$ rpki-client -vvf rpki.apnic.net/member_repository/A91ACFEB/CB2C33E6936E11EAA5E56B7EC4F9AE02/U4XhOhtYRftEzutr7Y3rTomvOCk.mft File: U4XhOhtYRftEzutr7Y3rTomvOCk.mft (raw, json) Hash identifier: NuCCaSP0rEXU+hqKq1KvoDgzYhnvz2zlQy/0zj12mfE= Subject key identifier: 89:3E:7C:BB:2E:81:FE:F1:DD:67:C8:E2:22:9E:11:8F:B0:12:04:12 Authority key identifier: 53:85:E1:3A:1B:58:45:FB:44:CE:EB:6B:ED:8D:EB:4E:89:AF:38:29 Certificate issuer: /CN=A91ACFEB/serialNumber=5385E13A1B5845FB44CEEB6BED8DEB4E89AF3829 Certificate serial: 0A21 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4XhOhtYRftEzutr7Y3rTomvOCk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ACFEB/CB2C33E6936E11EAA5E56B7EC4F9AE02/U4XhOhtYRftEzutr7Y3rTomvOCk.mft Manifest number: 0A0B Signing time: Tue 24 Mar 2026 19:36:40 +0000 Manifest this update: Tue 24 Mar 2026 19:36:39 +0000 Manifest next update: Tue 31 Mar 2026 19:36:39 +0000 Files and hashes: 1: U4XhOhtYRftEzutr7Y3rTomvOCk.crl (hash: 34ToM8blK2ZvlOtMEUTYvi9ZOJFOFi8i11x7Ua1wmEw=) 2: 35831FCE937011EA8A795583C4F9AE02.roa (hash: KU74ZbX8QctQD6oWhNP2ZPDiRV7nlnVfxskUU58FW+U=) 3: 3636BCD2937011EA8A795583C4F9AE02.roa (hash: pxNuh5srbtMxxnoUXoogGH47f0VhHR+2FLeTjpcucQE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ACFEB/CB2C33E6936E11EAA5E56B7EC4F9AE02/U4XhOhtYRftEzutr7Y3rTomvOCk.crl rsync://rpki.apnic.net/member_repository/A91ACFEB/CB2C33E6936E11EAA5E56B7EC4F9AE02/U4XhOhtYRftEzutr7Y3rTomvOCk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4XhOhtYRftEzutr7Y3rTomvOCk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 19:36:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2593 (0xa21) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ACFEB, serialNumber=5385E13A1B5845FB44CEEB6BED8DEB4E89AF3829 Validity Not Before: Mar 24 19:36:39 2026 GMT Not After : Mar 31 19:36:39 2026 GMT Subject: CN=69c2e7c7-48b8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:1b:83:02:e0:29:b1:07:10:db:e7:ab:a5:83: c5:7a:c6:61:ec:aa:19:03:35:4c:b9:63:32:e2:19: 57:00:84:6f:d4:17:c8:a7:1d:c7:5a:6b:d6:54:5b: e4:34:83:14:74:8f:07:31:f1:20:61:82:7c:61:f0: c7:cd:3e:0a:07:50:ba:21:1f:3f:2f:6f:ed:0e:87: 47:5b:fd:f5:22:19:11:4f:5b:8e:82:70:72:b1:f0: 35:58:79:3d:48:7a:88:44:85:59:e8:ea:58:ea:74: 8d:d0:92:7a:e8:6a:ce:e9:d1:4a:d5:2e:22:e3:39: 65:a4:37:06:40:7c:29:77:b8:79:f5:7d:e2:e3:c6: af:b2:c9:e9:fa:f6:f8:44:ff:01:cd:76:13:8f:63: d9:04:e0:34:04:47:46:f2:0f:f2:23:5b:3a:e0:c4: e4:95:9d:3b:b2:82:65:64:62:ef:e6:50:b7:ea:4a: 40:58:5d:01:09:e9:01:c1:b4:b0:52:e5:2d:ac:c3: 9a:0a:88:77:c6:5f:cb:2b:a9:da:23:82:45:2d:7a: 36:05:02:64:bc:b7:ab:3d:16:8d:a0:5a:38:86:92: 13:52:64:e0:29:6d:4c:f0:90:40:ab:a2:9f:be:ba: 10:34:f3:a5:e9:67:84:3c:d8:d4:c2:55:1d:f5:04: 05:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:3E:7C:BB:2E:81:FE:F1:DD:67:C8:E2:22:9E:11:8F:B0:12:04:12 X509v3 Authority Key Identifier: keyid:53:85:E1:3A:1B:58:45:FB:44:CE:EB:6B:ED:8D:EB:4E:89:AF:38:29 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ACFEB/CB2C33E6936E11EAA5E56B7EC4F9AE02/U4XhOhtYRftEzutr7Y3rTomvOCk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4XhOhtYRftEzutr7Y3rTomvOCk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ACFEB/CB2C33E6936E11EAA5E56B7EC4F9AE02/U4XhOhtYRftEzutr7Y3rTomvOCk.