$ rpki-client -vvf rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft File: KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft (raw, json) Hash identifier: cImlNgkqSg2p4TWYLeRLDDfNFWf4DGMppcEUTFTFlm8= Subject key identifier: 69:51:AB:51:EC:FE:B1:9B:65:F6:09:50:15:1C:30:CA:3B:58:39:72 Authority key identifier: 29:76:87:67:53:D6:55:62:A7:CA:85:E3:E9:E8:DF:75:07:97:C9:48 Certificate issuer: /CN=A914F521/serialNumber=2976876753D65562A7CA85E3E9E8DF750797C948 Certificate serial: 0E56 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft Manifest number: 0E38 Signing time: Tue 24 Mar 2026 17:40:57 +0000 Manifest this update: Tue 24 Mar 2026 17:40:56 +0000 Manifest next update: Tue 31 Mar 2026 17:40:56 +0000 Files and hashes: 1: KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl (hash: M31GmGP8RIIRjWSQkhX9jFRbRShUuV0aOF59UUsSt6w=) 2: 757320342E4011EEBC464879C4F9AE02.roa (hash: PNck+uUGNd+dXPiz0RHoIOTdAVNh1nYpLyv0JCvf9SY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 17:40:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3670 (0xe56) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914F521, serialNumber=2976876753D65562A7CA85E3E9E8DF750797C948 Validity Not Before: Mar 24 17:40:56 2026 GMT Not After : Mar 31 17:40:56 2026 GMT Subject: CN=69c2cca8-62c9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:16:24:c9:19:82:51:ee:5e:0b:46:92:43:14: 59:33:80:c2:1a:d4:f6:e5:d7:c2:9c:e1:65:61:b4: a6:91:38:f3:9f:1c:1b:b9:68:2a:21:9a:c8:78:1d: 61:12:b2:48:3d:79:6d:4c:c1:ec:1e:05:ee:49:0d: 4c:9f:ee:dc:cb:ae:8c:e2:30:62:f9:bb:4a:63:41: f4:f7:a0:80:59:90:df:86:c1:6b:30:c2:e6:81:cd: 8c:a0:86:30:80:70:45:3e:b6:96:4d:d2:11:c9:01: 8c:77:b5:9d:57:3c:68:44:c3:50:6a:8d:bf:e6:65: e5:87:56:28:72:a1:8e:fd:f6:41:4d:14:3c:1b:42: a4:c2:4c:77:7e:8b:64:92:9d:56:49:27:72:4f:c8: ed:05:63:c8:e6:ea:c4:83:79:dc:85:d4:16:66:c9: 7c:b1:1c:03:af:d2:ee:28:79:03:f9:17:d0:6d:43: 7c:0f:f6:2a:b0:05:dc:18:be:34:6c:c5:58:f0:9d: 1f:55:66:fb:69:a8:50:36:ec:ec:e1:7d:e2:a8:05: d1:65:66:ab:df:27:60:67:92:f5:1e:90:e7:78:47: 46:22:84:37:e2:c8:f8:0e:fd:9d:92:79:25:10:99: 33:e0:fd:40:32:a6:b5:87:4f:64:fa:a0:f2:1e:cd: 20:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:51:AB:51:EC:FE:B1:9B:65:F6:09:50:15:1C:30:CA:3B:58:39:72 X509v3 Authority Key Identifier: keyid:29:76:87:67:53:D6:55:62:A7:CA:85:E3:E9:E8:DF:75:07:97:C9:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5c:0d:e1:f7:99:cb:b6:21:26:db:51:a6:24:5e:f7:89:d7:fe: 