$ rpki-client -vvf rpki.apnic.net/member_repository/A9156971/48C221861D9211E2ADB30BF508B02CD2/KQX7MhK9YWRvt69jPqGiV7w6Pew.mft File: KQX7MhK9YWRvt69jPqGiV7w6Pew.mft (raw, json) Hash identifier: C85DA5N/Jk1HcIhL9w/HTruEGJ82xTl++wL0LkC9Vb8= Subject key identifier: 1E:3F:60:0C:4A:8D:FC:7D:C3:99:6E:4A:9C:00:14:C4:4C:62:39:F4 Authority key identifier: 29:05:FB:32:12:BD:61:64:6F:B7:AF:63:3E:A1:A2:57:BC:3A:3D:EC Certificate issuer: /CN=A9156971/serialNumber=2905FB3212BD61646FB7AF633EA1A257BC3A3DEC Certificate serial: 352E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KQX7MhK9YWRvt69jPqGiV7w6Pew.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9156971/48C221861D9211E2ADB30BF508B02CD2/KQX7MhK9YWRvt69jPqGiV7w6Pew.mft Manifest number: 3526 Signing time: Tue 24 Mar 2026 14:43:33 +0000 Manifest this update: Tue 24 Mar 2026 14:43:32 +0000 Manifest next update: Tue 31 Mar 2026 14:43:32 +0000 Files and hashes: 1: KQX7MhK9YWRvt69jPqGiV7w6Pew.crl (hash: nh8P6t+nj5ngytqqPuL/VJ477LWD0ekQCYhM0HHghoQ=) 2: 4AF78A4AFEC611EF86B4765BC4F9AE02.roa (hash: H75vp8KnVCyEkBU2ciSVAYWnVqr6J6YZvmHhlQG4SNQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9156971/48C221861D9211E2ADB30BF508B02CD2/KQX7MhK9YWRvt69jPqGiV7w6Pew.crl rsync://rpki.apnic.net/member_repository/A9156971/48C221861D9211E2ADB30BF508B02CD2/KQX7MhK9YWRvt69jPqGiV7w6Pew.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KQX7MhK9YWRvt69jPqGiV7w6Pew.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 14:43:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13614 (0x352e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9156971, serialNumber=2905FB3212BD61646FB7AF633EA1A257BC3A3DEC Validity Not Before: Mar 24 14:43:32 2026 GMT Not After : Mar 31 14:43:32 2026 GMT Subject: CN=69c2a314-2589 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:15:1e:a7:cb:9a:d5:cc:10:1c:a5:6a:2f:5d: 1b:cd:4c:f0:13:29:e6:90:d1:50:44:3e:af:69:51: 7f:3e:9f:99:7f:1e:a7:45:46:f7:37:1d:c5:b6:1b: e5:0c:a5:78:88:d0:53:13:26:32:7b:6e:33:67:6a: c9:78:b4:70:f9:d0:ee:35:13:9e:c7:59:ac:70:3d: aa:ec:b1:01:9c:73:cb:6d:1d:0a:08:61:81:8d:e6: 02:c7:8e:58:4b:cc:a0:3f:d8:37:49:7d:e3:a1:84: 05:9d:db:1c:18:6a:8e:60:f8:0d:b7:8b:5a:09:aa: c4:e4:c7:39:6c:c4:89:b3:25:24:f0:62:bb:38:77: 7d:29:93:85:f0:b4:be:a0:c0:75:d0:ea:19:7e:d3: d7:82:0a:93:23:27:0b:ab:86:cf:06:92:88:70:41: 6a:3a:a6:1f:71:26:4b:0e:e4:78:f4:70:0d:d2:fc: 20:4a:e1:ce:bf:8c:af:8b:74:2e:c2:2c:45:9d:17: 93:64:38:26:45:56:6c:84:7e:39:25:36:d7:e3:ec: 2a:fb:80:c0:2c:52:b3:56:8d:48:5c:7a:c2:f9:4a: 97:cf:8a:18:45:c3:c4:bb:f0:4e:c8:f4:ba:d7:95: c3:de:65:4d:c2:1d:2a:64:07:69:29:7a:7c:fd:65: 95:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:3F:60:0C:4A:8D:FC:7D:C3:99:6E:4A:9C:00:14:C4:4C:62:39:F4 X509v3 Authority Key Identifier: keyid:29:05:FB:32:12:BD:61:64:6F:B7:AF:63:3E:A1:A2:57:BC:3A:3D:EC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9156971/48C221861D9211E2ADB30BF508B02CD2/KQX7MhK9YWRvt69jPqGiV7w6Pew.