$ rpki-client -vvf rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/cx5XsN_ep5G6TV1xly2oEF3JPos.mft File: cx5XsN_ep5G6TV1xly2oEF3JPos.mft (raw, json) Hash identifier: UL3ME8lSkLKZQwpr4unpEMG8XhzNqmW5h8GmH+5aoJA= Subject key identifier: 05:4E:C2:D2:1D:4C:48:1C:54:F9:C0:B0:68:34:28:90:11:A9:28:3C Authority key identifier: 73:1E:57:B0:DF:DE:A7:91:BA:4D:5D:71:97:2D:A8:10:5D:C9:3E:8B Certificate issuer: /CN=A91AA444/serialNumber=731E57B0DFDEA791BA4D5D71972DA8105DC93E8B Certificate serial: 01A5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cx5XsN_ep5G6TV1xly2oEF3JPos.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/cx5XsN_ep5G6TV1xly2oEF3JPos.mft Manifest number: 01A0 Signing time: Wed 25 Mar 2026 03:30:27 +0000 Manifest this update: Wed 25 Mar 2026 03:30:26 +0000 Manifest next update: Wed 01 Apr 2026 03:30:26 +0000 Files and hashes: 1: cx5XsN_ep5G6TV1xly2oEF3JPos.crl (hash: vzDIS5oKaEwIHi8M0Lo2ZQ9SPf6v26515ksy6ao9C34=) 2: 24DD519CEEA311EFA5EDDD76C4F9AE02.roa (hash: oYkxtXccfNzhupGam+/pGKaAabTu5hknTCz4hIdu2D0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/cx5XsN_ep5G6TV1xly2oEF3JPos.crl rsync://rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/cx5XsN_ep5G6TV1xly2oEF3JPos.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cx5XsN_ep5G6TV1xly2oEF3JPos.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 Apr 2026 03:30:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 421 (0x1a5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AA444, serialNumber=731E57B0DFDEA791BA4D5D71972DA8105DC93E8B Validity Not Before: Mar 25 03:30:26 2026 GMT Not After : Apr 1 03:30:26 2026 GMT Subject: CN=69c356d2-11bf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:8e:f5:ae:80:1d:10:4c:5e:c8:a1:3d:5c:c1: c6:19:5a:d8:15:20:48:13:1a:a2:f4:a6:0c:e3:77: 22:b3:eb:f0:5c:ff:ed:93:53:a5:c1:bc:8c:26:f0: 7f:32:51:c5:32:83:0b:a6:cf:9d:a7:42:0f:35:95: 5c:70:af:09:42:6f:86:e6:61:6a:3b:db:12:ef:bb: 28:25:72:30:23:91:16:82:6b:67:13:e2:7c:22:06: 02:99:73:22:24:bf:ca:cf:b2:53:73:d6:f1:61:53: 2f:a4:c8:07:74:02:03:0f:1c:4a:04:02:4e:32:cc: e8:ca:fa:0b:b8:43:d1:df:3b:99:4f:20:29:45:fd: e9:cf:7b:4e:b2:e5:d0:04:1e:f6:18:4a:47:51:56: 6d:06:1e:f1:9b:12:16:13:82:58:6d:81:23:d2:b5: ba:4b:3d:6e:23:10:b3:a4:dc:05:a4:3c:de:b7:9d: fb:71:a0:95:bd:50:03:5c:42:c1:af:2b:88:4f:d1: fa:c7:4b:55:54:d6:e3:2e:0a:cf:ac:7e:7c:b1:a7: 6d:d8:a1:1b:06:4c:9f:19:bb:74:9f:8b:48:67:ed: 5e:30:d8:f9:ae:ac:b4:9c:8e:d3:62:1d:3a:d1:40: 39:df:c7:ff:02:20:95:84:83:c6:53:e0:30:62:45: be:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:4E:C2:D2:1D:4C:48:1C:54:F9:C0:B0:68:34:28:90:11:A9:28:3C X509v3 Authority Key Identifier: keyid:73:1E:57:B0:DF:DE:A7:91:BA:4D:5D:71:97:2D:A8:10:5D:C9:3E:8B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/cx5XsN_ep5G6TV1xly2oEF3JPos.