$ rpki-client -vvf rpki.apnic.net/member_repository/A91892EB/FD0081DEC56711EBAFEA602BC4F9AE02/C2zfP6zGgLeGkm3hOfHg9nREBlQ.mft File: C2zfP6zGgLeGkm3hOfHg9nREBlQ.mft (raw, json) Hash identifier: vyIqH9J/rglHkpF3sHUR8tnIUQFn6fljG7k7nvsw9uQ= Subject key identifier: 37:12:F9:B0:2D:EB:1D:A9:FB:38:A9:79:43:A9:49:34:5C:8C:9C:16 Authority key identifier: 0B:6C:DF:3F:AC:C6:80:B7:86:92:6D:E1:39:F1:E0:F6:74:44:06:54 Certificate issuer: /CN=A91892EB/serialNumber=0B6CDF3FACC680B786926DE139F1E0F674440654 Certificate serial: 068D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C2zfP6zGgLeGkm3hOfHg9nREBlQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91892EB/FD0081DEC56711EBAFEA602BC4F9AE02/C2zfP6zGgLeGkm3hOfHg9nREBlQ.mft Manifest number: 0668 Signing time: Tue 24 Mar 2026 22:22:01 +0000 Manifest this update: Tue 24 Mar 2026 22:22:00 +0000 Manifest next update: Tue 31 Mar 2026 22:22:00 +0000 Files and hashes: 1: C2zfP6zGgLeGkm3hOfHg9nREBlQ.crl (hash: FynzTq23c0N5LiU6zY5s3/Eci2vks0jCZl4maltvtCE=) 2: F4DC3C2AC59211EBAA9C5B7BC4F9AE02.roa (hash: AcX/Q7kCXs6/lVr70u8Z/hkgVWbgvWKfVvGr/7kslLM=) 3: 1DE394187C2F11F0902A5A0CC4F9AE02.roa (hash: pdws3t0lZJ1KRtlaVi7T3cqSeY6vMdRKeuikmdwYWhg=) 4: 4FF7919CA3AE11F08498344CC4F9AE02.roa (hash: vr8P+P39aT/1jKl6iJb1sUFbpi5nliJVWaBLeOW46aY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91892EB/FD0081DEC56711EBAFEA602BC4F9AE02/C2zfP6zGgLeGkm3hOfHg9nREBlQ.crl rsync://rpki.apnic.net/member_repository/A91892EB/FD0081DEC56711EBAFEA602BC4F9AE02/C2zfP6zGgLeGkm3hOfHg9nREBlQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C2zfP6zGgLeGkm3hOfHg9nREBlQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 22:21:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1677 (0x68d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91892EB, serialNumber=0B6CDF3FACC680B786926DE139F1E0F674440654 Validity Not Before: Mar 24 22:22:00 2026 GMT Not After : Mar 31 22:22:00 2026 GMT Subject: CN=69c30e88-7e4e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:ec:f0:a2:24:3e:da:32:13:25:aa:df:e8:e8: 5d:29:8e:ac:89:b4:c8:12:f9:88:88:c5:a0:a3:ce: 1e:05:6e:c4:86:cd:e9:24:83:29:53:55:a8:72:a9: 61:03:0c:ba:eb:06:26:c4:ec:5e:80:b0:ea:2a:df: cb:77:f6:cc:de:bf:28:b1:4d:83:24:ee:e0:56:2e: b5:6f:c2:d5:c3:03:8b:82:17:e3:42:01:fb:82:60: 99:d8:7f:e9:43:69:b5:3d:71:c9:c0:30:22:41:97: 51:03:64:78:65:52:74:36:bc:fd:44:4c:8f:1e:32: c5:f9:04:2e:51:33:c5:83:13:e5:16:65:4a:13:23: 81:58:09:21:0c:f4:a7:c1:d8:08:6d:13:a3:24:45: ab:d1:bc:5a:71:7b:1a:09:84:a0:38:34:61:c1:b6: d7:aa:d5:cc:03:dd:74:5f:1c:e2:7d:1d:18:bd:a3: 32:99:90:31:a6:d1:a7:85:00:04:25:c8:0f:8f:7e: c1:88:3e:f4:1b:0c:36:ba:bc:96:c3:51:0f:9f:b5: e8:35:d8:2a:03:99:13:e2:2d:fe:15:76:15:e6:b4: a7:6d:a0:97:e0:e9:71:44:c5:17:b2:3c:6c:e8:57: 48:2a:31:89:a6:ce:52:39:1a:2d:20:2a:b7:73:3a: d9:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:12:F9:B0:2D:EB:1D:A9:FB:38:A9:79:43:A9:49:34:5C:8C:9C:16 X509v3 Authority Key Identifier: keyid:0B:6C:DF:3F:AC:C6:80:B7:86:92:6D:E1:39:F1:E0:F6:74:44:06:54 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91892EB/FD0081DEC56711EBAFEA602BC4F9AE02/C2zfP6zGgLeGkm3hOfHg9nREBlQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C2zfP6zGgLeGkm3hOfHg9nREBlQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91892EB/FD0081DEC56711EBAFEA602BC4F9AE02/C2zfP6zGgLeGkm3hOfHg9nREBlQ.