$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4D3D/A70A8FEED8B911EBABC1F485C4F9AE02/aGr0G8M9rvgo-rSuSjoNWHutDT8.mft File: aGr0G8M9rvgo-rSuSjoNWHutDT8.mft (raw, json) Hash identifier: 3lez7a9YWum8yGrDGlWo3FEU7X8YgE2ytCYrUuWSzsg= Subject key identifier: 8D:E9:2A:CA:3E:BE:D0:01:CA:C6:53:DA:B8:CF:C1:69:19:D3:31:F7 Authority key identifier: 68:6A:F4:1B:C3:3D:AE:F8:28:FA:B4:AE:4A:3A:0D:58:7B:AD:0D:3F Certificate issuer: /CN=A91E4D3D/serialNumber=686AF41BC33DAEF828FAB4AE4A3A0D587BAD0D3F Certificate serial: 0649 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/aGr0G8M9rvgo-rSuSjoNWHutDT8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E4D3D/A70A8FEED8B911EBABC1F485C4F9AE02/aGr0G8M9rvgo-rSuSjoNWHutDT8.mft Manifest number: 0632 Signing time: Tue 24 Mar 2026 22:29:18 +0000 Manifest this update: Tue 24 Mar 2026 22:29:17 +0000 Manifest next update: Tue 31 Mar 2026 22:29:17 +0000 Files and hashes: 1: aGr0G8M9rvgo-rSuSjoNWHutDT8.crl (hash: p9YmbX0G63H42QuMc3axZJXGuWnlWlUeXgkukYlCchM=) 2: 40310456D8D211EB97FF5586C4F9AE02.roa (hash: ljhzAAAHOEbQtw8/O2WirKoWv6XtLYHxhjuJKY3iiZM=) 3: 63FEB4F8D97411EBB8CC3F40C4F9AE02.roa (hash: GBummmykHnsRNOp2UTZVHW61aelGglaz1bE3tCnWo5M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E4D3D/A70A8FEED8B911EBABC1F485C4F9AE02/aGr0G8M9rvgo-rSuSjoNWHutDT8.crl rsync://rpki.apnic.net/member_repository/A91E4D3D/A70A8FEED8B911EBABC1F485C4F9AE02/aGr0G8M9rvgo-rSuSjoNWHutDT8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/aGr0G8M9rvgo-rSuSjoNWHutDT8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 22:29:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1609 (0x649) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E4D3D, serialNumber=686AF41BC33DAEF828FAB4AE4A3A0D587BAD0D3F Validity Not Before: Mar 24 22:29:17 2026 GMT Not After : Mar 31 22:29:17 2026 GMT Subject: CN=69c3103e-d6fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:e7:9a:a4:35:e0:62:9b:ee:b5:21:5b:39:4e: f9:39:ff:6f:35:d1:1c:49:a8:ce:39:3d:25:c2:11: cc:d9:b4:3a:d9:df:3b:00:5f:29:c0:73:af:72:ec: 10:8e:88:d8:45:ac:16:b1:b1:3e:37:98:4a:72:b7: fd:47:a1:2b:33:75:ac:11:bc:c0:37:45:f3:6a:90: f9:fc:7d:aa:19:a6:73:2c:9d:2d:1c:59:ef:50:ec: ce:b7:78:2c:80:75:c4:4a:ec:d3:1c:56:b8:7c:98: 2c:14:3f:2f:72:bd:e1:b5:d5:ce:b2:ba:2e:9d:38: 98:cd:d0:6a:67:9d:bc:c6:58:2a:e8:60:c0:91:33: 60:e2:14:ae:6d:0a:71:b1:3f:0c:c6:7b:26:e4:46: 22:1c:7a:ff:e0:e7:da:69:57:c5:18:07:5c:a3:2d: 80:fc:eb:31:42:b6:a0:1e:94:43:0a:ec:eb:a3:f5: 2e:fe:29:47:a4:f4:f4:45:82:2d:ba:fe:91:3a:97: 80:f9:32:63:c9:a5:cf:3f:49:11:3a:5e:56:bc:82: 40:5c:62:1c:e5:ec:dd:99:60:69:1b:9b:44:a0:bc: 37:3a:68:f9:ee:6e:72:73:ed:76:e0:97:98:b3:cd: e1:44:b0:a5:aa:1a:95:59:b4:00:be:1f:ce:bd:d9: e5:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:E9:2A:CA:3E:BE:D0:01:CA:C6:53:DA:B8:CF:C1:69:19:D3:31:F7 X509v3 Authority Key Identifier: keyid:68:6A:F4:1B:C3:3D:AE:F8:28:FA:B4:AE:4A:3A:0D:58:7B:AD:0D:3F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E4D3D/A70A8FEED8B911EBABC1F485C4F9AE02/aGr0G8M9rvgo-rSuSjoNWHutDT8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/aGr0G8M9rvgo-rSuSjoNWHutDT8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4D3D/A70A8FEED8B911EBABC1F485C4F9AE02/aGr0G8M9rvgo-rSuSjoNWHutDT8.