$ rpki-client -vvf rpki.apnic.net/member_repository/A91A5BCD/61D0C4867A3A11EABF8B5826C4F9AE02/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.mft File: hZ0YT0HDSJi3KYyZEHXMz1FnmvE.mft (raw, json) Hash identifier: Y27J8PYKwbMpos5l39InlOx46V5qBi4CwfsP2X8Rmj8= Subject key identifier: 93:C0:82:B3:04:04:FF:29:5E:CE:B6:AB:8B:3E:E8:62:B4:6C:28:61 Authority key identifier: 85:9D:18:4F:41:C3:48:98:B7:29:8C:99:10:75:CC:CF:51:67:9A:F1 Certificate issuer: /CN=A91A5BCD/serialNumber=859D184F41C34898B7298C991075CCCF51679AF1 Certificate serial: 0A9A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A5BCD/61D0C4867A3A11EABF8B5826C4F9AE02/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.mft Manifest number: 0A88 Signing time: Tue 24 Mar 2026 19:21:19 +0000 Manifest this update: Tue 24 Mar 2026 19:21:19 +0000 Manifest next update: Tue 31 Mar 2026 19:21:19 +0000 Files and hashes: 1: hZ0YT0HDSJi3KYyZEHXMz1FnmvE.crl (hash: Uu2mEmYUIKyaia9L8elSdqV99CyMuPfDSJy+3dloLrU=) 2: 808D8B4AB40211F0AD5B7354C4F9AE02.roa (hash: tU35KeQjtZgc7V5YAzYuL51TG9tcBGSRzKoyTO6zrr8=) 3: 92A9A67EB40211F09714C855C4F9AE02.roa (hash: 4hs5ZsgD34lurWWtqzwS5KhH9/xLR1O9eIzz8X0YnUU=) 4: 5A3B7CECDDBC11EC8378E737C4F9AE02.roa (hash: wS6WujKS1RlUSlM65oSTLz34uOnLb4N0Cqn3TGYDt4w=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A5BCD/61D0C4867A3A11EABF8B5826C4F9AE02/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.crl rsync://rpki.apnic.net/member_repository/A91A5BCD/61D0C4867A3A11EABF8B5826C4F9AE02/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 19:21:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2714 (0xa9a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A5BCD, serialNumber=859D184F41C34898B7298C991075CCCF51679AF1 Validity Not Before: Mar 24 19:21:19 2026 GMT Not After : Mar 31 19:21:19 2026 GMT Subject: CN=69c2e42f-8c92 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:d5:e2:f0:fa:6a:88:cc:f1:af:d3:af:47:20: fc:63:b5:37:9a:2f:b6:ea:4d:1e:a3:33:78:01:98: f3:a2:6c:4d:7a:e8:d7:87:94:e2:4b:cb:83:68:5d: 46:b7:35:df:4e:97:83:d2:4f:59:8e:5e:d0:0e:91: 43:c4:92:eb:51:80:be:78:57:e3:cd:c4:0f:fa:df: 80:5f:e6:ef:98:18:a8:c4:ec:88:13:f2:85:79:2d: 44:ee:bb:d4:e0:ab:f6:73:a4:57:be:2f:ba:e2:b4: 24:73:9c:48:76:69:bb:50:40:1a:18:88:48:7b:55: 13:d6:c8:63:b4:a9:93:8a:97:e4:cb:63:7a:96:93: 70:56:9d:9b:04:4b:61:d1:b9:74:2d:6b:4c:ad:e7: 4d:5e:f6:b2:c2:c2:1e:ce:48:51:1c:dc:22:eb:c4: 3c:5d:61:05:9f:da:c7:e9:f7:3e:7d:a0:b4:fb:10: 20:aa:dd:de:8c:e5:5d:55:23:65:c0:6d:80:44:3a: d1:54:a7:85:96:36:31:d1:0f:11:6b:81:62:5c:5d: 95:6d:9c:d1:38:f2:0d:16:ab:67:a2:84:df:ab:46: 7d:80:92:d1:bd:ed:3a:94:43:37:63:db:c6:fc:b3: 4a:98:5e:61:8c:7f:cb:58:93:00:39:9e:a9:a6:0e: 3b:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:C0:82:B3:04:04:FF:29:5E:CE:B6:AB:8B:3E:E8:62:B4:6C:28:61 