4e:2c:7d:c3:d5:5b:8e:65:d3:76:f8:a5:2c:d3:55:85:78:6a: 73:20:a7:3d:70:e8:90:68:ae:b7:9f:20:89:8c:62:b0:de:01: eb:71:bc:bd:0d:25:8a:b9:e0:a2:69:a1:a0:64:bb:72:3c:cd: 67:75:36:77:1e:2f:f5:4b:87:67:16:17:8d:b4:58:7a:00:60: 3d:c8:64:e6:41:e4:76:a8:ab:e6:85:5a:5b:e6:08:1d:81:fc: 0c:0d:c6:9d:1b:41:7a:ae:b1:58:f2:0b:12:78:14:9f:7f:65: 32:bf:c1:d1:65:e4:14:3a:25:7d:14:fd:b9:74:dd:54:8b:36: c3:c4:01:c2:2f:02:d3:bd:2c:95:a0:85:fc:df:0a:ef:b9:cc: e1:2c:ba:ad:c5:79:1e:84:db:3d:0b:61:99:d5:7f:94:73:3e: cf:e3:fb:19:23:bd:6e:2a:fd:dc:1b:9e:78:08:87:00:04:01: 10:6c:89:fc:d8:f4:e6:59:16:f4:b3:c9:63:27:b2:9e:3f:d0: 86:3f:25:a1:67:3e:62:03:55:b8:2c:ca:6f:43:fd:3c:78:1a: 2f:ac:fd:32:3b:81:24:d3:2a:20:9e:84:dc:d5:6c:91:a0:6b: da:2c:03:43 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICDlYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEY1MjExMTAvBgNVBAUTKDI5NzY4NzY3NTNENjU1NjJBN0NBODVFM0U5RThERjc1 MDc5N0M5NDgwHhcNMjYwMzI0MTc0MDU2WhcNMjYwMzMxMTc0MDU2WjAYMRYwFAYD VQQDEw02OWMyY2NhOC02MmM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAkBYkyRmCUe5eC0aSQxRZM4DCGtT25dfCnOFlYbSmkTjznxwbuWgqIZrIeB1h ErJIPXltTMHsHgXuSQ1Mn+7cy66M4jBi+btKY0H096CAWZDfhsFrMMLmgc2MoIYw gHBFPraWTdIRyQGMd7WdVzxoRMNQao2/5mXlh1YocqGO/fZBTRQ8G0Kkwkx3fotk kp1WSSdyT8jtBWPI5urEg3nchdQWZsl8sRwDr9LuKHkD+RfQbUN8D/YqsAXcGL40 bMVY8J0fVWb7aahQNuzs4X3iqAXRZWar3ydgZ5L1HpDneEdGIoQ34sj4Dv2dknkl EJkz4P1AMqa1h09k+qDyHs0ggQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFGlRq1Hs /rGbZfYJUBUcMMo7WDlyMB8GA1UdIwQYMBaAFCl2h2dT1lVip8qF4+no33UHl8lI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RjUyMS8yMTY1ODgyMEM2 N0UxMUU5QUYzQkE3NjVDNEY5QUUwMi9LWGFIWjFQV1ZXS255b1hqNmVqZmRRZVh5 VWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tYYUhaMVBXVldLbnlvWGo2ZWpmZFFlWHlVZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RjUyMS8yMTY1ODgyMEM2N0UxMUU5QUYzQkE3NjVDNEY5QUUwMi9LWGFIWjFQV1ZX S255b1hqNmVqZmRRZVh5VWcubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAXA3h95nLtiEm21GmJF73idf+Tix9w9VbjmXTdvilLNNVhXhqcyCnPXDokGiu t58giYxisN4B63G8vQ0lirngommhoGS7cjzNZ3U2dx4v9UuHZxYXjbRYegBgPchk 5kHkdqir5oVaW+YIHYH8DA3GnRtBeq6xWPILEngUn39lMr/B0WXkFDolfRT9uXTd VIs2w8QBwi8C070slaCF/N8K77nM4Sy6rcV5HoTbPQthmdV/lHM+z+P7GSO9bir9 3BueeAiHAAQBEGyJ/Nj05lkW9LPJYyeynj/Qhj8loWc+YgNVuCzKb0P9PHgaL6z9 MjuBJNMqIJ6E3NVskaBr2iwDQw== -----END CERTIFICATE-----Generated at Thu Mar 26 00:52:34 2026 by rpki-client