$ rpki-client -vvf rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/IYqKoFAmewgF4_3IqTm_j7ywAQE.mft File: IYqKoFAmewgF4_3IqTm_j7ywAQE.mft (raw, json) Hash identifier: XhmxQdEbBQpmFyN0xbDi8kdEaSoDhjdUTSjbLA0mTqc= Subject key identifier: AD:7C:51:99:51:D5:34:DB:E9:B3:BA:A0:98:41:AA:4C:3D:C1:49:F0 Authority key identifier: 21:8A:8A:A0:50:26:7B:08:05:E3:FD:C8:A9:39:BF:8F:BC:B0:01:01 Certificate issuer: /CN=A91406AA/serialNumber=218A8AA050267B0805E3FDC8A939BF8FBCB00101 Certificate serial: 0761 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IYqKoFAmewgF4_3IqTm_j7ywAQE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/IYqKoFAmewgF4_3IqTm_j7ywAQE.mft Manifest number: 0718 Signing time: Tue 24 Mar 2026 21:47:54 +0000 Manifest this update: Tue 24 Mar 2026 21:47:53 +0000 Manifest next update: Tue 31 Mar 2026 21:47:53 +0000 Files and hashes: 1: IYqKoFAmewgF4_3IqTm_j7ywAQE.crl (hash: PLAd+VCgskGrjUbO0zfByFI1QbjpMhBJ/KmpoDauaWs=) 2: 7BD18B9EA69D11ED970A2E1EC4F9AE02.roa (hash: K3aeCKo2mZ2NOnnVOuFmorGAloq7x6dVjZPYqNrpk70=) 3: 7D4AEECAA69D11ED970A2E1EC4F9AE02.roa (hash: 8lXFNalp+VAtXH5P3uOSawpn+k9++H+OieLK+bsEIlU=) 4: A08AFBB284F211EE89828225C4F9AE02.roa (hash: vbG5EXXlgYlGq5jnBwc913dKTc7sUfrG2TC/jANpYLY=) 5: 005CDC821F1411EC85E08546C4F9AE02.roa (hash: RtrKmXveYib5rppP1DIWCcPNm3D6+Flm33UJR0UA860=) 6: ECF2B5A8A72B11EDAC3DA56CC4F9AE02.roa (hash: iXLK649RmoeUhSGlA25MdX2Oj5QWfIOM0pF/QXQTaps=) 7: EDA092C2A72B11EDAC3DA56CC4F9AE02.roa (hash: rQhMSDBbxcSI6MB5lHu+8q8Nh6WWXRx41SB2RuJ5eQo=) 8: 7DFD24A0A69D11ED970A2E1EC4F9AE02.roa (hash: 6caEdCnhzmI2hwVR8XFxrGjD5Z484ugUGSA346QGS2I=) 9: 7C7AE9B4A69D11ED970A2E1EC4F9AE02.roa (hash: trmRq5WmOXOs/y5qTNJdndK+x4aDzPI8UTGr6I0y6to=) 10: EC545C28A72B11EDAC3DA56CC4F9AE02.roa (hash: GZPk+z2xKk+h7BjajU40ooW3BALI+9amXS7D2eVeUI4=) 11: 7EACD6DEA69D11ED970A2E1EC4F9AE02.roa (hash: jQXlUzW3VHeQZYuGACvXU8X1tTMwFhRUqHJL1OYJ9/8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/IYqKoFAmewgF4_3IqTm_j7ywAQE.crl rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/IYqKoFAmewgF4_3IqTm_j7ywAQE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IYqKoFAmewgF4_3IqTm_j7ywAQE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 21:47:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1889 (0x761) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91406AA, serialNumber=218A8AA050267B0805E3FDC8A939BF8FBCB00101 Validity Not Before: Mar 24 21:47:53 2026 GMT Not After : Mar 31 21:47:53 2026 GMT Subject: CN=69c30689-db69 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:fb:0b:63:e4:13:a5:51:22:38:06:1a:86:63: 55:0d:3f:dc:5b:7a:d0:95:15:c1:8f:2a:99:c3:6c: f9:98:cc:73:b7:7e:0b:04:83:5d:f3:bd:c7:3e:c2: d6:b1:04:28:94:1e:72:51:0b:aa:8b:b2:41:b4:dd: 75:03:41:b7:07:0d:6a:66:88:14:e1:b0:64:20:b2: ed:90:9b:1f:e4:56:f1:39:7b:6b:03:6d:7a:5c:2a: 84:b2:8c:61:73:31:1c:ac:ba:7e:3a:d6:de:df:e2: 7d:0e:18:72:f2:ca:fd:2d:11:c0:37:99:f3:16:28: 4a:b0:14:91:d0:62:62:87:c9:11:06:b4:9b:d3:0f: d7:f7:90:d4:0f:ac:03:97:e9:5d:ca:ba:e1:ce:97: 6e:f5:e6:71:c0:56:d9:68:09:47:5a:3a:92:69:9c: 71:fd:a4:f7:93:09:ba:46:cd:49:1c:31:81:a7:7a: 4c:34:90:36:f1:3f:bc:f0:51:cb:6b:c2:3c:14:0f: 