$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft File: XsGmrXajq_3B4TKesmN8AYZLSAg.mft (raw, json) Hash identifier: YVYCvXs9vqmzjp2kjkBgYe29ThQjO+PqfbRrZn1BOgU= Subject key identifier: 94:57:E1:43:76:21:C1:40:4F:D0:4A:41:53:97:D1:09:6F:22:5B:4C Authority key identifier: 5E:C1:A6:AD:76:A3:AB:FD:C1:E1:32:9E:B2:63:7C:01:86:4B:48:08 Certificate issuer: /CN=A91AB20B/serialNumber=5EC1A6AD76A3ABFDC1E1329EB2637C01864B4808 Certificate serial: 08B2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft Manifest number: 0865 Signing time: Tue 12 May 2026 21:02:28 +0000 Manifest this update: Tue 12 May 2026 21:02:28 +0000 Manifest next update: Tue 19 May 2026 21:02:28 +0000 Files and hashes: 1: XsGmrXajq_3B4TKesmN8AYZLSAg.crl (hash: I3r4UMQ75fxZCqOcbJtiAdLOwd11spWzZ8qqO42+22k=) 2: 046130D225FC11EC9D57EA7CC4F9AE02.roa (hash: ESImnuHKksdWJK2TDU4E1UVvcvoZ37KeHVw4wPPeVXE=) 3: 46D6261876A511EB82E04A2FC4F9AE02.roa (hash: +cRs2PboXe8g3+V+AJzpQpdTweZR3TGc016yIhZSQMI=) 4: 82BB885E4B9811EB85F74960C4F9AE02.roa (hash: +r+gvF4pkq6hFHbY+ZoaIiUoalmLLSMykW5BxcQDeFU=) 5: CF41132A1DE811EB9DE34963C4F9AE02.roa (hash: JkwlB4IFE4Dgm1EcLQn9CRo6PclYWkjqCYFJJbMHsj0=) 6: E3AAE94243B511EB8DA3F473C4F9AE02.roa (hash: i7X6zewMmXOfmuZsHLNceM/lQghxWwQZ7AxU0vSWV0M=) 7: 7CF84F084B9111EBBA09CA72C4F9AE02.roa (hash: 2mIyjIYN6IO7ZQ4FUwscfGnk78kTtsjolDojwIN0av0=) 8: B512A570109211ECA693D74EC4F9AE02.roa (hash: L7d1U3gGL3grFk1wnPeyJKdZ3FejFM4vvmLKY3IRi5A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.crl rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 19 May 2026 21:02:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2226 (0x8b2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AB20B, serialNumber=5EC1A6AD76A3ABFDC1E1329EB2637C01864B4808 Validity Not Before: May 12 21:02:28 2026 GMT Not After : May 19 21:02:28 2026 GMT Subject: CN=6a039564-07f3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:fe:95:a3:7f:94:67:ec:ee:4e:9c:fc:fd:aa: 6a:92:67:24:b7:ad:03:4e:62:ac:25:67:95:b6:5d: 95:f4:50:b8:4a:62:3f:90:d8:c6:30:cf:11:92:83: ee:d7:92:4f:e7:37:2c:86:e6:33:67:2e:6a:47:83: f9:f1:ea:51:76:c0:33:f8:21:94:93:e0:bd:c8:62: 5f:83:86:a8:6c:fc:f7:a2:69:db:21:74:13:e0:3d: 5e:cf:bd:03:9f:44:f8:80:4f:1f:90:f5:27:c7:a4: 6b:52:56:ec:60:58:a1:fc:d2:f8:c0:71:e5:52:77: 3b:db:6c:c9:5e:61:e9:9d:0b:a9:6b:03:ce:e5:8a: 50:0c:1c:9c:25:54:3a:c7:5a:53:3c:5f:c9:46:0b: 15:b6:a7:3b:5d:aa:95:b1:9c:01:87:07:66:2a:b8: da:e9:98:6c:ca:9a:d0:52:37:b7:2b:8b:65:d3:d0: 08:34:8f:4f:88:cf:64:24:17:25:09:e4:8b:0d:04: 00:97:f2:5c:34:00:22:46:8b:26:10:08:b3:4b:a1: 0c:6e:64:56:36:ae:3d:ed:43:d8:5b:76:17:68:c0: 3f:06:c9:b5:dc:d8:39:3e:d4:ba:df:c8:f9:7f:b3: 80:69:56:e4:5b:2d:6c:77:7f:2e:56:7a:03:d6:1c: 40:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:57:E1:43:76:21:C1:40:4F:D0:4A:41:53:97:D1:09:6F:22:5B:4C X509v3 Authority Key Identifier: keyid:5E:C1:A6:AD:76:A3:AB:FD:C1:E1:32:9E:B2:63:7C:01:86:4B:48:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 42:09:c8:d0:f1:44:4a:b9:3a:4b:21:20:37:2b:d0:60:c9:31: 25:d5:37:7f:6e:e8:fd:2e:d3:15:c8:2b:e7:5a:66:c3:2d:cf: d0:53:94:0b:7b:0c:ff:98:e7:01:f4:08:80:af:79:9b:31:01: be:a7:6e:d4:f5:42:1c:3b:f9:28:da:6a:f7:0e:81:c5:58:42: 43:54:1b:fe:d1:01:d0:9c:27:e6:b8:db:45:7f:88:3f:bf:8d: e7:fd:c7:7a:6d:0d:a0:68:5d:ac:5e:ae:34:ec:5a:6e:0c:21: a6:af:c5:46:04:b2:9b:4e:f5:3b:26:d5:7b:2f:96:5d:77:a9: 6d:14:32:df:55:6f:4e:a8:e2:81:86:12:7d:0e:b7:f4:f6:78: 34:0f:8b:99:ee:00:d4:78:d6:c0:e5:6d:ee:d5:ef:60:3e:1b: 2a:19:7e:a6:cd:45:04:6e:f5:72:47:60:6d:a5:d9:40:29:fd: 5e:20:ca:12:4b:3f:43:62:8c:3e:79:bd:69:8c:46:af:bc:62: 49:18:56:0a:e0:d7:79:cf:2c:a1:3c:d5:5e:7c:18:99:61:5d: b6:cd:16:71:1a:5b:68:16:e4:73:4c:05:6c:d6:e9:b6:28:d7: 41:99:26:a3:4b:ac:ce:1d:47:4e:5c:ab:64:06:73:c9:af:ff: 84:0c:90:8c -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICCLIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUIyMEIxMTAvBgNVBAUTKDVFQzFBNkFENzZBM0FCRkRDMUUxMzI5RUIyNjM3QzAx ODY0QjQ4MDgwHhcNMjYwNTEyMjEwMjI4WhcNMjYwNTE5MjEwMjI4WjAYMRYwFAYD VQQDEw02YTAzOTU2NC0wN2YzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvf6Vo3+UZ+zuTpz8/apqkmckt60DTmKsJWeVtl2V9FC4SmI/kNjGMM8RkoPu 15JP5zcshuYzZy5qR4P58epRdsAz+CGUk+C9yGJfg4aobPz3omnbIXQT4D1ez70D n0T4gE8fkPUnx6RrUlbsYFih/NL4wHHlUnc722zJXmHpnQupawPO5YpQDBycJVQ6 x1pTPF/JRgsVtqc7XaqVsZwBhwdmKrja6ZhsyprQUje3K4tl09AINI9PiM9kJBcl CeSLDQQAl/JcNAAiRosmEAizS6EMbmRWNq497UPYW3YXaMA/Bsm13Ng5PtS638j5 f7OAaVbkWy1sd38uVnoD1hxABwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFJRX4UN2 IcFAT9BKQVOX0QlvIltMMB8GA1UdIwQYMBaAFF7Bpq12o6v9weEynrJjfAGGS0gI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjIwQi9CQTcxQjY0ODEy MDMxMUVCQkFBMTk0MTRDNEY5QUUwMi9Yc0dtclhhanFfM0I0VEtlc21OOEFZWkxT QWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hzR21yWGFqcV8zQjRUS2VzbU44QVlaTFNBZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QjIwQi9CQTcxQjY0ODEyMDMxMUVCQkFBMTk0MTRDNEY5QUUwMi9Yc0dtclhhanFf M0I0VEtlc21OOEFZWkxTQWcubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAQgnI0PFESrk6SyEgNyvQYMkxJdU3f27o/S7TFcgr51pmwy3P0FOUC3sM/5jn AfQIgK95mzEBvqdu1PVCHDv5KNpq9w6BxVhCQ1Qb/tEB0Jwn5rjbRX+IP7+N5/3H em0NoGhdrF6uNOxabgwhpq/FRgSym071OybVey+WXXepbRQy31VvTqjigYYSfQ63 9PZ4NA+Lme4A1HjWwOVt7tXvYD4bKhl+ps1FBG71ckdgbaXZQCn9XiDKEks/Q2KM Pnm9aYxGr7xiSRhWCuDXec8soTzVXnwYmWFdts0WcRpbaBbkc0wFbNbptijXQZkm o0uszh1HTlyrZAZzya//hAyQjA== -----END CERTIFICATE-----Generated at Wed May 13 10:05:02 2026 by rpki-client