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 08:5b:12:0c:5d:38:6c:8f:d7:2f:6c:0d:da:71:d5:5a:31:b4: 45:97:d2:9f:2a:b2:2a:e3:7e:b9:ac:b6:2f:62:de:da:d3:bf: 9b:80:b3:46:fd:74:2f:07:23:13:b0:2a:d3:a2:9e:3e:ed:f3: ff:c5:c2:a3:79:f7:b7:81:e4:9f:e2:10:7e:d7:dc:e1:a4:0d: 10:c5:90:70:95:06:9d:f2:bc:19:75:c3:e1:db:86:4b:65:d1: 0b:35:f1:1b:37:a9:9b:92:2e:a5:08:69:7c:1f:e6:a0:0f:85: fc:57:7a:bd:26:c2:fe:35:4a:95:ff:43:a2:6d:c0:db:ec:06: 4b:28:ce:a2:66:d9:d4:b0:4c:46:83:98:97:39:e6:1b:0b:86: 01:b3:8e:23:f0:f0:e2:9d:8c:4c:48:e0:2f:fb:c6:77:57:f8: ee:4d:ca:e1:5b:2c:69:d9:2a:fc:fd:7a:fa:8e:42:90:3f:96: d0:21:98:ab:cd:c2:c1:98:a0:1c:5e:da:24:38:38:84:a3:14: 00:6c:c3:72:c2:e9:98:73:c0:19:67:f8:06:f0:b7:94:96:84: c0:04:d1:dc:a3:42:2f:2e:78:55:be:8e:71:89:7c:eb:c0:2b: f8:6c:d1:c4:f4:35:bf:b5:1f:87:1e:bd:38:8d:f8:2e:67:e8: e7:9b:a1:6c -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICBo0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODkyRUIxMTAvBgNVBAUTKDBCNkNERjNGQUNDNjgwQjc4NjkyNkRFMTM5RjFFMEY2 NzQ0NDA2NTQwHhcNMjYwMzI0MjIyMjAwWhcNMjYwMzMxMjIyMjAwWjAYMRYwFAYD VQQDEw02OWMzMGU4OC03ZTRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6+zwoiQ+2jITJarf6OhdKY6sibTIEvmIiMWgo84eBW7Ehs3pJIMpU1Wocqlh Awy66wYmxOxegLDqKt/Ld/bM3r8osU2DJO7gVi61b8LVwwOLghfjQgH7gmCZ2H/p Q2m1PXHJwDAiQZdRA2R4ZVJ0Nrz9REyPHjLF+QQuUTPFgxPlFmVKEyOBWAkhDPSn wdgIbROjJEWr0bxacXsaCYSgODRhwbbXqtXMA910XxzifR0YvaMymZAxptGnhQAE JcgPj37BiD70Gww2uryWw1EPn7XoNdgqA5kT4i3+FXYV5rSnbaCX4OlxRMUXsjxs 6FdIKjGJps5SORotICq3czrZMwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFDcS+bAt 6x2p+zipeUOpSTRcjJwWMB8GA1UdIwQYMBaAFAts3z+sxoC3hpJt4Tnx4PZ0RAZU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4OTJFQi9GRDAwODFERUM1 NjcxMUVCQUZFQTYwMkJDNEY5QUUwMi9DMnpmUDZ6R2dMZUdrbTNoT2ZIZzluUkVC bFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0MyemZQNnpHZ0xlR2ttM2hPZkhnOW5SRUJsUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 OTJFQi9GRDAwODFERUM1NjcxMUVCQUZFQTYwMkJDNEY5QUUwMi9DMnpmUDZ6R2dM ZUdrbTNoT2ZIZzluUkVCbFEubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEACFsSDF04bI/XL2wN2nHVWjG0RZfSnyqyKuN+uay2L2Le2tO/m4CzRv10Lwcj E7Aq06KePu3z/8XCo3n3t4Hkn+IQftfc4aQNEMWQcJUGnfK8GXXD4duGS2XRCzXx Gzepm5IupQhpfB/moA+F/Fd6vSbC/jVKlf9Dom3A2+wGSyjOombZ1LBMRoOYlznm GwuGAbOOI/Dw4p2MTEjgL/vGd1f47k3K4Vssadkq/P16+o5CkD+W0CGYq83CwZig HF7aJDg4hKMUAGzDcsLpmHPAGWf4BvC3lJaEwATR3KNCLy54Vb6OcYl868Ar+GzR xPQ1v7Ufhx69OI34Lmfo55uhbA== -----END CERTIFICATE-----Generated at Thu Mar 26 17:27:17 2026 by rpki-client