$ rpki-client -vvf rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.mft File: XAq0JfK0I14cgVaDvWyOi3uAtyc.mft (raw, json) Hash identifier: WjMGk+v6lQo+JwfSF8g8au3E4e+9/HhHtd7pD8uNTVg= Subject key identifier: 57:5E:0A:D4:5A:4A:7B:9D:FF:49:F5:1A:FE:94:3B:7C:F1:FF:73:F1 Authority key identifier: 5C:0A:B4:25:F2:B4:23:5E:1C:81:56:83:BD:6C:8E:8B:7B:80:B7:27 Certificate issuer: /CN=A917F8A9/serialNumber=5C0AB425F2B4235E1C815683BD6C8E8B7B80B727 Certificate serial: 0A21 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAq0JfK0I14cgVaDvWyOi3uAtyc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.mft Manifest number: 0A08 Signing time: Tue 24 Mar 2026 19:37:39 +0000 Manifest this update: Tue 24 Mar 2026 19:37:38 +0000 Manifest next update: Tue 31 Mar 2026 19:37:38 +0000 Files and hashes: 1: XAq0JfK0I14cgVaDvWyOi3uAtyc.crl (hash: IXV0MvB64gfZ/FBFKggTZdX64ZcQbw0EsA2jtD1K7fM=) 2: 0774A2C894F211EAB30E7682C4F9AE02.roa (hash: l2tsnXDfo/hIktpCNOIO2/elh/NggYLVtKn+htr+20w=) 3: 83DC30E0D0DB11EA9336962FC4F9AE02.roa (hash: 6ZGy644lUjSn/iRWamVdu/Cx4lbrco/8//Ud8xr+hK4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.crl rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAq0JfK0I14cgVaDvWyOi3uAtyc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 19:37:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2593 (0xa21) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917F8A9, serialNumber=5C0AB425F2B4235E1C815683BD6C8E8B7B80B727 Validity Not Before: Mar 24 19:37:38 2026 GMT Not After : Mar 31 19:37:38 2026 GMT Subject: CN=69c2e803-4061 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:02:0a:74:7a:8e:79:83:2f:f6:21:4f:37:58: 15:46:f3:27:d0:03:0b:2d:cf:f2:db:84:30:9d:eb: f5:4d:75:17:45:6a:92:20:34:f8:b5:42:3d:d7:f3: 57:52:ef:4c:fc:a6:3f:01:db:91:ee:0e:6b:c7:88: 85:21:d7:b2:02:d9:d2:1f:51:17:8c:d9:83:93:fe: 6d:27:7a:f9:65:0a:26:b0:e2:ad:3e:39:dd:6a:67: 65:2b:90:83:c1:54:ca:1b:c5:ef:e1:74:24:84:42: a7:b9:cf:de:a2:86:33:5d:74:1c:c4:ba:7a:62:b1: 1b:88:33:86:3c:0b:e2:27:a2:72:5c:63:bb:bc:0b: 98:66:94:16:7b:7a:98:9a:a8:3c:1e:fc:bd:7d:11: b4:39:d9:66:6d:e9:12:13:78:00:88:18:e4:57:2b: 5b:49:40:37:0e:4c:6f:4e:3e:27:0f:49:95:c3:bb: f6:11:55:4b:f2:05:cd:2d:9b:be:13:67:9b:7c:70: 55:01:3d:39:9f:1b:47:25:10:f7:02:d7:6a:fd:20: 3c:8a:c8:e3:00:bc:bf:59:03:0f:53:8e:e2:a9:c6: 53:1e:0d:93:76:be:30:10:fb:35:3d:8e:e6:de:67: 42:ee:05:6d:03:81:4f:12:53:f8:5e:b1:0a:7b:62: c8:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 57:5E:0A:D4:5A:4A:7B:9D:FF:49:F5:1A:FE:94:3B:7C:F1:FF:73:F1 X509v3 Authority Key Identifier: keyid:5C:0A:B4:25:F2:B4:23:5E:1C:81:56:83:BD:6C:8E:8B:7B:80:B7:27 