$ rpki-client -vvf rpki.apnic.net/member_repository/A91CBF47/0DFAEE48F28B11F0B3FDFE426B6F56BC/Cd0OotIDEfeT5HQ_CGXISgJHP9s.mft File: Cd0OotIDEfeT5HQ_CGXISgJHP9s.mft (raw, json) Hash identifier: gFNn7mXHEvPeb2aCaHWneqiCN+lrj2KxxxCGHlWyDKE= Subject key identifier: 3F:28:64:13:F2:E4:13:AC:B4:BA:1C:41:FB:74:DC:5F:35:FB:0C:4C Authority key identifier: 09:DD:0E:A2:D2:03:11:F7:93:E4:74:3F:08:65:C8:4A:02:47:3F:DB Certificate issuer: /CN=A91CBF47/serialNumber=09DD0EA2D20311F793E4743F0865C84A02473FDB Certificate serial: 2B Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/Cd0OotIDEfeT5HQ_CGXISgJHP9s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CBF47/0DFAEE48F28B11F0B3FDFE426B6F56BC/Cd0OotIDEfeT5HQ_CGXISgJHP9s.mft Manifest number: 2B Signing time: Tue 24 Mar 2026 14:32:21 +0000 Manifest this update: Tue 24 Mar 2026 14:32:20 +0000 Manifest next update: Tue 31 Mar 2026 14:32:20 +0000 Files and hashes: 1: Cd0OotIDEfeT5HQ_CGXISgJHP9s.crl (hash: NMq2olcpoIUt5yOzC4Jdax0n2+TEUVrl1QbPxU/9ySU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CBF47/0DFAEE48F28B11F0B3FDFE426B6F56BC/Cd0OotIDEfeT5HQ_CGXISgJHP9s.crl rsync://rpki.apnic.net/member_repository/A91CBF47/0DFAEE48F28B11F0B3FDFE426B6F56BC/Cd0OotIDEfeT5HQ_CGXISgJHP9s.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/Cd0OotIDEfeT5HQ_CGXISgJHP9s.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 14:32:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43 (0x2b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CBF47, serialNumber=09DD0EA2D20311F793E4743F0865C84A02473FDB Validity Not Before: Mar 24 14:32:20 2026 GMT Not After : Mar 31 14:32:20 2026 GMT Subject: CN=69c2a075-fc03 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:68:c7:ff:42:71:04:f9:59:d4:97:f0:7c:52: 70:30:f1:e6:8e:6e:c8:ea:f0:4c:b5:68:2d:c0:9a: 65:e5:c2:2c:69:a7:c0:47:60:63:58:77:85:6d:1d: 8d:68:71:b0:e9:4d:9c:f6:99:4b:8d:a9:c8:6a:0d: cd:86:9e:91:b1:3a:e4:0f:4f:21:f2:23:c0:8c:5f: 14:60:a5:43:82:8d:38:56:d9:df:30:57:d2:d6:a0: ce:94:95:e2:b4:7c:5e:97:40:b2:ed:b1:60:6d:7f: 2f:a3:d3:e3:35:95:62:37:64:ac:f0:a1:e4:3d:c9: 8a:c2:fc:70:9f:8b:f4:dc:43:73:bc:b2:cb:65:ca: 4f:09:f3:0f:a7:e1:a7:65:92:80:75:4b:f1:13:4c: 80:1f:e2:1f:27:51:43:43:9b:af:0d:40:7e:e3:97: e6:c8:ae:35:a2:75:f9:82:d8:89:82:db:60:05:cb: cf:fe:34:1f:fd:bc:3f:ff:97:a7:c2:71:46:35:c8: 94:e2:51:ed:4d:d7:62:fe:86:9d:db:d4:77:59:cd: c3:4c:ea:e6:c1:7f:c2:24:cd:54:fc:c0:2b:c6:40: e7:b9:a5:31:9b:97:b7:3d:c7:87:d4:85:9d:91:90: 1f:84:1d:fa:dc:e7:e4:a2:98:08:ea:1f:b6:d3:8a: 1a:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:28:64:13:F2:E4:13:AC:B4:BA:1C:41:FB:74:DC:5F:35:FB:0C:4C X509v3 Authority Key Identifier: keyid:09:DD:0E:A2:D2:03:11:F7:93:E4:74:3F:08:65:C8:4A:02:47:3F:DB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CBF47/0DFAEE48F28B11F0B3FDFE426B6F56BC/Cd0OotIDEfeT5HQ_CGXISgJHP9s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/Cd0OotIDEfeT5HQ_CGXISgJHP9s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CBF47/0DFAEE48F28B11F0B3FDFE426B6F56BC/Cd0OotIDEfeT5HQ_CGXISgJHP9s.