$ rpki-client -vvf rpki.apnic.net/member_repository/A91AE85E/0BED35261D6E11E2B04A61AF08B02CD2/cJdlx9TTMfTDasa-NH-mah8CNJA.mft File: cJdlx9TTMfTDasa-NH-mah8CNJA.mft (raw, json) Hash identifier: ehJrAokdS1uvwyu8CZAfk00V7cDtaj4zudT//JFJddM= Subject key identifier: 91:F5:41:4E:9F:95:6A:F3:B9:72:AE:1D:C2:D8:17:A7:D2:96:93:1B Authority key identifier: 70:97:65:C7:D4:D3:31:F4:C3:6A:C6:BE:34:7F:A6:6A:1F:02:34:90 Certificate issuer: /CN=A91AE85E/serialNumber=709765C7D4D331F4C36AC6BE347FA66A1F023490 Certificate serial: 3589 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cJdlx9TTMfTDasa-NH-mah8CNJA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AE85E/0BED35261D6E11E2B04A61AF08B02CD2/cJdlx9TTMfTDasa-NH-mah8CNJA.mft Manifest number: 3550 Signing time: Tue 24 Mar 2026 14:18:11 +0000 Manifest this update: Tue 24 Mar 2026 14:18:10 +0000 Manifest next update: Tue 31 Mar 2026 14:18:10 +0000 Files and hashes: 1: cJdlx9TTMfTDasa-NH-mah8CNJA.crl (hash: DmYj4sFhA9y7eNf/Qe30pBzdTUaVoZJLfsqY5kjTasY=) 2: 09E2DC32B12B11E59337F35AC4F9AE02.roa (hash: 9fz8ROlxgIz9BeZ3bDwbubljhDBRymKASujcQJN55ag=) 3: 392987D254F611E79DF7E643C4F9AE02.roa (hash: 7X7MqnwCg9AKC2Vx1jhncIIk4NudI1eSpazmHMekhvg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AE85E/0BED35261D6E11E2B04A61AF08B02CD2/cJdlx9TTMfTDasa-NH-mah8CNJA.crl rsync://rpki.apnic.net/member_repository/A91AE85E/0BED35261D6E11E2B04A61AF08B02CD2/cJdlx9TTMfTDasa-NH-mah8CNJA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cJdlx9TTMfTDasa-NH-mah8CNJA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 14:18:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13705 (0x3589) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AE85E, serialNumber=709765C7D4D331F4C36AC6BE347FA66A1F023490 Validity Not Before: Mar 24 14:18:10 2026 GMT Not After : Mar 31 14:18:10 2026 GMT Subject: CN=69c29d22-e754 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:74:b9:88:c4:0b:69:bd:bf:1b:c9:54:0f:b2: eb:9a:7c:5b:9f:e4:bf:c5:79:e6:69:20:7c:48:f2: ee:bf:cb:ef:31:d4:5b:3f:bc:6d:14:e8:c5:68:db: da:e8:ed:5e:b0:22:83:13:f2:08:01:c0:d3:08:a1: a5:5c:19:e2:02:d8:09:f4:51:6c:08:65:8d:85:3b: 92:80:40:80:03:8d:6c:e3:74:d6:89:71:d0:69:61: d4:4e:26:75:e7:5b:7e:b6:34:4c:da:c9:78:58:c8: e2:87:70:8a:99:64:24:01:c4:a1:3a:9c:a7:7c:26: a7:89:23:34:62:71:7e:9b:4b:dc:94:5d:d4:95:9d: c5:df:8a:7f:06:84:31:20:1e:32:0b:01:05:b6:50: 9a:be:e9:3b:37:c7:b9:1b:04:2b:f0:3e:ef:95:41: c9:f8:ae:a0:30:ad:d6:f5:8d:36:c2:02:56:e4:47: 02:76:c4:0a:d8:0a:c4:fe:cd:79:9f:bb:e2:cf:36: 0c:fc:48:33:59:b5:e3:d1:bb:9f:e3:ab:b7:63:06: a6:2d:39:a2:a5:84:d8:fb:39:8d:98:05:2c:a2:d7: e2:7f:1b:5c:f5:48:a7:1d:9a:75:6a:41:5e:b9:bf: dd:51:fc:77:c7:ac:4e:e3:3a:16:c8:98:b8:0b:f3: 7d:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:F5:41:4E:9F:95:6A:F3:B9:72:AE:1D:C2:D8:17:A7:D2:96:93:1B X509v3 Authority Key Identifier: keyid:70:97:65:C7:D4:D3:31:F4:C3:6A:C6:BE:34:7F:A6:6A:1F:02:34:90 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AE85E/0BED35261D6E11E2B04A61AF08B02CD2/cJdlx9TTMfTDasa-NH-mah8CNJA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cJdlx9TTMfTDasa-NH-mah8CNJA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AE85E/0BED35261D6E11E2B04A61AF08B02CD2/cJdlx9TTMfTDasa-NH-mah8CNJA.