$ rpki-client -vvf rpki.apnic.net/member_repository/A91ACD4D/137D00D4160E11E8852C437EC4F9AE02/Okb7D0D2nV4dt10oUfBAwZ9m8iw.mft File: Okb7D0D2nV4dt10oUfBAwZ9m8iw.mft (raw, json) Hash identifier: Vc8dFGRQ2Wu4zPpYwZOoECnS/zs5R3zizHbie5DrlPY= Subject key identifier: CB:83:E8:3B:66:FA:FA:99:41:E7:14:61:4E:69:CA:E8:16:CC:37:ED Authority key identifier: 3A:46:FB:0F:40:F6:9D:5E:1D:B7:5D:28:51:F0:40:C1:9F:66:F2:2C Certificate issuer: /CN=A91ACD4D/serialNumber=3A46FB0F40F69D5E1DB75D2851F040C19F66F22C Certificate serial: 16D5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Okb7D0D2nV4dt10oUfBAwZ9m8iw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ACD4D/137D00D4160E11E8852C437EC4F9AE02/Okb7D0D2nV4dt10oUfBAwZ9m8iw.mft Manifest number: 16BF Signing time: Tue 24 Mar 2026 16:33:50 +0000 Manifest this update: Tue 24 Mar 2026 16:33:49 +0000 Manifest next update: Tue 31 Mar 2026 16:33:49 +0000 Files and hashes: 1: Okb7D0D2nV4dt10oUfBAwZ9m8iw.crl (hash: 4vjlyzAzs5dfzl8VWWZQFnmsMbzTWsXzesh7LILRhC0=) 2: 268ECB3ED5BD11E894FFC250C4F9AE02.roa (hash: Z38B7rPVhqG6tcWO8r6+i/l0vZbjlq448NkG06qknRg=) 3: 3DE1DBC4D81011EC892E8A79C4F9AE02.roa (hash: axiKuwLSfY8matk7uBsk8eo5tXOq+cX6OWML8EZD+cQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ACD4D/137D00D4160E11E8852C437EC4F9AE02/Okb7D0D2nV4dt10oUfBAwZ9m8iw.crl rsync://rpki.apnic.net/member_repository/A91ACD4D/137D00D4160E11E8852C437EC4F9AE02/Okb7D0D2nV4dt10oUfBAwZ9m8iw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Okb7D0D2nV4dt10oUfBAwZ9m8iw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 16:33:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5845 (0x16d5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ACD4D, serialNumber=3A46FB0F40F69D5E1DB75D2851F040C19F66F22C Validity Not Before: Mar 24 16:33:49 2026 GMT Not After : Mar 31 16:33:49 2026 GMT Subject: CN=69c2bced-adf1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:d1:27:44:86:c9:5a:80:f8:78:54:4f:cd:1f: b8:88:67:31:08:47:92:0e:24:40:47:d5:fa:b4:3e: 00:bb:78:02:87:76:47:a8:19:e1:d7:67:3c:03:cb: 83:67:41:f0:1f:53:9a:6c:ae:16:25:c5:eb:62:24: 77:d8:78:f6:26:ea:df:ce:85:d5:62:28:7d:02:c6: 61:89:d8:46:45:3d:8e:88:f3:ae:b5:e9:cb:e9:db: 62:29:92:d3:71:2c:2c:42:2b:ca:79:ea:9e:6b:a9: f1:0c:03:51:4e:b5:a4:d0:0d:7e:49:97:84:cf:dc: 8e:ab:11:fb:c5:2a:9c:df:d3:8d:22:3f:8e:1d:7f: 9d:62:73:b0:81:e7:5c:49:9c:07:25:41:7c:a7:35: c9:c4:29:fc:6d:ab:29:a5:94:98:e1:81:5d:c1:9d: 93:b8:65:31:fe:bf:f8:84:6d:45:f0:f2:65:0f:bf: c2:97:b5:fe:34:b3:08:0f:f8:78:4e:f4:ef:c4:9b: b1:a6:87:b9:a6:37:93:39:ad:e0:8d:90:a2:cd:7d: b8:21:8e:75:28:79:f6:22:97:98:d0:a9:85:91:ce: b5:b9:9a:7f:3e:5d:05:ca:ca:a6:57:87:fb:31:d8: 89:53:3c:13:ad:27:9d:11:93:e0:5b:51:25:9a:e9: 98:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:83:E8:3B:66:FA:FA:99:41:E7:14:61:4E:69:CA:E8:16:CC:37:ED X509v3 Authority Key Identifier: keyid:3A:46:FB:0F:40:F6:9D:5E:1D:B7:5D:28:51:F0:40:C1:9F:66:F2:2C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ACD4D/137D00D4160E11E8852C437EC4F9AE02/Okb7D0D2nV4dt10oUfBAwZ9m8iw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Okb7D0D2nV4dt10oUfBAwZ9m8iw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ACD4D/137D00D4160E11E8852C437EC4F9AE02/Okb7D0D2nV4dt10oUfBAwZ9m8iw.