$ rpki-client -vvf rpki.apnic.net/member_repository/A91D3DAE/FEFBCC8E1D8F11E2B54A7DEF08B02CD2/Gu-1HeyOsHlip15FnOIQp0ABBPs.mft File: Gu-1HeyOsHlip15FnOIQp0ABBPs.mft (raw, json) Hash identifier: gadEBM1wkVA5vx4Ob8pE5KeH7o5Q1gXC6sqxt+Eb86E= Subject key identifier: CB:75:C1:85:F9:D8:20:70:A6:DB:09:49:DA:B5:81:4F:21:B5:E4:D7 Authority key identifier: 1A:EF:B5:1D:EC:8E:B0:79:62:A7:5E:45:9C:E2:10:A7:40:01:04:FB Certificate issuer: /CN=A91D3DAE/serialNumber=1AEFB51DEC8EB07962A75E459CE210A7400104FB Certificate serial: 353A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Gu-1HeyOsHlip15FnOIQp0ABBPs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D3DAE/FEFBCC8E1D8F11E2B54A7DEF08B02CD2/Gu-1HeyOsHlip15FnOIQp0ABBPs.mft Manifest number: 3528 Signing time: Tue 24 Mar 2026 14:40:43 +0000 Manifest this update: Tue 24 Mar 2026 14:40:42 +0000 Manifest next update: Tue 31 Mar 2026 14:40:42 +0000 Files and hashes: 1: Gu-1HeyOsHlip15FnOIQp0ABBPs.crl (hash: vGRbqEHbGQ86g3FG4I+a3zjw9GfkSuHI3M79GxC4b6U=) 2: 232E8BFEFEA411EDBC673B4BC4F9AE02.roa (hash: i/MqTAr3DjQbJ7pM6lK7jVjbcEbd2+i/7IX3vbbjQxw=) 3: 220E32CEFEA411EDBC673B4BC4F9AE02.roa (hash: E2m3GG0CyyLNe3em7BY2AGdLBy8YhmSii0OKLOGYkJg=) 4: 229F27ACFEA411EDBC673B4BC4F9AE02.roa (hash: Qk1zJmgRoPNYf3XvdVSfDLRHp6uM57VNb9FsqRujDlI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D3DAE/FEFBCC8E1D8F11E2B54A7DEF08B02CD2/Gu-1HeyOsHlip15FnOIQp0ABBPs.crl rsync://rpki.apnic.net/member_repository/A91D3DAE/FEFBCC8E1D8F11E2B54A7DEF08B02CD2/Gu-1HeyOsHlip15FnOIQp0ABBPs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Gu-1HeyOsHlip15FnOIQp0ABBPs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 14:40:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13626 (0x353a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D3DAE, serialNumber=1AEFB51DEC8EB07962A75E459CE210A7400104FB Validity Not Before: Mar 24 14:40:42 2026 GMT Not After : Mar 31 14:40:42 2026 GMT Subject: CN=69c2a26b-d96f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:ba:7c:b0:6b:51:bb:e0:40:27:f7:db:e2:8a: e5:65:96:cf:e3:ef:da:c3:5e:ef:89:61:63:61:d4: f7:fb:e5:19:4a:29:f1:52:8a:6b:da:7e:7d:c1:e5: be:42:c9:c7:15:25:5e:1d:07:2e:df:75:fe:54:5f: 5f:38:90:2f:18:a6:e0:78:0b:5c:51:99:9f:22:f8: 3b:f0:a3:8a:d9:de:8d:66:7c:c1:bb:4f:44:7a:63: 6d:8b:96:4c:0e:d3:4e:3a:13:be:1a:2c:c2:5e:04: 46:6d:01:38:38:95:31:ef:ce:bd:fb:88:49:2b:c1: 11:3d:ea:93:b3:e3:f3:3c:f2:23:f9:90:2b:85:12: 21:6e:be:0c:79:10:bc:1a:5b:95:0a:dc:5f:bf:35: 30:e0:76:75:b2:1e:a3:6d:01:a4:b0:a4:05:ab:38: 00:58:2f:de:4e:25:78:3e:d5:a5:ce:fa:04:34:e9: 8b:d8:f4:4b:83:8e:a4:31:a7:a6:8b:cc:56:11:79: ad:f0:d9:37:cc:be:1c:1c:92:f0:7e:94:a6:fb:62: e8:28:5a:09:16:22:5c:7b:95:74:ae:52:ad:bc:8f: ab:07:7d:21:81:bb:2b:cc:a0:74:88:09:d9:14:d6: b5:c6:b4:b2:6a:77:f0:93:3c:a4:9e:34:ae:94:79: de:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:75:C1:85:F9:D8:20:70:A6:DB:09:49:DA:B5:81:4F:21:B5:E4:D7 X509v3 Authority Key Identifier: keyid:1A:EF:B5:1D:EC:8E:B0:79:62:A7:5E:45:9C:E2:10:A7:40:01:04:FB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D3DAE/FEFBCC8E1D8F11E2B54A7DEF08B02CD2/Gu-1HeyOsHlip15FnOIQp0ABBPs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Gu-1HeyOsHlip15FnOIQp0ABBPs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D3DAE/FEFBCC8E1D8F11E2B54A7DEF08B02CD2/Gu-1HeyOsHlip15FnOIQp0ABBPs.