$ rpki-client -vvf rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/z-PzHk8zetOBIBvzOgGmhfsBal4.mft File: z-PzHk8zetOBIBvzOgGmhfsBal4.mft (raw, json) Hash identifier: gtJGhI7cK86aHgVB2VOdJ5KT48C0ycvtWkHS5XKCzck= Subject key identifier: 42:95:6F:48:5A:84:BA:7D:C3:A4:18:6F:D3:00:C4:BD:C5:58:E9:C4 Authority key identifier: CF:E3:F3:1E:4F:33:7A:D3:81:20:1B:F3:3A:01:A6:85:FB:01:6A:5E Certificate issuer: /CN=A9128E00/serialNumber=CFE3F31E4F337AD381201BF33A01A685FB016A5E Certificate serial: 0DA9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z-PzHk8zetOBIBvzOgGmhfsBal4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/z-PzHk8zetOBIBvzOgGmhfsBal4.mft Manifest number: 0D9F Signing time: Tue 24 Mar 2026 17:47:37 +0000 Manifest this update: Tue 24 Mar 2026 17:47:37 +0000 Manifest next update: Tue 31 Mar 2026 17:47:37 +0000 Files and hashes: 1: z-PzHk8zetOBIBvzOgGmhfsBal4.crl (hash: rSa0V3A6e7bJEFa6hP9bbimm3sGtYt2hktgNBCJNvKw=) 2: D23C5270E02111E9B4A3923FC4F9AE02.roa (hash: DgN4HYG0Ge4rNgYzbp7pU5juBkf2LCQihGrPJdM6ERY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/z-PzHk8zetOBIBvzOgGmhfsBal4.crl rsync://rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/z-PzHk8zetOBIBvzOgGmhfsBal4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z-PzHk8zetOBIBvzOgGmhfsBal4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 17:47:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3497 (0xda9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9128E00, serialNumber=CFE3F31E4F337AD381201BF33A01A685FB016A5E Validity Not Before: Mar 24 17:47:37 2026 GMT Not After : Mar 31 17:47:37 2026 GMT Subject: CN=69c2ce39-46a8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:12:53:f5:ac:7e:4d:d0:f7:bc:e3:73:90:94: d2:c7:81:29:4f:cd:ab:47:c0:bd:9a:60:bd:5c:1c: 31:b3:a7:c3:0e:2b:df:0e:33:27:29:b3:ab:a1:32: 0a:da:0e:96:82:bf:10:ec:c7:4d:17:60:4e:51:cc: f2:89:37:b8:48:56:02:a7:7b:14:0a:24:86:69:9d: 4a:cb:cd:ec:4d:fb:94:e6:5a:6f:d2:05:c4:f0:69: cf:74:88:7a:09:f9:97:ea:76:61:ac:92:8f:25:d6: 3b:7d:bd:91:7f:30:60:04:41:4e:82:66:78:4c:05: 5d:88:89:3d:ae:a1:c3:2f:b2:df:6a:70:16:4d:c4: 98:4f:00:dc:b8:e0:d5:28:30:01:1e:8a:14:ef:3e: df:5f:52:c4:2d:3b:9a:c5:ab:ea:07:08:23:4d:75: 06:e7:3c:8a:b7:fe:4c:e0:4e:91:77:0b:a2:1b:38: bf:0c:03:8b:4b:14:6a:ed:c8:8a:12:ab:a8:90:b6: a4:d7:91:05:ac:60:3d:27:ec:de:85:0b:08:f1:c7: 49:56:b3:96:84:ed:8c:ed:7d:ab:24:1d:5a:a3:e2: 29:96:1e:d9:11:d2:f4:c4:4b:62:55:73:0d:df:3b: 15:f8:5d:e1:5a:a3:ba:43:e6:25:6d:9d:62:d2:6c: 8e:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:95:6F:48:5A:84:BA:7D:C3:A4:18:6F:D3:00:C4:BD:C5:58:E9:C4 X509v3 Authority Key Identifier: keyid:CF:E3:F3:1E:4F:33:7A:D3:81:20:1B:F3:3A:01:A6:85:FB:01:6A:5E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/z-PzHk8zetOBIBvzOgGmhfsBal4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z-PzHk8zetOBIBvzOgGmhfsBal4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/z-PzHk8zetOBIBvzOgGmhfsBal4.