$ rpki-client -vvf rpki.apnic.net/member_repository/A91E2EF9/804D6BF0605211EFB286FD20C4F9AE02/lFlKrsbtZqaAoVv-tc2leC1MLYg.mft File: lFlKrsbtZqaAoVv-tc2leC1MLYg.mft (raw, json) Hash identifier: o+Cfv0jQc62GD2bF6V+F+IK84DYwri+G5q3VwVWbafg= Subject key identifier: 4F:47:85:C5:F6:1E:C1:BF:53:A5:4D:89:DD:FD:5F:A9:A4:9B:19:3E Authority key identifier: 94:59:4A:AE:C6:ED:66:A6:80:A1:5B:FE:B5:CD:A5:78:2D:4C:2D:88 Certificate issuer: /CN=A91E2EF9/serialNumber=94594AAEC6ED66A680A15BFEB5CDA5782D4C2D88 Certificate serial: 0142 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lFlKrsbtZqaAoVv-tc2leC1MLYg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E2EF9/804D6BF0605211EFB286FD20C4F9AE02/lFlKrsbtZqaAoVv-tc2leC1MLYg.mft Manifest number: 0134 Signing time: Wed 25 Mar 2026 04:48:50 +0000 Manifest this update: Wed 25 Mar 2026 04:48:49 +0000 Manifest next update: Wed 01 Apr 2026 04:48:49 +0000 Files and hashes: 1: lFlKrsbtZqaAoVv-tc2leC1MLYg.crl (hash: ei2ut4uNyYxMUQowHdd/zJEnSP9cOAJI6qZjmBoD9bo=) 2: D926DBDA605211EF90C2C621C4F9AE02.roa (hash: jUaYUA+q8jmfLhomac7iMQOSZ4bFSAIAI1vEmJtWXwE=) 3: 5D3D752CDBEB11F0A1AC385A536F56BC.roa (hash: d4S5QC9WpRroo4q9uH7u+G1i3yLbKbKg652rT+oJ1eM=) 4: E7C7DBF8A0E411EF98A7340EC4F9AE02.roa (hash: kjJfld5TN3m5ZabsgjU4rPFFeonEnHjU7OWPFlkhgEU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E2EF9/804D6BF0605211EFB286FD20C4F9AE02/lFlKrsbtZqaAoVv-tc2leC1MLYg.crl rsync://rpki.apnic.net/member_repository/A91E2EF9/804D6BF0605211EFB286FD20C4F9AE02/lFlKrsbtZqaAoVv-tc2leC1MLYg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lFlKrsbtZqaAoVv-tc2leC1MLYg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 Apr 2026 04:48:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 322 (0x142) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E2EF9, serialNumber=94594AAEC6ED66A680A15BFEB5CDA5782D4C2D88 Validity Not Before: Mar 25 04:48:49 2026 GMT Not After : Apr 1 04:48:49 2026 GMT Subject: CN=69c36932-61b5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:6b:a3:a2:a5:19:8b:3d:57:e8:ba:74:c7:4b: 8d:4b:49:b9:39:1a:d4:ad:bd:2a:d3:2f:09:e5:91: 4c:2e:86:20:74:26:b3:52:d7:92:3d:5a:e4:25:3a: 55:0a:bc:63:aa:e9:e6:3e:40:a7:ec:e4:40:35:8f: ef:15:3d:50:8e:fa:85:10:db:49:5f:af:f8:fc:d6: 8f:71:61:26:5c:3e:93:cd:5f:90:94:ed:42:e1:aa: c9:d7:48:96:d3:a6:cd:e8:62:47:4c:e5:93:8e:79: 69:26:2b:69:1a:bd:37:26:f5:55:dd:f2:5d:1a:05: b6:4b:e7:43:90:ad:18:6a:8b:65:90:62:69:d7:b6: 41:7f:1e:a3:f7:a0:33:17:b3:c0:15:b4:a7:13:3b: 36:d4:30:b6:26:74:73:ca:3b:3f:11:a2:1f:9a:6e: 28:db:9c:2b:7b:73:1f:cc:be:0b:11:d6:51:8a:7a: 6f:f5:e8:31:96:de:ed:c4:bb:b1:60:69:5b:75:7c: dc:c0:b0:75:c0:46:05:c3:97:c3:16:5d:31:c1:eb: 56:b3:c3:1f:61:50:a6:42:da:d7:31:00:4f:0b:1f: c1:79:4f:fe:be:7a:ce:99:95:9c:2e:c2:22:d4:3c: 84:09:50:d5:b6:35:45:7a:28:c2:03:57:6f:03:23: b8:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:47:85:C5:F6:1E:C1:BF:53:A5:4D:89:DD:FD:5F:A9:A4:9B:19:3E X509v3 Authority Key Identifier: keyid:94:59:4A:AE:C6:ED:66:A6:80:A1:5B:FE:B5:CD:A5:78:2D:4C:2D:88 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E2EF9/804D6BF0605211EFB286FD20C4F9AE02/lFlKrsbtZqaAoVv-tc2leC1MLYg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lFlKrsbtZqaAoVv-tc2leC1MLYg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E2EF9/804D6BF0605211EFB286FD20C4F9AE02/lFlKrsbtZqaAoVv-tc2leC1MLYg.