$ rpki-client -vvf rpki.apnic.net/member_repository/A91B25F2/EF90CD4E03B011EA85F02934C4F9AE02/tsh7tYco929vkKCd_WuqGtTnO8o.mft File: tsh7tYco929vkKCd_WuqGtTnO8o.mft (raw, json) Hash identifier: 4xx/A4EhyqR9v23O9ssKsxml/ovglTjz0IT6K5yD92I= Subject key identifier: EB:8D:27:66:ED:83:1A:AC:1C:C0:C0:57:AF:E9:C7:A2:9B:27:E5:51 Authority key identifier: B6:C8:7B:B5:87:28:F7:6F:6F:90:A0:9D:FD:6B:AA:1A:D4:E7:3B:CA Certificate issuer: /CN=A91B25F2/serialNumber=B6C87BB58728F76F6F90A09DFD6BAA1AD4E73BCA Certificate serial: 0D43 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tsh7tYco929vkKCd_WuqGtTnO8o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B25F2/EF90CD4E03B011EA85F02934C4F9AE02/tsh7tYco929vkKCd_WuqGtTnO8o.mft Manifest number: 0D18 Signing time: Tue 24 Mar 2026 18:03:13 +0000 Manifest this update: Tue 24 Mar 2026 18:03:13 +0000 Manifest next update: Tue 31 Mar 2026 18:03:13 +0000 Files and hashes: 1: tsh7tYco929vkKCd_WuqGtTnO8o.crl (hash: hpAwM3UeZQ9/KJD2ze7DhPEW6plhkZNXyE4nvXWY1JE=) 2: 4C8BB01CF0A511F0AE903042706F56BC.roa (hash: O4BcOq2hKD3I3RD3vTsJAeBqf6AIzX76ZzjjaHK+ElU=) 3: F824C588FF7A11F0B218EB915B6F56BC.roa (hash: vyzv0f1THJyglSIA32Cmr/3tLhp6nkKIDvP00vthIq0=) 4: 4F383CB6FF6B11F0AD4BC885576F56BC.roa (hash: wwbAK8oiejrRqztY01yoKfr0EpZtJpfxnGCsmORuPJk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B25F2/EF90CD4E03B011EA85F02934C4F9AE02/tsh7tYco929vkKCd_WuqGtTnO8o.crl rsync://rpki.apnic.net/member_repository/A91B25F2/EF90CD4E03B011EA85F02934C4F9AE02/tsh7tYco929vkKCd_WuqGtTnO8o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tsh7tYco929vkKCd_WuqGtTnO8o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 18:03:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3395 (0xd43) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B25F2, serialNumber=B6C87BB58728F76F6F90A09DFD6BAA1AD4E73BCA Validity Not Before: Mar 24 18:03:13 2026 GMT Not After : Mar 31 18:03:13 2026 GMT Subject: CN=69c2d1e1-78f8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:a1:4e:3e:2f:e5:c3:a4:0a:0b:3f:e3:66:4f: 57:1b:bd:e4:67:1f:2b:4a:e0:af:65:d3:9a:4b:0f: 59:9e:4a:c7:2e:24:d3:56:69:0f:46:de:29:36:2a: d5:b7:20:b9:fb:cc:8a:b0:43:86:cf:09:f6:c4:00: 02:cb:1d:06:98:95:ec:67:eb:2e:77:9c:35:d6:04: 76:ab:dc:34:21:b1:35:93:31:63:07:72:5f:e2:b8: fb:2f:42:e8:12:3c:7f:e7:9f:27:b8:0a:d4:96:cc: 3d:80:61:f9:bf:b6:dc:ed:51:85:49:16:ba:86:33: ed:36:69:57:14:7a:18:a8:49:fe:d0:37:83:44:d0: 9c:92:27:3d:d5:98:cc:90:37:db:07:eb:eb:87:42: 07:26:e2:87:3c:ed:c1:f1:68:a7:13:23:f6:e8:26: 88:84:60:4b:d5:7b:b6:a6:d7:f8:7f:b8:24:3d:70: 23:c1:db:1e:7a:d0:af:51:f5:0c:8e:bc:da:e1:22: 43:b6:3b:61:73:a5:60:c2:16:39:89:78:a9:f8:fc: 5b:64:6d:51:5f:e8:51:84:fb:3e:41:19:af:14:1b: ee:70:f9:1a:fe:99:8a:3f:78:36:f3:37:a3:d9:bc: 5b:38:d8:51:8c:f1:17:f5:17:2b:fe:8e:32:66:8d: dd:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:8D:27:66:ED:83:1A:AC:1C:C0:C0:57:AF:E9:C7:A2:9B:27:E5:51 X509v3 Authority Key Identifier: keyid:B6:C8:7B:B5:87:28:F7:6F:6F:90:A0:9D:FD:6B:AA:1A:D4:E7:3B:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B25F2/EF90CD4E03B011EA85F02934C4F9AE02/tsh7tYco929vkKCd_WuqGtTnO8o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tsh7tYco929vkKCd_WuqGtTnO8o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B25F2/EF90CD4E03B011EA85F02934C4F9AE02/tsh7tYco929vkKCd_WuqGtTnO8o.