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAq0JfK0I14cgVaDvWyOi3uAtyc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption da:55:2d:c0:a7:cc:c7:cc:91:ab:6f:0c:2d:40:c8:ba:fe:ad: 1e:c2:f7:6e:4e:8b:00:4e:27:88:2a:f4:a9:b3:25:c0:2a:a6: aa:49:d7:3d:a0:d9:c1:4b:54:86:85:85:99:bf:7a:58:15:93: 57:a4:d1:d7:39:77:32:e4:81:99:5a:00:64:82:5e:eb:4e:cf: 7d:90:9b:89:c7:b7:4f:70:74:a4:b7:32:d8:3d:c0:60:e8:74: 76:79:f0:fd:47:73:60:63:0d:aa:39:69:c7:fb:d8:62:02:44: 7a:eb:3f:fc:14:54:7f:23:58:94:12:d2:3f:1b:69:23:76:24: b4:dd:22:b9:29:b6:af:ae:33:b3:05:f3:e2:c7:c0:a9:44:af: f6:9d:d5:a3:d5:09:b1:02:35:f3:93:26:72:1f:fc:e9:9f:bd: fb:ac:24:86:b2:b9:d6:f3:c4:b4:3b:d9:e2:04:3d:9f:2d:25: de:13:19:20:74:72:63:c6:44:9d:bb:11:65:f8:74:95:c9:00: e9:fb:76:67:5c:42:40:f1:58:0d:42:63:a9:8e:24:e8:79:56: 0d:a0:e4:c6:bb:9a:da:63:f4:ff:c8:86:8d:73:36:59:43:09: 2c:4a:85:9b:18:16:dd:58:4c:62:d8:91:41:fc:7d:41:76:35: f0:dc:e8:6b -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICCiEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0Y4QTkxMTAvBgNVBAUTKDVDMEFCNDI1RjJCNDIzNUUxQzgxNTY4M0JENkM4RThC N0I4MEI3MjcwHhcNMjYwMzI0MTkzNzM4WhcNMjYwMzMxMTkzNzM4WjAYMRYwFAYD VQQDEw02OWMyZTgwMy00MDYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuQIKdHqOeYMv9iFPN1gVRvMn0AMLLc/y24Qwnev1TXUXRWqSIDT4tUI91/NX Uu9M/KY/AduR7g5rx4iFIdeyAtnSH1EXjNmDk/5tJ3r5ZQomsOKtPjndamdlK5CD wVTKG8Xv4XQkhEKnuc/eooYzXXQcxLp6YrEbiDOGPAviJ6JyXGO7vAuYZpQWe3qY mqg8Hvy9fRG0OdlmbekSE3gAiBjkVytbSUA3DkxvTj4nD0mVw7v2EVVL8gXNLZu+ E2ebfHBVAT05nxtHJRD3Atdq/SA8isjjALy/WQMPU47iqcZTHg2Tdr4wEPs1PY7m 3mdC7gVtA4FPElP4XrEKe2LIkwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFFdeCtRa Snud/0n1Gv6UO3zx/3PxMB8GA1UdIwQYMBaAFFwKtCXytCNeHIFWg71sjot7gLcn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RjhBOS8yQUEwNDMzMDk0 RjAxMUVBODNFRjFFN0RDNEY5QUUwMi9YQXEwSmZLMEkxNGNnVmFEdld5T2kzdUF0 eWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hBcTBKZkswSTE0Y2dWYUR2V3lPaTN1QXR5Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RjhBOS8yQUEwNDMzMDk0RjAxMUVBODNFRjFFN0RDNEY5QUUwMi9YQXEwSmZLMEkx NGNnVmFEdld5T2kzdUF0eWMubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEA2lUtwKfMx8yRq28MLUDIuv6tHsL3bk6LAE4niCr0qbMlwCqmqknXPaDZwUtU hoWFmb96WBWTV6TR1zl3MuSBmVoAZIJe607PfZCbice3T3B0pLcy2D3AYOh0dnnw /UdzYGMNqjlpx/vYYgJEeus//BRUfyNYlBLSPxtpI3YktN0iuSm2r64zswXz4sfA qUSv9p3Vo9UJsQI185Mmch/86Z+9+6wkhrK51vPEtDvZ4gQ9ny0l3hMZIHRyY8ZE nbsRZfh0lckA6ft2Z1xCQPFYDUJjqY4k6HlWDaDkxrua2mP0/8iGjXM2WUMJLEqF mxgW3VhMYtiRQfx9QXY18Nzoaw== -----END CERTIFICATE-----Generated at Thu Mar 26 17:58:29 2026 by rpki-client