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8b:ee:ec:fc:ad:72:f8:a5:20:2d:0e:3e:15:d1:40:4f:2b:19: 5e:ac:a1:3e:63:f7:d8:83:df:53:92:eb:98:1a:4e:f5:d6:dd: d4:1a:50:94:d0:41:ac:9b:f1:4b:a7:1d:4c:4e:2a:0b:14:4f: 86:04:fe:b6:90:34:bd:58:5c:34:52:76:97:d0:63:d3:e4:c1: 59:73:29:29:60:8a:7c:58:99:8f:a3:f4:9c:91:0a:0d:d3:30: 69:44:9b:40:c2:cb:fb:5b:65:0a:46:86:7a:f1:20:93:a2:ea: c0:f0:47:89:1a:fc:40:29:9a:57:ee:dc:0a:ed:5c:10:d2:b1: 90:a5:ac:c0:f2:9a:e8:e4:ac:0e:31:47:77:23:99:9a:57:17: b6:91:9f:fd:2c:a3:db:1a:74:7d:d2:87:97:41:39:c8:36:58: 8e:fc:b2:3a:d9:0d:b8:61:24:9f:8a:7b:aa:a0:1a:ae:0f:93: 0d:1b:07:de:00:d6:d7:03:31:27:06:24:95:d7:20:ac:dd:09: ff:0a:eb:60:51:e2:4e:bb:e7:67:cc:75:b8:f0:4e:c0:70:4c: 0e:8f:2e:a7:2d:11:95:c8:44:7d:85:12:a4:29:08:f1:8e:70: 53:bd:85:4d:a3:14:72:e8:96:a3:d3:b7:f1:b4:d0:06:ae:5a: 15:8f:02:80 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICBkkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTREM0QxMTAvBgNVBAUTKDY4NkFGNDFCQzMzREFFRjgyOEZBQjRBRTRBM0EwRDU4 N0JBRDBEM0YwHhcNMjYwMzI0MjIyOTE3WhcNMjYwMzMxMjIyOTE3WjAYMRYwFAYD VQQDEw02OWMzMTAzZS1kNmZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAveeapDXgYpvutSFbOU75Of9vNdEcSajOOT0lwhHM2bQ62d87AF8pwHOvcuwQ jojYRawWsbE+N5hKcrf9R6ErM3WsEbzAN0XzapD5/H2qGaZzLJ0tHFnvUOzOt3gs gHXESuzTHFa4fJgsFD8vcr3htdXOsrounTiYzdBqZ528xlgq6GDAkTNg4hSubQpx sT8Mxnsm5EYiHHr/4OfaaVfFGAdcoy2A/OsxQragHpRDCuzro/Uu/ilHpPT0RYIt uv6ROpeA+TJjyaXPP0kROl5WvIJAXGIc5ezdmWBpG5tEoLw3Omj57m5yc+124JeY s83hRLClqhqVWbQAvh/OvdnlTwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFI3pKso+ vtABysZT2rjPwWkZ0zH3MB8GA1UdIwQYMBaAFGhq9BvDPa74KPq0rko6DVh7rQ0/ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNEQzRC9BNzBBOEZFRUQ4 QjkxMUVCQUJDMUY0ODVDNEY5QUUwMi9hR3IwRzhNOXJ2Z28tclN1U2pvTldIdXRE VDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2FHcjBHOE05cnZnby1yU3VTam9OV0h1dERUOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NEQzRC9BNzBBOEZFRUQ4QjkxMUVCQUJDMUY0ODVDNEY5QUUwMi9hR3IwRzhNOXJ2 Z28tclN1U2pvTldIdXREVDgubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAi+7s/K1y+KUgLQ4+FdFATysZXqyhPmP32IPfU5LrmBpO9dbd1BpQlNBBrJvx S6cdTE4qCxRPhgT+tpA0vVhcNFJ2l9Bj0+TBWXMpKWCKfFiZj6P0nJEKDdMwaUSb QMLL+1tlCkaGevEgk6LqwPBHiRr8QCmaV+7cCu1cENKxkKWswPKa6OSsDjFHdyOZ mlcXtpGf/Syj2xp0fdKHl0E5yDZYjvyyOtkNuGEkn4p7qqAarg+TDRsH3gDW1wMx JwYkldcgrN0J/wrrYFHiTrvnZ8x1uPBOwHBMDo8upy0RlchEfYUSpCkI8Y5wU72F TaMUcuiWo9O38bTQBq5aFY8CgA== -----END CERTIFICATE-----Generated at Thu Mar 26 20:26:45 2026 by rpki-client