$ rpki-client -vvf rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/XYnzqvmxOgelsmTy3rpk1cUAZRw.mft File: XYnzqvmxOgelsmTy3rpk1cUAZRw.mft (raw, json) Hash identifier: woK7J5xkUIdehXV7kJHp9XPShZHqYcTmgn33Wo4HOJY= Subject key identifier: BC:D7:07:87:91:25:3F:5F:3E:03:A1:FF:61:0F:F6:67:5D:61:05:92 Authority key identifier: 5D:89:F3:AA:F9:B1:3A:07:A5:B2:64:F2:DE:BA:64:D5:C5:00:65:1C Certificate issuer: /CN=A91D5240/serialNumber=5D89F3AAF9B13A07A5B264F2DEBA64D5C500651C Certificate serial: 0269 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XYnzqvmxOgelsmTy3rpk1cUAZRw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/XYnzqvmxOgelsmTy3rpk1cUAZRw.mft Manifest number: 0258 Signing time: Wed 25 Mar 2026 01:41:46 +0000 Manifest this update: Wed 25 Mar 2026 01:41:45 +0000 Manifest next update: Wed 01 Apr 2026 01:41:45 +0000 Files and hashes: 1: XYnzqvmxOgelsmTy3rpk1cUAZRw.crl (hash: Y+8vQ/o0la32FXWRuockEu5coji8QJ5+HLkXtzFhURM=) 2: 5DCE1A1AA63C11ED9306165AC4F9AE02.roa (hash: ry8gAyMl/oF2tDrb6QBcr0lUpoct2VpMmyLx0Y2gIls=) 3: 9FBA5FCCA63911ED874E6630C4F9AE02.roa (hash: ClwvMUH1LVLekjvPCckwoGuRynW5TD4w0EqiLo6Abj0=) 4: 9EA7B7D8A63911ED874E6630C4F9AE02.roa (hash: DHZLT6kRWzcG3+2PiBnd4pNnMfMfwzitkH/VyFmiyhk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/XYnzqvmxOgelsmTy3rpk1cUAZRw.crl rsync://rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/XYnzqvmxOgelsmTy3rpk1cUAZRw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XYnzqvmxOgelsmTy3rpk1cUAZRw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 Apr 2026 01:41:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 617 (0x269) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D5240, serialNumber=5D89F3AAF9B13A07A5B264F2DEBA64D5C500651C Validity Not Before: Mar 25 01:41:45 2026 GMT Not After : Apr 1 01:41:45 2026 GMT Subject: CN=69c33d5a-2088 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:85:1f:b3:db:32:c1:6c:d5:8b:0a:b3:76:40: bc:e4:63:04:6f:22:10:a7:55:77:12:f5:f4:eb:9c: 70:46:88:75:51:9e:47:14:05:81:25:4a:f5:d6:22: 59:57:f8:6a:9c:10:60:7b:d9:0e:26:d4:7c:6d:ec: cc:0f:e4:55:b4:a2:b0:33:b0:e9:90:87:87:2c:83: a7:6a:e0:a6:b9:b6:e8:e3:33:b8:83:27:a2:94:e0: 1d:15:a5:14:c8:0b:2f:ed:89:d0:be:90:4a:bf:05: 31:18:b3:4d:21:98:0d:65:8c:1c:0d:39:60:79:30: 68:1e:b4:41:66:41:2a:77:92:3b:59:d3:54:7e:5a: 18:71:6d:e5:1f:25:8d:0f:b6:52:85:6f:06:a9:5b: b0:de:33:d1:87:01:99:6d:8b:81:42:6b:1d:00:5d: 14:95:f1:29:e4:e6:d4:5e:5a:98:77:fe:be:65:6b: 37:00:86:b4:e2:06:e0:ba:0e:fd:77:91:60:78:11: b3:96:63:b3:2c:10:5b:d3:81:27:3a:d4:be:86:08: 4b:1e:01:22:79:06:cf:5f:0b:55:28:48:3f:4b:10: 24:01:36:88:13:f5:95:19:84:ef:05:ab:2f:70:fb: fc:0d:aa:a7:74:d4:4a:75:b2:19:c8:27:3e:0d:be: e2:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:D7:07:87:91:25:3F:5F:3E:03:A1:FF:61:0F:F6:67:5D:61:05:92 X509v3 Authority Key Identifier: keyid:5D:89:F3:AA:F9:B1:3A:07:A5:B2:64:F2:DE:BA:64:D5:C5:00:65:1C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/XYnzqvmxOgelsmTy3rpk1cUAZRw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XYnzqvmxOgelsmTy3rpk1cUAZRw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/XYnzqvmxOgelsmTy3rpk1cUAZRw.