$ rpki-client -vvf rpki.apnic.net/member_repository/A91E9D1A/C59B02DA1D7011E286F147B508B02CD2/CXb8PSMYbUjGcXc3QIkc9U4xuA4.mft File: CXb8PSMYbUjGcXc3QIkc9U4xuA4.mft (raw, json) Hash identifier: gBw8/2FipA1G6J8fD/zEnUpueL2Gm7txSrSrSD7PrSE= Subject key identifier: CD:AA:71:A0:8F:51:A9:19:4B:DD:B8:7E:A8:4F:FC:E7:C5:3E:92:FC Authority key identifier: 09:76:FC:3D:23:18:6D:48:C6:71:77:37:40:89:1C:F5:4E:31:B8:0E Certificate issuer: /CN=A91E9D1A/serialNumber=0976FC3D23186D48C671773740891CF54E31B80E Certificate serial: 3565 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CXb8PSMYbUjGcXc3QIkc9U4xuA4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E9D1A/C59B02DA1D7011E286F147B508B02CD2/CXb8PSMYbUjGcXc3QIkc9U4xuA4.mft Manifest number: 3543 Signing time: Tue 24 Mar 2026 14:19:20 +0000 Manifest this update: Tue 24 Mar 2026 14:19:19 +0000 Manifest next update: Tue 31 Mar 2026 14:19:19 +0000 Files and hashes: 1: CXb8PSMYbUjGcXc3QIkc9U4xuA4.crl (hash: CrzbjxEnYurv53PkJUlIZQLPZ1ajsga/qFQOsPx7sLM=) 2: E404430CB0F811E595E0F761C4F9AE02.roa (hash: owZAiKzsMVZHcu5y/uvghCfcRo2W0WEoElBFnrF91Ts=) 3: 81C9B5A4BBFA11ED99272016C4F9AE02.roa (hash: wULzE/YcKLKygpTy9Qm31PPUJvQ48rS9tgycJrdEzjc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E9D1A/C59B02DA1D7011E286F147B508B02CD2/CXb8PSMYbUjGcXc3QIkc9U4xuA4.crl rsync://rpki.apnic.net/member_repository/A91E9D1A/C59B02DA1D7011E286F147B508B02CD2/CXb8PSMYbUjGcXc3QIkc9U4xuA4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CXb8PSMYbUjGcXc3QIkc9U4xuA4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 14:19:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13669 (0x3565) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E9D1A, serialNumber=0976FC3D23186D48C671773740891CF54E31B80E Validity Not Before: Mar 24 14:19:19 2026 GMT Not After : Mar 31 14:19:19 2026 GMT Subject: CN=69c29d68-4a70 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:ec:ef:66:88:4b:03:26:ed:fb:ac:36:8a:a9: 3f:2c:6a:06:87:aa:33:92:46:3b:9a:c8:a8:e3:4a: c2:81:c0:b3:11:c5:94:3f:a2:42:3a:24:9b:58:c8: bc:56:20:e2:24:db:af:70:9b:1f:50:1a:81:6f:7b: 25:ea:12:d8:28:b8:35:4e:ec:fb:12:70:18:bc:28: a9:03:0d:39:7b:9d:f8:49:a4:04:bc:b4:33:d8:c6: 76:82:9c:9e:6c:cb:d7:5e:09:51:b6:a4:d3:49:c8: 1c:dd:7f:a5:f8:b9:a1:a0:e7:48:da:3f:d9:36:24: 57:31:34:02:b1:0e:b7:95:8e:35:8b:5e:bb:18:b1: ab:35:6c:7f:3a:69:f7:3a:bf:7e:89:61:81:ac:a3: 0a:d1:76:a4:b7:78:89:71:ca:30:af:5a:f5:7f:db: 65:03:91:7c:dd:82:a7:ed:52:bc:88:fc:9c:2a:6e: 2f:1b:d1:c0:db:35:b4:5b:cb:34:62:4d:cf:33:17: 21:cb:4e:b3:02:43:f7:a8:eb:cd:2f:09:19:48:78: 79:4d:41:c2:a6:1b:31:a8:65:2f:db:ed:47:ba:67: 9d:7a:95:44:82:7a:7b:3d:52:8a:e6:ea:01:14:f8: 8a:04:28:7c:f8:f0:9c:7e:69:ed:4c:bb:1c:0d:c9: a8:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:AA:71:A0:8F:51:A9:19:4B:DD:B8:7E:A8:4F:FC:E7:C5:3E:92:FC X509v3 Authority Key Identifier: keyid:09:76:FC:3D:23:18:6D:48:C6:71:77:37:40:89:1C:F5:4E:31:B8:0E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E9D1A/C59B02DA1D7011E286F147B508B02CD2/CXb8PSMYbUjGcXc3QIkc9U4xuA4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CXb8PSMYbUjGcXc3QIkc9U4xuA4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E9D1A/C59B02DA1D7011E286F147B508B02CD2/CXb8PSMYbUjGcXc3QIkc9U4xuA4.