$ rpki-client -vvf rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.mft File: NKvvhGR0u9oMVWRl3X6ewPpnS7U.mft (raw, json) Hash identifier: ndR9pmQ7omZiwQlEjo+ropzWwk8Pe9zs+PrrpbvyvXU= Subject key identifier: D8:D6:0A:67:EF:41:EC:DF:7D:9F:2E:45:1A:EB:EF:42:75:B8:13:B1 Authority key identifier: 34:AB:EF:84:64:74:BB:DA:0C:55:64:65:DD:7E:9E:C0:FA:67:4B:B5 Certificate issuer: /CN=A9148DB2/serialNumber=34ABEF846474BBDA0C556465DD7E9EC0FA674BB5 Certificate serial: 0356 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NKvvhGR0u9oMVWRl3X6ewPpnS7U.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.mft Manifest number: 034E Signing time: Wed 25 Mar 2026 00:37:43 +0000 Manifest this update: Wed 25 Mar 2026 00:37:43 +0000 Manifest next update: Wed 01 Apr 2026 00:37:43 +0000 Files and hashes: 1: NKvvhGR0u9oMVWRl3X6ewPpnS7U.crl (hash: dxn5ljz5Z+sKOvrtBWjAzoyWHEXcLYnDuKwWxwWt8sU=) 2: F343C4ECF93911ECBD1E663DC4F9AE02.roa (hash: QwQkgtoePZKxFtkm4cXFgAdorKM4wsMJHhlleIVTFws=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.crl rsync://rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NKvvhGR0u9oMVWRl3X6ewPpnS7U.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 Apr 2026 00:37:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 854 (0x356) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9148DB2, serialNumber=34ABEF846474BBDA0C556465DD7E9EC0FA674BB5 Validity Not Before: Mar 25 00:37:43 2026 GMT Not After : Apr 1 00:37:43 2026 GMT Subject: CN=69c32e57-67e5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:28:70:82:61:0c:97:42:56:38:26:4e:50:cf: 09:7a:a1:ea:3a:57:11:65:d3:ef:52:27:51:7d:b3: 1a:d5:e2:a0:53:1e:0d:35:45:f2:fe:f6:a1:52:27: b9:dd:35:d0:57:b4:54:bf:78:8f:e9:38:85:a8:c7: 90:d8:99:ac:0d:f5:22:42:05:7c:1a:41:f3:b4:d4: 9c:65:63:3e:cc:1b:8f:58:a7:01:65:53:5c:83:e4: f1:78:30:1c:52:70:3b:4d:8a:bc:d9:45:a2:25:85: 6a:d1:01:af:71:0f:54:bb:d7:48:73:5a:d7:dd:16: 34:67:de:5e:b5:60:b9:fd:b6:ab:31:50:cc:72:78: d6:26:42:97:69:25:7a:d6:f2:a3:4e:7b:19:15:91: fe:92:53:8c:a4:a2:e0:42:18:6c:02:49:c9:1c:50: 1f:98:75:48:b5:e5:94:84:20:90:55:69:41:10:7c: b2:1c:cb:73:da:61:04:ed:66:cd:80:0a:1e:26:67: 4e:5a:d3:14:12:55:74:7d:63:ee:8b:6c:3f:a2:e6: fa:86:2c:01:9a:1a:02:85:83:30:50:1f:c7:b4:06: 1f:62:41:02:0d:dc:b0:aa:c0:fc:04:79:34:17:53: f7:4f:29:18:dc:92:74:90:40:10:52:f1:6b:fd:12: f8:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:D6:0A:67:EF:41:EC:DF:7D:9F:2E:45:1A:EB:EF:42:75:B8:13:B1 X509v3 Authority Key Identifier: keyid:34:AB:EF:84:64:74:BB:DA:0C:55:64:65:DD:7E:9E:C0:FA:67:4B:B5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NKvvhGR0u9oMVWRl3X6ewPpnS7U.