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KQX7MhK9YWRvt69jPqGiV7w6Pew.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9156971/48C221861D9211E2ADB30BF508B02CD2/KQX7MhK9YWRvt69jPqGiV7w6Pew.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4f:24:98:78:f7:53:5f:13:d4:47:e6:f8:22:4e:3d:f1:37:5d: c6:e9:bd:d8:73:a5:08:f2:b7:09:ac:17:c8:65:fb:bf:95:a9: 4f:a7:5f:66:ef:71:79:77:aa:b3:a4:97:06:7b:a3:06:0b:b1: bf:f4:89:2c:8f:d0:0d:56:c9:fe:c2:15:80:dd:21:42:e5:84: 1f:c7:17:6a:8d:a2:22:28:45:84:2b:a6:d8:8c:fc:e0:86:fb: 76:fb:f9:ab:8d:ae:af:df:d3:08:42:85:c3:e6:41:58:28:5a: c9:be:8e:c5:8d:df:8d:ae:81:a2:87:f3:eb:1c:b5:74:f2:00: 1b:4d:ce:da:85:6a:f0:85:31:2f:74:17:51:38:f9:90:b3:d8: b8:32:df:01:41:0f:58:3b:1f:45:70:a8:d2:77:45:b6:f8:cf: 2e:2d:87:10:cd:2e:88:57:f5:2e:0a:0c:e8:f7:30:2c:f0:1d: e5:67:30:47:58:dc:11:71:ca:46:0a:b9:f1:68:38:82:55:66: 33:3e:f3:7a:52:ff:80:fb:6e:18:62:7c:2e:51:06:56:2e:1e: 03:5b:26:22:79:30:b7:05:4d:6c:f1:9c:a6:05:0d:c1:3e:9a: c3:8a:91:12:da:d4:d6:da:9c:9b:58:f4:05:9f:f9:84:22:2b: b5:8f:7a:08 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICNS4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTY5NzExMTAvBgNVBAUTKDI5MDVGQjMyMTJCRDYxNjQ2RkI3QUY2MzNFQTFBMjU3 QkMzQTNERUMwHhcNMjYwMzI0MTQ0MzMyWhcNMjYwMzMxMTQ0MzMyWjAYMRYwFAYD VQQDEw02OWMyYTMxNC0yNTg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwhUep8ua1cwQHKVqL10bzUzwEynmkNFQRD6vaVF/Pp+Zfx6nRUb3Nx3Fthvl DKV4iNBTEyYye24zZ2rJeLRw+dDuNROex1mscD2q7LEBnHPLbR0KCGGBjeYCx45Y S8ygP9g3SX3joYQFndscGGqOYPgNt4taCarE5Mc5bMSJsyUk8GK7OHd9KZOF8LS+ oMB10OoZftPXggqTIycLq4bPBpKIcEFqOqYfcSZLDuR49HAN0vwgSuHOv4yvi3Qu wixFnReTZDgmRVZshH45JTbX4+wq+4DALFKzVo1IXHrC+UqXz4oYRcPEu/BOyPS6 15XD3mVNwh0qZAdpKXp8/WWVKwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFB4/YAxK jfx9w5luSpwAFMRMYjn0MB8GA1UdIwQYMBaAFCkF+zISvWFkb7evYz6hole8Oj3s MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1Njk3MS80OEMyMjE4NjFE OTIxMUUyQURCMzBCRjUwOEIwMkNEMi9LUVg3TWhLOVlXUnZ0NjlqUHFHaVY3dzZQ ZXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tRWDdNaEs5WVdSdnQ2OWpQcUdpVjd3NlBldy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 Njk3MS80OEMyMjE4NjFEOTIxMUUyQURCMzBCRjUwOEIwMkNEMi9LUVg3TWhLOVlX UnZ0NjlqUHFHaVY3dzZQZXcubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEATySYePdTXxPUR+b4Ik498Tddxum92HOlCPK3CawXyGX7v5WpT6dfZu9xeXeq s6SXBnujBguxv/SJLI/QDVbJ/sIVgN0hQuWEH8cXao2iIihFhCum2Iz84Ib7dvv5 q42ur9/TCEKFw+ZBWChayb6OxY3fja6Boofz6xy1dPIAG03O2oVq8IUxL3QXUTj5 kLPYuDLfAUEPWDsfRXCo0ndFtvjPLi2HEM0uiFf1LgoM6PcwLPAd5WcwR1jcEXHK Rgq58Wg4glVmMz7zelL/gPtuGGJ8LlEGVi4eA1smInkwtwVNbPGcpgUNwT6aw4qR EtrU1tqcm1j0BZ/5hCIrtY96CA== -----END CERTIFICATE-----Generated at Thu Mar 26 00:53:46 2026 by rpki-client