$ rpki-client -vvf rpki.apnic.net/member_repository/A91DFC30/112AF1AC85AD11ECB36F414DC4F9AE02/lHy2dKhYzZGupVJro2aKEeSey5M.mft File: lHy2dKhYzZGupVJro2aKEeSey5M.mft (raw, json) Hash identifier: 426avmBfHdxtpCugNTAuJZDiPzApDTXANV3KhetYUz8= Subject key identifier: C3:08:E6:28:BA:8B:3C:AF:CB:63:57:65:EC:56:8F:BC:AE:AB:27:B4 Authority key identifier: 94:7C:B6:74:A8:58:CD:91:AE:A5:52:6B:A3:66:8A:11:E4:9E:CB:93 Certificate issuer: /CN=A91DFC30/serialNumber=947CB674A858CD91AEA5526BA3668A11E49ECB93 Certificate serial: 047D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lHy2dKhYzZGupVJro2aKEeSey5M.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DFC30/112AF1AC85AD11ECB36F414DC4F9AE02/lHy2dKhYzZGupVJro2aKEeSey5M.mft Manifest number: 0472 Signing time: Tue 24 Mar 2026 23:47:43 +0000 Manifest this update: Tue 24 Mar 2026 23:47:43 +0000 Manifest next update: Tue 31 Mar 2026 23:47:43 +0000 Files and hashes: 1: lHy2dKhYzZGupVJro2aKEeSey5M.crl (hash: L45y1Woo0V6y7Z2lO9yxgQn24QQ+8p044RQrUypOBD4=) 2: 147D51CA85B111ECB675B552C4F9AE02.roa (hash: zcVXRjvf2CO/YkuLIL+HfN9HG5h1ZXj4rinIzSjA0Ng=) 3: 13F5D28685B111ECB675B552C4F9AE02.roa (hash: 8DwKhTLQgcVtWWSBgA/0ZZCOJM+cAX3WN6qSs2I9zAc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DFC30/112AF1AC85AD11ECB36F414DC4F9AE02/lHy2dKhYzZGupVJro2aKEeSey5M.crl rsync://rpki.apnic.net/member_repository/A91DFC30/112AF1AC85AD11ECB36F414DC4F9AE02/lHy2dKhYzZGupVJro2aKEeSey5M.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lHy2dKhYzZGupVJro2aKEeSey5M.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 23:47:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1149 (0x47d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DFC30, serialNumber=947CB674A858CD91AEA5526BA3668A11E49ECB93 Validity Not Before: Mar 24 23:47:43 2026 GMT Not After : Mar 31 23:47:43 2026 GMT Subject: CN=69c3229f-ca30 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:0c:4f:50:42:bc:d6:ef:85:76:d9:54:5c:7d: 51:8c:06:74:9b:4b:ca:07:3d:2e:ef:d5:b6:49:80: 32:cb:4b:33:37:9c:20:28:bf:25:b3:63:1c:12:ee: d3:e6:a3:ba:5f:e3:65:24:be:f0:f7:84:ca:46:42: 9d:bd:97:93:ce:24:13:00:39:1a:d2:dd:aa:f7:f5: 88:96:1f:fa:b9:ad:43:89:d8:b9:bd:f4:b0:28:cd: 15:ad:d3:c2:88:a0:e8:74:c9:6c:63:d0:f0:a7:c1: 32:c0:c7:bf:d6:ea:4f:e9:8c:3a:44:db:64:00:fd: 29:66:97:66:a4:d5:f0:69:fc:52:26:da:21:8e:7a: 10:48:17:ed:cf:17:69:2b:28:72:10:a9:84:11:4d: 0d:d6:49:52:38:2f:6c:64:0a:d1:d1:a9:f2:dc:57: 19:f3:41:86:fc:da:b8:81:b3:fa:38:8a:e5:9f:c3: fc:ce:33:ca:93:0f:15:9e:4b:61:cc:48:5d:d7:82: 0c:55:ec:b2:55:31:07:5b:9e:ad:17:9e:5d:8f:98: 15:9c:22:33:a6:66:f8:ac:0c:91:f0:9b:03:b6:78: 98:fb:a7:a7:de:49:4b:a5:33:e3:55:a8:bb:b2:de: 79:c5:70:14:db:8e:e2:1b:10:70:93:af:0a:55:8d: 1c:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:08:E6:28:BA:8B:3C:AF:CB:63:57:65:EC:56:8F:BC:AE:AB:27:B4 X509v3 Authority Key Identifier: keyid:94:7C:B6:74:A8:58:CD:91:AE:A5:52:6B:A3:66:8A:11:E4:9E:CB:93 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DFC30/112AF1AC85AD11ECB36F414DC4F9AE02/lHy2dKhYzZGupVJro2aKEeSey5M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lHy2dKhYzZGupVJro2aKEeSey5M.