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 60:0d:d3:af:4a:62:fe:89:e9:39:32:4c:d8:a5:6f:9f:66:84: d8:e4:7f:6d:90:08:81:9d:28:0a:7b:00:ae:2c:cf:ac:5d:6d: 96:3a:6f:28:fc:4c:5c:ab:90:26:9a:6d:08:cf:13:4a:f3:4e: f4:ec:3c:ac:51:53:e1:d7:f5:7c:77:20:ed:d8:6f:ab:cb:9b: ce:28:1f:49:0a:e9:85:ea:ca:c0:de:b2:5e:34:eb:ed:1a:63: d0:33:74:8d:d0:71:bd:50:96:9a:63:c4:a0:6b:38:00:81:72: 89:ef:da:e5:34:56:df:5d:1c:04:78:3a:60:cc:c9:dc:5c:bb: b3:d6:9a:42:78:e2:fc:d1:19:d4:89:02:d9:b7:d8:d9:3a:df: 96:66:47:fa:59:0e:83:fc:24:ba:30:5f:f1:cb:ed:7e:c7:86: b5:62:9e:03:e3:38:dc:8f:88:72:10:32:a2:85:b5:5f:57:61: 04:a3:45:33:95:8a:07:2c:48:20:ff:5b:0c:73:cb:5d:f1:b9: 9d:bd:72:56:d3:6b:fd:1c:48:18:98:ea:86:1a:de:18:a5:f3: a6:e5:ef:61:04:69:23:b6:4a:11:60:7b:22:62:99:05:45:ff: b3:06:a3:6a:b4:4b:a5:bf:00:88:40:3d:ed:40:a6:3a:9b:28: ce:78:e5:98 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICDakwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjhFMDAxMTAvBgNVBAUTKENGRTNGMzFFNEYzMzdBRDM4MTIwMUJGMzNBMDFBNjg1 RkIwMTZBNUUwHhcNMjYwMzI0MTc0NzM3WhcNMjYwMzMxMTc0NzM3WjAYMRYwFAYD VQQDEw02OWMyY2UzOS00NmE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnBJT9ax+TdD3vONzkJTSx4EpT82rR8C9mmC9XBwxs6fDDivfDjMnKbOroTIK 2g6Wgr8Q7MdNF2BOUczyiTe4SFYCp3sUCiSGaZ1Ky83sTfuU5lpv0gXE8GnPdIh6 CfmX6nZhrJKPJdY7fb2RfzBgBEFOgmZ4TAVdiIk9rqHDL7LfanAWTcSYTwDcuODV KDABHooU7z7fX1LELTuaxavqBwgjTXUG5zyKt/5M4E6RdwuiGzi/DAOLSxRq7ciK EquokLak15EFrGA9J+zehQsI8cdJVrOWhO2M7X2rJB1ao+Iplh7ZEdL0xEtiVXMN 3zsV+F3hWqO6Q+YlbZ1i0myOfQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFEKVb0ha hLp9w6QYb9MAxL3FWOnEMB8GA1UdIwQYMBaAFM/j8x5PM3rTgSAb8zoBpoX7AWpe MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOEUwMC84OTkxRUI5RUUw MjAxMUU5ODJCMzdBM0FDNEY5QUUwMi96LVB6SGs4emV0T0JJQnZ6T2dHbWhmc0Jh bDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3otUHpIazh6ZXRPQklCdnpPZ0dtaGZzQmFsNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy OEUwMC84OTkxRUI5RUUwMjAxMUU5ODJCMzdBM0FDNEY5QUUwMi96LVB6SGs4emV0 T0JJQnZ6T2dHbWhmc0JhbDQubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAYA3Tr0pi/onpOTJM2KVvn2aE2OR/bZAIgZ0oCnsArizPrF1tljpvKPxMXKuQ JpptCM8TSvNO9Ow8rFFT4df1fHcg7dhvq8ubzigfSQrpherKwN6yXjTr7Rpj0DN0 jdBxvVCWmmPEoGs4AIFyie/a5TRW310cBHg6YMzJ3Fy7s9aaQnji/NEZ1IkC2bfY 2TrflmZH+lkOg/wkujBf8cvtfseGtWKeA+M43I+IchAyooW1X1dhBKNFM5WKByxI IP9bDHPLXfG5nb1yVtNr/RxIGJjqhhreGKXzpuXvYQRpI7ZKEWB7ImKZBUX/swaj arRLpb8AiEA97UCmOpsoznjlmA== -----END CERTIFICATE-----Generated at Thu Mar 26 16:05:47 2026 by rpki-client