$ rpki-client -vvf rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.mft File: R-lr-DG7PMQ7TweEJj5ylYddVRY.mft (raw, json) Hash identifier: TgfHYM3ARmXkPIW+XX51ZXcl46vlY9gbT+j8SJaEz2I= Subject key identifier: 96:6A:8E:6C:78:66:4C:5D:02:FB:56:46:43:E7:73:93:6A:46:55:14 Authority key identifier: 47:E9:6B:F8:31:BB:3C:C4:3B:4F:07:84:26:3E:72:95:87:5D:55:16 Certificate issuer: /CN=A91C4204/serialNumber=47E96BF831BB3CC43B4F0784263E7295875D5516 Certificate serial: A6 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/R-lr-DG7PMQ7TweEJj5ylYddVRY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.mft Manifest number: A3 Signing time: Wed 25 Mar 2026 06:29:29 +0000 Manifest this update: Wed 25 Mar 2026 06:29:29 +0000 Manifest next update: Wed 01 Apr 2026 06:29:29 +0000 Files and hashes: 1: R-lr-DG7PMQ7TweEJj5ylYddVRY.crl (hash: lUQ3JHa/UW0jW1FC1lHByvVLe6BwMkarQ6pktAJM/qA=) 2: CA2D4952300911F0AB675D3EC4F9AE02.roa (hash: oMWjSrq7UBr0grnE1BuEzNLinF6a33GQ38fOzOclHV4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.crl rsync://rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/R-lr-DG7PMQ7TweEJj5ylYddVRY.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 Apr 2026 06:29:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 166 (0xa6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C4204, serialNumber=47E96BF831BB3CC43B4F0784263E7295875D5516 Validity Not Before: Mar 25 06:29:29 2026 GMT Not After : Apr 1 06:29:29 2026 GMT Subject: CN=69c380c9-e735 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:08:65:21:0e:93:e8:f5:44:1b:73:59:5a:f7: ee:34:12:73:fa:c4:b1:54:4f:c8:25:78:97:9d:42: fa:c2:b6:b1:19:a9:80:fa:23:16:de:46:05:76:11: 92:eb:0a:b6:6c:0c:4c:dc:e0:0f:0d:b2:76:2b:1c: 20:33:0a:c2:b7:0c:5a:72:b7:9a:53:de:42:e2:4a: 1f:29:e4:e6:95:c9:ef:0a:c7:71:04:c9:5a:07:cd: 3c:c9:c6:44:83:59:6d:35:05:8c:c2:49:02:47:86: 16:b3:b1:76:d6:03:a5:7f:79:b2:aa:28:43:d9:7f: 9e:6e:4f:38:ff:71:de:53:b1:7c:5b:40:22:57:7b: bb:34:7e:e0:24:b3:37:1a:19:cd:03:98:0a:53:42: 3d:03:89:b4:86:38:90:4d:7b:4f:2c:30:3b:46:54: 22:9b:9b:e8:1f:a6:78:2d:f0:b3:fd:15:89:64:e6: d1:84:03:d1:f7:ef:26:88:8f:b3:76:46:33:f4:8d: 8f:f0:16:19:ab:b4:e3:7b:3f:ca:24:ba:41:43:46: 8f:f5:58:16:eb:28:2e:65:20:13:b4:b4:31:f8:76: 22:ef:19:7a:c5:1d:4c:2f:20:80:fe:be:29:a5:15: 57:7e:7e:4c:02:bf:08:88:be:3c:8c:97:a9:1b:d3: 22:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:6A:8E:6C:78:66:4C:5D:02:FB:56:46:43:E7:73:93:6A:46:55:14 X509v3 Authority Key Identifier: keyid:47:E9:6B:F8:31:BB:3C:C4:3B:4F:07:84:26:3E:72:95:87:5D:55:16 