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a7:41:88:9a:fe:31:91:5a:51:2f:fa:47:63:ba:d6:21:11:81: aa:59:01:c9:e9:df:43:ec:8a:68:d8:48:73:88:2d:bf:5b:5a: 9a:ff:fa:3c:b1:e8:df:10:de:de:c5:85:a4:a7:d1:28:65:27: ed:e7:1d:e8:7d:3b:92:54:cb:f3:45:44:81:2e:19:a7:5a:bd: 47:17:38:3c:b3:0a:84:be:cd:3f:1b:a9:a9:a3:05:74:4b:a0: 73:13:07:44:b1:aa:64:aa:85:de:1c:4a:7c:ce:8d:55:dc:0e: 05:e4:5c:76:4f:cf:cc:f4:fa:81:ce:79:24:2f:41:e6:4d:31: 50:c3:74:7d:77:b1:26:15:1b:ee:6b:43:96:f2:67:4f:4c:94: f3:ee:eb:67:4a:6b:a0:90:27:35:f6:90:d7:2a:98:da:6f:d2: 4c:e9:ed:76:49:77:bb:ea:d2:b9:60:1c:d7:cc:0e:77:9c:39: 78:a0:bd:5a:71:25:11:c1:8b:e4:2d:db:94:40:48:2b:77:67: aa:04:4b:dd:dd:81:ba:52:ab:98:82:0c:76:72:ab:ef:0e:7e: d0:99:1a:c6:55:fd:bc:53:a2:45:cb:77:10:52:4f:9c:30:90: 31:86:80:6b:1c:e4:a6:d2:e3:7e:13:8d:ee:82:0a:11:26:f4: f8:aa:ed:b3 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICCiEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUNGRUIxMTAvBgNVBAUTKDUzODVFMTNBMUI1ODQ1RkI0NENFRUI2QkVEOERFQjRF ODlBRjM4MjkwHhcNMjYwMzI0MTkzNjM5WhcNMjYwMzMxMTkzNjM5WjAYMRYwFAYD VQQDEw02OWMyZTdjNy00OGI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyRuDAuApsQcQ2+erpYPFesZh7KoZAzVMuWMy4hlXAIRv1BfIpx3HWmvWVFvk NIMUdI8HMfEgYYJ8YfDHzT4KB1C6IR8/L2/tDodHW/31IhkRT1uOgnBysfA1WHk9 SHqIRIVZ6OpY6nSN0JJ66GrO6dFK1S4i4zllpDcGQHwpd7h59X3i48avssnp+vb4 RP8BzXYTj2PZBOA0BEdG8g/yI1s64MTklZ07soJlZGLv5lC36kpAWF0BCekBwbSw UuUtrMOaCoh3xl/LK6naI4JFLXo2BQJkvLerPRaNoFo4hpITUmTgKW1M8JBAq6Kf vroQNPOl6WeEPNjUwlUd9QQFdQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFIk+fLsu gf7x3WfI4iKeEY+wEgQSMB8GA1UdIwQYMBaAFFOF4TobWEX7RM7ra+2N606Jrzgp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQ0ZFQi9DQjJDMzNFNjkz NkUxMUVBQTVFNTZCN0VDNEY5QUUwMi9VNFhoT2h0WVJmdEV6dXRyN1kzclRvbXZP Q2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1U0WGhPaHRZUmZ0RXp1dHI3WTNyVG9tdk9Day5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB Q0ZFQi9DQjJDMzNFNjkzNkUxMUVBQTVFNTZCN0VDNEY5QUUwMi9VNFhoT2h0WVJm dEV6dXRyN1kzclRvbXZPQ2subWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAp0GImv4xkVpRL/pHY7rWIRGBqlkByenfQ+yKaNhIc4gtv1tamv/6PLHo3xDe 3sWFpKfRKGUn7ecd6H07klTL80VEgS4Zp1q9Rxc4PLMKhL7NPxupqaMFdEugcxMH RLGqZKqF3hxKfM6NVdwOBeRcdk/PzPT6gc55JC9B5k0xUMN0fXexJhUb7mtDlvJn T0yU8+7rZ0proJAnNfaQ1yqY2m/STOntdkl3u+rSuWAc18wOd5w5eKC9WnElEcGL 5C3blEBIK3dnqgRL3d2BulKrmIIMdnKr7w5+0JkaxlX9vFOiRct3EFJPnDCQMYaA axzkptLjfhON7oIKESb0+Krtsw== -----END CERTIFICATE-----Generated at Thu Mar 26 14:58:52 2026 by rpki-client