$ rpki-client -vvf rpki.apnic.net/member_repository/A91E170B/97AF6DF01D6D11E2A12D9EAE08B02CD2/bTjFtM9LrT2YSHGnMhqdFpYL4mg.mft File: bTjFtM9LrT2YSHGnMhqdFpYL4mg.mft (raw, json) Hash identifier: NwmAT5TGitFHA8IYBbIcVYRw39MyaeSpmjQ8nDvbio0= Subject key identifier: 18:17:FA:90:C0:33:55:4A:C1:59:E1:B1:E8:56:04:19:1E:DE:CA:75 Authority key identifier: 6D:38:C5:B4:CF:4B:AD:3D:98:48:71:A7:32:1A:9D:16:96:0B:E2:68 Certificate issuer: /CN=A91E170B/serialNumber=6D38C5B4CF4BAD3D984871A7321A9D16960BE268 Certificate serial: 37FD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bTjFtM9LrT2YSHGnMhqdFpYL4mg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E170B/97AF6DF01D6D11E2A12D9EAE08B02CD2/bTjFtM9LrT2YSHGnMhqdFpYL4mg.mft Manifest number: 3651 Signing time: Tue 24 Mar 2026 14:17:48 +0000 Manifest this update: Tue 24 Mar 2026 14:17:48 +0000 Manifest next update: Tue 31 Mar 2026 14:17:48 +0000 Files and hashes: 1: bTjFtM9LrT2YSHGnMhqdFpYL4mg.crl (hash: TJYV/zyEoEEm1flLWLp7TzTJw73u6QqdN68uVyWsens=) 2: 88978730772311EBB972032EC4F9AE02.roa (hash: t0raZshTu4K8enUk+kAnoqOM91ToCNd9ORf76S6SXeE=) 3: 3204348A383611E6B2282B5DC4F9AE02.roa (hash: MSV3LxUccxEzwztjgTuOrU079DQ34EyY8pN67xZnvTc=) 4: 318FB51A383611E6B2282B5DC4F9AE02.roa (hash: oj2Kxdn6Bq3a+F+RORHkucT1LvSOhks0RntqHfeINjA=) 5: 89A73D46772311EBB972032EC4F9AE02.roa (hash: tvA8+V4GQkLamLpmb5eSD+CKg/E2pjiWjtgwaAZGMrs=) 6: FCBF1666677C11EBB2A3F00CC4F9AE02.roa (hash: lNSC8rdkBxjyp085lXkDwdvTFqJ+tB8eBzlWgZ/qk94=) 7: 331F345A383611E6B2282B5DC4F9AE02.roa (hash: 18CzF+FfvoWx8Hrenl2IiwrCZmVCmyHlLMEt6QpP+N0=) 8: 328EDB76383611E6B2282B5DC4F9AE02.roa (hash: /OHY5sp1sBAjqbNUDfbLE232C2zLovbSjzEt0F1Micw=) 9: 05BF31A412A111F19F0D7733B3EE528E.roa (hash: dNUeaCpQBusPUqCQy2BQEB8UODj9dHvDmxV7wy/zNJQ=) 10: 181D46FCEE5611F0B0ABEB00546F56BC.roa (hash: VPguaapMpC2iqgjuPkraLSUj5XiZiNuM5bwDK/2ZizA=) 11: BFB4B7B2EB5C11F0BDF448C8486F56BC.roa (hash: TnFkXkrgb6uY+cje61k6b1fm9LrdQ6tZs/xq1L4y8kA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E170B/97AF6DF01D6D11E2A12D9EAE08B02CD2/bTjFtM9LrT2YSHGnMhqdFpYL4mg.crl rsync://rpki.apnic.net/member_repository/A91E170B/97AF6DF01D6D11E2A12D9EAE08B02CD2/bTjFtM9LrT2YSHGnMhqdFpYL4mg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bTjFtM9LrT2YSHGnMhqdFpYL4mg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 14:17:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14333 (0x37fd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E170B, serialNumber=6D38C5B4CF4BAD3D984871A7321A9D16960BE268 Validity Not Before: Mar 24 14:17:48 2026 GMT Not After : Mar 31 14:17:48 2026 GMT Subject: CN=69c29d0c-2a8a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:e3:f0:2a:1f:4c:f8:f7:9e:f1:23:80:ca:fb: 30:66:c4:4a:71:db:b3:bb:d7:7d:fc:4d:ab:cd:47: 74:d7:8c:db:8c:16:66:a7:09:e6:3f:63:18:11:a5: 71:69:aa:8a:4e:e2:7c:b3:ab:3d:25:46:7a:af:ea: 56:47:a3:74:aa:fc:8f:02:99:ec:40:9c:ad:9e:cc: 5b:92:cf:64:db:c3:b9:63:40:e0:93:79:59:c0:04: f8:84:48:84:75:bf:60:19:46:ab:83:fb:3e:26:db: 8b:04:23:0b:5c:e9:55:b9:85:ad:13:90:fc:89:73: ce:98:66:20:af:a9:a3:a6:69:d6:f0:06:02:77:92: 52:c2:dc:12:d1:a4:fb:ce:e6:c0:c3:3d:f7:ef:9f: 06:4c:ec:70:84:6d:1a:c9:0f:16:a7:4f:53:b2:b1: 3e:82:31:01:22:06:77:e8:09:ea:33:93:61:36:76: 93:4c:49:eb:a6:f9:2c:26:13:18:c9:58:9c:05:64: c9:5b:fd:9c:2e:fd:8e:0a:5c:ba:10:11:2a:89:ad: 5f:43:57:fd:00:f1:f9:f0:18:1b:95:54:a5:43:bf: 65:ad:5d:5f:54:ae:e7:a6:3b:23:3d:b1:6b:80:57: 1d:c0:a8:a4:d1:95:a1:db:8e:54:12:6b:7d:8b:e0: c9:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:17:FA:90:C0:33:55:4A:C1:59:E1:B1:E8:56:04:19:1E:DE:CA:75 X509v3 Authority Key Identifier: keyid:6D:38:C5:B4:CF:4B:AD:3D:98:48:71:A7:32:1A:9D:16:96:0B:E2:68 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E170B/97AF6DF01D6D11E2A12D9EAE08B02CD2/bTjFtM9LrT2YSHGnMhqdFpYL4mg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bTjFtM9LrT2YSHGnMhqdFpYL4mg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E170B/97AF6DF01D6D11E2A12D9EAE08B02CD2/bTjFtM9LrT2YSHGnMhqdFpYL4mg.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a5:a5:02:2a:fb:d0:29:e6:1c:ac:cc:2c:51:2f:0c:0c:19:ff: 20:a9:0c:54:6e:34:7a:ff:c0:06:57:3c:c1:ad:84:78:c3:d4: 09:e6:4f:7f:01:ca:da:d5:0f:fd:db:cf:79:ac:4e:eb:a2:fc: 49:ae:03:bd:78:06:67:9f:11:f5:41:96:ef:12:39:b8:f8:b4: 50:83:c2:cb:be:40:a7:c8:e1:c7:42:88:7b:fe:44:b1:02:78: 7b:e9:f4:16:ef:6b:cb:17:82:7e:36:44:a3:e8:86:4b:9d:6c: cb:1f:92:36:60:30:ff:bc:8c:f5:6e:a7:d1:ba:65:c7:a2:8a: cf:42:8f:ff:ef:37:f5:73:85:32:fe:9e:10:e6:c0:40:ca:22: 3a:ee:d9:10:a7:a7:13:ce:a1:a0:2f:ac:b2:1d:b6:7c:33:97: a2:03:c9:64:ee:1b:ea:bd:d3:52:bd:ee:90:ce:84:26:93:68: 50:00:0b:cf:6e:41:da:b7:f8:b5:21:4f:e7:8e:ba:0a:bc:31: 01:3e:4e:8d:e3:09:0f:47:cb:4a:9e:2b:b3:45:a6:ee:55:a5: aa:95:d1:62:04:da:94:1e:79:5d:cb:24:14:e7:70:e3:42:5d: cd:90:2f:30:58:bd:c2:9f:38:4c:f5:f8:25:a5:0b:8a:b9:a5: d7:e9:9b:95 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICN/0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTE3MEIxMTAvBgNVBAUTKDZEMzhDNUI0Q0Y0QkFEM0Q5ODQ4NzFBNzMyMUE5RDE2 OTYwQkUyNjgwHhcNMjYwMzI0MTQxNzQ4WhcNMjYwMzMxMTQxNzQ4WjAYMRYwFAYD VQQDEw02OWMyOWQwYy0yYThhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2OPwKh9M+Pee8SOAyvswZsRKcduzu9d9/E2rzUd014zbjBZmpwnmP2MYEaVx aaqKTuJ8s6s9JUZ6r+pWR6N0qvyPApnsQJytnsxbks9k28O5Y0Dgk3lZwAT4hEiE db9gGUarg/s+JtuLBCMLXOlVuYWtE5D8iXPOmGYgr6mjpmnW8AYCd5JSwtwS0aT7 zubAwz33758GTOxwhG0ayQ8Wp09TsrE+gjEBIgZ36AnqM5NhNnaTTEnrpvksJhMY yVicBWTJW/2cLv2OCly6EBEqia1fQ1f9APH58BgblVSlQ79lrV1fVK7npjsjPbFr gFcdwKik0ZWh245UEmt9i+DJrwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFBgX+pDA M1VKwVnhsehWBBke3sp1MB8GA1UdIwQYMBaAFG04xbTPS609mEhxpzIanRaWC+Jo MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMTcwQi85N0FGNkRGMDFE NkQxMUUyQTEyRDlFQUUwOEIwMkNEMi9iVGpGdE05THJUMllTSEduTWhxZEZwWUw0 bWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2JUakZ0TTlMclQyWVNIR25NaHFkRnBZTDRtZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MTcwQi85N0FGNkRGMDFENkQxMUUyQTEyRDlFQUUwOEIwMkNEMi9iVGpGdE05THJU MllTSEduTWhxZEZwWUw0bWcubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEApaUCKvvQKeYcrMwsUS8MDBn/IKkMVG40ev/ABlc8wa2EeMPUCeZPfwHK2tUP /dvPeaxO66L8Sa4DvXgGZ58R9UGW7xI5uPi0UIPCy75Ap8jhx0KIe/5EsQJ4e+n0 Fu9ryxeCfjZEo+iGS51syx+SNmAw/7yM9W6n0bplx6KKz0KP/+839XOFMv6eEObA QMoiOu7ZEKenE86hoC+ssh22fDOXogPJZO4b6r3TUr3ukM6EJpNoUAALz25B2rf4 tSFP5466CrwxAT5OjeMJD0fLSp4rs0Wm7lWlqpXRYgTalB55XcskFOdw40JdzZAv MFi9wp84TPX4JaULirml1+mblQ== -----END CERTIFICATE-----Generated at Thu Mar 26 00:50:53 2026 by rpki-client