$ rpki-client -vvf rpki.apnic.net/member_repository/A9137B39/A7599D7AA03511EC82255D3AC4F9AE02/khdBhFmoypIuDWajy6pAZyDLSJA.mft File: khdBhFmoypIuDWajy6pAZyDLSJA.mft (raw, json) Hash identifier: DipS/9Hz1Fd0g9HO87aZGz1pX0zp8uEXCEEjL6VCe8w= Subject key identifier: 93:CF:07:5D:88:83:D9:9A:3C:EF:88:86:35:C3:0A:03:03:EF:8D:A5 Authority key identifier: 92:17:41:84:59:A8:CA:92:2E:0D:66:A3:CB:AA:40:67:20:CB:48:90 Certificate issuer: /CN=A9137B39/serialNumber=9217418459A8CA922E0D66A3CBAA406720CB4890 Certificate serial: 0441 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/khdBhFmoypIuDWajy6pAZyDLSJA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9137B39/A7599D7AA03511EC82255D3AC4F9AE02/khdBhFmoypIuDWajy6pAZyDLSJA.mft Manifest number: 0435 Signing time: Wed 25 Mar 2026 00:01:00 +0000 Manifest this update: Wed 25 Mar 2026 00:00:59 +0000 Manifest next update: Wed 01 Apr 2026 00:00:59 +0000 Files and hashes: 1: khdBhFmoypIuDWajy6pAZyDLSJA.crl (hash: +PqqNqpaEN3FYr/ooGtlYwg/DmJoeHJ5X/WP1pfZOS0=) 2: EA8F3FAE6F8611F0BA25F244C4F9AE02.roa (hash: I3945a68aAj4Bezh1bF6xRl/WpfQZcBM/2Xudp6szlE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9137B39/A7599D7AA03511EC82255D3AC4F9AE02/khdBhFmoypIuDWajy6pAZyDLSJA.crl rsync://rpki.apnic.net/member_repository/A9137B39/A7599D7AA03511EC82255D3AC4F9AE02/khdBhFmoypIuDWajy6pAZyDLSJA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/khdBhFmoypIuDWajy6pAZyDLSJA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 Apr 2026 00:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1089 (0x441) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9137B39, serialNumber=9217418459A8CA922E0D66A3CBAA406720CB4890 Validity Not Before: Mar 25 00:00:59 2026 GMT Not After : Apr 1 00:00:59 2026 GMT Subject: CN=69c325bb-0370 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:7f:33:73:25:31:23:93:df:76:10:b7:ef:5a: 94:2a:76:17:21:9d:f7:32:cf:bf:34:a4:0a:50:ac: be:ba:1f:86:e9:37:37:ca:b4:d0:13:32:c5:f1:f6: 6e:bf:1f:7d:a9:52:6e:ae:0c:56:08:24:86:17:c9: 82:c9:a0:c3:1c:82:5f:99:c9:27:db:cc:e3:ef:43: 13:85:f0:3d:04:e9:9b:97:51:34:f8:8f:26:b8:19: b6:10:66:a8:40:de:35:17:d8:80:16:1f:97:5e:13: b8:e1:18:6c:97:1f:9d:54:e6:33:56:7b:14:c9:67: 49:5e:45:37:ff:82:4a:93:6f:34:0f:e9:e0:f5:2b: b9:8f:83:1d:0c:fe:af:72:00:84:93:1a:b7:59:08: ab:ee:ea:80:19:ca:96:74:ba:a1:c9:40:09:d2:96: 56:35:2a:d2:38:2e:58:4d:c2:78:ee:4f:41:d6:40: 51:18:95:de:fb:a6:e6:96:67:68:df:7f:8a:8c:81: a1:51:11:22:b3:a7:eb:cc:b7:50:12:24:9f:3a:75: 8f:ee:63:64:25:33:cf:d0:16:88:e1:f2:07:37:b7: af:1c:46:d9:2b:57:bf:54:27:75:1b:3a:9b:f5:f3: f7:fd:94:24:34:5c:18:bc:c8:5b:92:05:2b:8a:1e: 5f:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:CF:07:5D:88:83:D9:9A:3C:EF:88:86:35:C3:0A:03:03:EF:8D:A5 X509v3 Authority Key Identifier: keyid:92:17:41:84:59:A8:CA:92:2E:0D:66:A3:CB:AA:40:67:20:CB:48:90 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9137B39/A7599D7AA03511EC82255D3AC4F9AE02/khdBhFmoypIuDWajy6pAZyDLSJA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/khdBhFmoypIuDWajy6pAZyDLSJA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9137B39/A7599D7AA03511EC82255D3AC4F9AE02/khdBhFmoypIuDWajy6pAZyDLSJA.