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 38:d0:e1:3d:5a:d7:05:cf:c9:42:ba:2b:c5:20:da:0b:e8:21: 16:67:2b:35:b9:55:ce:bf:49:8f:5c:52:6d:87:8e:48:d0:be: fa:65:35:f1:6e:73:0b:11:74:25:f3:00:23:1d:ae:5c:23:8f: 54:0e:ec:66:a4:53:c1:5a:e5:d8:ff:6f:1a:35:5f:84:45:bc: e6:ca:ca:5d:90:b8:89:ff:d1:65:14:93:e4:f6:e0:f8:8f:6e: 45:42:0f:17:2a:d8:5b:d0:cf:0a:27:c1:02:67:98:51:cc:fd: 6d:e8:9a:fd:b3:82:fa:be:95:c5:26:6d:ca:6f:a8:24:dd:fb: 1d:ec:00:d3:eb:b0:69:8f:40:25:f7:db:f8:fa:11:4e:cd:3e: 43:a1:79:42:66:44:07:1c:68:d3:08:0e:19:c0:67:55:22:e0: 5d:08:48:c4:64:19:6e:d3:0d:df:da:e0:6d:3e:6c:91:c5:42: 50:fb:38:5d:b4:98:be:7e:5b:60:3d:8d:37:c7:6c:75:32:b3: 1c:8f:59:6a:2a:34:12:f2:33:e2:a9:ec:fc:3a:bf:2d:06:0d: e1:4d:27:ca:b2:81:d9:9f:c7:e3:a3:85:c3:0b:18:75:23:cb: 8d:b5:fe:30:f5:48:07:45:a4:6b:f4:59:6d:73:19:8d:69:3e: 12:4b:97:e3 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICAUIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTJFRjkxMTAvBgNVBAUTKDk0NTk0QUFFQzZFRDY2QTY4MEExNUJGRUI1Q0RBNTc4 MkQ0QzJEODgwHhcNMjYwMzI1MDQ0ODQ5WhcNMjYwNDAxMDQ0ODQ5WjAYMRYwFAYD VQQDEw02OWMzNjkzMi02MWI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnGujoqUZiz1X6Lp0x0uNS0m5ORrUrb0q0y8J5ZFMLoYgdCazUteSPVrkJTpV CrxjqunmPkCn7ORANY/vFT1QjvqFENtJX6/4/NaPcWEmXD6TzV+QlO1C4arJ10iW 06bN6GJHTOWTjnlpJitpGr03JvVV3fJdGgW2S+dDkK0YaotlkGJp17ZBfx6j96Az F7PAFbSnEzs21DC2JnRzyjs/EaIfmm4o25wre3MfzL4LEdZRinpv9egxlt7txLux YGlbdXzcwLB1wEYFw5fDFl0xwetWs8MfYVCmQtrXMQBPCx/BeU/+vnrOmZWcLsIi 1DyECVDVtjVFeijCA1dvAyO4rQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFE9HhcX2 HsG/U6VNid39X6mkmxk+MB8GA1UdIwQYMBaAFJRZSq7G7WamgKFb/rXNpXgtTC2I MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMkVGOS84MDRENkJGMDYw NTIxMUVGQjI4NkZEMjBDNEY5QUUwMi9sRmxLcnNidFpxYUFvVnYtdGMybGVDMU1M WWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xGbEtyc2J0WnFhQW9Wdi10YzJsZUMxTUxZZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MkVGOS84MDRENkJGMDYwNTIxMUVGQjI4NkZEMjBDNEY5QUUwMi9sRmxLcnNidFpx YUFvVnYtdGMybGVDMU1MWWcubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAONDhPVrXBc/JQrorxSDaC+ghFmcrNblVzr9Jj1xSbYeOSNC++mU18W5zCxF0 JfMAIx2uXCOPVA7sZqRTwVrl2P9vGjVfhEW85srKXZC4if/RZRST5Pbg+I9uRUIP FyrYW9DPCifBAmeYUcz9beia/bOC+r6VxSZtym+oJN37HewA0+uwaY9AJffb+PoR Ts0+Q6F5QmZEBxxo0wgOGcBnVSLgXQhIxGQZbtMN39rgbT5skcVCUPs4XbSYvn5b YD2NN8dsdTKzHI9Zaio0EvIz4qns/Dq/LQYN4U0nyrKB2Z/H46OFwwsYdSPLjbX+ MPVIB0Wka/RZbXMZjWk+EkuX4w== -----END CERTIFICATE-----Generated at Thu Mar 26 09:56:15 2026 by rpki-client