$ rpki-client -vvf rpki.apnic.net/member_repository/A9172BD3/64BFF14EB3F711EE92A47717C4F9AE02/PX_qy2M6a4KTI7HplE1K-Y3do3I.mft File: PX_qy2M6a4KTI7HplE1K-Y3do3I.mft (raw, json) Hash identifier: fKpRxwNywz4NdN9wsExjWH7tSYe2eDbO8pbRvkCMCJs= Subject key identifier: 97:57:A7:3A:DC:01:5D:C4:3D:42:E6:D5:7E:C7:97:C6:17:1D:C2:9C Authority key identifier: 3D:7F:EA:CB:63:3A:6B:82:93:23:B1:E9:94:4D:4A:F9:8D:DD:A3:72 Certificate issuer: /CN=A9172BD3/serialNumber=3D7FEACB633A6B829323B1E9944D4AF98DDDA372 Certificate serial: 01AA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PX_qy2M6a4KTI7HplE1K-Y3do3I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9172BD3/64BFF14EB3F711EE92A47717C4F9AE02/PX_qy2M6a4KTI7HplE1K-Y3do3I.mft Manifest number: 01A2 Signing time: Wed 25 Mar 2026 03:31:15 +0000 Manifest this update: Wed 25 Mar 2026 03:31:14 +0000 Manifest next update: Wed 01 Apr 2026 03:31:14 +0000 Files and hashes: 1: PX_qy2M6a4KTI7HplE1K-Y3do3I.crl (hash: /8V85gByaeOAyuOUb0HTIU9/SDsdKXJF03lsviG/0iQ=) 2: 78321A66068D11EF92608943C4F9AE02.roa (hash: B+SJqxW4okca9e4x0qcp3bdPieQGRwfLcj5Bf3jCnkw=) 3: 97F15FD8068D11EF839A3054C4F9AE02.roa (hash: ZR91Xkb9WqCmTw6bc0Cn1+z+jAwWu9sevUXMNk3wUeg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9172BD3/64BFF14EB3F711EE92A47717C4F9AE02/PX_qy2M6a4KTI7HplE1K-Y3do3I.crl rsync://rpki.apnic.net/member_repository/A9172BD3/64BFF14EB3F711EE92A47717C4F9AE02/PX_qy2M6a4KTI7HplE1K-Y3do3I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PX_qy2M6a4KTI7HplE1K-Y3do3I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 Apr 2026 03:31:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 426 (0x1aa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9172BD3, serialNumber=3D7FEACB633A6B829323B1E9944D4AF98DDDA372 Validity Not Before: Mar 25 03:31:14 2026 GMT Not After : Apr 1 03:31:14 2026 GMT Subject: CN=69c35702-e454 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:ba:da:58:46:cd:50:d0:3b:0e:d9:02:96:92: f9:c5:8a:17:23:50:2b:77:c1:3b:7f:9a:cf:be:2f: 0d:eb:16:52:ce:12:0d:c2:c4:e7:76:63:89:d2:44: 29:69:06:2d:f1:8f:52:a8:93:f5:a4:d4:ba:13:68: 39:71:05:64:82:da:16:2a:f4:2a:39:d3:0e:7a:12: 00:81:b4:44:3c:55:99:fa:9b:22:d5:d7:b3:fc:8b: 0a:41:0b:14:17:13:f7:64:39:20:3a:5f:26:a5:49: d5:45:5c:82:3e:7c:cb:11:1d:b9:42:6e:eb:27:05: eb:5b:df:9d:ef:ff:be:e5:3f:b4:66:36:e6:08:28: 1c:f9:9d:d5:eb:6b:8d:81:fe:f4:06:b1:a8:54:71: 76:2e:ba:77:d4:53:ba:ad:3c:8e:96:22:5b:ee:33: 72:b5:c0:a4:c4:97:d4:da:dc:e9:27:e1:0d:b8:a5: 67:47:04:43:0e:7e:4a:a3:c3:96:b1:31:29:13:bc: a0:b1:ed:b4:27:5a:ea:43:0f:8c:a6:10:22:52:f0: 98:49:82:26:88:47:bf:ac:92:2e:b4:03:e6:6f:14: 54:03:f0:94:35:c2:b3:5c:fd:8e:b8:77:6b:47:a2: 63:5b:c4:3b:0f:34:77:a7:da:c6:ec:c5:39:01:bc: 1c:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:57:A7:3A:DC:01:5D:C4:3D:42:E6:D5:7E:C7:97:C6:17:1D:C2:9C X509v3 Authority Key Identifier: keyid:3D:7F:EA:CB:63:3A:6B:82:93:23:B1:E9:94:4D:4A:F9:8D:DD:A3:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9172BD3/64BFF14EB3F711EE92A47717C4F9AE02/PX_qy2M6a4KTI7HplE1K-Y3do3I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PX_qy2M6a4KTI7HplE1K-Y3do3I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9172BD3/64BFF14EB3F711EE92A47717C4F9AE02/PX_qy2M6a4KTI7HplE1K-Y3do3I.