$ rpki-client -vvf rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.mft File: xOTw2gEK9YY3zFlihHHpmLckPFI.mft (raw, json) Hash identifier: aepbe1+ZRaC8PLz3ZWcesoZ6OV4KHAOxz8dCOezDwh0= Subject key identifier: 54:51:70:62:C6:54:CA:51:14:36:5C:4A:59:3B:64:B3:06:C4:B2:AF Authority key identifier: C4:E4:F0:DA:01:0A:F5:86:37:CC:59:62:84:71:E9:98:B7:24:3C:52 Certificate issuer: /CN=A91D83D0/serialNumber=C4E4F0DA010AF58637CC59628471E998B7243C52 Certificate serial: 09CD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xOTw2gEK9YY3zFlihHHpmLckPFI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.mft Manifest number: 09A2 Signing time: Tue 12 May 2026 20:04:29 +0000 Manifest this update: Tue 12 May 2026 20:04:29 +0000 Manifest next update: Tue 19 May 2026 20:04:29 +0000 Files and hashes: 1: xOTw2gEK9YY3zFlihHHpmLckPFI.crl (hash: g0smJuUVK6+a0gkSW1EHuqUnmGkwASX95MI1vcJANtg=) 2: 7B3252CC014911F1B56055C9516F56BC.roa (hash: Q4zhbv5IYafCWF+cKZ+N5EqVvhygYSFdunW/fgxR9Ms=) 3: F4E74AA8B99911EF9A0C3B63C4F9AE02.roa (hash: rC7/cLhAbtNiKypXkgnC2P4P5so5I+YnfNchz84YMA0=) 4: 2BFE357EF06211F08763644E5C6F56BC.roa (hash: 7NcbnhD/HJ8NBFUu7bu5fda+cHjTW1crabfldM6QJwo=) 5: 5353EA28781F11EEBA05B17FC4F9AE02.roa (hash: 95lSl7vVPRfDQ24xYlePTZRf3aCd1VmR4GdHAdsIHtU=) 6: 6A6E4770A10F11EF840C2548C4F9AE02.roa (hash: +RYGeu7uX4uBBcHWusqQhkXqLpcB4R1AKfIKops3PNA=) 7: 03706138786411EC8624EB12C4F9AE02.roa (hash: BrG7Q3Tkykmo9xilseoxsNjwLBVZ7ijytYCkK61f/ms=) 8: 863670328FD011EEB6FFC636C4F9AE02.roa (hash: soe5Moz4gQVVes64vfH27mxJAWxDV9xSP3vrYYcdBj8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.crl rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xOTw2gEK9YY3zFlihHHpmLckPFI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 19 May 2026 20:04:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2509 (0x9cd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D83D0, serialNumber=C4E4F0DA010AF58637CC59628471E998B7243C52 Validity Not Before: May 12 20:04:29 2026 GMT Not After : May 19 20:04:29 2026 GMT Subject: CN=6a0387cd-d4bc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:25:44:22:f1:49:40:c6:44:b0:22:ce:85:f0: 88:b0:f4:e1:b2:29:09:e6:5b:44:3c:b2:00:5b:7d: c1:27:11:00:b5:fe:e1:29:6c:58:b2:4f:52:5a:73: b4:8a:80:8c:83:63:71:60:46:9d:4a:73:23:4d:79: a7:3b:c6:a4:f5:25:1a:37:b4:2e:c6:85:3a:7c:e9: 0c:fe:e3:56:ce:73:67:5d:e6:73:d9:8c:63:3a:ac: d2:dc:7e:4c:af:9e:42:70:cf:e6:af:8e:9b:d2:fc: 13:4c:ca:e3:05:63:95:c7:cf:44:79:22:19:db:ac: d4:93:b2:0c:eb:56:ce:fd:75:9f:be:e5:e5:63:9b: 25:0d:65:54:5d:45:ac:0a:e2:48:dc:b3:d0:f2:17: 64:58:69:aa:3f:ee:d6:0a:ef:74:1e:fb:d0:3d:fc: 2e:15:b5:07:81:d8:fe:6e:9f:05:c9:8a:26:1b:b7: 15:77:e3:75:98:a5:b8:6a:ad:03:77:46:1f:08:6b: 0a:58:81:a7:cb:b5:52:74:b7:b7:15:d0:07:b2:50: 0d:7a:67:b7:d6:c8:ba:c4:3b:52:df:1a:b2:19:7f: 47:87:b4:bf:e0:12:58:97:81:63:f5:dc:98:c6:80: 