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a3:0b:f6:10:f4:79:47:3f:67:de:44:61:9d:3e:b3:cf:ea:ab: 97:15:90:df:46:61:cf:c1:ff:34:65:22:b2:ce:9d:97:48:4f: 5c:71:cf:76:82:65:d1:a5:91:b8:4a:c4:7e:fd:d5:d6:26:cd: 95:ac:04:74:4f:0a:0e:91:d1:6b:1b:a4:01:df:4f:dd:ca:60: 85:2a:56:77:b7:b9:e9:4a:cd:8e:78:f3:0b:25:17:10:44:ab: d3:4c:52:e0:fd:78:7a:b6:49:20:75:2a:08:3d:f3:0c:36:00: 0f:47:47:a3:0f:b8:a2:dd:ab:aa:be:ad:e3:6c:1c:62:12:97: 87:46:c7:f0:0f:fd:ab:1f:19:6c:8c:6a:5c:39:dd:a5:8e:83: 1f:09:16:1f:77:d6:9b:b1:7f:42:1a:3e:7d:87:17:2b:e3:db: 4c:ea:56:76:37:10:91:a0:75:69:46:f6:c3:40:23:90:a1:0c: e3:63:d4:ae:cb:df:ee:f5:e6:76:e6:f4:5b:3b:34:d6:5a:ed: f7:7c:7f:5d:27:09:05:e3:72:01:ba:6c:f4:31:0f:88:c9:d6: f3:40:b2:c6:21:9a:67:1f:65:8c:09:6a:74:53:cb:bb:33:fc: c7:86:e6:e2:e6:a3:25:a2:5d:bf:3f:6b:6b:7a:73:3a:6c:b3: 92:cc:b8:91 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICFtUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUNENEQxMTAvBgNVBAUTKDNBNDZGQjBGNDBGNjlENUUxREI3NUQyODUxRjA0MEMx OUY2NkYyMkMwHhcNMjYwMzI0MTYzMzQ5WhcNMjYwMzMxMTYzMzQ5WjAYMRYwFAYD VQQDEw02OWMyYmNlZC1hZGYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAk9EnRIbJWoD4eFRPzR+4iGcxCEeSDiRAR9X6tD4Au3gCh3ZHqBnh12c8A8uD Z0HwH1OabK4WJcXrYiR32Hj2JurfzoXVYih9AsZhidhGRT2OiPOutenL6dtiKZLT cSwsQivKeeqea6nxDANRTrWk0A1+SZeEz9yOqxH7xSqc39ONIj+OHX+dYnOwgedc SZwHJUF8pzXJxCn8basppZSY4YFdwZ2TuGUx/r/4hG1F8PJlD7/Cl7X+NLMID/h4 TvTvxJuxpoe5pjeTOa3gjZCizX24IY51KHn2IpeY0KmFkc61uZp/Pl0FysqmV4f7 MdiJUzwTrSedEZPgW1ElmumY8wIDAQABo4ICczCCAm8wHQYDVR0OBBYEFMuD6Dtm +vqZQecUYU5pyugWzDftMB8GA1UdIwQYMBaAFDpG+w9A9p1eHbddKFHwQMGfZvIs MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQ0Q0RC8xMzdEMDBENDE2 MEUxMUU4ODUyQzQzN0VDNEY5QUUwMi9Pa2I3RDBEMm5WNGR0MTBvVWZCQXdaOW04 aXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09rYjdEMEQyblY0ZHQxMG9VZkJBd1o5bThpdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB Q0Q0RC8xMzdEMDBENDE2MEUxMUU4ODUyQzQzN0VDNEY5QUUwMi9Pa2I3RDBEMm5W NGR0MTBvVWZCQXdaOW04aXcubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAowv2EPR5Rz9n3kRhnT6zz+qrlxWQ30Zhz8H/NGUiss6dl0hPXHHPdoJl0aWR uErEfv3V1ibNlawEdE8KDpHRaxukAd9P3cpghSpWd7e56UrNjnjzCyUXEESr00xS 4P14erZJIHUqCD3zDDYAD0dHow+4ot2rqr6t42wcYhKXh0bH8A/9qx8ZbIxqXDnd pY6DHwkWH3fWm7F/Qho+fYcXK+PbTOpWdjcQkaB1aUb2w0AjkKEM42PUrsvf7vXm dub0Wzs01lrt93x/XScJBeNyAbps9DEPiMnW80CyxiGaZx9ljAlqdFPLuzP8x4bm 4uajJaJdvz9ra3pzOmyzksy4kQ== -----END CERTIFICATE-----Generated at Thu Mar 26 10:36:47 2026 by rpki-client