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cx5XsN_ep5G6TV1xly2oEF3JPos.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/cx5XsN_ep5G6TV1xly2oEF3JPos.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption af:85:22:87:06:fc:da:f4:25:01:88:ea:05:96:51:8c:90:e8: 42:f3:ac:e4:6a:2d:9e:0a:56:36:0c:23:76:41:a8:c2:b1:fc: fb:4e:e1:c9:cb:f8:36:11:da:c3:f5:29:f5:d8:4e:c6:3d:3c: 95:e8:e1:a7:58:84:6a:7d:03:b7:4e:4b:db:ef:81:41:03:dc: be:96:82:a7:08:ef:8e:be:31:af:cd:ac:9d:70:23:aa:57:db: 9a:c5:d6:c1:3f:26:42:24:f7:50:42:ff:4c:a3:fd:24:5d:a8: cb:a6:a9:7e:8b:29:04:74:f4:02:cc:de:20:b2:49:38:47:54: 0a:7f:9a:a3:17:b9:c0:7f:c1:d2:09:b0:32:62:8d:52:ed:97: b5:18:2a:e9:54:3a:30:06:04:4a:e2:c9:c1:6e:9a:cc:8d:9a: 3e:a9:93:f4:bb:10:80:77:74:a9:82:3c:34:d8:75:2b:26:3f: 65:11:d5:f3:37:d9:aa:7e:b5:3a:65:29:95:da:a2:30:6d:fc: 5d:b8:ef:4d:b4:af:10:1a:e0:3a:bf:b2:ec:8c:a5:25:24:88: 38:0b:46:03:da:e3:0c:14:9b:54:61:27:11:aa:f4:2a:12:ef: 39:e4:90:a8:87:4e:61:aa:8d:7a:db:e3:ee:53:0f:3e:ed:c8: 4c:72:6e:97 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICAaUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUE0NDQxMTAvBgNVBAUTKDczMUU1N0IwREZERUE3OTFCQTRENUQ3MTk3MkRBODEw NURDOTNFOEIwHhcNMjYwMzI1MDMzMDI2WhcNMjYwNDAxMDMzMDI2WjAYMRYwFAYD VQQDEw02OWMzNTZkMi0xMWJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuo71roAdEExeyKE9XMHGGVrYFSBIExqi9KYM43cis+vwXP/tk1OlwbyMJvB/ MlHFMoMLps+dp0IPNZVccK8JQm+G5mFqO9sS77soJXIwI5EWgmtnE+J8IgYCmXMi JL/Kz7JTc9bxYVMvpMgHdAIDDxxKBAJOMszoyvoLuEPR3zuZTyApRf3pz3tOsuXQ BB72GEpHUVZtBh7xmxIWE4JYbYEj0rW6Sz1uIxCzpNwFpDzet537caCVvVADXELB ryuIT9H6x0tVVNbjLgrPrH58sadt2KEbBkyfGbt0n4tIZ+1eMNj5rqy0nI7TYh06 0UA538f/AiCVhIPGU+AwYkW+iQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFAVOwtId TEgcVPnAsGg0KJARqSg8MB8GA1UdIwQYMBaAFHMeV7Df3qeRuk1dcZctqBBdyT6L MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQTQ0NC84RENFMjc0QUIx MUQxMUVFQTMzNjMzMTlDNEY5QUUwMi9jeDVYc05fZXA1RzZUVjF4bHkyb0VGM0pQ b3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2N4NVhzTl9lcDVHNlRWMXhseTJvRUYzSlBvcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QTQ0NC84RENFMjc0QUIxMUQxMUVFQTMzNjMzMTlDNEY5QUUwMi9jeDVYc05fZXA1 RzZUVjF4bHkyb0VGM0pQb3MubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAr4Uihwb82vQlAYjqBZZRjJDoQvOs5GotngpWNgwjdkGowrH8+07hycv4NhHa w/Up9dhOxj08lejhp1iEan0Dt05L2++BQQPcvpaCpwjvjr4xr82snXAjqlfbmsXW wT8mQiT3UEL/TKP9JF2oy6apfospBHT0AszeILJJOEdUCn+aoxe5wH/B0gmwMmKN Uu2XtRgq6VQ6MAYESuLJwW6azI2aPqmT9LsQgHd0qYI8NNh1KyY/ZRHV8zfZqn61 OmUpldqiMG38XbjvTbSvEBrgOr+y7IylJSSIOAtGA9rjDBSbVGEnEar0KhLvOeSQ qIdOYaqNetvj7lMPPu3ITHJulw== -----END CERTIFICATE-----Generated at Thu Mar 26 14:33:00 2026 by rpki-client