$ rpki-client -vvf rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.mft File: xOTw2gEK9YY3zFlihHHpmLckPFI.mft (raw, json) Hash identifier: jstrfmo3bRcBGatsDUFQ6yZf28FfmUojtOPfZ2MvpxI= Subject key identifier: 4B:57:7B:1F:63:CB:FD:F9:14:B2:37:6C:B0:3E:AF:FA:88:AC:1B:7B Authority key identifier: C4:E4:F0:DA:01:0A:F5:86:37:CC:59:62:84:71:E9:98:B7:24:3C:52 Certificate issuer: /CN=A91D83D0/serialNumber=C4E4F0DA010AF58637CC59628471E998B7243C52 Certificate serial: 09AB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xOTw2gEK9YY3zFlihHHpmLckPFI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.mft Manifest number: 0987 Signing time: Tue 24 Mar 2026 19:50:39 +0000 Manifest this update: Tue 24 Mar 2026 19:50:38 +0000 Manifest next update: Tue 31 Mar 2026 19:50:38 +0000 Files and hashes: 1: xOTw2gEK9YY3zFlihHHpmLckPFI.crl (hash: AKLzhtVbtZFLriaU/NYi7O6HQxRKCdtj38Alcl/xrSY=) 2: 03706138786411EC8624EB12C4F9AE02.roa (hash: EGqbfoF9jJWPU0BnzC3V2PXkWe0y4Oy0kA3ja8zkkX8=) 3: 6A6E4770A10F11EF840C2548C4F9AE02.roa (hash: GEy9cKvJuaUG1j4vauBHAkcMaCqiS2PQAr8JoqS4dPU=) 4: 7B3252CC014911F1B56055C9516F56BC.roa (hash: tBzjsuG6Lc6RhWea8/zSFmhSrzHWoDXSIIHH2NKoQH4=) 5: 2BFE357EF06211F08763644E5C6F56BC.roa (hash: T7iFd2LrB33SLomhhE8G/jtsnMR7YugAZQJC0RPLigw=) 6: 863670328FD011EEB6FFC636C4F9AE02.roa (hash: WwltnaTPtmW0+YRs/lUQRQVdWPG/Y8JmtvUfshNHISo=) 7: 5353EA28781F11EEBA05B17FC4F9AE02.roa (hash: fci/hvXmKLLIr57hsH2EVZbFVv2YsBSJcHMJtovzSlo=) 8: F4E74AA8B99911EF9A0C3B63C4F9AE02.roa (hash: 2zUoeUBbqlr+As+3U7czFZSu1yVrxfhYyz+KlUKcy1I=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.crl rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xOTw2gEK9YY3zFlihHHpmLckPFI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 19:50:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2475 (0x9ab) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D83D0, serialNumber=C4E4F0DA010AF58637CC59628471E998B7243C52 Validity Not Before: Mar 24 19:50:38 2026 GMT Not After : Mar 31 19:50:38 2026 GMT Subject: CN=69c2eb0f-3b6e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:cf:5c:2f:f7:6f:dd:54:bf:2d:1e:a2:e8:15: 4a:24:e4:7f:eb:a4:7f:be:c9:69:ec:d5:12:35:17: 69:7d:9a:96:d3:47:a8:51:b4:85:1f:39:b1:65:10: 59:66:9e:2b:b9:e2:2e:d9:dd:dc:31:2f:32:3a:0d: fb:8c:92:0e:ea:48:fa:2b:e7:cc:d2:55:cf:8e:58: 88:95:10:69:14:35:08:2b:76:38:b1:7d:1b:34:26: 0e:eb:d0:1f:0b:d9:d4:dd:0d:d8:f6:09:b9:2e:f8: a9:dc:49:0f:8d:14:57:b7:ee:cb:08:7f:3d:78:44: eb:33:c7:11:04:5c:65:96:b6:10:81:3d:24:f1:11: 6b:ab:23:25:33:a2:2d:c4:8a:d7:d2:9e:7b:5a:71: eb:5a:88:46:14:6c:d9:0f:5f:47:2c:83:89:9d:6d: b1:1f:df:6f:fe:63:5d:64:80:7f:df:78:52:46:5d: 0c:4f:1c:12:e8:81:17:d6:b1:6f:7f:93:90:77:d4: a7:31:64:c1:47:2c:eb:09:dd:62:bf:b5:c4:22:24: 5b:1d:05:63:67:34:64:91:2a:1d:fc:ec:9b:45:d9: d6:e6:b6:19:94:73:0d:ef:5c:12:cb:12:40:3e:72: 