$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7B89/41BE4F44D9A011F093130E0768D3641D/XnhkKwPMN-Jv1BXn12G-SEc2xWY.mft File: XnhkKwPMN-Jv1BXn12G-SEc2xWY.mft (raw, json) Hash identifier: 2kVWETMf/cG9S4S+JVJRD8BewpJ3dTqfGq35D0QbQl4= Subject key identifier: C6:D0:0F:AB:CC:B4:42:BB:CC:ED:90:88:9A:3D:92:D1:62:B3:83:19 Authority key identifier: 5E:78:64:2B:03:CC:37:E2:6F:D4:15:E7:D7:61:BE:48:47:36:C5:66 Certificate issuer: /CN=A91E7B89/serialNumber=5E78642B03CC37E26FD415E7D761BE484736C566 Certificate serial: 3A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XnhkKwPMN-Jv1BXn12G-SEc2xWY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E7B89/41BE4F44D9A011F093130E0768D3641D/XnhkKwPMN-Jv1BXn12G-SEc2xWY.mft Manifest number: 36 Signing time: Wed 25 Mar 2026 07:46:38 +0000 Manifest this update: Wed 25 Mar 2026 07:46:38 +0000 Manifest next update: Wed 01 Apr 2026 07:46:38 +0000 Files and hashes: 1: XnhkKwPMN-Jv1BXn12G-SEc2xWY.crl (hash: kl01tcQdIFeCf3RGJthS+45duC9GAp+zcuWeODGW8vs=) 2: 1BD6E18E1D1A11F1B8E79D60103D8C67.roa (hash: FWUBzi+iodYXnW4vMdTTKwC/KG79KdBqlOoiZl/TPEw=) 3: 72480DC0D9A111F0989DD75268D3641D.roa (hash: /m7dePdPhCd+iFe1dsv0pa92EOKO9ZVeLTSq8mVj9oY=) 4: 1C61CBFA1D1A11F1B8E79D60103D8C67.roa (hash: wYka0Jo+ri8cUtmDcLdxLnFG7gW5TQTaHwdh/jeTkn4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E7B89/41BE4F44D9A011F093130E0768D3641D/XnhkKwPMN-Jv1BXn12G-SEc2xWY.crl rsync://rpki.apnic.net/member_repository/A91E7B89/41BE4F44D9A011F093130E0768D3641D/XnhkKwPMN-Jv1BXn12G-SEc2xWY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XnhkKwPMN-Jv1BXn12G-SEc2xWY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 Apr 2026 07:46:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58 (0x3a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E7B89, serialNumber=5E78642B03CC37E26FD415E7D761BE484736C566 Validity Not Before: Mar 25 07:46:38 2026 GMT Not After : Apr 1 07:46:38 2026 GMT Subject: CN=69c392de-fc21 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:34:61:b4:14:12:8c:81:0c:ec:3d:75:bb:49: 57:28:1c:4e:cf:52:6a:08:1a:52:e8:c4:6c:81:08: 8d:bb:82:ee:6c:58:8b:3a:9c:b5:51:97:33:97:8b: 40:26:39:ef:46:d6:42:d8:ea:46:2a:33:ad:cf:46: 29:2d:ad:4e:5b:af:72:3a:e0:85:a7:32:ba:12:8c: 0b:19:d9:0a:e4:43:60:8f:2c:bc:d1:bf:d1:35:03: 6b:b7:0e:20:4d:f6:2d:e1:e6:0e:5b:33:f3:a8:c1: 89:fb:07:c5:a9:7e:6a:72:0f:91:ec:b0:b2:87:a8: c2:d0:88:7d:ad:86:e2:4d:46:87:54:5d:28:02:54: d5:9e:e7:71:fc:d3:d9:33:ce:8c:4e:ed:cf:ba:3f: 49:e1:07:71:96:c0:ab:eb:9d:dc:58:42:d8:e8:08: a7:8b:a5:df:d9:ff:1d:c9:66:8b:92:3f:db:50:cb: 36:82:19:cd:f7:08:f0:ce:02:de:46:7f:55:e1:4a: 37:af:fe:f1:8c:9a:fd:ba:9d:8a:87:e0:f8:aa:b6: 59:e7:9a:df:cb:2f:38:6e:2e:2b:ba:78:9b:c9:8f: 61:a7:0d:5d:7f:94:f0:6f:fd:2a:c4:0b:65:ff:c7: c6:4a:6d:31:94:88:19:1f:c3:b1:14:ff:9e:f9:8a: ed:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:D0:0F:AB:CC:B4:42:BB:CC:ED:90:88:9A:3D:92:D1:62:B3:83:19 X509v3 Authority Key Identifier: keyid:5E:78:64:2B:03:CC:37:E2:6F:D4:15:E7:D7:61:BE:48:47:36:C5:66 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E7B89/41BE4F44D9A011F093130E0768D3641D/XnhkKwPMN-Jv1BXn12G-SEc2xWY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XnhkKwPMN-Jv1BXn12G-SEc2xWY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7B89/41BE4F44D9A011F093130E0768D3641D/XnhkKwPMN-Jv1BXn12G-SEc2xWY.