$ rpki-client -vvf rpki.apnic.net/member_repository/A917BBF1/245DC5CA0AF711EAA85A5D1AC4F9AE02/ZUCRhgKOxUzUW1g0_77K9LePGcI.mft File: ZUCRhgKOxUzUW1g0_77K9LePGcI.mft (raw, json) Hash identifier: wfpRX0L2AUoY2ABFk6yGueLeP1Jtu7ZQqBYIrljW8NI= Subject key identifier: 60:C5:6C:75:2A:88:72:80:5E:8C:B3:05:F9:73:36:49:95:14:05:2A Authority key identifier: 65:40:91:86:02:8E:C5:4C:D4:5B:58:34:FF:BE:CA:F4:B7:8F:19:C2 Certificate issuer: /CN=A917BBF1/serialNumber=65409186028EC54CD45B5834FFBECAF4B78F19C2 Certificate serial: 0CFF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZUCRhgKOxUzUW1g0_77K9LePGcI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917BBF1/245DC5CA0AF711EAA85A5D1AC4F9AE02/ZUCRhgKOxUzUW1g0_77K9LePGcI.mft Manifest number: 0CD7 Signing time: Tue 24 Mar 2026 18:14:40 +0000 Manifest this update: Tue 24 Mar 2026 18:14:39 +0000 Manifest next update: Tue 31 Mar 2026 18:14:39 +0000 Files and hashes: 1: ZUCRhgKOxUzUW1g0_77K9LePGcI.crl (hash: Tlj5Z20Tf1mxiui2/WQHT0wfHz+nLfQgK5VYfc1t0NA=) 2: FF4F13D4448711ECA80CFC34C4F9AE02.roa (hash: lDq/RoR1gtpy/cAfk0IFee9KhUVF1t6WS4LHb4U+atA=) 3: 1B54858065B711EE93D6ED6DC4F9AE02.roa (hash: RJJ5TtxisaxrsdKJrxokk1MUJk/sClMJ57OXkPbYyvk=) 4: 3EED102CC53011F0ADCB012EC4F9AE02.roa (hash: LxKNHe3GpfHVZCaXnBap/M64zNmMtKYhFB34n7ePJpg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917BBF1/245DC5CA0AF711EAA85A5D1AC4F9AE02/ZUCRhgKOxUzUW1g0_77K9LePGcI.crl rsync://rpki.apnic.net/member_repository/A917BBF1/245DC5CA0AF711EAA85A5D1AC4F9AE02/ZUCRhgKOxUzUW1g0_77K9LePGcI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZUCRhgKOxUzUW1g0_77K9LePGcI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 18:14:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3327 (0xcff) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917BBF1, serialNumber=65409186028EC54CD45B5834FFBECAF4B78F19C2 Validity Not Before: Mar 24 18:14:39 2026 GMT Not After : Mar 31 18:14:39 2026 GMT Subject: CN=69c2d490-0307 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:5c:31:ec:15:55:ed:cc:da:27:11:bd:c5:2d: 77:50:59:80:b6:25:b2:28:1e:bb:d9:89:e1:b3:f3: bc:4c:55:12:cd:7d:c9:b5:30:a4:ab:3b:90:b2:23: c1:72:74:a2:7e:bf:81:23:dc:3a:e3:0c:7f:3d:52: c3:17:dc:02:1a:3e:7f:7b:aa:8f:d7:62:0e:8c:a9: d3:78:c0:2e:d2:6d:aa:d2:13:6c:fa:c8:ba:72:c3: 32:80:84:3d:13:c9:75:c2:3c:00:5e:41:79:6a:a6: 23:e2:08:e5:19:fe:4e:ac:b8:7b:0b:a9:4e:5b:a0: 35:08:a8:92:42:bd:b6:a8:48:f1:02:1a:f8:6e:90: 2d:fd:ce:87:91:9c:e5:d2:46:85:5a:68:ef:12:df: 0f:99:a8:5a:92:9c:e5:ea:92:d8:92:6a:08:8d:5b: 96:40:d8:87:ef:49:11:f0:46:b3:c5:9e:3d:6a:12: 02:f9:b2:12:2e:89:4b:70:24:be:a6:31:67:74:e2: 13:ec:dc:a2:3e:ce:b7:c4:e5:80:77:0d:eb:d3:e9: 4e:00:9a:15:bf:11:ad:0f:2c:fb:23:4c:65:40:c0: b7:00:96:b9:eb:60:82:6b:e3:f4:3a:40:f8:a3:ad: e0:eb:dc:17:a0:94:ac:4c:1d:7c:4e:0e:96:68:32: cb:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:C5:6C:75:2A:88:72:80:5E:8C:B3:05:F9:73:36:49:95:14:05:2A X509v3 Authority Key Identifier: keyid:65:40:91:86:02:8E:C5:4C:D4:5B:58:34:FF:BE:CA:F4:B7:8F:19:C2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917BBF1/245DC5CA0AF711EAA85A5D1AC4F9AE02/ZUCRhgKOxUzUW1g0_77K9LePGcI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZUCRhgKOxUzUW1g0_77K9LePGcI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917BBF1/245DC5CA0AF711EAA85A5D1AC4F9AE02/ZUCRhgKOxUzUW1g0_77K9LePGcI.