83:a2:35:0f:29:bf:2d:59:42:f2:21:d1:04:82:ba: bd:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:57:7B:1F:63:CB:FD:F9:14:B2:37:6C:B0:3E:AF:FA:88:AC:1B:7B X509v3 Authority Key Identifier: keyid:C4:E4:F0:DA:01:0A:F5:86:37:CC:59:62:84:71:E9:98:B7:24:3C:52 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xOTw2gEK9YY3zFlihHHpmLckPFI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7f:b1:6e:0a:e5:46:7e:40:b7:2e:d6:c3:11:13:29:0f:55:22: 6b:85:c9:9f:fd:66:c8:c6:36:a0:30:55:5b:8a:cf:78:54:52: 41:5e:f1:b5:82:a8:dc:01:ef:96:d5:0a:b3:62:28:c8:42:89: 93:9b:66:cb:e7:91:c0:52:8b:cf:2f:d2:fb:3d:14:40:82:d2: 26:75:b4:b4:e4:33:78:fa:fc:83:0a:19:6e:e7:56:85:75:f5: e3:cd:86:91:62:45:ab:35:7b:81:52:96:34:37:d2:78:09:70: 11:44:1a:49:45:bd:1e:4b:1e:3c:0e:44:4f:6f:4c:ac:77:63: 5d:2f:83:83:45:33:5b:3e:bd:8f:31:31:5f:00:e8:99:42:82: ea:39:13:23:ad:06:5c:0b:14:d9:32:1a:54:a6:16:e5:2e:20: 9f:ad:64:28:8d:fc:ca:3b:ca:c8:9b:b7:c1:06:fe:ab:b8:54: fa:98:12:3a:20:03:6b:a3:3d:cb:c1:07:f7:e5:56:4e:9e:71: eb:67:29:81:75:a6:ec:da:8a:2e:86:ec:c5:f1:1b:ae:4a:88: 21:98:4e:80:2b:8d:3e:e0:5e:b7:2c:34:6a:84:a4:71:6c:82: 5f:b8:71:39:39:23:89:9e:eb:47:46:42:9e:95:40:c4:2b:37: 15:db:ab:0c -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICCaswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDgzRDAxMTAvBgNVBAUTKEM0RTRGMERBMDEwQUY1ODYzN0NDNTk2Mjg0NzFFOTk4 QjcyNDNDNTIwHhcNMjYwMzI0MTk1MDM4WhcNMjYwMzMxMTk1MDM4WjAYMRYwFAYD VQQDEw02OWMyZWIwZi0zYjZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAps9cL/dv3VS/LR6i6BVKJOR/66R/vslp7NUSNRdpfZqW00eoUbSFHzmxZRBZ Zp4rueIu2d3cMS8yOg37jJIO6kj6K+fM0lXPjliIlRBpFDUIK3Y4sX0bNCYO69Af C9nU3Q3Y9gm5Lvip3EkPjRRXt+7LCH89eETrM8cRBFxllrYQgT0k8RFrqyMlM6It xIrX0p57WnHrWohGFGzZD19HLIOJnW2xH99v/mNdZIB/33hSRl0MTxwS6IEX1rFv f5OQd9SnMWTBRyzrCd1iv7XEIiRbHQVjZzRkkSod/OybRdnW5rYZlHMN71wSyxJA PnKDojUPKb8tWULyIdEEgrq9yQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFEtXex9j y/35FLI3bLA+r/qIrBt7MB8GA1UdIwQYMBaAFMTk8NoBCvWGN8xZYoRx6Zi3JDxS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEODNEMC8wQTE2MjA4QUFG QkMxMUVBQTk2MUNCODZDNEY5QUUwMi94T1R3MmdFSzlZWTN6RmxpaEhIcG1MY2tQ RkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hPVHcyZ0VLOVlZM3pGbGloSEhwbUxja1BGSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE ODNEMC8wQTE2MjA4QUFGQkMxMUVBQTk2MUNCODZDNEY5QUUwMi94T1R3MmdFSzlZ WTN6RmxpaEhIcG1MY2tQRkkubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAf7FuCuVGfkC3LtbDERMpD1Uia4XJn/1myMY2oDBVW4rPeFRSQV7xtYKo3AHv ltUKs2IoyEKJk5tmy+eRwFKLzy/S+z0UQILSJnW0tOQzePr8gwoZbudWhXX1482G kWJFqzV7gVKWNDfSeAlwEUQaSUW9HksePA5ET29MrHdjXS+Dg0UzWz69jzExXwDo mUKC6jkTI60GXAsU2TIaVKYW5S4gn61kKI38yjvKyJu3wQb+q7hU+pgSOiADa6M9 y8EH9+VWTp5x62cpgXWm7NqKLobsxfEbrkqIIZhOgCuNPuBetyw0aoSkcWyCX7hx OTkjiZ7rR0ZCnpVAxCs3FdurDA== -----END CERTIFICATE-----Generated at Thu Mar 26 06:04:18 2026 by rpki-client