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6c:eb:3c:d6:74:e5:63:66:f0:fb:48:a6:b2:b2:b0:31:ee:96: 7c:28:f8:be:0c:ba:1c:6d:f5:4e:c1:8d:90:01:5d:0c:6a:75: 20:98:21:e1:e4:d7:b5:b1:9c:cb:6c:34:1f:d3:c8:47:8f:67: 14:c0:27:84:06:85:d1:46:84:6f:79:89:28:9a:f0:0b:d5:6f: d6:4f:ee:9e:b4:e7:8f:79:c6:31:80:da:aa:de:12:3c:8b:58: d6:8b:cb:94:00:17:34:e2:24:c1:04:d1:09:84:a0:2e:94:69: 16:74:1f:cb:48:f6:f6:6d:f3:b9:93:8a:58:d1:ae:2b:00:2d: fe:f8:0d:51:ae:2d:d4:9b:c0:da:c3:7c:88:03:bc:1f:c6:d9: 85:47:d6:18:fa:6c:17:0f:1c:52:a5:0d:c2:42:34:54:8d:88: 9e:78:a0:02:98:db:8c:73:e9:35:66:5a:9b:18:37:b6:15:f2: c5:48:33:08:1b:73:e2:ae:b5:5c:a9:42:4c:9b:5f:4c:db:89: 6c:2a:1b:8b:99:cd:56:85:7c:d4:83:bc:69:c1:62:e5:88:1b: 56:fd:41:93:81:84:fc:4d:63:a3:99:a5:6b:31:a5:00:d0:a5: e5:ca:36:c3:ab:67:f9:46:1a:f9:8b:b4:9f:68:21:05:82:5d: 14:46:cf:f2 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICNTowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDNEQUUxMTAvBgNVBAUTKDFBRUZCNTFERUM4RUIwNzk2MkE3NUU0NTlDRTIxMEE3 NDAwMTA0RkIwHhcNMjYwMzI0MTQ0MDQyWhcNMjYwMzMxMTQ0MDQyWjAYMRYwFAYD VQQDEw02OWMyYTI2Yi1kOTZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAq7p8sGtRu+BAJ/fb4orlZZbP4+/aw17viWFjYdT3++UZSinxUopr2n59weW+ QsnHFSVeHQcu33X+VF9fOJAvGKbgeAtcUZmfIvg78KOK2d6NZnzBu09EemNti5ZM DtNOOhO+GizCXgRGbQE4OJUx7869+4hJK8ERPeqTs+PzPPIj+ZArhRIhbr4MeRC8 GluVCtxfvzUw4HZ1sh6jbQGksKQFqzgAWC/eTiV4PtWlzvoENOmL2PRLg46kMaem i8xWEXmt8Nk3zL4cHJLwfpSm+2LoKFoJFiJce5V0rlKtvI+rB30hgbsrzKB0iAnZ FNa1xrSyanfwkzyknjSulHne5wIDAQABo4ICczCCAm8wHQYDVR0OBBYEFMt1wYX5 2CBwptsJSdq1gU8hteTXMB8GA1UdIwQYMBaAFBrvtR3sjrB5YqdeRZziEKdAAQT7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEM0RBRS9GRUZCQ0M4RTFE OEYxMUUyQjU0QTdERUYwOEIwMkNEMi9HdS0xSGV5T3NIbGlwMTVGbk9JUXAwQUJC UHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0d1LTFIZXlPc0hsaXAxNUZuT0lRcDBBQkJQcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE M0RBRS9GRUZCQ0M4RTFEOEYxMUUyQjU0QTdERUYwOEIwMkNEMi9HdS0xSGV5T3NI bGlwMTVGbk9JUXAwQUJCUHMubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAbOs81nTlY2bw+0imsrKwMe6WfCj4vgy6HG31TsGNkAFdDGp1IJgh4eTXtbGc y2w0H9PIR49nFMAnhAaF0UaEb3mJKJrwC9Vv1k/unrTnj3nGMYDaqt4SPItY1ovL lAAXNOIkwQTRCYSgLpRpFnQfy0j29m3zuZOKWNGuKwAt/vgNUa4t1JvA2sN8iAO8 H8bZhUfWGPpsFw8cUqUNwkI0VI2InnigApjbjHPpNWZamxg3thXyxUgzCBtz4q61 XKlCTJtfTNuJbCobi5nNVoV81IO8acFi5YgbVv1Bk4GE/E1jo5mlazGlANCl5co2 w6tn+UYa+Yu0n2ghBYJdFEbP8g== -----END CERTIFICATE-----Generated at Thu Mar 26 07:14:38 2026 by rpki-client