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 86:d0:52:36:76:10:c8:99:0a:bf:f8:37:26:45:42:3b:7d:ee: 89:4b:dd:36:51:d7:21:1a:10:77:4d:c0:d2:1f:cd:46:8b:85: 6f:22:f6:53:c4:f9:90:83:93:4b:16:e1:81:d6:5d:15:ba:4d: 07:44:21:51:e6:e3:63:6e:1b:4f:dd:1f:03:36:5c:76:f9:02: 59:cc:77:61:eb:cb:7b:35:5b:12:b5:9a:10:ca:c9:0e:c1:c1: 9e:2d:e5:57:c7:2f:cf:45:08:29:b4:22:cd:da:bc:99:a3:4d: 8c:07:d1:ed:02:a5:93:66:78:ab:ab:cf:25:fc:5e:fb:91:75: 5e:8c:83:71:a4:0b:cf:17:f6:66:b9:63:0d:d6:d9:19:bc:81: 80:1a:71:33:bd:16:8a:94:93:36:55:66:98:75:8b:15:e9:97: 3b:d0:57:c9:68:be:7c:fc:cc:00:c2:6e:c7:b9:79:07:45:e2: e9:d8:ee:4b:70:c6:bd:fe:81:5d:4f:d8:27:30:b8:8c:c2:2d: d1:f0:ac:87:61:5d:10:4c:01:44:c7:b9:38:fe:5a:f3:01:5c: 94:9d:e5:a0:1e:fb:ec:f0:16:8f:5f:21:ef:42:a5:32:37:80: bd:c4:35:95:65:1a:96:bc:7f:d2:0d:a1:e4:07:03:60:b8:55: 85:a5:be:5c -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICDP8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0JCRjExMTAvBgNVBAUTKDY1NDA5MTg2MDI4RUM1NENENDVCNTgzNEZGQkVDQUY0 Qjc4RjE5QzIwHhcNMjYwMzI0MTgxNDM5WhcNMjYwMzMxMTgxNDM5WjAYMRYwFAYD VQQDEw02OWMyZDQ5MC0wMzA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnFwx7BVV7czaJxG9xS13UFmAtiWyKB672Ynhs/O8TFUSzX3JtTCkqzuQsiPB cnSifr+BI9w64wx/PVLDF9wCGj5/e6qP12IOjKnTeMAu0m2q0hNs+si6csMygIQ9 E8l1wjwAXkF5aqYj4gjlGf5OrLh7C6lOW6A1CKiSQr22qEjxAhr4bpAt/c6HkZzl 0kaFWmjvEt8Pmahakpzl6pLYkmoIjVuWQNiH70kR8EazxZ49ahIC+bISLolLcCS+ pjFndOIT7NyiPs63xOWAdw3r0+lOAJoVvxGtDyz7I0xlQMC3AJa562CCa+P0OkD4 o63g69wXoJSsTB18Tg6WaDLLowIDAQABo4ICczCCAm8wHQYDVR0OBBYEFGDFbHUq iHKAXoyzBflzNkmVFAUqMB8GA1UdIwQYMBaAFGVAkYYCjsVM1FtYNP++yvS3jxnC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QkJGMS8yNDVEQzVDQTBB RjcxMUVBQTg1QTVEMUFDNEY5QUUwMi9aVUNSaGdLT3hVelVXMWcwXzc3SzlMZVBH Y0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1pVQ1JoZ0tPeFV6VVcxZzBfNzdLOUxlUEdjSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QkJGMS8yNDVEQzVDQTBBRjcxMUVBQTg1QTVEMUFDNEY5QUUwMi9aVUNSaGdLT3hV elVXMWcwXzc3SzlMZVBHY0kubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAhtBSNnYQyJkKv/g3JkVCO33uiUvdNlHXIRoQd03A0h/NRouFbyL2U8T5kIOT SxbhgdZdFbpNB0QhUebjY24bT90fAzZcdvkCWcx3YevLezVbErWaEMrJDsHBni3l V8cvz0UIKbQizdq8maNNjAfR7QKlk2Z4q6vPJfxe+5F1XoyDcaQLzxf2ZrljDdbZ GbyBgBpxM70WipSTNlVmmHWLFemXO9BXyWi+fPzMAMJux7l5B0Xi6djuS3DGvf6B XU/YJzC4jMIt0fCsh2FdEEwBRMe5OP5a8wFclJ3loB777PAWj18h70KlMjeAvcQ1 lWUalrx/0g2h5AcDYLhVhaW+XA== -----END CERTIFICATE-----Generated at Thu Mar 26 16:26:17 2026 by rpki-client