$ rpki-client -vvf rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.mft File: dg5qfwi3L_gOtW9nUDI7Fkpw2h0.mft (raw, json) Hash identifier: GcC1jicm9kvzd0jhE/B/aUyz15yt5k2AipH2FLWAtNY= Subject key identifier: 21:3D:3B:2D:34:A9:34:FA:7E:3D:A2:37:2E:61:B0:D0:30:28:DF:77 Authority key identifier: 76:0E:6A:7F:08:B7:2F:F8:0E:B5:6F:67:50:32:3B:16:4A:70:DA:1D Certificate issuer: /CN=A9157DAE/serialNumber=760E6A7F08B72FF80EB56F6750323B164A70DA1D Certificate serial: 0514 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.mft Manifest number: 04EE Signing time: Tue 24 Mar 2026 16:55:50 +0000 Manifest this update: Tue 24 Mar 2026 16:55:50 +0000 Manifest next update: Tue 31 Mar 2026 16:55:50 +0000 Files and hashes: 1: dg5qfwi3L_gOtW9nUDI7Fkpw2h0.crl (hash: 0zPi2dXAS/4QL3wewXPoQq0YAOuzHL8IMHzjlf0/TFo=) 2: 9CD16392309711F09EFD0C4CC4F9AE02.roa (hash: 76p1LWBSiAURuIgRIP/lu1qZCJd79sZFpOsF7Mk4V7g=) 3: 13EE3260596A11ECB1394271C4F9AE02.roa (hash: 5Z7fKb2b95O7xf2REenK7dbH8KrSrAmTwTpVkXBeeOI=) 4: D36F0B6ECF4411ECB6B61825C4F9AE02.roa (hash: Ylv7wHI65XMnQYhoDyQSygUwHrURYMjzNieL/UaPiGU=) 5: F5A921B85BE911EF8624AA20C4F9AE02.roa (hash: HtAUxiV2GGFLsnw5Ftue8AlO9jul/mJwmhYMXTb/CeY=) 6: F91F0C028A2E11EC98A2702CC4F9AE02.roa (hash: bjkkedoEzbUfC4GQvKwdaQZgxgq0YTl5qOigfpRvGaU=) 7: 1479C514596A11ECB1394271C4F9AE02.roa (hash: wpAJJYnFAicDNwa71hcmrPmPcdiAdvkl0r/mHo7+0do=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.crl rsync://rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 16:55:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1300 (0x514) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157DAE, serialNumber=760E6A7F08B72FF80EB56F6750323B164A70DA1D Validity Not Before: Mar 24 16:55:50 2026 GMT Not After : Mar 31 16:55:50 2026 GMT Subject: CN=69c2c216-2775 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:e7:e1:a2:4f:dd:cb:c0:d4:02:f2:71:7d:1c: b2:c9:e2:29:da:c0:85:62:8a:d4:2e:72:ef:7c:df: b6:9a:f7:57:2e:70:5a:6b:83:3f:67:ae:93:fb:8f: 3b:14:52:0d:c2:1f:63:e9:fd:b6:4a:d9:5b:f4:b5: 77:e1:d2:d7:96:4e:db:a3:e0:7a:59:b4:93:69:23: ec:4b:e0:2e:e0:b8:9b:d1:47:c7:4c:34:d7:11:5c: 2f:ea:ca:f8:cc:85:94:1d:2d:e6:7e:d8:48:a5:df: ba:52:e1:83:18:05:7f:7c:52:a6:f2:db:99:a1:1e: b4:25:1a:ea:3a:11:27:88:86:f4:37:89:a3:03:1d: 83:29:12:a5:ab:91:7c:fe:e3:1e:e2:a2:98:8c:eb: ad:6d:fd:55:02:c7:69:87:56:01:0e:fe:df:11:d2: cc:ee:e6:03:fb:9a:dc:0a:8c:bd:48:da:0d:71:ad: e5:5a:34:41:89:98:74:42:44:44:38:32:53:b3:7b: 77:5f:91:d1:81:63:a0:5a:79:d1:9c:a3:f7:0a:92: a3:7d:a3:4f:05:39:3d:10:eb:fb:d9:85:9c:94:eb: 33:4d:09:bd:c6:87:7d:c4:fa:c4:9b:8f:ad:40:24: b8:6f:c5:c7:19:82:4f:68:09:4e:90:23:53:52:52: 34:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:3D:3B:2D:34:A9:34:FA:7E:3D:A2:37:2E:61:B0:D0:30:28:DF:77 X509v3 Authority Key Identifier: keyid:76:0E:6A:7F:08:B7:2F:F8:0E:B5:6F:67:50:32:3B:16:4A:70:DA:1D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7c:c8:81:02:3a:45:f6:e4:1e:42:67:47:b8:37:70:75:78:40: 2c:8a:7d:5b:9c:54:8b:74:c6:60:5a:df:3c:62:68:49:6f:b4: a9:16:81:bf:d4:5a:05:8c:87:e2:a9:b0:b8:44:66:ed:8c:16: b3:e5:87:73:74:db:f9:7f:c2:fb:38:29:5e:3f:ea:62:3d:db: 2c:10:0f:bd:47:31:92:eb:bd:64:7a:24:6a:45:f7:86:51:53: c8:00:f9:be:c2:8b:4e:9f:56:11:a7:d7:58:75:0f:76:15:fa: b1:78:5c:aa:67:6b:7c:c5:d5:3d:bc:47:a6:a6:53:da:fd:6d: 85:05:c9:cd:8f:98:1a:f5:b8:cf:a1:51:81:97:ef:aa:43:be: 9b:8e:35:87:ef:18:10:04:de:4b:97:db:07:e7:d4:0f:71:25: 74:9f:2f:9b:3e:eb:c0:9f:96:a7:71:84:82:1d:30:ff:8b:12: 3d:3c:36:fc:9f:1d:ca:99:6c:3c:3c:20:2b:31:f2:18:4f:1b: 89:c9:36:ec:70:93:4f:8f:d9:85:f2:8c:94:47:1e:cd:4f:8b: bb:8d:6e:f6:6d:ba:f6:6e:65:24:a3:ae:f1:32:ec:da:aa:a3: 8b:74:cb:87:7d:2c:67:c3:b2:e1:8b:e1:e9:2e:28:28:d2:23: 56:d0:ca:b1 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICBRQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdEQUUxMTAvBgNVBAUTKDc2MEU2QTdGMDhCNzJGRjgwRUI1NkY2NzUwMzIzQjE2 NEE3MERBMUQwHhcNMjYwMzI0MTY1NTUwWhcNMjYwMzMxMTY1NTUwWjAYMRYwFAYD VQQDEw02OWMyYzIxNi0yNzc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmufhok/dy8DUAvJxfRyyyeIp2sCFYorULnLvfN+2mvdXLnBaa4M/Z66T+487 FFINwh9j6f22Stlb9LV34dLXlk7bo+B6WbSTaSPsS+Au4Lib0UfHTDTXEVwv6sr4 zIWUHS3mfthIpd+6UuGDGAV/fFKm8tuZoR60JRrqOhEniIb0N4mjAx2DKRKlq5F8 /uMe4qKYjOutbf1VAsdph1YBDv7fEdLM7uYD+5rcCoy9SNoNca3lWjRBiZh0QkRE ODJTs3t3X5HRgWOgWnnRnKP3CpKjfaNPBTk9EOv72YWclOszTQm9xod9xPrEm4+t QCS4b8XHGYJPaAlOkCNTUlI0SwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFCE9Oy00 qTT6fj2iNy5hsNAwKN93MB8GA1UdIwQYMBaAFHYOan8Ity/4DrVvZ1AyOxZKcNod MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0RBRS81QjRDNEUzNjU5 NjkxMUVDOTRBM0U3NzBDNEY5QUUwMi9kZzVxZndpM0xfZ090VzluVURJN0ZrcHcy aDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2RnNXFmd2kzTF9nT3RXOW5VREk3RmtwdzJoMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 N0RBRS81QjRDNEUzNjU5NjkxMUVDOTRBM0U3NzBDNEY5QUUwMi9kZzVxZndpM0xf Z090VzluVURJN0ZrcHcyaDAubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAfMiBAjpF9uQeQmdHuDdwdXhALIp9W5xUi3TGYFrfPGJoSW+0qRaBv9RaBYyH 4qmwuERm7YwWs+WHc3Tb+X/C+zgpXj/qYj3bLBAPvUcxkuu9ZHokakX3hlFTyAD5 vsKLTp9WEafXWHUPdhX6sXhcqmdrfMXVPbxHpqZT2v1thQXJzY+YGvW4z6FRgZfv qkO+m441h+8YEATeS5fbB+fUD3EldJ8vmz7rwJ+Wp3GEgh0w/4sSPTw2/J8dypls PDwgKzHyGE8bick27HCTT4/ZhfKMlEcezU+Lu41u9m269m5lJKOu8TLs2qqji3TL h30sZ8Oy4Yvh6S4oKNIjVtDKsQ== -----END CERTIFICATE-----Generated at Thu Mar 26 12:17:08 2026 by rpki-client