$ rpki-client -vvf rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.mft File: hfK68bffHaqMiKtsXnjB_MP3jQg.mft (raw, json) Hash identifier: DeRQD3qH9uJycek4ELCP+V0VG88dI1t43D9AfDJXJYU= Subject key identifier: 55:49:D9:58:7A:EC:4E:C2:17:FB:9B:7A:04:C2:B8:09:39:E0:3C:A1 Authority key identifier: 85:F2:BA:F1:B7:DF:1D:AA:8C:88:AB:6C:5E:78:C1:FC:C3:F7:8D:08 Certificate issuer: /CN=A91342C5/serialNumber=85F2BAF1B7DF1DAA8C88AB6C5E78C1FCC3F78D08 Certificate serial: 0448 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hfK68bffHaqMiKtsXnjB_MP3jQg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.mft Manifest number: 0433 Signing time: Wed 25 Mar 2026 00:03:02 +0000 Manifest this update: Wed 25 Mar 2026 00:03:02 +0000 Manifest next update: Wed 01 Apr 2026 00:03:02 +0000 Files and hashes: 1: hfK68bffHaqMiKtsXnjB_MP3jQg.crl (hash: Cm+Bs5ui+tDt7LWVG75DCXpIMysJMDLLBsniAdfs3IU=) 2: 06FA5A64774011F0BE2D3736C4F9AE02.roa (hash: aA9cK/N/lAbMkkVhRCBwbPPBYdEHxyo7VEBog7rBFOw=) 3: A7FBA00E778811EDAE39280CC4F9AE02.roa (hash: 4Ev/beoW0fM+Gbd3cQLyDxalQ01x9FRD/kJEwmhsUog=) 4: F570D764773F11F09FC02036C4F9AE02.roa (hash: 2UT6wgZiFdEEgA+nz0spF/hOUy1AHR+NcZJ7A+nI8to=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.crl rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hfK68bffHaqMiKtsXnjB_MP3jQg.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 Apr 2026 00:03:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1096 (0x448) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91342C5, serialNumber=85F2BAF1B7DF1DAA8C88AB6C5E78C1FCC3F78D08 Validity Not Before: Mar 25 00:03:02 2026 GMT Not After : Apr 1 00:03:02 2026 GMT Subject: CN=69c32636-aefa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:d5:d2:f5:63:d1:72:a2:93:3e:f7:ba:6b:7b: d8:b4:bc:03:e6:09:eb:66:2c:78:2b:f8:41:c3:a8: 9f:8c:00:ef:90:84:d3:6f:6e:4d:bb:4b:f6:2b:cb: bf:a5:72:63:27:06:96:eb:b7:f2:06:47:52:91:ec: 48:87:3e:55:0b:ad:bc:db:fa:45:08:c1:cb:f3:d4: 58:b9:a9:2f:8d:cb:d9:37:b4:5b:0a:70:65:ac:d1: bc:0f:f6:78:6c:fc:d4:38:52:cc:71:7d:9f:87:82: dd:93:58:98:23:26:9e:67:2e:1f:ae:b7:59:84:b8: c9:69:41:3f:6f:af:8f:aa:f3:67:83:42:3b:c3:7a: 5b:6f:1e:b6:0e:d6:1d:f3:f5:88:62:92:e1:d1:54: 3f:fa:98:2f:ca:46:21:3b:73:a7:09:4c:43:10:3c: d3:c1:d6:6f:a2:dd:25:b8:36:47:81:16:12:6e:94: c4:d9:90:95:63:3a:8c:7d:21:c1:d8:57:bf:65:64: 1a:d7:e0:35:3b:e4:60:69:3b:67:52:77:31:d8:95: e2:af:a7:6d:f7:c6:2e:89:61:6f:1b:6b:70:a1:f8: 82:92:3a:18:58:bb:da:5a:e8:cc:4b:06:ba:70:de: ac:2a:36:44:30:16:f6:0c:1c:17:a9:12:84:48:b9: ca:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 55:49:D9:58:7A:EC:4E:C2:17:FB:9B:7A:04:C2:B8:09:39:E0:3C:A1 X509v3 Authority Key