$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.mft File: ZKZlgWrv7XOzB1AH2lM3rH3sS4E.mft (raw, json) Hash identifier: LRdN01wV5XsQFekUWN7qAqzVoU9s8KIrFY7WnD5Hv9w= Subject key identifier: A9:B6:9A:35:DF:C3:47:01:1D:F3:97:41:C5:77:6D:55:29:E9:08:F8 Authority key identifier: 64:A6:65:81:6A:EF:ED:73:B3:07:50:07:DA:53:37:AC:7D:EC:4B:81 Certificate issuer: /CN=A91E6D5D/serialNumber=64A665816AEFED73B3075007DA5337AC7DEC4B81 Certificate serial: 1B87 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.mft Manifest number: A1AB Signing time: Tue 24 Mar 2026 14:30:12 +0000 Manifest this update: Tue 24 Mar 2026 14:30:11 +0000 Manifest next update: Tue 31 Mar 2026 14:30:11 +0000 Files and hashes: 1: ZKZlgWrv7XOzB1AH2lM3rH3sS4E.crl (hash: ldFw83Iwn+Nj5xEfz52jvgfARd57GUkcGsaWZ9vosoM=) 2: 20C6F2EC699D11EAA33EAE83C4F9AE02.roa (hash: pJMsFDa2IiscUlM6zrzKfc9Qr8s1FCM7+jFA2I77lGg=) 3: 3D68F8C29A4A11EA94706012C4F9AE02.roa (hash: M3JbVNWqPaa0MJB5ijlSnoeyDvUuuhEmsmhTjsqGYko=) 4: 1BF3A43C15BE11EF93ABFD7DC4F9AE02.roa (hash: 8tQmMu2ovFLLXUgOys2Ll3oQj84jqx+i81WP9ngVP5Y=) 5: 0B24875C7A4411EB804B7430C4F9AE02.roa (hash: osQkwEsqJzh/lJgX1bFEAnSjXXsbhPdC6B6G6iIzx8k=) 6: FC6A19D892D511EC8FBFF32AC4F9AE02.roa (hash: a35oot87/R1elnaG5CRh7EvhVyWIL49AoJbo2/zx3s0=) 7: C89FD6DA557611EBA04C290BC4F9AE02.roa (hash: mWydfb3LjFkHvOgQ8AUkwmK5kNuLziloyL91HhtrlOQ=) 8: ACC8833824DE11EDAEC0E529C4F9AE02.roa (hash: VvIC3+qoyWVc5/YarSMXpqG6dgPJwiuodUj66R2QE3E=) 9: 9907DC46D4BC11EF9BDDAF2EC4F9AE02.roa (hash: S4nPh4zTGC2QdGuAUvATaghlQaT7UNDUq/9SQDT9igE=) 10: 959AC422557911EBBD21EB2FC4F9AE02.roa (hash: 7D5czzXP+//E4+RhWIwHXv8l2H+/7gFJiEyQmF6T8lg=) 11: 191363A69DD911EC99D91668C4F9AE02.roa (hash: PkqCDNqOzvSAwmBBvGeKvAqx6KBFKBuFLlJLqk6v1i0=) 12: 4FF339D8F01D11EB8C4B505BC4F9AE02.roa (hash: SAu8SeifBHI2Yg+q3E52ilKEI2hUMKhgaDda7iU0waw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.crl rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 14:30:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7047 (0x1b87) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E6D5D, serialNumber=64A665816AEFED73B3075007DA5337AC7DEC4B81 Validity Not Before: Mar 24 14:30:11 2026 GMT Not After : Mar 31 14:30:11 2026 GMT Subject: CN=69c29ff3-73ed Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:23:e3:43:06:88:c9:85:27:09:f8:f9:db:90: 66:c8:15:56:01:07:f0:a1:07:d6:40:b4:f7:08:f4: 31:57:ab:7a:68:c6:6d:bc:b6:6b:a0:7a:b8:08:50: 69:7a:5d:be:41:92:85:35:eb:3e:55:3f:0c:58:a9: 58:08:c0:25:f0:d4:2f:04:f7:2f:43:c2:70:c1:5e: 28:34:70:4b:b7:67:f1:ab:97:8d:77:3a:a8:b6:6a: 94:9f:de:b0:6a:b9:80:7f:77:8b:16:68:f3:86:09: 39:12:92:eb:81:4d:fa:1b:f6:86:37:cd:69:41:a1: a0:04:ce:a5:1e:df:81:d2:d1:39:85:70:80:ce:d5: 1a:a8:7c:05:6f:b0:e2:e2:6b:43:d8:76:f1:c1:ce: be:eb:c3:0e:91:c5:74:62:80:57:7e:7a:8f:82:94: 48:a0:75:2a:71:d7:5e:01:ef:fa:8b:52:cd:c3:bb: 04:b3:a8:68:c8:fb:52:77:c0:28:ce:59:b1:25:65: df:02:91:2c:9f:b6:e8:b8:f8:c5:74:7f:af:6f:a8: 3a:c1:ff:0c:ab:06:41:60:56:8f:2e:96:52:1f:65: 88:06:94:94:16:fc:36:4a:8a:1d:ad:05:cf:ab:93: 0f:39:4d:cb:1b:96:c5:3c:26:ba:2d:5f:53:d0:5a: 5a:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:B6:9A:35:DF:C3:47:01:1D:F3:97:41:C5:77:6D:55:29:E9:08:F8 X509v3 Authority Key Identifier: keyid:64:A6:65:81:6A:EF:ED:73:B3:07:50:07:DA:53:37:AC:7D:EC:4B:81 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 08:b3:04:87:48:7a:fd:ae:a7:84:df:34:08:6a:d9:3d:bc:10: 14:cd:0a:4b:ec:8d:76:9c:69:46:7b:f1:33:f4:0b:3d:ea:26: 33:e6:27:73:6c:d4:a2:62:ee:25:1a:8b:01:7a:27:d4:35:ee: 57:19:a4:9f:59:37:ff:46:84:e9:78:71:55:b5:08:1a:8d:a5: 86:29:e5:84:60:d4:b8:ab:50:5c:2d:e7:fe:26:42:93:28:65: 8f:f5:74:80:2b:26:70:e4:4e:da:3d:c2:34:13:e3:ae:c5:ca: 3e:e6:19:1e:60:91:35:60:f5:d4:01:0b:35:51:23:25:ee:1e: fc:ec:db:37:fe:32:9e:2e:bb:a4:0e:38:3c:b0:6b:1a:78:21: ed:d1:6e:6f:bd:c4:b7:85:8b:03:ae:cb:45:d4:0f:5f:b3:32: b6:0b:86:a9:ef:f2:54:a5:30:91:ac:bc:90:58:88:12:77:ef: 53:21:ab:83:56:b7:db:85:e3:e1:33:46:22:75:f1:2a:02:50: f4:b3:cd:bc:3e:6d:3d:1a:ec:23:2f:ea:db:ba:eb:43:79:1d: cd:b7:47:78:7e:f2:7e:8f:43:d6:33:d8:c9:99:1e:66:10:5b: ad:5e:f2:c6:d8:8b:b7:47:ed:17:77:65:c6:3e:d2:e5:78:d2: 33:d4:8d:0e -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICG4cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTZENUQxMTAvBgNVBAUTKDY0QTY2NTgxNkFFRkVENzNCMzA3NTAwN0RBNTMzN0FD N0RFQzRCODEwHhcNMjYwMzI0MTQzMDExWhcNMjYwMzMxMTQzMDExWjAYMRYwFAYD VQQDEw02OWMyOWZmMy03M2VkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAjyPjQwaIyYUnCfj525BmyBVWAQfwoQfWQLT3CPQxV6t6aMZtvLZroHq4CFBp el2+QZKFNes+VT8MWKlYCMAl8NQvBPcvQ8JwwV4oNHBLt2fxq5eNdzqotmqUn96w armAf3eLFmjzhgk5EpLrgU36G/aGN81pQaGgBM6lHt+B0tE5hXCAztUaqHwFb7Di 4mtD2Hbxwc6+68MOkcV0YoBXfnqPgpRIoHUqcddeAe/6i1LNw7sEs6hoyPtSd8Ao zlmxJWXfApEsn7bouPjFdH+vb6g6wf8MqwZBYFaPLpZSH2WIBpSUFvw2SoodrQXP q5MPOU3LG5bFPCa6LV9T0FpahwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFKm2mjXf w0cBHfOXQcV3bVUp6Qj4MB8GA1UdIwQYMBaAFGSmZYFq7+1zswdQB9pTN6x97EuB MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNkQ1RC85RENCNjhFMDFE ODgxMUUyOTRCOTU1RTEwOEIwMkNEMi9aS1psZ1dydjdYT3pCMUFIMmxNM3JIM3NT NEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1pLWmxnV3J2N1hPekIxQUgybE0zckgzc1M0RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NkQ1RC85RENCNjhFMDFEODgxMUUyOTRCOTU1RTEwOEIwMkNEMi9aS1psZ1dydjdY T3pCMUFIMmxNM3JIM3NTNEUubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEACLMEh0h6/a6nhN80CGrZPbwQFM0KS+yNdpxpRnvxM/QLPeomM+Ync2zUomLu JRqLAXon1DXuVxmkn1k3/0aE6XhxVbUIGo2lhinlhGDUuKtQXC3n/iZCkyhlj/V0 gCsmcORO2j3CNBPjrsXKPuYZHmCRNWD11AELNVEjJe4e/OzbN/4yni67pA44PLBr Gngh7dFub73Et4WLA67LRdQPX7MytguGqe/yVKUwkay8kFiIEnfvUyGrg1a324Xj 4TNGInXxKgJQ9LPNvD5tPRrsIy/q27rrQ3kdzbdHeH7yfo9D1jPYyZkeZhBbrV7y xtiLt0ftF3dlxj7S5XjSM9SNDg== -----END CERTIFICATE-----Generated at Thu Mar 26 16:28:01 2026 by rpki-client