$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft File: XsGmrXajq_3B4TKesmN8AYZLSAg.mft (raw, json) Hash identifier: Rw2V58LpCiKvSssbTcJm7ZTgTGqBPebc1/nTMtP9wnQ= Subject key identifier: 39:45:E5:16:CD:CA:9C:E4:57:C1:0C:65:46:B3:CA:12:7D:0A:64:25 Authority key identifier: 5E:C1:A6:AD:76:A3:AB:FD:C1:E1:32:9E:B2:63:7C:01:86:4B:48:08 Certificate issuer: /CN=A91AB20B/serialNumber=5EC1A6AD76A3ABFDC1E1329EB2637C01864B4808 Certificate serial: 0894 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft Manifest number: 0849 Signing time: Tue 24 Mar 2026 20:46:50 +0000 Manifest this update: Tue 24 Mar 2026 20:46:49 +0000 Manifest next update: Tue 31 Mar 2026 20:46:49 +0000 Files and hashes: 1: XsGmrXajq_3B4TKesmN8AYZLSAg.crl (hash: p/jESFF+pZAXkUeRP8/RunZgGqQLEuBPS96AHzFB/58=) 2: 46D6261876A511EB82E04A2FC4F9AE02.roa (hash: +cRs2PboXe8g3+V+AJzpQpdTweZR3TGc016yIhZSQMI=) 3: 7CF84F084B9111EBBA09CA72C4F9AE02.roa (hash: 2mIyjIYN6IO7ZQ4FUwscfGnk78kTtsjolDojwIN0av0=) 4: 046130D225FC11EC9D57EA7CC4F9AE02.roa (hash: UIybbxoCW5pqiUQysTpCJfdM2qHakezaqpeN9Wl7FOI=) 5: B512A570109211ECA693D74EC4F9AE02.roa (hash: L7d1U3gGL3grFk1wnPeyJKdZ3FejFM4vvmLKY3IRi5A=) 6: E3AAE94243B511EB8DA3F473C4F9AE02.roa (hash: i7X6zewMmXOfmuZsHLNceM/lQghxWwQZ7AxU0vSWV0M=) 7: CF41132A1DE811EB9DE34963C4F9AE02.roa (hash: JkwlB4IFE4Dgm1EcLQn9CRo6PclYWkjqCYFJJbMHsj0=) 8: 82BB885E4B9811EB85F74960C4F9AE02.roa (hash: +r+gvF4pkq6hFHbY+ZoaIiUoalmLLSMykW5BxcQDeFU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.crl rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 20:46:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2196 (0x894) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AB20B, serialNumber=5EC1A6AD76A3ABFDC1E1329EB2637C01864B4808 Validity Not Before: Mar 24 20:46:49 2026 GMT Not After : Mar 31 20:46:49 2026 GMT Subject: CN=69c2f83a-eee8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:42:74:94:d1:6a:b7:83:60:15:67:5b:a6:39: 04:61:96:29:68:ce:61:a1:e8:5b:9a:db:b3:68:6d: 5e:a0:0d:db:b3:fc:c7:46:6f:f5:47:1e:0e:37:81: 3c:29:b6:58:ff:ce:bf:3d:41:2e:8c:b0:1b:9a:a9: be:55:c4:8a:9e:b0:37:a0:8e:15:cc:5f:84:07:8a: b9:27:00:6a:73:9b:a8:92:98:8b:c1:aa:0b:b4:9a: 9d:d5:12:ee:a1:a9:09:67:09:c3:39:4f:7e:52:ee: 92:ab:04:f1:02:1d:e8:ce:1b:c2:e6:01:1f:67:88: e0:61:2f:2b:9b:c3:8f:f4:e3:ef:c2:17:a2:e8:35: d1:e4:97:f4:1d:2d:17:53:69:01:f4:4c:c3:a0:1a: 2a:99:71:31:b5:00:da:a4:39:6a:5f:1e:bb:e2:bc: 5c:6d:59:e4:af:1f:d0:79:55:02:ed:76:fe:32:89: 54:fc:4c:49:84:ba:13:c5:08:dd:7f:15:3f:63:61: ec:c9:0a:87:ea:61:7b:3f:b3:66:5a:c5:81:2e:29: a4:f5:26:ab:18:b6:a9:83:7f:aa:8d:e5:ed:e7:dd: 33:d9:70:cb:49:0e:82:a3:7c:f8:b7:d3:6f:ab:cd: 97:c7:e3:e5:83:62:18:dd:f0:35:fd:b2:f6:8e:6a: 21:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:45:E5:16:CD:CA:9C:E4:57:C1:0C:65:46:B3:CA:12:7D:0A:64:25 X509v3 Authority Key Identifier: keyid:5E:C1:A6:AD:76:A3:AB:FD:C1:E1:32:9E:B2:63:7C:01:86:4B:48:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 44:75:00:3d:6a:01:bf:c9:9a:ad:20:73:b6:8a:4b:4e:63:96: 51:ff:ef:77:b9:7d:b4:73:01:10:ac:4c:70:59:44:9f:15:22: 73:b1:61:1d:5a:b2:42:e8:76:37:52:e9:94:ea:3b:7e:71:58: f8:5a:4b:57:cb:eb:21:ed:2a:10:a3:db:f3:4e:4d:f7:ce:36: fb:3f:0b:dd:52:2a:6c:2e:11:ff:2e:e3:d4:33:1a:8d:e9:39: 22:17:6e:20:9a:0f:6e:4f:63:87:3f:c2:84:3d:46:61:6d:6b: f2:21:56:7e:62:c8:db:44:a0:ce:db:09:82:71:f4:9f:a4:19: 23:8e:a6:dc:ee:69:db:81:d4:5f:13:5d:21:94:ff:a9:3b:f4: 7d:4c:0e:db:89:fa:cd:27:25:49:37:22:1b:29:28:82:24:31: 5a:25:19:cd:db:b1:fb:03:8e:dc:d8:22:55:6d:6d:46:61:df: ab:13:ff:04:59:99:ed:1c:dc:a8:5b:e1:c3:96:89:ad:64:03: 5c:10:2a:30:4f:01:48:6f:ca:99:52:1c:e2:e2:8e:29:09:b3: 68:12:aa:33:f7:d3:d8:3d:66:69:71:2e:01:74:cb:a4:fc:cf: 6b:6d:d7:2f:e7:fa:21:19:60:ac:2b:62:49:65:95:7f:a3:c3: b2:ad:43:68 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICCJQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUIyMEIxMTAvBgNVBAUTKDVFQzFBNkFENzZBM0FCRkRDMUUxMzI5RUIyNjM3QzAx ODY0QjQ4MDgwHhcNMjYwMzI0MjA0NjQ5WhcNMjYwMzMxMjA0NjQ5WjAYMRYwFAYD VQQDEw02OWMyZjgzYS1lZWU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAokJ0lNFqt4NgFWdbpjkEYZYpaM5hoehbmtuzaG1eoA3bs/zHRm/1Rx4ON4E8 KbZY/86/PUEujLAbmqm+VcSKnrA3oI4VzF+EB4q5JwBqc5uokpiLwaoLtJqd1RLu oakJZwnDOU9+Uu6SqwTxAh3ozhvC5gEfZ4jgYS8rm8OP9OPvwhei6DXR5Jf0HS0X U2kB9EzDoBoqmXExtQDapDlqXx674rxcbVnkrx/QeVUC7Xb+MolU/ExJhLoTxQjd fxU/Y2HsyQqH6mF7P7NmWsWBLimk9SarGLapg3+qjeXt590z2XDLSQ6Co3z4t9Nv q82Xx+Plg2IY3fA1/bL2jmoh4QIDAQABo4ICczCCAm8wHQYDVR0OBBYEFDlF5RbN ypzkV8EMZUazyhJ9CmQlMB8GA1UdIwQYMBaAFF7Bpq12o6v9weEynrJjfAGGS0gI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjIwQi9CQTcxQjY0ODEy MDMxMUVCQkFBMTk0MTRDNEY5QUUwMi9Yc0dtclhhanFfM0I0VEtlc21OOEFZWkxT QWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hzR21yWGFqcV8zQjRUS2VzbU44QVlaTFNBZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QjIwQi9CQTcxQjY0ODEyMDMxMUVCQkFBMTk0MTRDNEY5QUUwMi9Yc0dtclhhanFf M0I0VEtlc21OOEFZWkxTQWcubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEARHUAPWoBv8marSBztopLTmOWUf/vd7l9tHMBEKxMcFlEnxUic7FhHVqyQuh2 N1LplOo7fnFY+FpLV8vrIe0qEKPb805N9842+z8L3VIqbC4R/y7j1DMajek5Ihdu IJoPbk9jhz/ChD1GYW1r8iFWfmLI20SgztsJgnH0n6QZI46m3O5p24HUXxNdIZT/ qTv0fUwO24n6zSclSTciGykogiQxWiUZzdux+wOO3NgiVW1tRmHfqxP/BFmZ7Rzc qFvhw5aJrWQDXBAqME8BSG/KmVIc4uKOKQmzaBKqM/fT2D1maXEuAXTLpPzPa23X L+f6IRlgrCtiSWWVf6PDsq1DaA== -----END CERTIFICATE-----Generated at Thu Mar 26 00:56:41 2026 by rpki-client