$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.mft File: U4sHbgqt2PrilwyVQ-hJqQ_nN1I.mft (raw, json) Hash identifier: Ao5YTXzbcOwaVL5VYHjYTetqojrwvgQeVYHLcRYGBUk= Subject key identifier: 17:B3:72:70:BB:7E:87:35:77:87:79:27:31:9A:9C:C8:5F:F3:49:72 Authority key identifier: 53:8B:07:6E:0A:AD:D8:FA:E2:97:0C:95:43:E8:49:A9:0F:E7:37:52 Certificate issuer: /CN=A91B6F47/serialNumber=538B076E0AADD8FAE2970C9543E849A90FE73752 Certificate serial: 3626 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.mft Manifest number: 358A Signing time: Tue 24 Mar 2026 14:24:32 +0000 Manifest this update: Tue 24 Mar 2026 14:24:31 +0000 Manifest next update: Tue 31 Mar 2026 14:24:31 +0000 Files and hashes: 1: U4sHbgqt2PrilwyVQ-hJqQ_nN1I.crl (hash: KCgCGepgDy+lwFLBj77LYEcDyRfvGE0Hkozh0TdBAX4=) 2: DF8602D05E5B11ED994E491CC4F9AE02.roa (hash: Aq2aXJwiDmleCL4Y5dXro6eaNkC/MLx9wlaLd0aot6I=) 3: D0886954188811EC8E86754FC4F9AE02.roa (hash: W4C6/CMmIu13G3sy+4epSwhK8wjgstVqttIzDULu+ak=) 4: 80222864027211F19767E73A2C3D8C67.roa (hash: ywqZnsw0viWQVsstxlcIR8TqE6o6V9nWSSr21sJVdy4=) 5: AB9889725E5E11EDB5361D3BC4F9AE02.roa (hash: 2+uDGIyNCQwdI4kpyLzkpL270iQx3eFCTQmOCW4llcA=) 6: 491E49AECDCA11ED8F57D386C4F9AE02.roa (hash: AAS+jxhp2xik0OYMSPq+B01L4sPGFryRO2dGHyui2mE=) 7: 9F3A919468D811EFB2FE405FC4F9AE02.roa (hash: GK0larljqDnIZSIDwqWiFQo4BToMGpYrvOsSZwaLGDI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.crl rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 14:24:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13862 (0x3626) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B6F47, serialNumber=538B076E0AADD8FAE2970C9543E849A90FE73752 Validity Not Before: Mar 24 14:24:31 2026 GMT Not After : Mar 31 14:24:31 2026 GMT Subject: CN=69c29ea0-5cef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:ec:4f:bb:05:fe:21:67:43:d9:3f:e9:af:bd: 97:b8:ba:d8:23:ef:d9:1a:35:0c:df:c0:29:28:f6: 08:ab:49:7b:17:6c:36:c0:c6:79:03:ca:36:ff:16: 1b:23:1a:04:50:b9:55:f3:18:6f:53:b6:9b:2d:22: 5e:91:86:47:c6:78:0e:b8:7b:64:c9:cc:37:da:0b: 48:00:01:2b:7d:de:6b:cc:62:72:2f:b2:35:16:22: 03:b7:a1:4a:d3:e0:5c:99:29:86:27:24:d3:65:5b: a0:42:2a:77:db:c0:12:1a:08:e7:23:4b:13:59:3a: 8d:fe:fe:db:a2:2c:20:0c:84:99:40:16:8e:ca:b8: bc:68:af:c1:43:48:d5:e6:1e:43:16:20:c2:93:a9: fd:34:ab:d7:af:4f:ad:a8:27:2a:15:6d:5b:18:8c: d0:32:94:c5:dd:b1:3f:b0:c5:b4:ab:d5:60:0a:9d: 0d:7b:fb:bd:0f:32:e6:48:af:a6:38:0c:07:13:ca: 45:37:a3:cb:2e:30:f5:9e:6a:5e:e6:1f:1f:a3:d1: af:c9:1a:31:68:7b:45:96:24:ee:1f:ce:26:d1:65: 40:b7:8a:c9:14:75:c4:be:17:af:63:2d:8f:48:f7: 65:ff:ed:73:56:b7:f3:e4:65:44:32:1b:5d:55:d0: e3:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:B3:72:70:BB:7E:87:35:77:87:79:27:31:9A:9C:C8:5F:F3:49:72 X509v3 Authority Key Identifier: keyid:53:8B:07:6E:0A:AD:D8:FA:E2:97:0C:95:43:E8:49:A9:0F:E7:37:52 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1f:ea:d0:8b:59:c5:ea:7c:0e:86:eb:f9:1c:2c:44:56:65:4c: 63:6f:54:63:9d:09:1f:36:77:ca:4f:6e:5b:76:ad:cf:b8:e8: 4e:1a:0a:c8:3f:3d:6d:45:dd:8b:97:63:92:4a:d5:32:78:03: f9:9f:3f:15:b3:df:9b:8b:43:d7:70:e6:7d:c6:0b:bb:d4:39: f0:87:4c:28:eb:d6:0e:3a:b1:4e:9c:59:63:de:8f:ac:a6:0d: cc:57:54:42:4a:b6:8f:09:5f:d4:22:66:13:2a:b3:fd:dc:69: 66:a5:31:25:d6:66:b8:16:6b:c9:21:68:0a:17:b6:76:38:e0: 98:9d:7e:2f:91:e6:72:c1:4c:77:b5:7e:1f:e4:65:05:95:07: 7d:d4:dc:d0:4b:df:4f:72:6c:37:70:b1:a0:49:09:74:63:bf: 98:67:ac:c0:46:66:ef:4e:d3:ae:59:50:d0:60:6b:a1:8f:7c: 98:7f:39:b7:81:a8:0c:e6:bd:90:e4:32:b3:22:0e:0f:2f:cb: 88:de:9e:15:99:ec:9c:50:e0:5b:fb:2e:4b:5d:2d:1d:5d:07: 77:42:a6:e2:f7:df:b9:d3:42:c8:ef:ab:8b:0e:c1:9a:90:77: 9c:63:8b:72:f1:96:f2:46:fa:84:13:53:9d:5f:e0:f1:02:0f: f4:5c:c0:f0 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICNiYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjZGNDcxMTAvBgNVBAUTKDUzOEIwNzZFMEFBREQ4RkFFMjk3MEM5NTQzRTg0OUE5 MEZFNzM3NTIwHhcNMjYwMzI0MTQyNDMxWhcNMjYwMzMxMTQyNDMxWjAYMRYwFAYD VQQDEw02OWMyOWVhMC01Y2VmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4uxPuwX+IWdD2T/pr72XuLrYI+/ZGjUM38ApKPYIq0l7F2w2wMZ5A8o2/xYb IxoEULlV8xhvU7abLSJekYZHxngOuHtkycw32gtIAAErfd5rzGJyL7I1FiIDt6FK 0+BcmSmGJyTTZVugQip328ASGgjnI0sTWTqN/v7boiwgDISZQBaOyri8aK/BQ0jV 5h5DFiDCk6n9NKvXr0+tqCcqFW1bGIzQMpTF3bE/sMW0q9VgCp0Ne/u9DzLmSK+m OAwHE8pFN6PLLjD1nmpe5h8fo9GvyRoxaHtFliTuH84m0WVAt4rJFHXEvhevYy2P SPdl/+1zVrfz5GVEMhtdVdDjYQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFBezcnC7 foc1d4d5JzGanMhf80lyMB8GA1UdIwQYMBaAFFOLB24Krdj64pcMlUPoSakP5zdS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNkY0Ny9CNEE4NkMzODFE ODQxMUUyOTY5RkM1REEwOEIwMkNEMi9VNHNIYmdxdDJQcmlsd3lWUS1oSnFRX25O MUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1U0c0hiZ3F0MlByaWx3eVZRLWhKcVFfbk4xSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NkY0Ny9CNEE4NkMzODFEODQxMUUyOTY5RkM1REEwOEIwMkNEMi9VNHNIYmdxdDJQ cmlsd3lWUS1oSnFRX25OMUkubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAH+rQi1nF6nwOhuv5HCxEVmVMY29UY50JHzZ3yk9uW3atz7joThoKyD89bUXd i5djkkrVMngD+Z8/FbPfm4tD13DmfcYLu9Q58IdMKOvWDjqxTpxZY96PrKYNzFdU Qkq2jwlf1CJmEyqz/dxpZqUxJdZmuBZrySFoChe2djjgmJ1+L5HmcsFMd7V+H+Rl BZUHfdTc0EvfT3JsN3CxoEkJdGO/mGeswEZm707TrllQ0GBroY98mH85t4GoDOa9 kOQysyIODy/LiN6eFZnsnFDgW/suS10tHV0Hd0Km4vffudNCyO+riw7BmpB3nGOL cvGW8kb6hBNTnV/g8QIP9FzA8A== -----END CERTIFICATE-----Generated at Thu Mar 26 00:58:17 2026 by rpki-client