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a7:c9:12:0e:c7:11:3f:dd:17:9f:b9:3b:55:63:6b:40:41:d4: fb:a7:a9:15:e3:86:04:6f:b9:60:42:6d:be:5c:2b:69:4a:cc: 5e:27:8a:75:fe:e7:d4:ed:a7:a4:6f:6f:6b:88:30:63:e9:a3: 09:95:b1:20:ca:8e:4e:85:d3:58:ec:5e:7f:08:5c:97:61:49: 82:ef:4d:2e:d5:3d:eb:66:6a:71:59:25:b3:11:eb:1d:bd:19: c9:79:47:9a:e5:c8:79:38:dd:3f:8f:1c:55:50:47:04:40:45: 0b:32:9e:4c:0f:73:25:17:de:55:6d:65:21:1f:17:d7:86:52: a9:ca:9b:53:9e:a0:f1:7a:fe:64:ea:cb:95:9b:e6:48:95:95: 70:98:22:5f:fa:5a:a0:f2:23:be:d5:42:b1:43:89:17:ca:23: 04:96:fd:75:90:bf:7a:47:d2:15:58:a2:15:28:11:55:19:e3: 48:ac:95:99:2d:6c:c7:9c:5e:b0:8b:c4:fd:1a:fa:8f:c9:a8: 4e:4b:ed:22:84:42:46:b4:09:07:86:c1:47:b7:49:67:45:37: ba:00:ed:2a:cf:9e:9f:30:43:ec:75:92:3a:1a:bd:6f:bb:bb: a6:06:3e:ba:95:7f:44:26:2e:0c:1b:f2:44:40:38:e5:9c:77: 4a:45:53:d6 -----BEGIN CERTIFICATE----- MIIFTjCCBDagAwIBAgIBKzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD QkY0NzExMC8GA1UEBRMoMDlERDBFQTJEMjAzMTFGNzkzRTQ3NDNGMDg2NUM4NEEw MjQ3M0ZEQjAeFw0yNjAzMjQxNDMyMjBaFw0yNjAzMzExNDMyMjBaMBgxFjAUBgNV BAMTDTY5YzJhMDc1LWZjMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCjaMf/QnEE+VnUl/B8UnAw8eaObsjq8Ey1aC3AmmXlwixpp8BHYGNYd4VtHY1o cbDpTZz2mUuNqchqDc2GnpGxOuQPTyHyI8CMXxRgpUOCjThW2d8wV9LWoM6UleK0 fF6XQLLtsWBtfy+j0+M1lWI3ZKzwoeQ9yYrC/HCfi/TcQ3O8sstlyk8J8w+n4adl koB1S/ETTIAf4h8nUUNDm68NQH7jl+bIrjWidfmC2ImC22AFy8/+NB/9vD//l6fC cUY1yJTiUe1N12L+hp3b1HdZzcNM6ubBf8IkzVT8wCvGQOe5pTGbl7c9x4fUhZ2R kB+EHfrc5+SimAjqH7bTihq7AgMBAAGjggJzMIICbzAdBgNVHQ4EFgQUPyhkE/Lk E6y0uhxB+3TcXzX7DEwwHwYDVR0jBBgwFoAUCd0OotIDEfeT5HQ/CGXISgJHP9sw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNCRjQ3LzBERkFFRTQ4RjI4 QjExRjBCM0ZERkU0MjZCNkY1NkJDL0NkME9vdElERWZlVDVIUV9DR1hJU2dKSFA5 cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjMyMkE1RjQxRDY2MTFFMkEzRjI3RjdDNzJG RDFGRjIvQ2QwT290SURFZmVUNUhRX0NHWElTZ0pIUDlzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgZAGCCsGAQUFBwELBIGDMIGAMH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNC RjQ3LzBERkFFRTQ4RjI4QjExRjBCM0ZERkU0MjZCNkY1NkJDL0NkME9vdElERWZl VDVIUV9DR1hJU2dKSFA5cy5tZnQwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQCnyRIOxxE/3RefuTtVY2tAQdT7p6kV44YEb7lgQm2+XCtpSsxeJ4p1/ufU7aek b29riDBj6aMJlbEgyo5OhdNY7F5/CFyXYUmC700u1T3rZmpxWSWzEesdvRnJeUea 5ch5ON0/jxxVUEcEQEULMp5MD3MlF95VbWUhHxfXhlKpyptTnqDxev5k6suVm+ZI lZVwmCJf+lqg8iO+1UKxQ4kXyiMElv11kL96R9IVWKIVKBFVGeNIrJWZLWzHnF6w i8T9GvqPyahOS+0ihEJGtAkHhsFHt0lnRTe6AO0qz56fMEPsdZI6Gr1vu7umBj66 lX9EJi4MG/JEQDjlnHdKRVPW -----END CERTIFICATE-----Generated at Thu Mar 26 14:08:05 2026 by rpki-client