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 84:06:48:bb:a1:bf:69:a9:39:21:07:f1:36:db:9f:01:4a:71: 7a:42:14:ef:6f:bc:52:b6:0b:7e:86:dd:38:2c:03:42:2a:c5: bd:73:80:bc:f2:bc:1a:b6:2e:70:7c:27:70:79:7b:e1:f4:dd: 87:4c:2b:65:08:e1:c1:55:7e:1a:8e:b5:d1:d4:d5:bb:f8:cd: 3f:c2:21:02:f5:04:67:27:9d:2d:74:d9:2b:bc:80:35:ed:dc: a1:34:a7:7a:00:1a:8d:21:ee:5f:30:36:f7:60:fa:96:ec:ff: 61:df:74:b5:66:ea:9c:4f:2a:55:d2:ca:07:b5:75:ee:4c:9e: 15:c3:4c:ae:3f:c5:79:28:1b:18:93:47:3a:9e:79:c1:b4:66: d5:95:8f:24:b8:6e:c9:b7:fe:1f:95:ac:d0:4b:f0:4a:9e:38: ba:38:20:5b:85:4b:09:1f:fb:d2:97:c1:10:d3:51:d4:fa:99: b0:8c:86:d2:54:2b:1f:3a:88:c7:51:22:4f:f6:51:f8:66:82: 3e:bd:f6:7b:b6:64:36:d0:e5:96:b5:45:b4:d7:f6:89:e8:35: 0a:0c:65:3f:69:03:d7:26:fa:f8:fb:1e:03:d8:5b:09:0a:cf: a8:a5:e2:27:97:85:da:af:29:91:1f:04:aa:87:92:d6:01:e5: 65:c5:6b:3c -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICNWUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTlEMUExMTAvBgNVBAUTKDA5NzZGQzNEMjMxODZENDhDNjcxNzczNzQwODkxQ0Y1 NEUzMUI4MEUwHhcNMjYwMzI0MTQxOTE5WhcNMjYwMzMxMTQxOTE5WjAYMRYwFAYD VQQDEw02OWMyOWQ2OC00YTcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtezvZohLAybt+6w2iqk/LGoGh6ozkkY7msio40rCgcCzEcWUP6JCOiSbWMi8 ViDiJNuvcJsfUBqBb3sl6hLYKLg1Tuz7EnAYvCipAw05e534SaQEvLQz2MZ2gpye bMvXXglRtqTTScgc3X+l+LmhoOdI2j/ZNiRXMTQCsQ63lY41i167GLGrNWx/Omn3 Or9+iWGBrKMK0Xakt3iJccowr1r1f9tlA5F83YKn7VK8iPycKm4vG9HA2zW0W8s0 Yk3PMxchy06zAkP3qOvNLwkZSHh5TUHCphsxqGUv2+1HumedepVEgnp7PVKK5uoB FPiKBCh8+PCcfmntTLscDcmojwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFM2qcaCP UakZS924fqhP/OfFPpL8MB8GA1UdIwQYMBaAFAl2/D0jGG1IxnF3N0CJHPVOMbgO MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOUQxQS9DNTlCMDJEQTFE NzAxMUUyODZGMTQ3QjUwOEIwMkNEMi9DWGI4UFNNWWJVakdjWGMzUUlrYzlVNHh1 QTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NYYjhQU01ZYlVqR2NYYzNRSWtjOVU0eHVBNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF OUQxQS9DNTlCMDJEQTFENzAxMUUyODZGMTQ3QjUwOEIwMkNEMi9DWGI4UFNNWWJV akdjWGMzUUlrYzlVNHh1QTQubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAhAZIu6G/aak5IQfxNtufAUpxekIU72+8UrYLfobdOCwDQirFvXOAvPK8GrYu cHwncHl74fTdh0wrZQjhwVV+Go610dTVu/jNP8IhAvUEZyedLXTZK7yANe3coTSn egAajSHuXzA292D6luz/Yd90tWbqnE8qVdLKB7V17kyeFcNMrj/FeSgbGJNHOp55 wbRm1ZWPJLhuybf+H5Ws0EvwSp44ujggW4VLCR/70pfBENNR1PqZsIyG0lQrHzqI x1EiT/ZR+GaCPr32e7ZkNtDllrVFtNf2ieg1CgxlP2kD1yb6+PseA9hbCQrPqKXi J5eF2q8pkR8EqoeS1gHlZcVrPA== -----END CERTIFICATE-----Generated at Thu Mar 26 10:14:06 2026 by rpki-client