$ rpki-client -vvf rpki.apnic.net/member_repository/A91B80BD/B5A636D8FE5C11E2AEC042505911EA32/oKMiStDIKz-aYvNHrKP5RdsI8rA.mft File: oKMiStDIKz-aYvNHrKP5RdsI8rA.mft (raw, json) Hash identifier: Zj6Vk6vjK9Pi5b1VYAZGAN88vxcFFVGChMbrGtM0oN0= Subject key identifier: 07:A1:70:C6:6B:91:16:BC:37:4B:2F:C3:4F:03:85:7E:A2:87:F2:2D Authority key identifier: A0:A3:22:4A:D0:C8:2B:3F:9A:62:F3:47:AC:A3:F9:45:DB:08:F2:B0 Certificate issuer: /CN=A91B80BD/serialNumber=A0A3224AD0C82B3F9A62F347ACA3F945DB08F2B0 Certificate serial: 3121 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oKMiStDIKz-aYvNHrKP5RdsI8rA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B80BD/B5A636D8FE5C11E2AEC042505911EA32/oKMiStDIKz-aYvNHrKP5RdsI8rA.mft Manifest number: 30C6 Signing time: Tue 24 Mar 2026 15:24:21 +0000 Manifest this update: Tue 24 Mar 2026 15:24:21 +0000 Manifest next update: Tue 31 Mar 2026 15:24:21 +0000 Files and hashes: 1: oKMiStDIKz-aYvNHrKP5RdsI8rA.crl (hash: VAdjRpafCOZNmbmCBNxoNF8h1UpNR7sSZHS2LNcnynk=) 2: 915E51B8F3BE11ED8B9B1450C4F9AE02.roa (hash: jY72D9kM4ZreV4v43viz3/fEA3o/FMiAaeH7fUiUeSs=) 3: 583C1F6854F611E79DF7E643C4F9AE02.roa (hash: M6QpwrrsCEg6uS0XBq+MJGbdVX3IkfmFKf0zFhM8Oec=) 4: 4C72E61CB0EC11E5A6934B42C4F9AE02.roa (hash: ot76bD4Fe2eGS+QL+OB7ESET88ZeiKoIEOY/MT5QHrY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B80BD/B5A636D8FE5C11E2AEC042505911EA32/oKMiStDIKz-aYvNHrKP5RdsI8rA.crl rsync://rpki.apnic.net/member_repository/A91B80BD/B5A636D8FE5C11E2AEC042505911EA32/oKMiStDIKz-aYvNHrKP5RdsI8rA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oKMiStDIKz-aYvNHrKP5RdsI8rA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 15:24:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12577 (0x3121) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B80BD, serialNumber=A0A3224AD0C82B3F9A62F347ACA3F945DB08F2B0 Validity Not Before: Mar 24 15:24:21 2026 GMT Not After : Mar 31 15:24:21 2026 GMT Subject: CN=69c2aca5-e06d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:f3:52:d7:b2:6c:c7:9c:7f:3b:08:25:cb:07: 9c:1b:22:59:4e:2a:6a:c4:e7:47:d2:90:9a:da:a2: ee:43:60:2b:8c:1d:b0:6f:77:25:0a:be:aa:4f:9a: 4b:1e:6a:48:33:28:d7:b3:fc:f6:ab:06:36:7e:70: 86:b1:1b:82:49:c5:72:c4:a1:dd:5a:a9:a9:7e:c1: 29:94:f8:65:5e:8f:b6:07:99:b3:35:20:fa:f9:d8: 68:fb:f9:6d:58:63:c2:cc:78:7f:15:f2:83:b1:4d: bd:3a:a4:ed:d4:c9:9f:e3:72:8a:8e:83:0a:c0:68: 2e:91:90:f3:e0:24:7e:0e:b9:19:30:f9:fc:f5:6e: 10:9f:49:ec:48:96:b6:99:ba:b7:05:93:be:30:77: b7:17:09:dd:50:5b:57:d5:70:3f:ee:40:fe:0a:8e: 15:11:56:ac:e0:21:62:26:c9:c7:ec:74:39:90:32: 99:83:fc:b8:fc:02:63:16:0b:a6:22:7d:d7:42:ed: 32:25:ca:2b:8a:a2:2e:a7:12:17:26:36:e6:aa:ca: 64:60:5e:7a:62:53:8d:70:f8:ac:ca:ca:41:f3:da: d2:b6:c0:f0:21:ef:16:c0:d1:27:4b:4e:04:5d:bc: 4b:a8:be:04:b1:e6:06:2e:c8:62:e3:b7:45:95:79: 8f:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:A1:70:C6:6B:91:16:BC:37:4B:2F:C3:4F:03:85:7E:A2:87:F2:2D X509v3 Authority Key Identifier: keyid:A0:A3:22:4A:D0:C8:2B:3F:9A:62:F3:47:AC:A3:F9:45:DB:08:F2:B0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B80BD/B5A636D8FE5C11E2AEC042505911EA32/oKMiStDIKz-aYvNHrKP5RdsI8rA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oKMiStDIKz-aYvNHrKP5RdsI8rA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B80BD/B5A636D8FE5C11E2AEC042505911EA32/oKMiStDIKz-aYvNHrKP5RdsI8rA.