$ rpki-client -vvf rpki.apnic.net/member_repository/A91A25DF/E61240825ED511F09CF1D50CC4F9AE02/089k1dsXYfy2pVLwaAkTMMW19Ts.mft File: 089k1dsXYfy2pVLwaAkTMMW19Ts.mft (raw, json) Hash identifier: J4UcEtB22zgVbQRsZiyA/y3I9l05sCY25N8xZq+hEa0= Subject key identifier: 2D:7A:B5:06:1F:44:9E:28:FE:31:15:F2:F1:6B:DB:26:04:F7:7D:88 Authority key identifier: D3:CF:64:D5:DB:17:61:FC:B6:A5:52:F0:68:09:13:30:C5:B5:F5:3B Certificate issuer: /CN=A91A25DF/serialNumber=D3CF64D5DB1761FCB6A552F068091330C5B5F53B Certificate serial: 88 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/089k1dsXYfy2pVLwaAkTMMW19Ts.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A25DF/E61240825ED511F09CF1D50CC4F9AE02/089k1dsXYfy2pVLwaAkTMMW19Ts.mft Manifest number: 86 Signing time: Wed 25 Mar 2026 06:50:52 +0000 Manifest this update: Wed 25 Mar 2026 06:50:51 +0000 Manifest next update: Wed 01 Apr 2026 06:50:51 +0000 Files and hashes: 1: 089k1dsXYfy2pVLwaAkTMMW19Ts.crl (hash: 23fiMpcf5zdR5OddYsN+zgHIotJSTR7icvkFsrS9M8U=) 2: C54DD1F45EDA11F0A5EAB579C4F9AE02.roa (hash: Hc8ozT9yDfNYsIpquS99Gm4q+mTiTQ1cphIlHACdz5k=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A25DF/E61240825ED511F09CF1D50CC4F9AE02/089k1dsXYfy2pVLwaAkTMMW19Ts.crl rsync://rpki.apnic.net/member_repository/A91A25DF/E61240825ED511F09CF1D50CC4F9AE02/089k1dsXYfy2pVLwaAkTMMW19Ts.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/089k1dsXYfy2pVLwaAkTMMW19Ts.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 Apr 2026 06:50:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 136 (0x88) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A25DF, serialNumber=D3CF64D5DB1761FCB6A552F068091330C5B5F53B Validity Not Before: Mar 25 06:50:51 2026 GMT Not After : Apr 1 06:50:51 2026 GMT Subject: CN=69c385cc-6397 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:09:a0:90:8f:29:cb:d6:0f:dc:0f:9b:b5:0a: 25:fb:0f:62:9e:e9:1e:07:7e:df:60:3a:b6:cc:e8: be:27:62:4e:3d:83:98:28:28:35:25:cb:52:0c:e0: 1c:a6:4c:be:a1:f2:ff:a6:53:b3:80:14:ed:64:a4: 3b:76:64:c2:e1:a4:21:20:85:2d:e5:43:4c:67:13: ea:bd:2c:29:f7:d5:ba:3c:1b:a9:33:d0:c1:96:35: 95:bb:ed:18:9a:d8:98:65:00:9c:e9:4f:be:78:bb: 41:c2:6a:bf:ea:ed:c3:db:e4:a1:58:bd:bf:e4:2c: 41:6b:dd:16:a5:c6:1d:48:66:0a:c8:80:f6:23:1f: 0b:f5:e7:bb:ce:15:e7:aa:a0:78:cb:b2:76:dd:4f: 24:d0:76:3c:fd:f3:07:e6:3f:9c:85:b6:c9:78:dc: ae:9a:44:16:23:50:c1:4e:4b:e6:78:20:a1:e7:27: c9:a0:40:a2:f7:85:c7:d1:9f:0e:7f:72:1e:28:54: 2d:b3:9b:a6:16:1f:83:12:53:60:2d:0d:5c:15:9a: b5:f4:03:5b:2c:b0:27:a9:38:a4:d1:23:23:95:32: 84:8f:21:24:0c:76:9a:db:6a:59:40:82:eb:26:fd: 00:40:2c:66:20:cf:e6:36:62:48:35:69:87:07:e0: 5b:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:7A:B5:06:1F:44:9E:28:FE:31:15:F2:F1:6B:DB:26:04:F7:7D:88 X509v3 Authority Key Identifier: keyid:D3:CF:64:D5:DB:17:61:FC:B6:A5:52:F0:68:09:13:30:C5:B5:F5:3B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A25DF/E61240825ED511F09CF1D50CC4F9AE02/089k1dsXYfy2pVLwaAkTMMW19Ts.