Identifier: keyid:85:F2:BA:F1:B7:DF:1D:AA:8C:88:AB:6C:5E:78:C1:FC:C3:F7:8D:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hfK68bffHaqMiKtsXnjB_MP3jQg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a2:7b:c4:1d:6c:1d:d0:51:a1:85:cb:1e:4b:79:2d:1e:9a:1c: 06:4a:2f:dd:37:cb:d8:7c:e2:9d:d9:ba:49:43:2e:dc:4a:fe: 42:74:b5:c1:79:bc:01:e8:72:fd:52:48:61:e1:ca:0c:00:eb: f4:29:92:1c:cf:93:4a:47:24:7e:8a:d4:74:54:fa:4e:66:38: c9:88:3e:0e:72:95:5b:92:f6:f8:c9:b6:bb:a8:86:53:4e:82: 0e:c2:ae:b3:91:42:16:00:18:41:8e:d7:7d:9f:27:dd:f3:22: ed:4f:30:11:e4:77:81:68:17:d2:5a:f6:9e:cc:41:5e:04:d3: 84:1e:ed:91:13:49:0d:45:04:96:01:43:67:24:0f:26:ee:0b: 35:61:27:44:58:25:7f:c1:7b:18:89:fa:b5:3e:04:0f:ae:8a: 78:fd:0c:f9:17:b6:3f:02:2d:ed:16:ed:dc:ce:58:0a:c0:dd: 77:5c:bc:8d:53:db:97:f1:3d:1f:50:f2:ae:bc:fb:b0:83:f5: 74:22:46:1f:d8:1c:17:e0:a9:e0:cc:e0:18:f8:c9:e2:65:00: 75:5a:35:83:16:d9:de:a2:38:22:a1:eb:61:05:00:be:54:4c: 56:58:9b:14:e6:b8:a9:41:92:77:e6:6f:f0:cc:16:f0:d5:ee: f5:0d:6e:ba -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICBEgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzQyQzUxMTAvBgNVBAUTKDg1RjJCQUYxQjdERjFEQUE4Qzg4QUI2QzVFNzhDMUZD QzNGNzhEMDgwHhcNMjYwMzI1MDAwMzAyWhcNMjYwNDAxMDAwMzAyWjAYMRYwFAYD VQQDEw02OWMzMjYzNi1hZWZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAotXS9WPRcqKTPve6a3vYtLwD5gnrZix4K/hBw6ifjADvkITTb25Nu0v2K8u/ pXJjJwaW67fyBkdSkexIhz5VC6282/pFCMHL89RYuakvjcvZN7RbCnBlrNG8D/Z4 bPzUOFLMcX2fh4Ldk1iYIyaeZy4frrdZhLjJaUE/b6+PqvNng0I7w3pbbx62DtYd 8/WIYpLh0VQ/+pgvykYhO3OnCUxDEDzTwdZvot0luDZHgRYSbpTE2ZCVYzqMfSHB 2Fe/ZWQa1+A1O+RgaTtnUncx2JXir6dt98YuiWFvG2twofiCkjoYWLvaWujMSwa6 cN6sKjZEMBb2DBwXqRKESLnKMQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFFVJ2Vh6 7E7CF/ubegTCuAk54DyhMB8GA1UdIwQYMBaAFIXyuvG33x2qjIirbF54wfzD940I MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNDJDNS8xRjQwNEUzMEE0 RTkxMUVDQUYzRkIxNTJDNEY5QUUwMi9oZks2OGJmZkhhcU1pS3RzWG5qQl9NUDNq UWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2hmSzY4YmZmSGFxTWlLdHNYbmpCX01QM2pRZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz NDJDNS8xRjQwNEUzMEE0RTkxMUVDQUYzRkIxNTJDNEY5QUUwMi9oZks2OGJmZkhh cU1pS3RzWG5qQl9NUDNqUWcubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAonvEHWwd0FGhhcseS3ktHpocBkov3TfL2Hzindm6SUMu3Er+QnS1wXm8Aehy /VJIYeHKDADr9CmSHM+TSkckforUdFT6TmY4yYg+DnKVW5L2+Mm2u6iGU06CDsKu s5FCFgAYQY7XfZ8n3fMi7U8wEeR3gWgX0lr2nsxBXgTThB7tkRNJDUUElgFDZyQP Ju4LNWEnRFglf8F7GIn6tT4ED66KeP0M+Re2PwIt7Rbt3M5YCsDdd1y8jVPbl/E9 H1Dyrrz7sIP1dCJGH9gcF+Cp4MzgGPjJ4mUAdVo1gxbZ3qI4IqHrYQUAvlRMVlib FOa4qUGSd+Zv8MwW8NXu9Q1uug== -----END CERTIFICATE-----Generated at Thu Mar 26 05:05:02 2026 by rpki-client