$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3D04/7A17FE8EADD911E9B7409A72C4F9AE02/38I-PZBdDoNoEhlZbQgimmlPrxM.mft File: 38I-PZBdDoNoEhlZbQgimmlPrxM.mft (raw, json) Hash identifier: RB3VR3k8mH7G/NiFkQ4PTfNU5SjpTXrOpy1kPlCrpOw= Subject key identifier: 37:AC:05:B6:32:3D:CF:D9:96:0A:D5:BC:B0:21:EA:F0:9B:D7:17:F4 Authority key identifier: DF:C2:3E:3D:90:5D:0E:83:68:12:19:59:6D:08:22:9A:69:4F:AF:13 Certificate issuer: /CN=A91E3D04/serialNumber=DFC23E3D905D0E83681219596D08229A694FAF13 Certificate serial: 0EC9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/38I-PZBdDoNoEhlZbQgimmlPrxM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3D04/7A17FE8EADD911E9B7409A72C4F9AE02/38I-PZBdDoNoEhlZbQgimmlPrxM.mft Manifest number: 0EA8 Signing time: Tue 24 Mar 2026 17:35:07 +0000 Manifest this update: Tue 24 Mar 2026 17:35:06 +0000 Manifest next update: Tue 31 Mar 2026 17:35:06 +0000 Files and hashes: 1: 38I-PZBdDoNoEhlZbQgimmlPrxM.crl (hash: Dgbgje/9YfCljjkFcAPWMxFGTFvJOVQRnEDzIYaw0aA=) 2: AB52C51AB96B11ECB44AC533C4F9AE02.roa (hash: 9DZO4gtEwqGm1N7r2iLEutY8W3IqMNDQEag8fkVAF7Q=) 3: 10E6D9CAB55C11ECA9565039C4F9AE02.roa (hash: 8ERTDv7Mz23v2Rbdakt8Gt3XJ8tL5M1Uk1kQf/u/YMs=) 4: AC641C88B96B11ECB44AC533C4F9AE02.roa (hash: x2dbHHpd6lHu6U/D+Z5h6UrLSps4ACkU8JTV2sRYFDo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3D04/7A17FE8EADD911E9B7409A72C4F9AE02/38I-PZBdDoNoEhlZbQgimmlPrxM.crl rsync://rpki.apnic.net/member_repository/A91E3D04/7A17FE8EADD911E9B7409A72C4F9AE02/38I-PZBdDoNoEhlZbQgimmlPrxM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/38I-PZBdDoNoEhlZbQgimmlPrxM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 17:35:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3785 (0xec9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3D04, serialNumber=DFC23E3D905D0E83681219596D08229A694FAF13 Validity Not Before: Mar 24 17:35:06 2026 GMT Not After : Mar 31 17:35:06 2026 GMT Subject: CN=69c2cb4b-b29b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:01:4e:7b:8c:cc:85:5f:8b:07:35:30:5a:c9: f4:25:cd:9b:64:17:78:03:a7:e6:7b:bc:88:3c:b4: 53:a0:ad:8a:78:3b:2c:19:5f:cb:b9:77:e4:82:9e: c2:e2:4b:37:d8:8e:11:55:52:18:a2:51:62:76:3a: a5:30:c8:69:a8:7a:9c:87:4d:ed:1d:81:bc:7f:f1: f0:7b:3b:81:32:a4:5c:98:5f:ce:73:ea:4a:75:dd: 4d:d2:2e:be:9e:86:73:e9:3f:bd:01:12:7a:9a:88: 8b:05:1f:03:55:e9:00:b8:7b:3b:0e:dc:2b:e2:ea: 4d:8a:df:51:5d:3e:b1:4b:44:28:35:6c:4a:18:ad: 75:56:63:d6:4b:42:81:ef:d4:02:09:3a:33:71:ff: 21:43:0c:dd:76:5d:1b:1d:0c:49:2b:f2:cc:aa:7b: 83:fb:0f:b2:9f:6d:e9:9a:12:2d:5b:d7:d7:bb:73: c4:a0:f3:c4:5f:0e:69:ea:d4:72:90:1c:7c:15:f7: f1:cd:e1:66:56:88:a9:97:f5:45:e2:81:3d:a6:04: 39:34:63:61:21:fe:e1:3b:9e:0f:de:28:d2:e2:00: 02:a1:a0:61:f9:8c:76:1b:eb:4d:5e:7d:7a:f3:8b: f1:cc:c3:5d:65:58:1c:0c:1c:5e:6b:c0:18:f6:c1: 85:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:AC:05:B6:32:3D:CF:D9:96:0A:D5:BC:B0:21:EA:F0:9B:D7:17:F4 X509v3 Authority Key Identifier: keyid:DF:C2:3E:3D:90:5D:0E:83:68:12:19:59:6D:08:22:9A:69:4F:AF:13 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3D04/7A17FE8EADD911E9B7409A72C4F9AE02/38I-PZBdDoNoEhlZbQgimmlPrxM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/38I-PZBdDoNoEhlZbQgimmlPrxM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3D04/7A17FE8EADD911E9B7409A72C4F9AE02/38I-PZBdDoNoEhlZbQgimmlPrxM.