$ rpki-client -vvf rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft File: ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft (raw, json) Hash identifier: GUqW7MhzzcCqgGlmfeBXD2eqUTANPGNxHIUN6q4d7rg= Subject key identifier: DD:E4:5E:01:C9:8D:5A:38:C4:B8:29:0A:A9:3E:27:B1:FB:6C:70:E0 Authority key identifier: 8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A Certificate issuer: /CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A Certificate serial: 1DF8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft Manifest number: 1D6B Signing time: Thu 26 Mar 2026 16:08:00 +0000 Manifest this update: Thu 26 Mar 2026 16:08:00 +0000 Manifest next update: Thu 02 Apr 2026 16:08:00 +0000 Files and hashes: 1: ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl (hash: 3ifo3aeiASUZAvDekFfG1YZiQy3atrfIXOGDl7Pjxuk=) 2: 75D2A3666E8011EF92BDE465C4F9AE02.roa (hash: pQIAQO2x1Y98U1wPMfCQmXLie1tIp4nTPRrtQeF4Db8=) 3: 3322FCF6B8B611F09EE22E11C4F9AE02.roa (hash: vPw7xATzv0O2yNoJH3ofUOV61xAOAH8pdJ0rodOC4Lw=) 4: 3BDD23E27CA611EE82D65D19C4F9AE02.roa (hash: syfI5VBGCCOaxinq66/rQy0KiVO/nQZm82G8XJ0s/uQ=) 5: 84064494E48F11EF8386EA50C4F9AE02.roa (hash: e2z23i28QBdo2imUKS15DY31HQcf+q8FZJ7ZqEZMi64=) 6: 87F433B2234C11EBA94AE637C4F9AE02.roa (hash: n5wlbfzu1nkCUtXLjTCqtermWiOQnIuS2LGZIh8GrSA=) 7: D3C8593E905E11EFAF2C185CC4F9AE02.roa (hash: Ruxh9vs1IEEY8sUgeoqbiAjkOA3NIO1oE49c/aSiPyo=) 8: CCD092AE4E6411EF92C0EC3AC4F9AE02.roa (hash: /vJS5mvYoaeQ7e5TPVVBx64c5yOqiYznmnqStY9GYWY=) 9: 2F9A7A1648FC11EBBAE0991CC4F9AE02.roa (hash: OyJ386kUL4gGWlM9zenD8Or9GBx/nawzJcbJiadjXEs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 02 Apr 2026 14:54:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7672 (0x1df8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917A84A, serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A Validity Not Before: Mar 26 16:08:00 2026 GMT Not After : Apr 2 16:08:00 2026 GMT Subject: CN=69c559e0-da29 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:57:72:da:9d:8e:9e:b8:f5:17:18:99:e8:6c: 8d:a6:06:c2:b6:68:76:44:90:59:5f:ce:a2:69:67: 60:8b:75:19:70:21:97:00:13:ba:5a:d5:1e:3f:7b: 53:86:94:78:35:37:5a:4d:12:5a:d7:ea:c7:0d:24: 6e:fa:6b:fe:eb:ee:fe:79:7a:d0:93:79:3e:cf:c9: e4:87:34:f2:36:a8:11:84:b0:92:e4:f6:4b:6a:66: aa:63:52:7a:0a:ae:b6:5b:09:d8:62:6a:7e:03:66: 5d:9e:55:b4:1a:50:d5:8e:2d:f3:55:67:15:77:0b: cc:7b:32:e8:c4:8d:ad:ac:71:46:75:14:51:cf:ec: 54:03:ea:27:4c:11:a7:fb:d7:ac:7d:4e:6e:9f:49: 43:e0:f7:e1:f3:27:d2:50:61:66:d3:f8:15:0d:7c: 5c:6b:b8:cc:fa:d7:16:a5:2d:bb:f3:9d:95:75:f3: fb:5b:ff:92:92:36:c0:73:89:19:c7:9d:5e:c3:91: 20:4a:a7:4f:a2:45:82:af:97:38:25:f0:ff:f3:f9: aa:fa:10:f9:09:6b:c7:d2:db:de:89:9d:77:6d:6d: da:2e:f7:5a:6b:5e:dd:1e:f8:de:21:04:d3:7d:48: 78:3f:54:f1:f0:63:59:79:90:b1:73:0e:1a:dd:7f: 35:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:E4:5E:01:C9:8D:5A:38:C4:B8:29:0A:A9:3E:27:B1:FB:6C:70:E0 X509v3 Authority Key Identifier: keyid:8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 25:b7:5a:dc:e1:f6:c8:de:ab:bb:f5:d7:41:43:e1:6f:6c:dd: 6d:8f:c3:4e:7a:84:e9:17:e8:a2:91:54:cd:ce:26:cf:74:77: 8e:7e:e3:4a:3f:48:86:85:56:b4:73:68:57:1a:6f:8f:60:e1: 52:40:b0:5e:f4:e3:d9:6d:8b:99:e2:3a:69:e9:ba:fe:99:5f: 42:2e:a8:20:24:1a:2e:d7:42:fd:be:3e:b2:8d:40:3c:85:ce: 63:57:d6:43:bd:a5:dc:5f:98:c3:ce:72:55:d5:6e:11:aa:c4: e7:5c:6a:11:74:bb:74:5a:b2:0d:39:53:cb:66:8b:6f:7f:49: 65:25:60:ee:dc:9c:29:45:0e:96:1b:a4:8d:5d:fd:66:f5:20: f8:b3:35:02:6d:6f:65:43:42:85:ad:3a:f8:08:a4:f5:ab:9a: 30:46:b9:e7:8a:67:2a:66:23:8d:5d:74:c1:61:ce:ba:3a:04: 2e:a4:cc:b3:07:40:36:84:4e:14:60:9d:7e:cb:cd:28:62:ba: 08:46:b0:55:7b:20:f3:1a:ae:2f:6d:39:54:fa:af:cc:f5:8c: f7:ab:55:25:b1:44:0a:51:d3:14:33:7c:cb:f7:c7:dd:ba:9e: d0:75:b2:8a:64:5e:a8:8f:81:06:c9:6c:cd:2e:e0:f7:a7:f6: 7b:1a:a9:af -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICHfgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0E4NEExMTAvBgNVBAUTKDhBMUExMEVCOEZCQTQ1QzIxNTJDQTg5NTZGNDMyRjlB ODEzOTYwM0EwHhcNMjYwMzI2MTYwODAwWhcNMjYwNDAyMTYwODAwWjAYMRYwFAYD VQQDEw02OWM1NTllMC1kYTI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy1dy2p2Onrj1FxiZ6GyNpgbCtmh2RJBZX86iaWdgi3UZcCGXABO6WtUeP3tT hpR4NTdaTRJa1+rHDSRu+mv+6+7+eXrQk3k+z8nkhzTyNqgRhLCS5PZLamaqY1J6 Cq62WwnYYmp+A2ZdnlW0GlDVji3zVWcVdwvMezLoxI2trHFGdRRRz+xUA+onTBGn +9esfU5un0lD4Pfh8yfSUGFm0/gVDXxca7jM+tcWpS27852VdfP7W/+SkjbAc4kZ x51ew5EgSqdPokWCr5c4JfD/8/mq+hD5CWvH0tveiZ13bW3aLvdaa17dHvjeIQTT fUh4P1Tx8GNZeZCxcw4a3X81ewIDAQABo4ICczCCAm8wHQYDVR0OBBYEFN3kXgHJ jVo4xLgpCqk+J7H7bHDgMB8GA1UdIwQYMBaAFIoaEOuPukXCFSyolW9DL5qBOWA6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTg0QS8xODA1MTkxQUUx RUYxMUU2OUQzNjUwMUJDNEY5QUUwMi9paG9RNjQtNlJjSVZMS2lWYjBNdm1vRTVZ RG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lob1E2NC02UmNJVkxLaVZiME12bW9FNVlEby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QTg0QS8xODA1MTkxQUUxRUYxMUU2OUQzNjUwMUJDNEY5QUUwMi9paG9RNjQtNlJj SVZMS2lWYjBNdm1vRTVZRG8ubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAJbda3OH2yN6ru/XXQUPhb2zdbY/DTnqE6RfoopFUzc4mz3R3jn7jSj9IhoVW tHNoVxpvj2DhUkCwXvTj2W2LmeI6aem6/plfQi6oICQaLtdC/b4+so1APIXOY1fW Q72l3F+Yw85yVdVuEarE51xqEXS7dFqyDTlTy2aLb39JZSVg7tycKUUOlhukjV39 ZvUg+LM1Am1vZUNCha06+Aik9auaMEa554pnKmYjjV10wWHOujoELqTMswdANoRO FGCdfsvNKGK6CEawVXsg8xquL205VPqvzPWM96tVJbFEClHTFDN8y/fH3bqe0HWy imReqI+BBslszS7g96f2exqprw== -----END CERTIFICATE-----Generated at Thu Mar 26 22:25:51 2026 by rpki-client