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3e:c4:e6:a1:dd:f0:c7:d2:cd:e4:5c:92:7a:bf:87:e2:72:a6: f3:dd:55:cc:e5:bd:5f:b7:fe:2a:e3:86:f9:dc:da:50:2c:67: 1c:8a:da:52:c5:13:46:64:63:8b:d0:0c:bf:4a:d4:ab:28:38: f1:a9:78:82:74:df:8a:11:d9:fb:57:67:b8:34:02:28:91:69: 14:44:bc:41:57:14:ac:30:7b:17:9f:8d:e5:04:08:c1:6a:3f: f0:21:33:3b:8f:17:7c:10:02:88:8f:d9:d5:db:3d:d3:54:a9: 32:a3:c8:65:e2:54:02:c3:00:35:58:3a:bb:69:40:3e:19:45: 1e:49:36:5e:52:ec:11:14:ad:61:1f:fe:a4:b7:fd:ce:37:de: cd:36:c1:9f:96:e9:85:ac:ac:0e:b9:9d:cd:6b:2b:8a:e0:c4: 86:5e:b8:94:42:1d:56:0e:03:eb:63:3a:9c:d4:8c:1b:5c:da: 94:36:2b:9a:7e:d1:86:40:c9:b4:48:81:10:70:02:b6:92:95: 6e:cf:49:3c:c9:3f:d2:1b:d3:02:02:e5:5b:42:dc:26:54:51: f6:51:81:4f:03:8a:26:cf:79:b6:53:b7:63:9e:8e:a1:2f:15: c5:ff:a0:91:9f:ad:68:c2:5f:34:f2:d0:a1:73:b4:0c:29:67: 6c:e3:86:ee -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICMSEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjgwQkQxMTAvBgNVBAUTKEEwQTMyMjRBRDBDODJCM0Y5QTYyRjM0N0FDQTNGOTQ1 REIwOEYyQjAwHhcNMjYwMzI0MTUyNDIxWhcNMjYwMzMxMTUyNDIxWjAYMRYwFAYD VQQDEw02OWMyYWNhNS1lMDZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApfNS17Jsx5x/OwglywecGyJZTipqxOdH0pCa2qLuQ2ArjB2wb3clCr6qT5pL HmpIMyjXs/z2qwY2fnCGsRuCScVyxKHdWqmpfsEplPhlXo+2B5mzNSD6+dho+/lt WGPCzHh/FfKDsU29OqTt1Mmf43KKjoMKwGgukZDz4CR+DrkZMPn89W4Qn0nsSJa2 mbq3BZO+MHe3FwndUFtX1XA/7kD+Co4VEVas4CFiJsnH7HQ5kDKZg/y4/AJjFgum In3XQu0yJcoriqIupxIXJjbmqspkYF56YlONcPisyspB89rStsDwIe8WwNEnS04E XbxLqL4EseYGLshi47dFlXmPAwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFAehcMZr kRa8N0svw08DhX6ih/ItMB8GA1UdIwQYMBaAFKCjIkrQyCs/mmLzR6yj+UXbCPKw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCODBCRC9CNUE2MzZEOEZF NUMxMUUyQUVDMDQyNTA1OTExRUEzMi9vS01pU3RESUt6LWFZdk5IcktQNVJkc0k4 ckEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29LTWlTdERJS3otYVl2TkhyS1A1UmRzSThyQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC ODBCRC9CNUE2MzZEOEZFNUMxMUUyQUVDMDQyNTA1OTExRUEzMi9vS01pU3RESUt6 LWFZdk5IcktQNVJkc0k4ckEubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAPsTmod3wx9LN5FySer+H4nKm891VzOW9X7f+KuOG+dzaUCxnHIraUsUTRmRj i9AMv0rUqyg48al4gnTfihHZ+1dnuDQCKJFpFES8QVcUrDB7F5+N5QQIwWo/8CEz O48XfBACiI/Z1ds901SpMqPIZeJUAsMANVg6u2lAPhlFHkk2XlLsERStYR/+pLf9 zjfezTbBn5bphaysDrmdzWsriuDEhl64lEIdVg4D62M6nNSMG1zalDYrmn7RhkDJ tEiBEHACtpKVbs9JPMk/0hvTAgLlW0LcJlRR9lGBTwOKJs95tlO3Y56OoS8Vxf+g kZ+taMJfNPLQoXO0DClnbOOG7g== -----END CERTIFICATE-----Generated at Thu Mar 26 04:44:35 2026 by rpki-client