$ rpki-client -vvf rpki.apnic.net/member_repository/A91EE735/E8E667CA94BE11EA984FAD58C4F9AE02/rXOtuRQhOGLtjhTXcGn0dNg8yPU.mft File: rXOtuRQhOGLtjhTXcGn0dNg8yPU.mft (raw, json) Hash identifier: 5Tq9r6sVTk5GIR9PMB2HSJet4twTspXS3VE7fEuX7uY= Subject key identifier: 4B:6A:9E:C5:3B:20:F2:EA:5D:3B:6D:D4:27:A9:DF:FE:E5:17:82:41 Authority key identifier: AD:73:AD:B9:14:21:38:62:ED:8E:14:D7:70:69:F4:74:D8:3C:C8:F5 Certificate issuer: /CN=A91EE735/serialNumber=AD73ADB914213862ED8E14D77069F474D83CC8F5 Certificate serial: 0A36 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rXOtuRQhOGLtjhTXcGn0dNg8yPU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EE735/E8E667CA94BE11EA984FAD58C4F9AE02/rXOtuRQhOGLtjhTXcGn0dNg8yPU.mft Manifest number: 0A22 Signing time: Tue 12 May 2026 19:50:43 +0000 Manifest this update: Tue 12 May 2026 19:50:43 +0000 Manifest next update: Tue 19 May 2026 19:50:43 +0000 Files and hashes: 1: rXOtuRQhOGLtjhTXcGn0dNg8yPU.crl (hash: YiPSK4EVNMBRTqLdSot/BUqhegG28Nh3cv7dOk9xMWs=) 2: 7AEEA290829E11F0975FC440C4F9AE02.roa (hash: ffwoJq84kOy2tG4k/aN3n6ozf9LlqpCjd9uK2ZJO1BM=) 3: E7F141609E9911EBB4117632C4F9AE02.roa (hash: v6k0jsddCRTxnduBCevo9h7oXXgJAgW/4ikmMahgMvM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EE735/E8E667CA94BE11EA984FAD58C4F9AE02/rXOtuRQhOGLtjhTXcGn0dNg8yPU.crl rsync://rpki.apnic.net/member_repository/A91EE735/E8E667CA94BE11EA984FAD58C4F9AE02/rXOtuRQhOGLtjhTXcGn0dNg8yPU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rXOtuRQhOGLtjhTXcGn0dNg8yPU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 19 May 2026 19:50:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2614 (0xa36) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EE735, serialNumber=AD73ADB914213862ED8E14D77069F474D83CC8F5 Validity Not Before: May 12 19:50:43 2026 GMT Not After : May 19 19:50:43 2026 GMT Subject: CN=6a038493-5790 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:ff:f9:70:5a:cd:ba:58:a8:48:9c:28:cc:c3: ec:74:4f:c6:43:6a:15:e5:ec:44:27:74:70:e7:c9: 0f:be:59:02:8e:ab:fa:df:d3:17:57:5e:a5:dd:d0: 07:c1:77:ec:3f:c8:6f:c3:5d:38:b5:63:75:9e:6f: 44:fd:49:b4:c7:c1:b7:5e:69:a3:44:e5:a4:84:5c: e4:79:de:ce:01:a0:6c:90:0f:3b:cd:04:17:8c:3d: e8:4f:e3:bf:26:65:37:ef:71:f5:93:f8:a9:d6:3e: 9b:64:ec:b5:81:59:d4:a2:4c:0e:32:e1:72:90:de: 8b:7d:02:a0:4c:ba:23:f7:98:87:22:ae:69:33:a8: 10:ea:4f:11:4a:47:9e:b1:23:75:05:6f:96:47:f3: 02:79:47:09:8e:c0:e9:42:b9:a1:d6:55:2d:f5:e4: 77:8c:c2:dd:e0:c1:51:c6:70:2e:b0:dc:a1:f2:4a: 3c:04:12:46:a9:6f:9e:cd:94:a2:c0:c1:3a:2e:d4: bf:3b:d9:13:47:61:c7:a9:c0:d6:5f:5c:2c:e2:71: 46:e9:22:4a:d2:d1:02:fd:b1:07:f0:6a:ec:b7:6e: c3:69:db:4f:64:23:2b:5d:2b:f6:71:61:5d:8d:5b: 2f:2e:fa:4b:b2:f2:30:b1:ca:28:d5:6d:36:3c:38: 0b:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:6A:9E:C5:3B:20:F2:EA:5D:3B:6D:D4:27:A9:DF:FE:E5:17:82:41 X509v3 Authority Key Identifier: keyid:AD:73:AD:B9:14:21:38:62:ED:8E:14:D7:70:69:F4:74:D8:3C:C8:F5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EE735/E8E667CA94BE11EA984FAD58C4F9AE02/rXOtuRQhOGLtjhTXcGn0dNg8yPU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rXOtuRQhOGLtjhTXcGn0dNg8yPU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EE735/E8E667CA94BE11EA984FAD58C4F9AE02/rXOtuRQhOGLtjhTXcGn0dNg8yPU.