$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAB64/9B44EB748F2911ECB6A6996CC4F9AE02/IO0KqyB1C4snqG35iadUv1cm3X4.mft File: IO0KqyB1C4snqG35iadUv1cm3X4.mft (raw, json) Hash identifier: vTEPk5ej6lrGEPxBb0Jq2Q9+LWj0OIseuaEg9yDvQOU= Subject key identifier: FF:BD:D2:97:41:6A:CF:9E:99:4B:63:E5:EA:DB:97:35:A7:0A:F6:E7 Authority key identifier: 20:ED:0A:AB:20:75:0B:8B:27:A8:6D:F9:89:A7:54:BF:57:26:DD:7E Certificate issuer: /CN=A91EAB64/serialNumber=20ED0AAB20750B8B27A86DF989A754BF5726DD7E Certificate serial: 0257 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IO0KqyB1C4snqG35iadUv1cm3X4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EAB64/9B44EB748F2911ECB6A6996CC4F9AE02/IO0KqyB1C4snqG35iadUv1cm3X4.mft Manifest number: 068D Signing time: Tue 24 Mar 2026 23:51:43 +0000 Manifest this update: Tue 24 Mar 2026 23:51:42 +0000 Manifest next update: Tue 31 Mar 2026 23:51:42 +0000 Files and hashes: 1: IO0KqyB1C4snqG35iadUv1cm3X4.crl (hash: 5IReu8N3a1m66Q8WCg0bA8w4+QBfe/0WT334dR1L2GU=) 2: D9FDBEA0FB5D11F0A7F971C0496F56BC.roa (hash: Wx61e/Tv8ZK5H7v83kwm5JdbJjGGNDdnnszpCWgUdM8=) 3: C7492CAEFB5D11F0B51531C0496F56BC.roa (hash: Cu6/ZN4pLVVwgFBXhJX48sJtoPNZuRZAmRy+tg9HKHM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EAB64/9B44EB748F2911ECB6A6996CC4F9AE02/IO0KqyB1C4snqG35iadUv1cm3X4.crl rsync://rpki.apnic.net/member_repository/A91EAB64/9B44EB748F2911ECB6A6996CC4F9AE02/IO0KqyB1C4snqG35iadUv1cm3X4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IO0KqyB1C4snqG35iadUv1cm3X4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 23:51:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 599 (0x257) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EAB64, serialNumber=20ED0AAB20750B8B27A86DF989A754BF5726DD7E Validity Not Before: Mar 24 23:51:42 2026 GMT Not After : Mar 31 23:51:42 2026 GMT Subject: CN=69c3238f-8cbc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:34:19:61:ac:71:b7:e4:05:f0:ff:4b:fe:6a: 76:de:40:95:5a:16:14:69:3b:93:74:76:3f:f4:18: 05:fb:b1:7d:72:86:ec:84:07:6b:d5:b9:f0:3b:68: 8e:5e:1c:1b:cc:ed:89:a4:d6:a3:ad:76:27:3e:b0: bb:38:aa:37:c9:9f:82:df:ca:37:29:9a:9b:16:41: fa:bc:23:27:dc:0b:c9:d9:ae:3b:2e:5d:f4:06:14: ac:5b:24:82:d6:0d:78:2e:c1:85:68:3a:cd:8a:08: bc:3a:1e:ea:1d:b4:81:5c:f1:bd:d4:49:aa:95:6e: 2a:54:ad:5b:bf:a7:97:f0:dd:fd:34:61:66:de:56: 09:8a:03:ac:1e:9e:ee:a2:c5:19:2c:a3:c7:31:19: 33:9e:ae:f5:f9:2f:d3:24:54:78:3d:8a:c0:c9:5c: cf:82:8c:ef:93:39:63:a6:09:ae:0b:65:43:91:be: 38:fb:8f:c7:ee:61:e8:f7:de:ed:52:aa:ed:bf:85: 25:10:e7:85:16:7c:93:0e:ed:23:5a:8c:b7:88:a9: 07:3a:86:b0:6f:03:93:c9:2f:31:25:d2:70:32:bb: 22:d8:9a:7f:e6:db:59:4b:e8:80:f0:fb:cf:da:7b: cb:b5:59:e3:04:b6:98:d2:ad:7c:3e:e7:fc:c1:97: 79:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:BD:D2:97:41:6A:CF:9E:99:4B:63:E5:EA:DB:97:35:A7:0A:F6:E7 X509v3 Authority Key Identifier: keyid:20:ED:0A:AB:20:75:0B:8B:27:A8:6D:F9:89:A7:54:BF:57:26:DD:7E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EAB64/9B44EB748F2911ECB6A6996CC4F9AE02/IO0KqyB1C4snqG35iadUv1cm3X4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IO0KqyB1C4snqG35iadUv1cm3X4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAB64/9B44EB748F2911ECB6A6996CC4F9AE02/IO0KqyB1C4snqG35iadUv1cm3X4.