$ rpki-client -vvf rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/KFO9oWOMWZqEwwlTEOab_SYKqXg.mft File: KFO9oWOMWZqEwwlTEOab_SYKqXg.mft (raw, json) Hash identifier: RQtPnFHJv/Za8kyLgHf7Dn7tq9/ZasODo6M4gHQ9jEc= Subject key identifier: BD:2F:E5:F8:B5:00:36:18:58:E0:F0:8B:42:A9:63:09:6D:7B:39:2A Authority key identifier: 28:53:BD:A1:63:8C:59:9A:84:C3:09:53:10:E6:9B:FD:26:0A:A9:78 Certificate issuer: /CN=A916557B/serialNumber=2853BDA1638C599A84C3095310E69BFD260AA978 Certificate serial: 04D2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KFO9oWOMWZqEwwlTEOab_SYKqXg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/KFO9oWOMWZqEwwlTEOab_SYKqXg.mft Manifest number: 0434 Signing time: Wed 25 Mar 2026 00:14:02 +0000 Manifest this update: Wed 25 Mar 2026 00:14:01 +0000 Manifest next update: Wed 01 Apr 2026 00:14:01 +0000 Files and hashes: 1: KFO9oWOMWZqEwwlTEOab_SYKqXg.crl (hash: x70S6XNUSb2r4CUAGeTBvcQCYf/TlC3NC3P+tUTYRiY=) 2: 69738B14E8AD11F09A679225586F56BC.roa (hash: RKP5KnGoYS+/g5gzIpIJ+XrbtIbmLkTjn9xAfpNS1TU=) 3: A336FE62609111EFB751B771C4F9AE02.roa (hash: sy2Y2nb+dO6LmdXM8erwH1hDY9jJEvsOUd7p2YkpVI0=) 4: 02734B6624D611F0B50DE20BC4F9AE02.roa (hash: nkGN0BuGNBQJa9SkDsBLxEVJf4EOwgrnQ8ymG8YYjkg=) 5: 79AA61622C8711EFBDD6F672C4F9AE02.roa (hash: 30QWvYag8cPnjx7r94UIr3J4yrJ7eaL16fZHXUvAvsY=) 6: 69E7D456E8AD11F09A679225586F56BC.roa (hash: lxI4AM7NXgVEvV+kazkW7byb/+NAwQ7P+KwB4Rom6Yc=) 7: 57A7394C4B0E11EE8682CD4CC4F9AE02.roa (hash: KMYU/tkIB1m1DV1X8R4g+uYkSGoa3XSDqGtlJKqm51Y=) 8: 458AC21A684111EEA6632877C4F9AE02.roa (hash: ZcOPoAMlcJysHiwrollWvtIG++qNRpg0y+gKM/5fjXk=) 9: 14000EECD46811EEBDB9C07CC4F9AE02.roa (hash: cebQ1cJMGyI64NGDe9bFCbEe55Fb3f/4FQEpVIgdXxY=) 10: 11BD8780E8AD11F0B4C8CA81576F56BC.roa (hash: z09c3pfBnLaBhRaO5NZ8zDgzevr5k6+alsOTlNNxpcY=) 11: 1DBF3F2E69BF11EF9B52775AC4F9AE02.roa (hash: wfx2WG82kpqp78Jcf0u7LoLr2spZZPLV1CL27vl0TzQ=) 12: F7D72D3E23E211EFA47D6C68C4F9AE02.roa (hash: zfsi67ywK534SiQhgr/zUV/GZnBGCY0qZt7fhx8+eS4=) 13: 1F89C5C22CB511F08A1A9242C4F9AE02.roa (hash: D8qVBp2VClb8+sa1J879+KOZDXHyJTue8gxn6woZXbo=) 14: F83786F4030011F0984B974FC4F9AE02.roa (hash: kNXMnWEX+sWevVcM5orrR1rktTyN5nt3ePYFbJMZxPI=) 15: 45BC5258C6F711ED9BD6E476C4F9AE02.roa (hash: hNQsBmwpefYxmLDh564qD0pdNeyaVsppq4xHZ9ozBgo=) 16: 