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5d:a6:cc:22:f8:fa:44:3b:72:10:0c:a2:cf:e0:88:92:a0:22: 14:bd:38:c8:82:97:e8:b5:fe:b4:5e:e4:dd:b8:a0:d7:eb:ac: 7a:82:5a:91:33:60:66:6a:8f:e1:88:57:84:ce:d4:8d:03:a5: 08:e0:62:1e:2a:14:67:a1:47:64:c4:32:98:01:6e:68:c4:2b: 6e:8a:92:eb:6e:82:35:2b:0d:f5:ca:3d:11:da:74:6b:aa:59: d6:5f:fe:41:73:d1:d2:51:e2:a1:33:ec:eb:94:d0:49:39:04: 83:5c:1d:06:c4:58:39:fa:18:63:f7:6c:f1:a2:81:47:8b:4a: ca:42:10:a3:14:dc:57:ee:f2:4c:e4:17:f0:9a:48:da:14:70: 18:70:52:d4:c1:37:c7:de:e9:ac:4e:d8:6b:4b:4a:a1:1b:11: ce:46:8c:0f:e0:3f:83:63:a8:14:ae:6b:00:23:db:1c:bf:df: 62:7b:ca:73:18:0a:41:c4:71:bb:6f:77:2d:f6:f6:57:e9:95: a5:d6:a3:e7:47:9c:4c:46:3c:00:13:14:fb:9e:12:ba:4a:fc: 70:aa:ce:45:2c:52:15:e9:ca:42:58:0b:7f:b3:4b:41:d4:63: 0b:f6:0a:7b:b4:b9:9a:8d:e2:af:48:56:ed:e0:e0:fd:8c:e6: d9:9a:9f:03 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICA1YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDhEQjIxMTAvBgNVBAUTKDM0QUJFRjg0NjQ3NEJCREEwQzU1NjQ2NUREN0U5RUMw RkE2NzRCQjUwHhcNMjYwMzI1MDAzNzQzWhcNMjYwNDAxMDAzNzQzWjAYMRYwFAYD VQQDEw02OWMzMmU1Ny02N2U1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApihwgmEMl0JWOCZOUM8JeqHqOlcRZdPvUidRfbMa1eKgUx4NNUXy/vahUie5 3TXQV7RUv3iP6TiFqMeQ2JmsDfUiQgV8GkHztNScZWM+zBuPWKcBZVNcg+TxeDAc UnA7TYq82UWiJYVq0QGvcQ9Uu9dIc1rX3RY0Z95etWC5/barMVDMcnjWJkKXaSV6 1vKjTnsZFZH+klOMpKLgQhhsAknJHFAfmHVIteWUhCCQVWlBEHyyHMtz2mEE7WbN gAoeJmdOWtMUElV0fWPui2w/oub6hiwBmhoChYMwUB/HtAYfYkECDdywqsD8BHk0 F1P3TykY3JJ0kEAQUvFr/RL4yQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFNjWCmfv QezffZ8uRRrr70J1uBOxMB8GA1UdIwQYMBaAFDSr74RkdLvaDFVkZd1+nsD6Z0u1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OERCMi8wNDdEQzM4OEY5 MzYxMUVDOTIxQjgxMEVDNEY5QUUwMi9OS3Z2aEdSMHU5b01WV1JsM1g2ZXdQcG5T N1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05LdnZoR1IwdTlvTVZXUmwzWDZld1BwblM3VS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 OERCMi8wNDdEQzM4OEY5MzYxMUVDOTIxQjgxMEVDNEY5QUUwMi9OS3Z2aEdSMHU5 b01WV1JsM1g2ZXdQcG5TN1UubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAXabMIvj6RDtyEAyiz+CIkqAiFL04yIKX6LX+tF7k3big1+useoJakTNgZmqP 4YhXhM7UjQOlCOBiHioUZ6FHZMQymAFuaMQrboqS626CNSsN9co9Edp0a6pZ1l/+ QXPR0lHioTPs65TQSTkEg1wdBsRYOfoYY/ds8aKBR4tKykIQoxTcV+7yTOQX8JpI 2hRwGHBS1ME3x97prE7Ya0tKoRsRzkaMD+A/g2OoFK5rACPbHL/fYnvKcxgKQcRx u293Lfb2V+mVpdaj50ecTEY8ABMU+54Sukr8cKrORSxSFenKQlgLf7NLQdRjC/YK e7S5mo3ir0hW7eDg/Yzm2ZqfAw== -----END CERTIFICATE-----Generated at Thu Mar 26 07:21:34 2026 by rpki-client