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DFC30/112AF1AC85AD11ECB36F414DC4F9AE02/lHy2dKhYzZGupVJro2aKEeSey5M.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 91:23:c1:6b:d7:c6:79:c7:c4:02:b6:a6:36:69:73:90:d8:94: ac:74:f8:c9:9a:d0:57:12:19:01:06:56:d8:63:61:e0:88:4c: 6f:d8:34:a1:ac:88:4b:11:d5:6f:06:7d:0b:c4:e8:41:d2:c1: 20:04:f3:b5:7b:a1:55:90:50:c6:cd:8d:18:ee:8d:a1:62:a4: 4b:a1:e6:4f:89:1d:3d:4a:6b:3b:cd:79:db:39:fb:a8:fa:36: 04:86:5f:ea:ff:34:f6:29:c2:25:ec:75:11:c6:4c:fc:46:44: ed:b3:df:db:cc:b5:70:2d:34:1a:a2:91:e2:d2:25:1f:5b:73: e9:36:6a:e7:62:b5:c0:50:67:18:39:95:ce:5e:ce:07:31:10: bc:ea:ea:b0:82:b2:48:85:d6:6e:1f:16:11:7c:11:be:23:cd: 24:95:0c:f6:5f:10:d1:14:77:9b:42:3b:a4:70:d7:81:5e:98: 8a:fa:d5:90:0a:9b:53:0d:5d:a8:b4:5a:1c:ad:81:84:70:18: 02:c6:ba:3d:a3:22:9e:fa:0b:cd:58:cb:04:bb:6b:bd:4b:cb: 4d:09:a3:ee:55:fa:5a:2c:05:9b:a1:99:82:ef:7f:5a:ed:94: 0e:b5:3a:75:af:7a:da:ee:04:c7:42:41:f5:e2:19:c7:97:49: 94:85:df:d6 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICBH0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REZDMzAxMTAvBgNVBAUTKDk0N0NCNjc0QTg1OENEOTFBRUE1NTI2QkEzNjY4QTEx RTQ5RUNCOTMwHhcNMjYwMzI0MjM0NzQzWhcNMjYwMzMxMjM0NzQzWjAYMRYwFAYD VQQDEw02OWMzMjI5Zi1jYTMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyQxPUEK81u+FdtlUXH1RjAZ0m0vKBz0u79W2SYAyy0szN5wgKL8ls2McEu7T 5qO6X+NlJL7w94TKRkKdvZeTziQTADka0t2q9/WIlh/6ua1Didi5vfSwKM0VrdPC iKDodMlsY9Dwp8EywMe/1upP6Yw6RNtkAP0pZpdmpNXwafxSJtohjnoQSBftzxdp KyhyEKmEEU0N1klSOC9sZArR0any3FcZ80GG/Nq4gbP6OIrln8P8zjPKkw8Vnkth zEhd14IMVeyyVTEHW56tF55dj5gVnCIzpmb4rAyR8JsDtniY+6en3klLpTPjVai7 st55xXAU247iGxBwk68KVY0c/wIDAQABo4ICczCCAm8wHQYDVR0OBBYEFMMI5ii6 izyvy2NXZexWj7yuqye0MB8GA1UdIwQYMBaAFJR8tnSoWM2RrqVSa6NmihHknsuT MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERkMzMC8xMTJBRjFBQzg1 QUQxMUVDQjM2RjQxNERDNEY5QUUwMi9sSHkyZEtoWXpaR3VwVkpybzJhS0VlU2V5 NU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xIeTJkS2hZelpHdXBWSnJvMmFLRWVTZXk1TS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE RkMzMC8xMTJBRjFBQzg1QUQxMUVDQjM2RjQxNERDNEY5QUUwMi9sSHkyZEtoWXpa R3VwVkpybzJhS0VlU2V5NU0ubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAkSPBa9fGecfEAramNmlzkNiUrHT4yZrQVxIZAQZW2GNh4IhMb9g0oayISxHV bwZ9C8ToQdLBIATztXuhVZBQxs2NGO6NoWKkS6HmT4kdPUprO8152zn7qPo2BIZf 6v809inCJex1EcZM/EZE7bPf28y1cC00GqKR4tIlH1tz6TZq52K1wFBnGDmVzl7O BzEQvOrqsIKySIXWbh8WEXwRviPNJJUM9l8Q0RR3m0I7pHDXgV6YivrVkAqbUw1d qLRaHK2BhHAYAsa6PaMinvoLzVjLBLtrvUvLTQmj7lX6WiwFm6GZgu9/Wu2UDrU6 da962u4Ex0JB9eIZx5dJlIXf1g== -----END CERTIFICATE-----Generated at Thu Mar 26 18:53:13 2026 by rpki-client