07D38A6669C011EF90EADF5CC4F9AE02.roa (hash: NG9N4OPM2kWG9G97ereKXysGh7dTUhxuuvj7CCQ3CMs=) 17: 2F24736869C111EF92B54060C4F9AE02.roa (hash: VOckG74y7wIyjxUwmLFJHHGLX7LdlrZrniy9l6geOqc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/KFO9oWOMWZqEwwlTEOab_SYKqXg.crl rsync://rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/KFO9oWOMWZqEwwlTEOab_SYKqXg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KFO9oWOMWZqEwwlTEOab_SYKqXg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 Apr 2026 00:14:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1234 (0x4d2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916557B, serialNumber=2853BDA1638C599A84C3095310E69BFD260AA978 Validity Not Before: Mar 25 00:14:01 2026 GMT Not After : Apr 1 00:14:01 2026 GMT Subject: CN=69c328ca-663f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:26:52:89:db:04:1e:95:0d:44:56:77:51:d6: 74:43:ad:d5:59:bb:90:25:df:63:88:4b:86:7e:62: b8:e9:3a:23:26:32:fc:bd:a5:47:0e:33:00:35:40: cb:d7:ee:58:72:4d:a7:b0:87:26:ef:e9:98:63:69: e3:3f:ef:c7:0a:54:42:88:26:11:6b:38:91:26:a2: 27:3c:12:fd:05:eb:11:e2:48:a0:1d:85:74:7a:6d: ac:99:99:2a:71:c4:71:dd:2f:7f:a1:ca:23:4b:ea: 0c:38:20:a8:fa:7c:86:c6:1e:2d:61:c6:1c:d7:90: d5:96:3d:f5:89:6f:4e:c8:20:f1:c2:00:a7:9b:6a: 78:18:55:02:5d:f9:72:72:07:23:2a:7d:0b:08:03: 00:f3:75:f6:4a:f5:62:dd:81:b5:1e:78:d9:5d:c6: e6:70:1d:db:b8:d8:82:62:e9:fc:b7:31:a0:7a:e8: ce:74:a2:6b:9e:b6:74:29:07:b4:4e:9f:b9:9d:10: 70:2a:44:35:b2:04:00:d7:a7:ca:7a:69:8c:d2:ac: 23:0c:44:b3:16:53:d5:91:d5:51:a6:e4:0e:f3:90: 9b:28:16:88:20:e7:aa:cd:8a:39:fc:e8:b5:a8:aa: 41:5b:09:8b:13:5b:3c:fe:55:eb:81:aa:7b:85:37: 0a:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:2F:E5:F8:B5:00:36:18:58:E0:F0:8B:42:A9:63:09:6D:7B:39:2A X509v3 Authority Key Identifier: keyid:28:53:BD:A1:63:8C:59:9A:84:C3:09:53:10:E6:9B:FD:26:0A:A9:78 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/KFO9oWOMWZqEwwlTEOab_SYKqXg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KFO9oWOMWZqEwwlTEOab_SYKqXg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/KFO9oWOMWZqEwwlTEOab_SYKqXg.