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/R-lr-DG7PMQ7TweEJj5ylYddVRY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7e:05:91:23:59:3d:b9:82:9e:d0:89:0c:89:62:c0:8d:d5:7f: 95:80:90:80:6d:ee:a0:d4:52:9b:8c:b9:51:41:96:10:f0:8a: e3:90:65:d3:d5:ae:13:be:83:0d:0c:cd:96:7d:4e:e6:cd:37: e7:d4:69:ea:52:ed:b7:0f:7b:5c:79:e4:19:da:71:47:3d:62: c6:4c:e5:c0:fb:0e:ed:32:cd:d7:2f:b1:59:6e:da:33:d7:d5: 35:aa:8c:31:36:99:eb:33:3a:c8:6f:fb:7c:99:30:86:9e:5b: d1:56:26:61:26:0b:9f:e4:98:11:4d:f4:2c:92:6b:5f:c0:c7: 1d:67:22:08:b0:7f:e3:ef:2e:ef:02:ba:3a:95:20:34:05:70: f5:2e:5c:56:a1:30:ed:92:6a:f6:50:45:c3:e1:3c:0c:1c:fd: 7f:32:37:4c:0a:4a:85:5f:b7:f7:cd:c6:3f:5f:f5:e0:da:3a: 3f:a7:0b:04:75:2c:a6:2a:11:f2:b7:0e:8b:93:29:50:1d:aa: 12:fd:cc:74:3e:dd:63:73:b6:b8:41:e7:a1:4f:0a:38:ef:a1: 6a:16:ca:47:f7:85:e1:ca:74:1b:83:90:21:ef:40:a5:b9:6d: 3b:1e:df:48:5a:2d:8c:70:b0:c1:d2:d9:66:4d:81:11:f1:cb: 32:e3:ee:6b -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICAKYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzQyMDQxMTAvBgNVBAUTKDQ3RTk2QkY4MzFCQjNDQzQzQjRGMDc4NDI2M0U3Mjk1 ODc1RDU1MTYwHhcNMjYwMzI1MDYyOTI5WhcNMjYwNDAxMDYyOTI5WjAYMRYwFAYD VQQDEw02OWMzODBjOS1lNzM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmAhlIQ6T6PVEG3NZWvfuNBJz+sSxVE/IJXiXnUL6wraxGamA+iMW3kYFdhGS 6wq2bAxM3OAPDbJ2KxwgMwrCtwxacreaU95C4kofKeTmlcnvCsdxBMlaB808ycZE g1ltNQWMwkkCR4YWs7F21gOlf3myqihD2X+ebk84/3HeU7F8W0AiV3u7NH7gJLM3 GhnNA5gKU0I9A4m0hjiQTXtPLDA7RlQim5voH6Z4LfCz/RWJZObRhAPR9+8miI+z dkYz9I2P8BYZq7Tjez/KJLpBQ0aP9VgW6yguZSATtLQx+HYi7xl6xR1MLyCA/r4p pRVXfn5MAr8IiL48jJepG9MiTQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFJZqjmx4 ZkxdAvtWRkPnc5NqRlUUMB8GA1UdIwQYMBaAFEfpa/gxuzzEO08HhCY+cpWHXVUW MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNDIwNC80NDFCNTA1MjMw MDkxMUYwQTBBQTdEM0RDNEY5QUUwMi9SLWxyLURHN1BNUTdUd2VFSmo1eWxZZGRW UlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1ItbHItREc3UE1RN1R3ZUVKajV5bFlkZFZSWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD NDIwNC80NDFCNTA1MjMwMDkxMUYwQTBBQTdEM0RDNEY5QUUwMi9SLWxyLURHN1BN UTdUd2VFSmo1eWxZZGRWUlkubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAfgWRI1k9uYKe0IkMiWLAjdV/lYCQgG3uoNRSm4y5UUGWEPCK45Bl09WuE76D DQzNln1O5s0359Rp6lLttw97XHnkGdpxRz1ixkzlwPsO7TLN1y+xWW7aM9fVNaqM MTaZ6zM6yG/7fJkwhp5b0VYmYSYLn+SYEU30LJJrX8DHHWciCLB/4+8u7wK6OpUg NAVw9S5cVqEw7ZJq9lBFw+E8DBz9fzI3TApKhV+3983GP1/14No6P6cLBHUspioR 8rcOi5MpUB2qEv3MdD7dY3O2uEHnoU8KOO+hahbKR/eF4cp0G4OQIe9ApbltOx7f SFotjHCwwdLZZk2BEfHLMuPuaw== -----END CERTIFICATE-----Generated at Thu Mar 26 12:58:11 2026 by rpki-client