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5c:3c:ab:90:e4:2b:ba:db:60:70:07:69:5a:ab:60:7b:67:1d: 34:45:17:73:2c:14:13:98:14:b5:70:66:c3:ec:b4:82:75:4c: d6:8a:16:02:8c:ae:e7:1a:40:50:f7:74:9b:bb:d8:24:7a:9a: 4b:25:68:5d:ae:47:f9:16:4f:c9:64:1e:8f:59:21:82:34:12: 7f:0b:21:e0:7a:06:12:12:83:91:43:c5:01:5b:25:62:34:44: b2:cf:cf:c8:f0:3e:5d:d5:d1:00:af:a8:1b:42:87:5d:04:09: 61:f4:de:30:48:ee:e3:88:90:ca:1b:40:f7:40:b0:5d:8e:13: 86:5b:fe:84:ac:29:54:f4:ca:be:9c:c0:d2:c9:b6:e9:f8:cb: d0:e9:49:8d:ad:bc:87:0d:46:92:9f:18:22:62:79:69:9e:b1: fd:5d:ff:c9:43:54:1a:15:f8:7d:cf:2b:38:2c:56:3a:6a:7a: a9:21:fa:e8:5d:5c:b5:6a:fb:ea:60:dd:e4:60:1d:14:66:b8: 6f:b6:5d:ff:c3:25:7f:ae:c7:03:a9:ea:b9:2e:e7:f8:d0:ec: 2b:7a:45:0f:44:25:48:bf:90:f3:f6:8b:22:06:54:31:22:7d: e6:02:30:eb:b1:ae:0f:43:21:3a:42:5b:8a:f3:92:c6:6e:11: 9c:d2:81:d3 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICAaowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzJCRDMxMTAvBgNVBAUTKDNEN0ZFQUNCNjMzQTZCODI5MzIzQjFFOTk0NEQ0QUY5 OEREREEzNzIwHhcNMjYwMzI1MDMzMTE0WhcNMjYwNDAxMDMzMTE0WjAYMRYwFAYD VQQDEw02OWMzNTcwMi1lNDU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt7raWEbNUNA7DtkClpL5xYoXI1Ard8E7f5rPvi8N6xZSzhINwsTndmOJ0kQp aQYt8Y9SqJP1pNS6E2g5cQVkgtoWKvQqOdMOehIAgbREPFWZ+psi1dez/IsKQQsU FxP3ZDkgOl8mpUnVRVyCPnzLER25Qm7rJwXrW9+d7/++5T+0ZjbmCCgc+Z3V62uN gf70BrGoVHF2Lrp31FO6rTyOliJb7jNytcCkxJfU2tzpJ+ENuKVnRwRDDn5Ko8OW sTEpE7ygse20J1rqQw+MphAiUvCYSYImiEe/rJIutAPmbxRUA/CUNcKzXP2OuHdr R6JjW8Q7DzR3p9rG7MU5AbwcoQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFJdXpzrc AV3EPULm1X7Hl8YXHcKcMB8GA1UdIwQYMBaAFD1/6stjOmuCkyOx6ZRNSvmN3aNy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MkJEMy82NEJGRjE0RUIz RjcxMUVFOTJBNDc3MTdDNEY5QUUwMi9QWF9xeTJNNmE0S1RJN0hwbEUxSy1ZM2Rv M0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1BYX3F5Mk02YTRLVEk3SHBsRTFLLVkzZG8zSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MkJEMy82NEJGRjE0RUIzRjcxMUVFOTJBNDc3MTdDNEY5QUUwMi9QWF9xeTJNNmE0 S1RJN0hwbEUxSy1ZM2RvM0kubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAXDyrkOQruttgcAdpWqtge2cdNEUXcywUE5gUtXBmw+y0gnVM1ooWAoyu5xpA UPd0m7vYJHqaSyVoXa5H+RZPyWQej1khgjQSfwsh4HoGEhKDkUPFAVslYjREss/P yPA+XdXRAK+oG0KHXQQJYfTeMEju44iQyhtA90CwXY4Thlv+hKwpVPTKvpzA0sm2 6fjL0OlJja28hw1Gkp8YImJ5aZ6x/V3/yUNUGhX4fc8rOCxWOmp6qSH66F1ctWr7 6mDd5GAdFGa4b7Zd/8Mlf67HA6nquS7n+NDsK3pFD0QlSL+Q8/aLIgZUMSJ95gIw 67GuD0MhOkJbivOSxm4RnNKB0w== -----END CERTIFICATE-----Generated at Thu Mar 26 19:08:26 2026 by rpki-client