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 00:55:bb:0a:d2:b2:5f:10:33:d1:49:c1:ec:3f:22:67:5c:94: 53:27:8a:ce:e7:e6:ac:2a:37:dc:20:d2:d4:9a:06:d0:e2:bd: 61:0a:81:10:3d:82:ea:b0:f3:00:79:c1:bc:d0:53:a2:56:77: 55:8d:b6:4e:f8:14:94:9b:d5:63:29:22:d4:d7:e4:7b:b6:c7: 35:7f:7b:28:97:d8:31:35:16:e2:2b:1c:1a:e0:fb:71:48:d8: 0c:cc:39:fb:7b:f6:17:83:b4:80:1e:36:5d:21:e7:1d:b1:e3: 61:7a:74:d1:49:64:c7:aa:a6:f6:14:28:19:09:79:c3:9c:8f: 53:a4:e7:c8:40:db:f8:0b:92:7f:cf:e9:eb:98:12:47:06:15: 60:4a:86:ea:cd:be:ad:b9:67:81:c2:6f:a7:ff:0c:14:53:a3: 40:b5:b4:f6:7e:0e:bd:79:a7:30:fc:8c:72:a1:10:39:95:db: 7c:77:d5:be:66:b0:79:05:b3:c8:46:6d:22:a5:60:55:10:33: 39:bc:32:7c:e8:49:99:91:78:6a:5f:ad:12:d6:0d:23:f9:60: 5c:00:2f:c0:7a:d3:6a:fb:c0:aa:6e:11:76:31:1d:87:73:5c: 1b:41:6b:04:fe:2e:0a:bd:da:8c:39:cc:8e:2b:87:47:77:2c: 57:c6:4d:15 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICBNIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjU1N0IxMTAvBgNVBAUTKDI4NTNCREExNjM4QzU5OUE4NEMzMDk1MzEwRTY5QkZE MjYwQUE5NzgwHhcNMjYwMzI1MDAxNDAxWhcNMjYwNDAxMDAxNDAxWjAYMRYwFAYD VQQDEw02OWMzMjhjYS02NjNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArSZSidsEHpUNRFZ3UdZ0Q63VWbuQJd9jiEuGfmK46TojJjL8vaVHDjMANUDL 1+5Yck2nsIcm7+mYY2njP+/HClRCiCYRaziRJqInPBL9BesR4kigHYV0em2smZkq ccRx3S9/ocojS+oMOCCo+nyGxh4tYcYc15DVlj31iW9OyCDxwgCnm2p4GFUCXfly cgcjKn0LCAMA83X2SvVi3YG1HnjZXcbmcB3buNiCYun8tzGgeujOdKJrnrZ0KQe0 Tp+5nRBwKkQ1sgQA16fKemmM0qwjDESzFlPVkdVRpuQO85CbKBaIIOeqzYo5/Oi1 qKpBWwmLE1s8/lXrgap7hTcKmQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFL0v5fi1 ADYYWODwi0KpYwltezkqMB8GA1UdIwQYMBaAFChTvaFjjFmahMMJUxDmm/0mCql4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NTU3Qi84REE3MjY0MEMx RkExMUVDQjMwRUUyMUFDNEY5QUUwMi9LRk85b1dPTVdacUV3d2xURU9hYl9TWUtx WGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tGTzlvV09NV1pxRXd3bFRFT2FiX1NZS3FYZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 NTU3Qi84REE3MjY0MEMxRkExMUVDQjMwRUUyMUFDNEY5QUUwMi9LRk85b1dPTVda cUV3d2xURU9hYl9TWUtxWGcubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAAFW7CtKyXxAz0UnB7D8iZ1yUUyeKzufmrCo33CDS1JoG0OK9YQqBED2C6rDz AHnBvNBTolZ3VY22TvgUlJvVYyki1Nfke7bHNX97KJfYMTUW4iscGuD7cUjYDMw5 +3v2F4O0gB42XSHnHbHjYXp00Ulkx6qm9hQoGQl5w5yPU6TnyEDb+AuSf8/p65gS RwYVYEqG6s2+rblngcJvp/8MFFOjQLW09n4OvXmnMPyMcqEQOZXbfHfVvmaweQWz yEZtIqVgVRAzObwyfOhJmZF4al+tEtYNI/lgXAAvwHrTavvAqm4RdjEdh3NcG0Fr BP4uCr3ajDnMjiuHR3csV8ZNFQ== -----END CERTIFICATE-----Generated at Thu Mar 26 13:56:22 2026 by rpki-client