:97:28:82:f6: 8f:24:f3:06:eb:80:0b:f1:75:39:d8:a0:30:28:bc: a6:66:49:ec:44:fc:47:41:20:3f:fa:21:2e:e2:57: c2:ec:1f:1b:51:1b:ff:d8:91:c6:c7:4b:2c:5e:98: f3:78:a5:d0:62:22:1b:de:76:b9:34:cb:6e:32:1b: 34:54:1f:1d:11:0b:4f:3e:11:ce:11:f9:71:ac:0d: e0:9f:8b:f0:e5:5f:d7:74:7e:09:c2:6d:4e:99:df: 9d:c5:e3:59:58:76:d1:9f:b7:9f:48:88:72:25:e6: c0:0c:6a:dc:5c:07:0a:b2:52:72:61:28:88:78:b5: c3:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 55:0B:D4:82:A1:99:2C:C9:14:11:74:A3:A2:98:95:06:65:FB:27:9F X509v3 Authority Key Identifier: keyid:8A:68:1D:D0:C4:37:31:D0:F4:76:3A:4D:BD:D5:D4:CC:01:FD:64:C2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9127523/12B997E89AE311E3A5A257A75911EA32/imgd0MQ3MdD0djpNvdXUzAH9ZMI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/imgd0MQ3MdD0djpNvdXUzAH9ZMI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9127523/12B997E89AE311E3A5A257A75911EA32/imgd0MQ3MdD0djpNvdXUzAH9ZMI.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9f:f4:34:b9:83:53:66:31:ef:21:bf:0d:a2:01:e8:0f:ab:97: 86:94:45:6e:ce:6a:dc:22:6d:d9:95:6b:ff:2b:79:c3:e5:2c: 5a:b5:eb:77:52:22:2e:ef:65:7d:08:95:21:41:30:a0:da:1e: a9:cd:0b:0b:08:ad:43:cf:df:95:21:c7:d9:ea:eb:ce:8e:1e: 8e:e9:dc:e6:40:89:db:28:57:92:ac:0e:17:b4:08:e0:d6:0a: 51:d2:16:72:4e:f8:93:c8:1f:b1:55:eb:09:e4:c8:e2:56:dd: 04:c0:8a:6c:8a:8f:ec:5c:1e:f2:d0:75:07:75:90:6f:7f:25: b7:17:85:f1:e2:5b:ca:67:27:40:7d:db:9d:df:1b:b5:e1:a1: 29:28:a8:c8:ca:7a:03:48:5e:89:16:b4:80:45:f7:87:36:9a: a7:22:2b:8f:5a:f0:71:b6:a5:0a:3c:74:36:83:a1:af:da:c1: 0f:6f:2e:7b:15:06:75:21:82:e1:9d:98:16:50:58:5f:e1:d3: 85:1b:e3:09:e6:48:a2:44:b5:55:d0:e5:81:6f:ca:a5:cb:0d: c0:f4:52:00:dd:75:b0:ad:6c:80:5c:46:22:2a:09:47:71:bc: 11:59:0d:24:d9:33:a6:1b:c1:64:fc:c7:28:29:a6:cc:c9:02: 0c:5f:51:4a -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICLl0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Mjc1MjMxMTAvBgNVBAUTKDhBNjgxREQwQzQzNzMxRDBGNDc2M0E0REJERDVENEND MDFGRDY0QzIwHhcNMjYwNTEyMTUzMDUwWhcNMjYwNTE5MTUzMDUwWjAYMRYwFAYD VQQDEw02YTAzNDdhYi1kNTAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAikxuGW/2mL4PBHUBzqDomIoS5gZ25HlmPyOGwhvIVic8sUt1eAhr87MczHpV DHjWclKo3zMXfi+Ze6bxPqAFoGYJA9Gm6RmGi70voZ1m5MBHleiHIPqL0/1yAxSY 4C07oUGULIOgHGPM5XewPMLF9iSmI4K2l6QoTx4lur/Y/csW8ZcogvaPJPMG64AL 8XU52KAwKLymZknsRPxHQSA/+iEu4lfC7B8bURv/2JHGx0ssXpjzeKXQYiIb3na5 NMtuMhs0VB8dEQtPPhHOEflxrA3gn4vw5V/XdH4Jwm1Omd+dxeNZWHbRn7efSIhy JebADGrcXAcKslJyYSiIeLXDMQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFFUL1IKh mSzJFBF0o6KYlQZl+yefMB8GA1UdIwQYMBaAFIpoHdDENzHQ9HY6Tb3V1MwB/WTC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNzUyMy8xMkI5OTdFODlB RTMxMUUzQTVBMjU3QTc1OTExRUEzMi9pbWdkME1RM01kRDBkanBOdmRYVXpBSDla TUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ltZ2QwTVEzTWREMGRqcE52ZFhVekFIOVpNSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy NzUyMy8xMkI5OTdFODlBRTMxMUUzQTVBMjU3QTc1OTExRUEzMi9pbWdkME1RM01k RDBkanBOdmRYVXpBSDlaTUkubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAn/Q0uYNTZjHvIb8NogHoD6uXhpRFbs5q3CJt2ZVr/yt5w+UsWrXrd1IiLu9l fQiVIUEwoNoeqc0LCwitQ8/flSHH2errzo4ejunc5kCJ2yhXkqwOF7QI4NYKUdIW ck74k8gfsVXrCeTI4lbdBMCKbIqP7Fwe8tB1B3WQb38ltxeF8eJbymcnQH3bnd8b teGhKSioyMp6A0heiRa0gEX3hzaapyIrj1rwcbalCjx0NoOhr9rBD28uexUGdSGC 4Z2YFlBYX+HThRvjCeZIokS1VdDlgW/KpcsNwPRSAN11sK1sgFxGIioJR3G8EVkN JNkzphvBZPzHKCmmzMkCDF9RSg== -----END CERTIFICATE-----Generated at Wed May 13 17:58:37 2026 by rpki-client