$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3E33/877A79B6E9D111E8AC892770C4F9AE02/N5dDcUzgEiMKqXi7GqjHkOcGZ6s.mft File: N5dDcUzgEiMKqXi7GqjHkOcGZ6s.mft (raw, json) Hash identifier: j+3VYiT0+Lf/XwC7ZGaFo3B5bpNMI1kPgXx+T8gTT/c= Subject key identifier: 33:6F:A7:78:0E:3A:D2:74:0D:75:01:E5:F4:72:DB:E8:A8:B5:13:1F Authority key identifier: 37:97:43:71:4C:E0:12:23:0A:A9:78:BB:1A:A8:C7:90:E7:06:67:AB Certificate issuer: /CN=A91E3E33/serialNumber=379743714CE012230AA978BB1AA8C790E70667AB Certificate serial: 12B5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/N5dDcUzgEiMKqXi7GqjHkOcGZ6s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3E33/877A79B6E9D111E8AC892770C4F9AE02/N5dDcUzgEiMKqXi7GqjHkOcGZ6s.mft Manifest number: 128D Signing time: Tue 24 Mar 2026 16:59:04 +0000 Manifest this update: Tue 24 Mar 2026 16:59:04 +0000 Manifest next update: Tue 31 Mar 2026 16:59:04 +0000 Files and hashes: 1: N5dDcUzgEiMKqXi7GqjHkOcGZ6s.crl (hash: 5SIUBejFGCICqwRkcjwpgwK/qqWKBFzBZpEkE2kiWHs=) 2: 4551BE2CD19D11EAA120EE14C4F9AE02.roa (hash: yX0Uzg9eTPoxhzg9lrLk/1K20OmA34T+jetmGie5oOM=) 3: 29ED0D46839011EE946C5E63C4F9AE02.roa (hash: Mk7axMLu02fCkeBHGlKgm1yoa0p6/cjOgQ2Y7Q06Kao=) 4: D0B8C09E1BBF11EAA64ECF70C4F9AE02.roa (hash: QNLelKdMSlDKmsbvqvRzrLkhu/2hfJJqmOa+I6J1bAk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3E33/877A79B6E9D111E8AC892770C4F9AE02/N5dDcUzgEiMKqXi7GqjHkOcGZ6s.crl rsync://rpki.apnic.net/member_repository/A91E3E33/877A79B6E9D111E8AC892770C4F9AE02/N5dDcUzgEiMKqXi7GqjHkOcGZ6s.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/N5dDcUzgEiMKqXi7GqjHkOcGZ6s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 16:59:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4789 (0x12b5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3E33, serialNumber=379743714CE012230AA978BB1AA8C790E70667AB Validity Not Before: Mar 24 16:59:04 2026 GMT Not After : Mar 31 16:59:04 2026 GMT Subject: CN=69c2c2d8-8761 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:d5:00:ea:61:52:4a:8a:80:77:07:b8:90:ce: 9f:23:36:f9:fc:b8:b3:82:c4:e0:32:ab:65:a1:2a: da:77:63:16:c3:f2:f8:7a:74:3c:63:a4:5c:a7:8a: 1c:5c:d3:87:5d:9e:2f:1f:52:dd:1c:ad:bb:9c:c0: 03:91:28:ab:13:eb:1e:bf:22:ad:95:71:8d:9a:a5: 9b:91:43:1b:1b:c2:d1:6d:7f:2c:2e:0a:19:4e:af: 4f:54:69:2f:60:96:3d:e9:89:1c:e7:f2:e9:3e:17: 74:1d:46:3a:b5:b3:bd:fe:6a:39:9a:78:68:7c:37: 0e:cb:eb:7e:02:24:e2:a4:d2:68:48:1a:f1:f4:02: d8:87:f3:17:5f:f5:ff:6e:b8:70:6e:cd:1b:74:b5: ce:a2:e8:3b:74:11:86:ff:71:11:71:ce:6d:78:15: f9:d7:82:7e:ea:84:42:13:5c:01:cb:7f:8d:93:a5: 84:e4:3a:3d:fa:fa:4c:e8:cc:94:91:dd:28:1c:d7: 20:1d:c1:8a:86:86:41:8c:01:28:e9:67:ff:7d:c0: a2:82:99:9a:ab:a0:ca:08:6f:15:e8:20:2b:64:80: 72:7f:3f:24:b9:11:99:7b:db:8b:62:0a:55:b7:8f: fb:a7:03:f1:ff:62:ed:44:52:ef:d9:00:f0:4e:ab: c4:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:6F:A7:78:0E:3A:D2:74:0D:75:01:E5:F4:72:DB:E8:A8:B5:13:1F X509v3 Authority Key Identifier: keyid:37:97:43:71:4C:E0:12:23:0A:A9:78:BB:1A:A8:C7:90:E7:06:67:AB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3E33/877A79B6E9D111E8AC892770C4F9AE02/N5dDcUzgEiMKqXi7GqjHkOcGZ6s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/N5dDcUzgEiMKqXi7GqjHkOcGZ6s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3E33/877A79B6E9D111E8AC892770C4F9AE02/N5dDcUzgEiMKqXi7GqjHkOcGZ6s.