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/089k1dsXYfy2pVLwaAkTMMW19Ts.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A25DF/E61240825ED511F09CF1D50CC4F9AE02/089k1dsXYfy2pVLwaAkTMMW19Ts.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 54:c2:df:f8:88:c0:c5:f7:fe:70:b4:34:7a:66:15:bf:71:cb: 7e:19:9a:9c:5f:ad:24:65:34:6f:16:d0:8f:af:65:63:7c:37: 02:5f:cc:a9:6b:10:c6:3f:31:dc:1e:80:89:b2:91:cf:8f:66: c4:a3:36:39:ee:47:98:a0:cf:d7:91:1c:b5:6a:89:9c:b5:9f: bc:aa:4d:d4:78:bf:1e:10:00:44:82:ef:9a:ac:05:20:09:f0: b9:28:78:78:ad:4c:56:33:c7:10:db:17:68:5f:60:66:86:11: 5e:ee:85:6f:2f:66:24:45:c3:ad:87:3c:ac:b4:36:a6:87:f8: 0b:b4:6d:96:c5:f4:42:6c:42:4c:bf:47:46:20:e9:d7:e1:ea: be:87:f5:ee:1d:67:16:23:6e:c6:a9:78:80:d7:4b:d4:66:0f: e8:64:b3:a9:a9:2b:42:3e:45:74:ac:d8:51:9e:7c:a5:e2:ce: 7e:61:eb:fe:96:93:a6:b5:2c:a1:52:aa:ef:86:cb:c1:11:85: 8c:cb:aa:5d:13:4c:32:bf:69:d1:29:72:bb:8a:33:7c:8d:53: 26:74:f9:e5:d2:16:bb:48:3f:c0:60:14:b5:f7:b1:83:73:ef: 12:85:61:db:3d:68:11:4c:bb:2d:f3:a6:0b:c4:19:49:89:e4: 88:0b:32:2e -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICAIgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTI1REYxMTAvBgNVBAUTKEQzQ0Y2NEQ1REIxNzYxRkNCNkE1NTJGMDY4MDkxMzMw QzVCNUY1M0IwHhcNMjYwMzI1MDY1MDUxWhcNMjYwNDAxMDY1MDUxWjAYMRYwFAYD VQQDEw02OWMzODVjYy02Mzk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxQmgkI8py9YP3A+btQol+w9inukeB37fYDq2zOi+J2JOPYOYKCg1JctSDOAc pky+ofL/plOzgBTtZKQ7dmTC4aQhIIUt5UNMZxPqvSwp99W6PBupM9DBljWVu+0Y mtiYZQCc6U++eLtBwmq/6u3D2+ShWL2/5CxBa90WpcYdSGYKyID2Ix8L9ee7zhXn qqB4y7J23U8k0HY8/fMH5j+chbbJeNyumkQWI1DBTkvmeCCh5yfJoECi94XH0Z8O f3IeKFQts5umFh+DElNgLQ1cFZq19ANbLLAnqTik0SMjlTKEjyEkDHaa22pZQILr Jv0AQCxmIM/mNmJINWmHB+BblwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFC16tQYf RJ4o/jEV8vFr2yYE932IMB8GA1UdIwQYMBaAFNPPZNXbF2H8tqVS8GgJEzDFtfU7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMjVERi9FNjEyNDA4MjVF RDUxMUYwOUNGMUQ1MENDNEY5QUUwMi8wODlrMWRzWFlmeTJwVkx3YUFrVE1NVzE5 VHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzA4OWsxZHNYWWZ5MnBWTHdhQWtUTU1XMTlUcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB MjVERi9FNjEyNDA4MjVFRDUxMUYwOUNGMUQ1MENDNEY5QUUwMi8wODlrMWRzWFlm eTJwVkx3YUFrVE1NVzE5VHMubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAVMLf+IjAxff+cLQ0emYVv3HLfhmanF+tJGU0bxbQj69lY3w3Al/MqWsQxj8x 3B6AibKRz49mxKM2Oe5HmKDP15EctWqJnLWfvKpN1Hi/HhAARILvmqwFIAnwuSh4 eK1MVjPHENsXaF9gZoYRXu6Fby9mJEXDrYc8rLQ2pof4C7RtlsX0QmxCTL9HRiDp 1+Hqvof17h1nFiNuxql4gNdL1GYP6GSzqakrQj5FdKzYUZ58peLOfmHr/paTprUs oVKq74bLwRGFjMuqXRNMMr9p0Slyu4ozfI1TJnT55dIWu0g/wGAUtfexg3PvEoVh 2z1oEUy7LfOmC8QZSYnkiAsyLg== -----END CERTIFICATE-----Generated at Thu Mar 26 19:03:28 2026 by rpki-client