5a:93:d0:da:16:f8:06:c0:62:f7:37:41:cc:b9:03: 91:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:51:70:62:C6:54:CA:51:14:36:5C:4A:59:3B:64:B3:06:C4:B2:AF X509v3 Authority Key Identifier: keyid:C4:E4:F0:DA:01:0A:F5:86:37:CC:59:62:84:71:E9:98:B7:24:3C:52 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xOTw2gEK9YY3zFlihHHpmLckPFI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b9:2f:e4:b1:53:bb:c5:b3:3d:56:bf:0d:8a:18:d5:15:6a:f0: 3a:2a:f1:2a:a8:09:9a:c8:ab:09:1c:fb:20:e1:4f:d3:52:3d: 5a:4d:3d:70:6a:a6:c9:90:58:28:77:1c:fd:87:f6:c4:a9:6d: e7:c2:c6:f8:5d:f7:56:43:f9:46:ef:74:1d:f1:bf:c8:81:72: 27:a7:d1:9b:7e:cf:47:15:95:d1:e5:44:52:ab:06:dc:a2:44: cd:6b:b2:27:a3:9b:50:18:b1:70:12:e8:8d:25:df:0e:9c:0b: 80:b6:44:1c:ea:6a:3a:71:46:63:a1:8f:9a:de:0a:03:6a:15: 1e:f1:02:53:4e:2a:f7:7e:f7:e1:9d:21:f1:0f:b0:72:1a:ee: c1:b8:58:a3:7d:85:fa:98:19:b8:63:19:8a:b0:70:a8:b3:d5: 0f:c5:76:8f:49:3a:29:66:d9:00:e0:c0:bb:c2:92:54:a1:af: 0c:46:64:73:7b:07:5a:08:64:74:02:04:e8:aa:de:fe:a5:a1: 8b:82:50:df:20:c4:38:66:50:ea:6f:66:03:ee:30:fe:80:a1: 87:52:5c:94:ac:06:9d:4f:9f:e9:da:79:ef:54:ae:ee:64:4c: 87:0e:40:5e:20:a2:36:8b:6c:0d:e3:9a:ea:13:ea:27:c2:69: f8:9e:d6:2f -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICCc0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDgzRDAxMTAvBgNVBAUTKEM0RTRGMERBMDEwQUY1ODYzN0NDNTk2Mjg0NzFFOTk4 QjcyNDNDNTIwHhcNMjYwNTEyMjAwNDI5WhcNMjYwNTE5MjAwNDI5WjAYMRYwFAYD VQQDEw02YTAzODdjZC1kNGJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAryVEIvFJQMZEsCLOhfCIsPThsikJ5ltEPLIAW33BJxEAtf7hKWxYsk9SWnO0 ioCMg2NxYEadSnMjTXmnO8ak9SUaN7QuxoU6fOkM/uNWznNnXeZz2YxjOqzS3H5M r55CcM/mr46b0vwTTMrjBWOVx89EeSIZ26zUk7IM61bO/XWfvuXlY5slDWVUXUWs CuJI3LPQ8hdkWGmqP+7WCu90HvvQPfwuFbUHgdj+bp8FyYomG7cVd+N1mKW4aq0D d0YfCGsKWIGny7VSdLe3FdAHslANeme31si6xDtS3xqyGX9Hh7S/4BJYl4Fj9dyY xoBak9DaFvgGwGL3N0HMuQORRQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFFRRcGLG VMpRFDZcSlk7ZLMGxLKvMB8GA1UdIwQYMBaAFMTk8NoBCvWGN8xZYoRx6Zi3JDxS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEODNEMC8wQTE2MjA4QUFG QkMxMUVBQTk2MUNCODZDNEY5QUUwMi94T1R3MmdFSzlZWTN6RmxpaEhIcG1MY2tQ RkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hPVHcyZ0VLOVlZM3pGbGloSEhwbUxja1BGSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE ODNEMC8wQTE2MjA4QUFGQkMxMUVBQTk2MUNCODZDNEY5QUUwMi94T1R3MmdFSzlZ WTN6RmxpaEhIcG1MY2tQRkkubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAuS/ksVO7xbM9Vr8NihjVFWrwOirxKqgJmsirCRz7IOFP01I9Wk09cGqmyZBY KHcc/Yf2xKlt58LG+F33VkP5Ru90HfG/yIFyJ6fRm37PRxWV0eVEUqsG3KJEzWuy J6ObUBixcBLojSXfDpwLgLZEHOpqOnFGY6GPmt4KA2oVHvECU04q93734Z0h8Q+w chruwbhYo32F+pgZuGMZirBwqLPVD8V2j0k6KWbZAODAu8KSVKGvDEZkc3sHWghk dAIE6Kre/qWhi4JQ3yDEOGZQ6m9mA+4w/oChh1JclKwGnU+f6dp571Su7mRMhw5A XiCiNotsDeOa6hPqJ8Jp+J7WLw== -----END CERTIFICATE-----Generated at Wed May 13 11:57:12 2026 by rpki-client