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption d5:cf:05:54:f8:46:6e:8d:3d:9e:74:b9:11:08:f9:58:bb:39: d6:62:90:9a:6a:e3:fa:70:ae:f7:a7:b4:63:96:0a:15:89:6a: b7:74:fd:2e:72:e3:d6:4b:8d:c1:51:de:ce:25:a1:4e:62:1a: e7:dd:1c:5c:36:6e:ef:4f:74:61:8c:dc:10:3e:47:b8:64:d9: b4:01:a5:c7:e8:29:59:04:6e:ab:9b:4b:39:73:fc:f8:02:8d: be:9c:62:b0:76:57:6b:e6:7b:84:75:60:7e:97:5e:de:dc:7f: 58:2f:19:da:f3:5c:54:7b:be:fa:72:4d:ba:62:da:17:08:71: fa:ea:cc:4c:cf:b5:96:f8:fb:da:0b:05:e9:df:c6:63:e0:7e: ad:93:59:a9:2c:06:b3:7e:ae:bd:75:5c:25:f6:85:9d:a1:0f: 27:13:19:86:fa:91:48:a3:44:ba:ef:93:2e:e2:01:47:dd:c3: 68:26:62:7f:23:24:58:a3:5e:b7:91:25:04:bd:84:ab:97:3d: f5:58:de:82:81:a3:ed:52:07:1d:fb:c9:52:e2:8d:54:dc:1b: 34:1a:fc:aa:13:6d:da:88:22:c5:b7:1e:be:96:2e:1f:68:18: 48:83:91:1f:dc:af:9f:c7:70:3d:b5:d2:1e:a2:0d:2a:bb:0d: 37:4a:f2:b4 -----BEGIN CERTIFICATE----- MIIFTjCCBDagAwIBAgIBOjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF N0I4OTExMC8GA1UEBRMoNUU3ODY0MkIwM0NDMzdFMjZGRDQxNUU3RDc2MUJFNDg0 NzM2QzU2NjAeFw0yNjAzMjUwNzQ2MzhaFw0yNjA0MDEwNzQ2MzhaMBgxFjAUBgNV BAMTDTY5YzM5MmRlLWZjMjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDXNGG0FBKMgQzsPXW7SVcoHE7PUmoIGlLoxGyBCI27gu5sWIs6nLVRlzOXi0Am Oe9G1kLY6kYqM63PRiktrU5br3I64IWnMroSjAsZ2QrkQ2CPLLzRv9E1A2u3DiBN 9i3h5g5bM/OowYn7B8WpfmpyD5HssLKHqMLQiH2thuJNRodUXSgCVNWe53H809kz zoxO7c+6P0nhB3GWwKvrndxYQtjoCKeLpd/Z/x3JZouSP9tQyzaCGc33CPDOAt5G f1XhSjev/vGMmv26nYqH4Piqtlnnmt/LLzhuLiu6eJvJj2GnDV1/lPBv/SrEC2X/ x8ZKbTGUiBkfw7EU/575iu1NAgMBAAGjggJzMIICbzAdBgNVHQ4EFgQUxtAPq8y0 QrvM7ZCImj2S0WKzgxkwHwYDVR0jBBgwFoAUXnhkKwPMN+Jv1BXn12G+SEc2xWYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU3Qjg5LzQxQkU0RjQ0RDlB MDExRjA5MzEzMEUwNzY4RDM2NDFEL1huaGtLd1BNTi1KdjFCWG4xMkctU0VjMnhX WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvWG5oa0t3UE1OLUp2MUJYbjEyRy1TRWMyeFdZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgZAGCCsGAQUFBwELBIGDMIGAMH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU3 Qjg5LzQxQkU0RjQ0RDlBMDExRjA5MzEzMEUwNzY4RDM2NDFEL1huaGtLd1BNTi1K djFCWG4xMkctU0VjMnhXWS5tZnQwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQDVzwVU+EZujT2edLkRCPlYuznWYpCaauP6cK73p7RjlgoViWq3dP0ucuPWS43B Ud7OJaFOYhrn3RxcNm7vT3RhjNwQPke4ZNm0AaXH6ClZBG6rm0s5c/z4Ao2+nGKw dldr5nuEdWB+l17e3H9YLxna81xUe776ck26YtoXCHH66sxMz7WW+PvaCwXp38Zj 4H6tk1mpLAazfq69dVwl9oWdoQ8nExmG+pFIo0S675Mu4gFH3cNoJmJ/IyRYo163 kSUEvYSrlz31WN6CgaPtUgcd+8lS4o1U3Bs0GvyqE23aiCLFtx6+li4faBhIg5Ef 3K+fx3A9tdIeog0quw03SvK0 -----END CERTIFICATE-----Generated at Thu Mar 26 20:28:10 2026 by rpki-client