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7e:c5:fd:a5:06:a8:1e:82:f5:50:0e:e3:c4:25:2d:da:ca:87: fb:3e:d2:31:74:e2:ab:a1:5c:6b:bd:41:05:10:11:12:10:47: 6f:d1:f6:8c:96:2f:9d:bc:26:23:0c:e6:16:cc:c2:88:fe:7e: 5f:35:cf:4d:c8:fe:ff:a9:95:b0:e8:ed:21:43:83:db:9b:40: ac:80:b1:4c:84:e5:4d:5b:b5:a1:f3:43:60:5d:80:65:12:ff: 3b:8d:91:03:e5:f7:6d:5f:1e:38:6e:dc:c6:f3:9b:2a:76:04: dc:b8:70:f2:c2:48:4f:d1:fd:fa:ec:a4:ec:9c:89:27:f6:f5: 28:c9:6c:38:68:b8:0e:ff:96:64:5e:5d:73:43:07:8d:a5:51: 41:ce:51:16:87:a6:a0:5f:05:85:64:b7:f9:a8:56:c1:74:9e: 1b:68:c5:17:26:5e:c4:e7:43:67:de:fa:a6:0d:ba:b5:6d:c5: dd:95:13:3b:d5:be:28:0d:88:a3:d2:08:14:7d:44:25:09:e6: 61:8b:9c:76:d4:59:64:0a:46:77:68:d3:6e:10:8b:f5:60:f9: 75:7d:a5:00:a7:a3:12:2b:0d:ed:b1:bf:02:8b:2d:5e:78:1f: 58:b3:5d:ab:a6:b3:2a:1e:e5:e2:42:bb:86:92:14:d6:f4:ec: 32:e6:b5:38 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICBEEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzdCMzkxMTAvBgNVBAUTKDkyMTc0MTg0NTlBOENBOTIyRTBENjZBM0NCQUE0MDY3 MjBDQjQ4OTAwHhcNMjYwMzI1MDAwMDU5WhcNMjYwNDAxMDAwMDU5WjAYMRYwFAYD VQQDEw02OWMzMjViYi0wMzcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApX8zcyUxI5PfdhC371qUKnYXIZ33Ms+/NKQKUKy+uh+G6Tc3yrTQEzLF8fZu vx99qVJurgxWCCSGF8mCyaDDHIJfmckn28zj70MThfA9BOmbl1E0+I8muBm2EGao QN41F9iAFh+XXhO44Rhslx+dVOYzVnsUyWdJXkU3/4JKk280D+ng9Su5j4MdDP6v cgCEkxq3WQir7uqAGcqWdLqhyUAJ0pZWNSrSOC5YTcJ47k9B1kBRGJXe+6bmlmdo 33+KjIGhUREis6frzLdQEiSfOnWP7mNkJTPP0BaI4fIHN7evHEbZK1e/VCd1Gzqb 9fP3/ZQkNFwYvMhbkgUrih5fZQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFJPPB12I g9maPO+IhjXDCgMD742lMB8GA1UdIwQYMBaAFJIXQYRZqMqSLg1mo8uqQGcgy0iQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzN0IzOS9BNzU5OUQ3QUEw MzUxMUVDODIyNTVEM0FDNEY5QUUwMi9raGRCaEZtb3lwSXVEV2FqeTZwQVp5RExT SkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2toZEJoRm1veXBJdURXYWp5NnBBWnlETFNKQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz N0IzOS9BNzU5OUQ3QUEwMzUxMUVDODIyNTVEM0FDNEY5QUUwMi9raGRCaEZtb3lw SXVEV2FqeTZwQVp5RExTSkEubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAfsX9pQaoHoL1UA7jxCUt2sqH+z7SMXTiq6Fca71BBRAREhBHb9H2jJYvnbwm IwzmFszCiP5+XzXPTcj+/6mVsOjtIUOD25tArICxTITlTVu1ofNDYF2AZRL/O42R A+X3bV8eOG7cxvObKnYE3Lhw8sJIT9H9+uyk7JyJJ/b1KMlsOGi4Dv+WZF5dc0MH jaVRQc5RFoemoF8FhWS3+ahWwXSeG2jFFyZexOdDZ976pg26tW3F3ZUTO9W+KA2I o9IIFH1EJQnmYYucdtRZZApGd2jTbhCL9WD5dX2lAKejEisN7bG/AostXngfWLNd q6azKh7l4kK7hpIU1vTsMua1OA== -----END CERTIFICATE-----Generated at Thu Mar 26 07:17:27 2026 by rpki-client