$ rpki-client -vvf rpki.apnic.net/member_repository/A916CDDF/26608D46107211EAAC06B079C4F9AE02/T_pSjG5GftRY9TX8XG3Z2-0M5zc.mft File: T_pSjG5GftRY9TX8XG3Z2-0M5zc.mft (raw, json) Hash identifier: IpBV7ti8WXPsaaJ/4j3OMqz3GZGKgR4RU5WApdkSCBk= Subject key identifier: 88:93:33:BE:F3:D6:2A:0F:C6:BA:B4:B7:B1:15:62:82:DF:8B:C4:A0 Authority key identifier: 4F:FA:52:8C:6E:46:7E:D4:58:F5:35:FC:5C:6D:D9:DB:ED:0C:E7:37 Certificate issuer: /CN=A916CDDF/serialNumber=4FFA528C6E467ED458F535FC5C6DD9DBED0CE737 Certificate serial: 0880 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/T_pSjG5GftRY9TX8XG3Z2-0M5zc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916CDDF/26608D46107211EAAC06B079C4F9AE02/T_pSjG5GftRY9TX8XG3Z2-0M5zc.mft Manifest number: 1503 Signing time: Tue 24 Mar 2026 18:19:55 +0000 Manifest this update: Tue 24 Mar 2026 18:19:54 +0000 Manifest next update: Tue 31 Mar 2026 18:19:54 +0000 Files and hashes: 1: T_pSjG5GftRY9TX8XG3Z2-0M5zc.crl (hash: c30trP5YHHM5T/BEz6uXntxU10S2pXsGtJVA3ztGjkg=) 2: 2F7267121DD411F18819F3DA0B3D8C67.roa (hash: sLJ4fmy8xpg9xcZG4Kb6Y42Da6yXwOsQcEnYcgYLtL4=) 3: F4075E7CF28611EF976CB83AC4F9AE02.roa (hash: 2XB9AUT5vQE1XXVh7JlV1lG+7wXXx67sWItW8OX0UI0=) 4: C9C81E521D2911F18F7E6F37153D8C67.roa (hash: ScxJliUY4DXLrnnNNW8a6vPijrUn+5XUQ6gjXiYCSp8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916CDDF/26608D46107211EAAC06B079C4F9AE02/T_pSjG5GftRY9TX8XG3Z2-0M5zc.crl rsync://rpki.apnic.net/member_repository/A916CDDF/26608D46107211EAAC06B079C4F9AE02/T_pSjG5GftRY9TX8XG3Z2-0M5zc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/T_pSjG5GftRY9TX8XG3Z2-0M5zc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 18:19:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2176 (0x880) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916CDDF, serialNumber=4FFA528C6E467ED458F535FC5C6DD9DBED0CE737 Validity Not Before: Mar 24 18:19:54 2026 GMT Not After : Mar 31 18:19:54 2026 GMT Subject: CN=69c2d5cb-22a5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:6f:b8:b7:47:fc:ec:b9:f4:ee:2f:fa:d9:7b: 19:35:9a:f5:e5:8b:33:73:11:e1:cf:86:a7:35:d4: 4d:fb:51:69:15:e8:7d:b0:82:82:96:3a:ad:19:97: 15:4c:92:f7:fd:ac:f6:46:71:1d:3c:2c:65:f8:2d: 47:34:41:8c:d9:ae:ae:8b:9a:b5:10:c2:8e:c7:07: 6c:09:26:fe:a3:d4:c0:e7:02:95:39:4b:16:4e:98: 62:1e:18:f3:9c:c4:71:16:08:fe:8f:4e:1a:7a:dc: d4:2a:9b:0e:60:87:b9:22:03:dd:96:2f:1c:c3:a9: 94:85:46:3d:24:0c:64:27:ab:c9:41:77:f8:09:73: 82:2b:20:31:43:41:25:ed:bb:45:e5:75:5d:45:22: fa:21:33:99:15:ff:27:bf:02:a6:4f:fa:23:b6:7d: 3a:eb:28:39:45:04:a0:20:15:22:24:1e:96:28:1e: 73:cf:f2:ee:11:ae:60:a6:2d:98:49:8b:e1:f9:4f: 0c:70:eb:05:58:31:a8:b1:37:a6:aa:5b:eb:07:8f: 86:e7:58:ef:93:5d:c5:e0:be:8a:d8:ac:cb:9e:08: 6a:22:0e:9c:e4:5f:43:08:3a:28:71:8d:92:e5:52: 35:9a:d6:76:91:e1:4a:bb:82:ff:e3:ff:0a:96:89: 5f:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:93:33:BE:F3:D6:2A:0F:C6:BA:B4:B7:B1:15:62:82:DF:8B:C4:A0 X509v3 Authority Key Identifier: keyid:4F:FA:52:8C:6E:46:7E:D4:58:F5:35:FC:5C:6D:D9:DB:ED:0C:E7:37 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916CDDF/26608D46107211EAAC06B079C4F9AE02/T_pSjG5GftRY9TX8XG3Z2-0M5zc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/T_pSjG5GftRY9TX8XG3Z2-0M5zc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916CDDF/26608D46107211EAAC06B079C4F9AE02/T_pSjG5GftRY9TX8XG3Z2-0M5zc.