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1e:4e:bf:39:23:9f:c3:c9:de:52:64:c2:5e:a6:60:70:f7:b4: 21:a8:ea:8a:d6:df:8c:b2:fb:59:41:f6:7f:9a:da:d1:9f:f2: fc:a1:24:dc:da:4e:c5:5e:31:8f:8e:c5:1c:6d:fa:63:41:13: 20:40:c2:f3:2c:08:1e:c4:5e:4a:e1:94:5d:8d:40:01:60:2d: 48:ea:44:e8:d9:95:c5:de:2b:13:e7:ea:0c:25:09:75:c6:47: 8a:c0:c7:9f:8c:d0:48:d6:46:fd:ca:5f:20:83:c9:9d:74:02: 1f:fa:78:46:9a:26:4a:0f:13:e7:f4:7d:26:d0:28:d6:a7:c4: b1:5d:50:00:4b:d3:95:ff:03:8b:c6:0c:84:25:dc:03:90:e4: cd:3d:cc:b2:65:87:dd:ca:a7:6d:82:04:b8:fb:c8:40:11:d6: 0a:f2:80:9e:97:f1:92:0d:ee:e4:03:24:50:4e:49:b8:20:69: 70:e3:0d:e3:78:b3:d5:5f:77:18:aa:46:8e:6a:43:de:11:2f: 7a:d3:81:8c:b3:aa:24:4b:b6:a4:da:df:08:72:06:7d:a8:d9: 52:0f:18:18:29:87:8a:e3:fe:59:43:93:3f:13:93:6f:e3:18: e4:4a:1d:ad:3c:8c:22:9a:b1:4d:20:45:9f:e4:9f:1b:13:09: dc:ef:16:1e -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICAmkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDUyNDAxMTAvBgNVBAUTKDVEODlGM0FBRjlCMTNBMDdBNUIyNjRGMkRFQkE2NEQ1 QzUwMDY1MUMwHhcNMjYwMzI1MDE0MTQ1WhcNMjYwNDAxMDE0MTQ1WjAYMRYwFAYD VQQDEw02OWMzM2Q1YS0yMDg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0oUfs9sywWzViwqzdkC85GMEbyIQp1V3EvX065xwRoh1UZ5HFAWBJUr11iJZ V/hqnBBge9kOJtR8bezMD+RVtKKwM7DpkIeHLIOnauCmubbo4zO4gyeilOAdFaUU yAsv7YnQvpBKvwUxGLNNIZgNZYwcDTlgeTBoHrRBZkEqd5I7WdNUfloYcW3lHyWN D7ZShW8GqVuw3jPRhwGZbYuBQmsdAF0UlfEp5ObUXlqYd/6+ZWs3AIa04gbgug79 d5FgeBGzlmOzLBBb04EnOtS+hghLHgEieQbPXwtVKEg/SxAkATaIE/WVGYTvBasv cPv8DaqndNRKdbIZyCc+Db7ihwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFLzXB4eR JT9fPgOh/2EP9mddYQWSMB8GA1UdIwQYMBaAFF2J86r5sToHpbJk8t66ZNXFAGUc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENTI0MC8yN0RERTdEODlC N0QxMUVEQjNDMzNGNURDNEY5QUUwMi9YWW56cXZteE9nZWxzbVR5M3JwazFjVUFa UncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hZbnpxdm14T2dlbHNtVHkzcnBrMWNVQVpSdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NTI0MC8yN0RERTdEODlCN0QxMUVEQjNDMzNGNURDNEY5QUUwMi9YWW56cXZteE9n ZWxzbVR5M3JwazFjVUFaUncubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAHk6/OSOfw8neUmTCXqZgcPe0IajqitbfjLL7WUH2f5ra0Z/y/KEk3NpOxV4x j47FHG36Y0ETIEDC8ywIHsReSuGUXY1AAWAtSOpE6NmVxd4rE+fqDCUJdcZHisDH n4zQSNZG/cpfIIPJnXQCH/p4RpomSg8T5/R9JtAo1qfEsV1QAEvTlf8Di8YMhCXc A5DkzT3MsmWH3cqnbYIEuPvIQBHWCvKAnpfxkg3u5AMkUE5JuCBpcOMN43iz1V93 GKpGjmpD3hEvetOBjLOqJEu2pNrfCHIGfajZUg8YGCmHiuP+WUOTPxOTb+MY5Eod rTyMIpqxTSBFn+SfGxMJ3O8WHg== -----END CERTIFICATE-----Generated at Thu Mar 26 22:37:38 2026 by rpki-client