X509v3 Authority Key Identifier: keyid:85:9D:18:4F:41:C3:48:98:B7:29:8C:99:10:75:CC:CF:51:67:9A:F1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A5BCD/61D0C4867A3A11EABF8B5826C4F9AE02/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A5BCD/61D0C4867A3A11EABF8B5826C4F9AE02/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 02:c4:dd:88:58:3a:34:8e:0a:da:58:5a:a7:21:e8:de:f7:ba: bf:79:21:33:18:28:75:2f:36:1e:bb:a7:eb:e7:7e:42:af:a1: 8f:38:02:6b:7c:e6:7d:c2:fd:d0:a0:f2:62:79:89:2b:04:6b: 11:2f:07:bb:7e:48:25:a9:e7:96:fa:84:99:85:b4:75:82:89: 79:ac:7b:19:22:02:d3:8c:16:76:47:58:e3:24:f2:9c:c1:88: 5d:2c:ff:cb:3b:bf:d8:c7:87:5e:44:fa:6b:9c:e0:89:80:13: 3c:e3:3c:0e:0c:1c:bf:b4:55:a2:c6:1c:50:f0:68:14:16:2d: 69:79:be:2d:34:26:33:d1:f4:a9:6b:6b:1d:62:ec:3c:60:65: 3a:2d:c0:2e:78:51:34:10:27:90:20:e9:92:30:ec:c7:52:c5: 41:c0:2d:2c:65:9a:ce:35:d6:17:81:f5:21:e2:b9:67:a6:e6: a5:ea:e7:70:c6:14:b7:6c:97:69:95:f7:ea:74:a9:1d:21:f3: 1c:1e:63:7a:a0:e6:8f:3a:bc:47:28:b3:2f:0e:d7:3f:4c:eb: 56:3f:bd:5a:80:f1:e0:43:8e:29:10:37:b4:cd:85:e2:c2:ae: c5:0a:bf:c0:47:d1:07:31:1a:4c:68:9c:bd:3b:93:b5:2c:4c: 7b:1e:be:0a -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICCpowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTVCQ0QxMTAvBgNVBAUTKDg1OUQxODRGNDFDMzQ4OThCNzI5OEM5OTEwNzVDQ0NG NTE2NzlBRjEwHhcNMjYwMzI0MTkyMTE5WhcNMjYwMzMxMTkyMTE5WjAYMRYwFAYD VQQDEw02OWMyZTQyZi04YzkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmtXi8PpqiMzxr9OvRyD8Y7U3mi+26k0eozN4AZjzomxNeujXh5TiS8uDaF1G tzXfTpeD0k9Zjl7QDpFDxJLrUYC+eFfjzcQP+t+AX+bvmBioxOyIE/KFeS1E7rvU 4Kv2c6RXvi+64rQkc5xIdmm7UEAaGIhIe1UT1shjtKmTipfky2N6lpNwVp2bBEth 0bl0LWtMredNXvaywsIezkhRHNwi68Q8XWEFn9rH6fc+faC0+xAgqt3ejOVdVSNl wG2ARDrRVKeFljYx0Q8Ra4FiXF2VbZzROPINFqtnooTfq0Z9gJLRve06lEM3Y9vG /LNKmF5hjH/LWJMAOZ6ppg47LwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFJPAgrME BP8pXs62q4s+6GK0bChhMB8GA1UdIwQYMBaAFIWdGE9Bw0iYtymMmRB1zM9RZ5rx MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNUJDRC82MUQwQzQ4NjdB M0ExMUVBQkY4QjU4MjZDNEY5QUUwMi9oWjBZVDBIRFNKaTNLWXlaRUhYTXoxRm5t dkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2haMFlUMEhEU0ppM0tZeVpFSFhNejFGbm12RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NUJDRC82MUQwQzQ4NjdBM0ExMUVBQkY4QjU4MjZDNEY5QUUwMi9oWjBZVDBIRFNK aTNLWXlaRUhYTXoxRm5tdkUubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAAsTdiFg6NI4K2lhapyHo3ve6v3khMxgodS82Hrun6+d+Qq+hjzgCa3zmfcL9 0KDyYnmJKwRrES8Hu35IJannlvqEmYW0dYKJeax7GSIC04wWdkdY4yTynMGIXSz/ yzu/2MeHXkT6a5zgiYATPOM8Dgwcv7RVosYcUPBoFBYtaXm+LTQmM9H0qWtrHWLs PGBlOi3ALnhRNBAnkCDpkjDsx1LFQcAtLGWazjXWF4H1IeK5Z6bmperncMYUt2yX aZX36nSpHSHzHB5jeqDmjzq8RyizLw7XP0zrVj+9WoDx4EOOKRA3tM2F4sKuxQq/ wEfRBzEaTGicvTuTtSxMex6+Cg== -----END CERTIFICATE-----Generated at Thu Mar 26 17:39:55 2026 by rpki-client