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 11:ed:28:30:cf:55:aa:e6:de:09:86:27:7b:5e:ab:2b:72:f6: 3e:02:5d:08:77:99:38:1d:10:10:45:e0:3f:d1:90:9d:b6:58: 58:a4:7f:da:39:eb:fc:49:ca:55:93:be:ae:c5:53:b0:5b:ed: 8f:e2:b3:60:04:28:03:03:08:99:c0:d6:0c:fe:be:0f:6f:5a: 45:d6:e1:25:21:60:4d:16:57:14:f4:e4:9e:bd:b2:55:56:f7: 0d:8e:c2:92:fc:23:08:ca:d5:28:ea:e9:20:56:1d:f9:8a:86: f8:13:5e:0f:8d:92:6c:1d:4a:88:23:0b:9e:1a:27:40:0b:38: e8:36:1f:ae:5f:ac:f0:3a:9b:98:c6:02:f8:c3:f7:d1:be:00: b5:7a:8c:82:f6:8e:1f:f6:ea:ca:b6:8a:f6:4b:ca:18:bc:ea: 0e:3a:92:8e:55:66:33:b6:04:f7:3e:bb:c3:aa:03:3e:b3:c4: f5:da:31:3d:cc:20:ee:40:c0:dc:fa:5f:0f:68:d9:4b:b9:d9: c1:04:41:2c:ef:1e:39:94:22:b2:61:47:72:2e:9c:37:38:90: 7d:45:86:73:fe:48:a4:92:9f:51:59:43:0e:db:b1:69:c6:e8: 55:56:59:ce:65:59:f7:8c:a6:8d:7e:85:19:da:07:bf:05:87: 8f:a3:69:46 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICCIAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkNEREYxMTAvBgNVBAUTKDRGRkE1MjhDNkU0NjdFRDQ1OEY1MzVGQzVDNkREOURC RUQwQ0U3MzcwHhcNMjYwMzI0MTgxOTU0WhcNMjYwMzMxMTgxOTU0WjAYMRYwFAYD VQQDEw02OWMyZDVjYi0yMmE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr2+4t0f87Ln07i/62XsZNZr15YszcxHhz4anNdRN+1FpFeh9sIKCljqtGZcV TJL3/az2RnEdPCxl+C1HNEGM2a6ui5q1EMKOxwdsCSb+o9TA5wKVOUsWTphiHhjz nMRxFgj+j04aetzUKpsOYIe5IgPdli8cw6mUhUY9JAxkJ6vJQXf4CXOCKyAxQ0El 7btF5XVdRSL6ITOZFf8nvwKmT/ojtn066yg5RQSgIBUiJB6WKB5zz/LuEa5gpi2Y SYvh+U8McOsFWDGosTemqlvrB4+G51jvk13F4L6K2KzLnghqIg6c5F9DCDoocY2S 5VI1mtZ2keFKu4L/4/8KlolfCwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFIiTM77z 1ioPxrq0t7EVYoLfi8SgMB8GA1UdIwQYMBaAFE/6UoxuRn7UWPU1/Fxt2dvtDOc3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2Q0RERi8yNjYwOEQ0NjEw NzIxMUVBQUMwNkIwNzlDNEY5QUUwMi9UX3BTakc1R2Z0Ulk5VFg4WEczWjItME01 emMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1RfcFNqRzVHZnRSWTlUWDhYRzNaMi0wTTV6Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 Q0RERi8yNjYwOEQ0NjEwNzIxMUVBQUMwNkIwNzlDNEY5QUUwMi9UX3BTakc1R2Z0 Ulk5VFg4WEczWjItME01emMubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAEe0oMM9VqubeCYYne16rK3L2PgJdCHeZOB0QEEXgP9GQnbZYWKR/2jnr/EnK VZO+rsVTsFvtj+KzYAQoAwMImcDWDP6+D29aRdbhJSFgTRZXFPTknr2yVVb3DY7C kvwjCMrVKOrpIFYd+YqG+BNeD42SbB1KiCMLnhonQAs46DYfrl+s8DqbmMYC+MP3 0b4AtXqMgvaOH/bqyraK9kvKGLzqDjqSjlVmM7YE9z67w6oDPrPE9doxPcwg7kDA 3PpfD2jZS7nZwQRBLO8eOZQismFHci6cNziQfUWGc/5IpJKfUVlDDtuxacboVVZZ zmVZ94ymjX6FGdoHvwWHj6NpRg== -----END CERTIFICATE-----Generated at Thu Mar 26 08:52:51 2026 by rpki-client