88:98:cf:56:35:a6:f0:c6:bf:86:c3:6c:04:c9:23: 90:9d:94:e2:8b:b4:fb:e1:13:19:cb:58:c6:12:85: e2:01:17:f7:17:d0:37:cb:4e:40:af:3e:83:09:e4: 54:b9:eb:ba:04:b6:9d:5a:37:b3:d0:bf:c5:81:f9: ff:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:7C:51:99:51:D5:34:DB:E9:B3:BA:A0:98:41:AA:4C:3D:C1:49:F0 X509v3 Authority Key Identifier: keyid:21:8A:8A:A0:50:26:7B:08:05:E3:FD:C8:A9:39:BF:8F:BC:B0:01:01 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/IYqKoFAmewgF4_3IqTm_j7ywAQE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IYqKoFAmewgF4_3IqTm_j7ywAQE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/IYqKoFAmewgF4_3IqTm_j7ywAQE.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c0:39:4d:c1:39:79:3f:ce:ee:f3:8e:7f:e6:3b:40:0d:9d:d2: b1:df:f5:f7:4a:f8:f9:bc:21:ad:28:58:38:92:bf:e6:43:8a: ba:50:d2:32:cb:dc:1a:8d:5b:d8:86:73:7e:63:8a:cc:05:38: e7:1c:c7:62:0e:fe:17:f0:80:a8:48:09:fd:f3:37:53:b1:d2: f9:da:a0:3f:4b:20:75:b7:b3:ff:5a:1b:bd:6a:e2:e2:9b:b7: 2b:7d:35:53:94:4d:18:f4:c1:1a:0d:65:bb:78:d0:7c:ba:64: 17:3f:56:dc:14:63:0c:c1:da:ce:cb:ab:43:09:0c:93:cc:4b: 14:4e:32:3d:e9:91:d6:46:31:4f:f4:59:cb:52:e2:3d:99:6f: 5d:58:09:27:b9:32:13:19:87:1a:9c:5a:0a:b0:89:57:b7:6d: aa:ef:e3:91:e5:58:78:06:8c:d9:25:ef:c8:8b:15:b1:6e:24: 07:ba:fd:51:66:c3:06:fa:9e:5d:12:18:24:44:c8:0f:59:9b: e5:e6:a3:a0:6d:9a:4b:da:f8:fa:ab:ea:ca:09:8f:66:d9:1a: 1c:8b:6e:54:e8:78:f0:34:13:18:0d:8b:5b:0a:48:63:88:f5: aa:6a:fe:12:43:32:e0:d6:d5:c8:bb:14:00:8e:56:77:c4:8c: b6:1d:95:f7 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICB2EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDA2QUExMTAvBgNVBAUTKDIxOEE4QUEwNTAyNjdCMDgwNUUzRkRDOEE5MzlCRjhG QkNCMDAxMDEwHhcNMjYwMzI0MjE0NzUzWhcNMjYwMzMxMjE0NzUzWjAYMRYwFAYD VQQDEw02OWMzMDY4OS1kYjY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApfsLY+QTpVEiOAYahmNVDT/cW3rQlRXBjyqZw2z5mMxzt34LBINd873HPsLW sQQolB5yUQuqi7JBtN11A0G3Bw1qZogU4bBkILLtkJsf5FbxOXtrA216XCqEsoxh czEcrLp+Otbe3+J9Dhhy8sr9LRHAN5nzFihKsBSR0GJih8kRBrSb0w/X95DUD6wD l+ldyrrhzpdu9eZxwFbZaAlHWjqSaZxx/aT3kwm6Rs1JHDGBp3pMNJA28T+88FHL a8I8FA+ImM9WNabwxr+Gw2wEySOQnZTii7T74RMZy1jGEoXiARf3F9A3y05Arz6D CeRUueu6BLadWjez0L/Fgfn/YwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFK18UZlR 1TTb6bO6oJhBqkw9wUnwMB8GA1UdIwQYMBaAFCGKiqBQJnsIBeP9yKk5v4+8sAEB MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDZBQS84NjU4RTQ2Njg2 QzExMUVCQkFCMzE4NEJDNEY5QUUwMi9JWXFLb0ZBbWV3Z0Y0XzNJcVRtX2o3eXdB UUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0lZcUtvRkFtZXdnRjRfM0lxVG1fajd5d0FRRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 MDZBQS84NjU4RTQ2Njg2QzExMUVCQkFCMzE4NEJDNEY5QUUwMi9JWXFLb0ZBbWV3 Z0Y0XzNJcVRtX2o3eXdBUUUubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAwDlNwTl5P87u845/5jtADZ3Ssd/190r4+bwhrShYOJK/5kOKulDSMsvcGo1b 2IZzfmOKzAU45xzHYg7+F/CAqEgJ/fM3U7HS+dqgP0sgdbez/1obvWri4pu3K301 U5RNGPTBGg1lu3jQfLpkFz9W3BRjDMHazsurQwkMk8xLFE4yPemR1kYxT/RZy1Li PZlvXVgJJ7kyExmHGpxaCrCJV7dtqu/jkeVYeAaM2SXvyIsVsW4kB7r9UWbDBvqe XRIYJETID1mb5eajoG2aS9r4+qvqygmPZtkaHItuVOh48DQTGA2LWwpIY4j1qmr+ EkMy4NbVyLsUAI5Wd8SMth2V9w== -----END CERTIFICATE-----Generated at Thu Mar 26 22:30:46 2026 by rpki-client