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4f:d2:45:18:92:2b:74:3f:6f:72:91:b0:68:a4:bc:21:d3:19: d8:69:a2:af:18:32:ee:4c:29:da:ce:ab:a4:9c:44:79:d0:e6: f3:8c:d7:18:b0:72:11:34:f6:67:03:31:c0:75:b2:4f:11:85: 2b:a0:17:a3:55:e5:5a:a1:09:4b:91:05:5e:21:a8:82:ce:62: aa:a1:62:bc:3e:ea:1c:36:ff:4c:54:e1:1d:c8:26:82:da:00: 99:3e:cf:66:89:f4:87:e0:78:5e:31:a5:b3:ec:ec:bb:4b:bb: af:5f:39:df:cd:ee:29:b1:01:6a:50:bb:ac:b0:e1:e4:a9:72: 0a:91:f4:d9:9f:57:8a:b9:21:f0:e0:b8:04:88:f9:b9:dd:f2: f2:e4:de:2a:9e:64:8d:72:b3:4c:49:64:c3:6f:82:ae:ec:a4: 0f:6f:51:52:24:3a:7d:2f:d5:d8:ab:a4:5e:15:cf:61:7e:67: 14:09:69:3b:50:0f:41:f6:7d:8a:9c:e1:b2:55:d6:54:74:b6: 24:e0:15:ea:6a:b4:1b:4b:07:40:f9:bb:de:6e:fe:c8:f4:e2: 4c:5a:38:94:4c:61:77:bc:ff:71:56:6d:8b:9c:82:65:1c:0c: 2b:fe:ae:6c:5b:c4:99:0e:28:9f:83:04:9f:9b:21:fc:78:1b: 41:ef:f3:2f -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICAlcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUFCNjQxMTAvBgNVBAUTKDIwRUQwQUFCMjA3NTBCOEIyN0E4NkRGOTg5QTc1NEJG NTcyNkREN0UwHhcNMjYwMzI0MjM1MTQyWhcNMjYwMzMxMjM1MTQyWjAYMRYwFAYD VQQDEw02OWMzMjM4Zi04Y2JjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAizQZYaxxt+QF8P9L/mp23kCVWhYUaTuTdHY/9BgF+7F9cobshAdr1bnwO2iO XhwbzO2JpNajrXYnPrC7OKo3yZ+C38o3KZqbFkH6vCMn3AvJ2a47Ll30BhSsWySC 1g14LsGFaDrNigi8Oh7qHbSBXPG91EmqlW4qVK1bv6eX8N39NGFm3lYJigOsHp7u osUZLKPHMRkznq71+S/TJFR4PYrAyVzPgozvkzljpgmuC2VDkb44+4/H7mHo997t Uqrtv4UlEOeFFnyTDu0jWoy3iKkHOoawbwOTyS8xJdJwMrsi2Jp/5ttZS+iA8PvP 2nvLtVnjBLaY0q18Puf8wZd5zwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFP+90pdB as+emUtj5erblzWnCvbnMB8GA1UdIwQYMBaAFCDtCqsgdQuLJ6ht+YmnVL9XJt1+ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUI2NC85QjQ0RUI3NDhG MjkxMUVDQjZBNjk5NkNDNEY5QUUwMi9JTzBLcXlCMUM0c25xRzM1aWFkVXYxY20z WDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lPMEtxeUIxQzRzbnFHMzVpYWRVdjFjbTNYNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QUI2NC85QjQ0RUI3NDhGMjkxMUVDQjZBNjk5NkNDNEY5QUUwMi9JTzBLcXlCMUM0 c25xRzM1aWFkVXYxY20zWDQubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAT9JFGJIrdD9vcpGwaKS8IdMZ2Gmirxgy7kwp2s6rpJxEedDm84zXGLByETT2 ZwMxwHWyTxGFK6AXo1XlWqEJS5EFXiGogs5iqqFivD7qHDb/TFThHcgmgtoAmT7P Zon0h+B4XjGls+zsu0u7r185383uKbEBalC7rLDh5KlyCpH02Z9Xirkh8OC4BIj5 ud3y8uTeKp5kjXKzTElkw2+CruykD29RUiQ6fS/V2KukXhXPYX5nFAlpO1APQfZ9 ipzhslXWVHS2JOAV6mq0G0sHQPm73m7+yPTiTFo4lExhd7z/cVZti5yCZRwMK/6u bFvEmQ4on4MEn5sh/HgbQe/zLw== -----END CERTIFICATE-----Generated at Thu Mar 26 18:55:46 2026 by rpki-client