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9d:ca:ac:9c:5e:7c:96:3c:53:c1:3d:2f:9a:03:cb:36:48:a8: 15:af:d1:2a:2a:6b:4e:b4:9a:eb:e3:51:aa:5c:40:a0:c3:68: 8f:de:3f:1a:bf:23:0f:0a:fe:d2:6d:cd:fe:f2:6d:87:bf:46: 2c:2b:bf:27:92:9f:eb:80:6c:38:2c:20:b2:72:a3:c4:92:db: c8:1e:c1:c9:fa:88:e4:bc:7a:ad:19:5c:04:02:5a:7e:36:e9: 2d:ff:6b:0a:de:c1:43:0a:ee:a1:bc:ed:05:87:68:f0:d9:3d: 76:5b:28:4b:60:f6:47:c6:9b:17:b2:de:5f:fd:1b:e7:a3:58: ec:ff:94:94:42:ce:04:96:80:39:c9:f0:a1:4d:5e:fd:9d:d4: 00:27:fa:fa:91:56:0e:47:c6:01:4a:61:27:b8:1b:f0:b1:59: 79:ec:6d:6b:f3:fc:29:4d:e8:d2:10:42:30:c5:f7:d2:cf:c6: da:a4:b0:60:d9:2e:3d:14:3d:9f:09:8c:7c:73:77:d3:07:a7: 04:29:04:63:a9:57:6f:9e:99:f1:67:8b:ed:1b:19:92:92:2d: fc:28:d0:7b:1f:f0:a1:1a:1c:e1:14:7f:83:09:17:7d:b0:6e: 3a:a8:e9:02:58:c6:eb:a2:84:80:9a:09:c9:1f:e7:5a:b0:27: 7c:41:14:51 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICErUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTNFMzMxMTAvBgNVBAUTKDM3OTc0MzcxNENFMDEyMjMwQUE5NzhCQjFBQThDNzkw RTcwNjY3QUIwHhcNMjYwMzI0MTY1OTA0WhcNMjYwMzMxMTY1OTA0WjAYMRYwFAYD VQQDEw02OWMyYzJkOC04NzYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA39UA6mFSSoqAdwe4kM6fIzb5/LizgsTgMqtloSrad2MWw/L4enQ8Y6Rcp4oc XNOHXZ4vH1LdHK27nMADkSirE+sevyKtlXGNmqWbkUMbG8LRbX8sLgoZTq9PVGkv YJY96Ykc5/LpPhd0HUY6tbO9/mo5mnhofDcOy+t+AiTipNJoSBrx9ALYh/MXX/X/ brhwbs0bdLXOoug7dBGG/3ERcc5teBX514J+6oRCE1wBy3+Nk6WE5Do9+vpM6MyU kd0oHNcgHcGKhoZBjAEo6Wf/fcCigpmaq6DKCG8V6CArZIByfz8kuRGZe9uLYgpV t4/7pwPx/2LtRFLv2QDwTqvExwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFDNvp3gO OtJ0DXUB5fRy2+iotRMfMB8GA1UdIwQYMBaAFDeXQ3FM4BIjCql4uxqox5DnBmer MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0UzMy84NzdBNzlCNkU5 RDExMUU4QUM4OTI3NzBDNEY5QUUwMi9ONWREY1V6Z0VpTUtxWGk3R3FqSGtPY0da NnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL041ZERjVXpnRWlNS3FYaTdHcWpIa09jR1o2cy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF M0UzMy84NzdBNzlCNkU5RDExMUU4QUM4OTI3NzBDNEY5QUUwMi9ONWREY1V6Z0Vp TUtxWGk3R3FqSGtPY0daNnMubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAncqsnF58ljxTwT0vmgPLNkioFa/RKiprTrSa6+NRqlxAoMNoj94/Gr8jDwr+ 0m3N/vJth79GLCu/J5Kf64BsOCwgsnKjxJLbyB7ByfqI5Lx6rRlcBAJafjbpLf9r Ct7BQwruobztBYdo8Nk9dlsoS2D2R8abF7LeX/0b56NY7P+UlELOBJaAOcnwoU1e /Z3UACf6+pFWDkfGAUphJ7gb8LFZeexta/P8KU3o0hBCMMX30s/G2qSwYNkuPRQ9 nwmMfHN30wenBCkEY6lXb56Z8WeL7RsZkpIt/CjQex/woRoc4RR/gwkXfbBuOqjp AljG66KEgJoJyR/nWrAnfEEUUQ== -----END CERTIFICATE-----Generated at Thu Mar 26 18:58:57 2026 by rpki-client