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 31:02:8e:0a:dc:1b:7f:5e:25:54:fa:65:f8:98:8c:13:e2:ac: 97:18:f8:c3:20:57:01:02:da:48:e8:2a:76:2c:3c:7d:a0:0e: d2:86:63:e5:bc:0b:e6:f4:08:21:10:d3:65:04:9a:44:46:e3: 7f:1e:25:a5:75:ae:81:93:85:cd:77:ee:a7:aa:4e:67:02:3d: 35:56:18:a2:5f:80:64:a6:81:7f:0c:c6:33:19:a0:bd:55:74: 6f:18:18:3e:71:0a:16:fe:93:60:a7:c0:77:e7:d4:db:d3:a4: aa:75:fe:be:2b:86:1a:21:b6:20:ea:c2:1e:fd:2c:c0:94:d2: 3a:25:d1:07:dd:5c:e6:7a:61:5e:ff:4f:51:75:ad:97:5d:aa: c1:70:d7:4b:5d:4a:09:5d:d8:7e:71:16:cc:4f:25:c8:2c:b6: bf:53:ee:49:de:06:e2:39:76:f0:aa:20:af:ca:c6:ad:12:b9: 56:79:0f:b7:62:7d:28:c7:b1:9c:46:62:70:6e:58:8b:82:07: 92:f2:24:cc:c0:d4:12:62:38:2a:71:5c:28:22:08:fa:2f:25: 80:91:8a:06:c7:25:10:e7:ad:a3:2f:00:a2:2c:3e:10:38:8e: 74:58:3f:99:38:5e:d1:d5:36:50:43:a2:20:c8:b5:64:05:c5: e6:2b:1d:54 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICDUMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjI1RjIxMTAvBgNVBAUTKEI2Qzg3QkI1ODcyOEY3NkY2RjkwQTA5REZENkJBQTFB RDRFNzNCQ0EwHhcNMjYwMzI0MTgwMzEzWhcNMjYwMzMxMTgwMzEzWjAYMRYwFAYD VQQDEw02OWMyZDFlMS03OGY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuaFOPi/lw6QKCz/jZk9XG73kZx8rSuCvZdOaSw9ZnkrHLiTTVmkPRt4pNirV tyC5+8yKsEOGzwn2xAACyx0GmJXsZ+sud5w11gR2q9w0IbE1kzFjB3Jf4rj7L0Lo Ejx/558nuArUlsw9gGH5v7bc7VGFSRa6hjPtNmlXFHoYqEn+0DeDRNCckic91ZjM kDfbB+vrh0IHJuKHPO3B8WinEyP26CaIhGBL1Xu2ptf4f7gkPXAjwdseetCvUfUM jrza4SJDtjthc6VgwhY5iXip+PxbZG1RX+hRhPs+QRmvFBvucPka/pmKP3g28zej 2bxbONhRjPEX9Rcr/o4yZo3dwwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFOuNJ2bt gxqsHMDAV6/px6KbJ+VRMB8GA1UdIwQYMBaAFLbIe7WHKPdvb5Cgnf1rqhrU5zvK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMjVGMi9FRjkwQ0Q0RTAz QjAxMUVBODVGMDI5MzRDNEY5QUUwMi90c2g3dFljbzkyOXZrS0NkX1d1cUd0VG5P OG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3RzaDd0WWNvOTI5dmtLQ2RfV3VxR3RUbk84by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC MjVGMi9FRjkwQ0Q0RTAzQjAxMUVBODVGMDI5MzRDNEY5QUUwMi90c2g3dFljbzky OXZrS0NkX1d1cUd0VG5POG8ubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAMQKOCtwbf14lVPpl+JiME+Kslxj4wyBXAQLaSOgqdiw8faAO0oZj5bwL5vQI IRDTZQSaREbjfx4lpXWugZOFzXfup6pOZwI9NVYYol+AZKaBfwzGMxmgvVV0bxgY PnEKFv6TYKfAd+fU29OkqnX+viuGGiG2IOrCHv0swJTSOiXRB91c5nphXv9PUXWt l12qwXDXS11KCV3YfnEWzE8lyCy2v1PuSd4G4jl28Kogr8rGrRK5VnkPt2J9KMex nEZicG5Yi4IHkvIkzMDUEmI4KnFcKCII+i8lgJGKBsclEOetoy8Aoiw+EDiOdFg/ mThe0dU2UEOiIMi1ZAXF5isdVA== -----END CERTIFICATE-----Generated at Thu Mar 26 02:42:47 2026 by rpki-client