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 67:59:71:5d:30:3e:8d:8f:a7:4d:15:6e:22:6a:66:7a:59:48: f0:ef:3c:cf:d5:b3:9a:1d:33:11:38:2a:de:07:11:1a:ee:38: 86:a0:6b:e6:75:36:51:b5:f1:32:96:cd:7a:af:75:15:62:6b: d8:8a:6a:f7:36:4c:42:74:d7:97:e9:8e:ab:04:84:a1:7b:9e: 7b:d7:d0:78:69:e9:b6:78:1f:61:f6:cd:21:aa:21:65:ac:0a: 2b:49:12:f9:de:d6:b4:79:e5:29:b2:f9:d8:96:64:53:9c:5e: 10:11:e4:ab:e8:bc:50:2f:4c:a9:1b:54:a8:87:72:b4:ed:42: d3:84:1b:ef:80:14:68:b6:5a:7f:36:2f:c1:d2:ea:d5:c9:fd: 20:91:3a:83:8c:e5:aa:c2:35:1e:ed:ba:91:fb:c9:63:59:73: 0f:8b:dc:f7:ba:dd:0b:d3:86:21:5f:95:42:14:5a:62:03:30: 7b:a5:f9:a7:b7:75:f6:73:33:52:0a:d6:41:6a:a3:44:cd:e5: 13:84:69:67:03:09:f7:cb:e2:04:85:1f:74:52:ef:c4:58:d4: d9:08:a8:d4:d6:4a:bc:40:3c:ec:8e:ed:09:ed:cd:8b:22:7e: 74:42:1a:60:0d:40:e5:cc:b7:9c:1d:5a:bb:76:58:3e:77:44: 64:2f:de:bf -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICCjYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUU3MzUxMTAvBgNVBAUTKEFENzNBREI5MTQyMTM4NjJFRDhFMTRENzcwNjlGNDc0 RDgzQ0M4RjUwHhcNMjYwNTEyMTk1MDQzWhcNMjYwNTE5MTk1MDQzWjAYMRYwFAYD VQQDEw02YTAzODQ5My01NzkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3//5cFrNulioSJwozMPsdE/GQ2oV5exEJ3Rw58kPvlkCjqv639MXV16l3dAH wXfsP8hvw104tWN1nm9E/Um0x8G3XmmjROWkhFzked7OAaBskA87zQQXjD3oT+O/ JmU373H1k/ip1j6bZOy1gVnUokwOMuFykN6LfQKgTLoj95iHIq5pM6gQ6k8RSkee sSN1BW+WR/MCeUcJjsDpQrmh1lUt9eR3jMLd4MFRxnAusNyh8ko8BBJGqW+ezZSi wME6LtS/O9kTR2HHqcDWX1ws4nFG6SJK0tEC/bEH8Grst27DadtPZCMrXSv2cWFd jVsvLvpLsvIwscoo1W02PDgLrwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFEtqnsU7 IPLqXTtt1Cep3/7lF4JBMB8GA1UdIwQYMBaAFK1zrbkUIThi7Y4U13Bp9HTYPMj1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRTczNS9FOEU2NjdDQTk0 QkUxMUVBOTg0RkFENThDNEY5QUUwMi9yWE90dVJRaE9HTHRqaFRYY0duMGROZzh5 UFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JYT3R1UlFoT0dMdGpoVFhjR24wZE5nOHlQVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF RTczNS9FOEU2NjdDQTk0QkUxMUVBOTg0RkFENThDNEY5QUUwMi9yWE90dVJRaE9H THRqaFRYY0duMGROZzh5UFUubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAZ1lxXTA+jY+nTRVuImpmellI8O88z9Wzmh0zETgq3gcRGu44hqBr5nU2UbXx MpbNeq91FWJr2Ipq9zZMQnTXl+mOqwSEoXuee9fQeGnptngfYfbNIaohZawKK0kS +d7WtHnlKbL52JZkU5xeEBHkq+i8UC9MqRtUqIdytO1C04Qb74AUaLZafzYvwdLq 1cn9IJE6g4zlqsI1Hu26kfvJY1lzD4vc97rdC9OGIV+VQhRaYgMwe6X5p7d19nMz UgrWQWqjRM3lE4RpZwMJ98viBIUfdFLvxFjU2Qio1NZKvEA87I7tCe3NiyJ+dEIa YA1A5cy3nB1au3ZYPndEZC/evw== -----END CERTIFICATE-----Generated at Wed May 13 12:55:21 2026 by rpki-client