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1a:df:0e:9b:51:bc:83:8e:59:4c:31:82:b1:d6:6d:ff:c5:cf: 6b:2e:c3:69:34:51:39:35:c6:bb:1b:85:12:97:ff:9b:16:87: 96:4d:64:9a:0c:fd:1c:02:66:9f:af:02:eb:93:2a:a7:e1:66: 2f:16:e5:fc:fa:f0:8b:73:50:42:d4:4e:04:48:b0:50:e0:10: cd:38:b3:71:fd:ad:f4:68:a3:25:25:34:da:3a:9a:08:9b:5b: 5e:f6:f9:f4:2c:2c:97:ef:e4:4e:76:49:4f:d9:b7:44:b3:4f: a3:62:c7:01:ca:74:16:da:5f:e0:29:a5:d2:cc:ac:6b:e6:27: 20:e9:70:60:09:1f:9f:fc:c0:35:db:03:94:44:7c:f8:0c:ec: 15:fa:ff:cd:01:b2:3c:4e:7e:c6:cb:d9:7b:10:22:e6:5c:12: 2f:ca:1d:a5:16:35:62:61:a5:f3:6a:ef:b2:f4:39:1b:75:4d: 3a:fb:5f:e0:e4:85:37:eb:c9:fa:33:7d:97:a6:12:2e:28:af: 77:56:10:06:97:cb:df:d0:ff:a9:dc:cc:19:01:b4:1c:59:ff: e4:da:30:d8:ec:df:dc:6f:6b:38:df:e7:35:51:f2:ea:9d:93: 50:f4:d9:5e:01:bc:90:9d:02:f6:74:d6:f5:a6:9b:4c:89:97: 4e:b0:fd:ec -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICNYkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUU4NUUxMTAvBgNVBAUTKDcwOTc2NUM3RDREMzMxRjRDMzZBQzZCRTM0N0ZBNjZB MUYwMjM0OTAwHhcNMjYwMzI0MTQxODEwWhcNMjYwMzMxMTQxODEwWjAYMRYwFAYD VQQDEw02OWMyOWQyMi1lNzU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx3S5iMQLab2/G8lUD7Lrmnxbn+S/xXnmaSB8SPLuv8vvMdRbP7xtFOjFaNva 6O1esCKDE/IIAcDTCKGlXBniAtgJ9FFsCGWNhTuSgECAA41s43TWiXHQaWHUTiZ1 51t+tjRM2sl4WMjih3CKmWQkAcShOpynfCaniSM0YnF+m0vclF3UlZ3F34p/BoQx IB4yCwEFtlCavuk7N8e5GwQr8D7vlUHJ+K6gMK3W9Y02wgJW5EcCdsQK2ArE/s15 n7vizzYM/EgzWbXj0buf46u3YwamLTmipYTY+zmNmAUsotfifxtc9UinHZp1akFe ub/dUfx3x6xO4zoWyJi4C/N9JwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFJH1QU6f lWrzuXKuHcLYF6fSlpMbMB8GA1UdIwQYMBaAFHCXZcfU0zH0w2rGvjR/pmofAjSQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRTg1RS8wQkVEMzUyNjFE NkUxMUUyQjA0QTYxQUYwOEIwMkNEMi9jSmRseDlUVE1mVERhc2EtTkgtbWFoOENO SkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NKZGx4OVRUTWZURGFzYS1OSC1tYWg4Q05KQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB RTg1RS8wQkVEMzUyNjFENkUxMUUyQjA0QTYxQUYwOEIwMkNEMi9jSmRseDlUVE1m VERhc2EtTkgtbWFoOENOSkEubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAGt8Om1G8g45ZTDGCsdZt/8XPay7DaTRROTXGuxuFEpf/mxaHlk1kmgz9HAJm n68C65Mqp+FmLxbl/Prwi3NQQtROBEiwUOAQzTizcf2t9GijJSU02jqaCJtbXvb5 9Cwsl+/kTnZJT9m3RLNPo2LHAcp0Ftpf4Cml0sysa+YnIOlwYAkfn/zANdsDlER8 +AzsFfr/zQGyPE5+xsvZexAi5lwSL8odpRY1YmGl82rvsvQ5G3VNOvtf4OSFN+vJ +jN9l6YSLiivd1YQBpfL39D/qdzMGQG0HFn/5Now2Ozf3G9rON/nNVHy6p2TUPTZ XgG8kJ0C9nTW9aabTImXTrD97A== -----END CERTIFICATE-----Generated at Thu Mar 26 12:45:25 2026 by rpki-client