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 74:e3:af:28:5c:b3:a9:24:22:40:e2:77:77:d7:c5:de:d5:aa: 91:60:df:3e:e0:17:23:40:30:f3:27:1a:15:a4:21:37:d6:a3: 2c:59:03:14:a2:0d:6c:bb:44:85:e2:90:4b:69:4d:00:dc:60: 87:de:bf:8f:cd:3a:44:3e:6a:01:b3:34:86:16:f1:8e:e1:a1: bb:07:79:63:50:54:cf:c5:bb:17:9c:39:ed:9f:58:09:5b:35: b8:3a:89:05:ba:9a:31:de:63:7c:77:80:f5:59:8e:c2:29:77: cc:fa:a4:6d:66:34:7c:65:36:7f:28:ad:1a:eb:f1:59:62:f8: ca:23:16:b0:56:1e:ec:66:ea:54:ce:bb:18:91:c8:00:2e:eb: 54:ca:a0:b8:91:5b:4a:71:c8:5b:fb:e7:53:19:5c:3b:5c:3e: 12:f3:e7:7d:3a:23:e4:b4:48:40:56:1c:90:ff:2e:26:bc:4a: 74:c8:fa:a9:0b:74:7d:ec:0e:31:31:25:9b:47:32:8c:b6:9f: 25:a3:eb:c4:55:f7:47:58:ea:70:c4:19:00:a0:9a:ac:98:a9: e6:f0:e7:39:18:72:c7:fc:33:3d:a2:b9:ca:a1:4b:e0:d4:22: b5:9c:f4:c4:53:fb:01:b6:0b:3f:2e:6d:59:88:15:0e:e9:92: 29:3d:2a:93 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICDskwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTNEMDQxMTAvBgNVBAUTKERGQzIzRTNEOTA1RDBFODM2ODEyMTk1OTZEMDgyMjlB Njk0RkFGMTMwHhcNMjYwMzI0MTczNTA2WhcNMjYwMzMxMTczNTA2WjAYMRYwFAYD VQQDEw02OWMyY2I0Yi1iMjliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoAFOe4zMhV+LBzUwWsn0Jc2bZBd4A6fme7yIPLRToK2KeDssGV/LuXfkgp7C 4ks32I4RVVIYolFidjqlMMhpqHqch03tHYG8f/HwezuBMqRcmF/Oc+pKdd1N0i6+ noZz6T+9ARJ6moiLBR8DVekAuHs7Dtwr4upNit9RXT6xS0QoNWxKGK11VmPWS0KB 79QCCTozcf8hQwzddl0bHQxJK/LMqnuD+w+yn23pmhItW9fXu3PEoPPEXw5p6tRy kBx8FffxzeFmVoipl/VF4oE9pgQ5NGNhIf7hO54P3ijS4gACoaBh+Yx2G+tNXn16 84vxzMNdZVgcDBxea8AY9sGFKQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFDesBbYy Pc/ZlgrVvLAh6vCb1xf0MB8GA1UdIwQYMBaAFN/CPj2QXQ6DaBIZWW0IIpppT68T MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0QwNC83QTE3RkU4RUFE RDkxMUU5Qjc0MDlBNzJDNEY5QUUwMi8zOEktUFpCZERvTm9FaGxaYlFnaW1tbFBy eE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzM4SS1QWkJkRG9Ob0VobFpiUWdpbW1sUHJ4TS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF M0QwNC83QTE3RkU4RUFERDkxMUU5Qjc0MDlBNzJDNEY5QUUwMi8zOEktUFpCZERv Tm9FaGxaYlFnaW1tbFByeE0ubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAdOOvKFyzqSQiQOJ3d9fF3tWqkWDfPuAXI0Aw8ycaFaQhN9ajLFkDFKINbLtE heKQS2lNANxgh96/j806RD5qAbM0hhbxjuGhuwd5Y1BUz8W7F5w57Z9YCVs1uDqJ BbqaMd5jfHeA9VmOwil3zPqkbWY0fGU2fyitGuvxWWL4yiMWsFYe7GbqVM67GJHI AC7rVMqguJFbSnHIW/vnUxlcO1w+EvPnfToj5LRIQFYckP8uJrxKdMj6qQt0fewO MTElm0cyjLafJaPrxFX3R1jqcMQZAKCarJip5vDnORhyx/wzPaK5yqFL4NQitZz0 xFP7AbYLPy5tWYgVDumSKT0qkw== -----END CERTIFICATE-----Generated at Thu Mar 26 04:17:34 2026 by rpki-client