$ rpki-client -vvf rpki.apnic.net/member_repository/A91F17B3/558C609879CD11F0A9B90321C4F9AE02/Z38M1kpd4sGwKO0APFaHS0j6LiE.mft File: Z38M1kpd4sGwKO0APFaHS0j6LiE.mft (raw, json) Hash identifier: kZHIizcdv4iIaBnKHnQT+Ya8DMdp4UImJyG0sioveis= Subject key identifier: 98:AA:B1:CA:46:5D:11:C8:AF:D7:E9:5B:01:3D:83:D2:4B:9E:E7:5F Authority key identifier: 67:7F:0C:D6:4A:5D:E2:C1:B0:28:ED:00:3C:56:87:4B:48:FA:2E:21 Certificate issuer: /CN=A91F17B3/serialNumber=677F0CD64A5DE2C1B028ED003C56874B48FA2E21 Certificate serial: 8B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Z38M1kpd4sGwKO0APFaHS0j6LiE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F17B3/558C609879CD11F0A9B90321C4F9AE02/Z38M1kpd4sGwKO0APFaHS0j6LiE.mft Manifest number: 7A Signing time: Wed 25 Mar 2026 07:01:59 +0000 Manifest this update: Wed 25 Mar 2026 07:01:59 +0000 Manifest next update: Wed 01 Apr 2026 07:01:59 +0000 Files and hashes: 1: Z38M1kpd4sGwKO0APFaHS0j6LiE.crl (hash: kQrUcwhIkR+QQs0nFFMPwbXxg2Nm8XFKIiNZMjGFB2Q=) 2: AD46933EB65011F0B751DB86C4F9AE02.roa (hash: BQkbdtjI99mxWqdYu14uU0wWLwTO/VUnPRItrckeDrg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F17B3/558C609879CD11F0A9B90321C4F9AE02/Z38M1kpd4sGwKO0APFaHS0j6LiE.crl rsync://rpki.apnic.net/member_repository/A91F17B3/558C609879CD11F0A9B90321C4F9AE02/Z38M1kpd4sGwKO0APFaHS0j6LiE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Z38M1kpd4sGwKO0APFaHS0j6LiE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 Apr 2026 07:01:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 139 (0x8b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F17B3, serialNumber=677F0CD64A5DE2C1B028ED003C56874B48FA2E21 Validity Not Before: Mar 25 07:01:59 2026 GMT Not After : Apr 1 07:01:59 2026 GMT Subject: CN=69c38867-66e1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:82:8e:aa:a4:cd:60:25:6d:fa:11:1c:46:bd: 2b:58:34:69:94:0d:b2:46:f2:a1:2c:8b:f0:29:a7: 11:a0:a7:8d:0e:ab:24:56:bd:80:87:e0:71:6d:c1: e2:58:a0:d6:b1:43:bf:b5:3c:96:a9:fc:a3:cf:9c: 55:0e:0d:43:a5:36:d7:b1:91:9b:7b:2b:e0:54:83: 94:82:20:c7:ab:e7:08:d7:ab:aa:0a:b8:53:36:50: 9f:17:7b:de:1a:20:27:5c:1d:9b:16:21:91:f3:9e: 95:c7:b7:76:bb:ba:44:76:4b:cb:34:e4:2c:b3:15: 70:e2:08:3b:b3:56:3e:67:20:27:39:ab:2c:2c:40: 9d:1f:f8:10:4c:30:a2:ff:3f:c6:6c:fc:db:d7:c2: bf:9d:3e:71:42:f2:d5:43:87:0a:b7:8d:47:6f:28: b8:fb:c0:f9:ae:4e:85:ce:58:a8:80:49:9a:3c:47: c3:16:19:13:ec:36:07:7f:84:52:25:e1:81:d4:21: f1:64:81:b7:6c:13:bd:de:fc:75:74:a2:f9:27:9c: 5f:d4:17:8b:30:60:c0:7c:29:c8:4f:e3:32:8c:79: fa:24:38:61:6c:05:3a:c0:e1:3a:cb:2d:0a:ae:2b: 1f:92:2e:bd:45:c1:84:93:2b:21:01:e5:eb:a4:ea: 25:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:AA:B1:CA:46:5D:11:C8:AF:D7:E9:5B:01:3D:83:D2:4B:9E:E7:5F X509v3 Authority Key Identifier: keyid:67:7F:0C:D6:4A:5D:E2:C1:B0:28:ED:00:3C:56:87:4B:48:FA:2E:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F17B3/558C609879CD11F0A9B90321C4F9AE02/Z38M1kpd4sGwKO0APFaHS0j6LiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Z38M1kpd4sGwKO0APFaHS0j6LiE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F17B3/558C609879CD11F0A9B90321C4F9AE02/Z38M1kpd4sGwKO0APFaHS0j6LiE.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5d:0e:47:d7:32:b7:a7:9d:ac:ad:ab:3c:73:4f:23:c4:ac:5f: ca:48:59:ae:82:88:ae:7f:51:3d:f6:56:7a:94:31:fa:ea:74: 57:74:51:b4:86:23:ef:52:19:33:c5:1b:ea:e3:36:1d:d6:9e: 28:55:98:4e:c0:26:aa:4b:ef:25:62:f3:8a:08:f1:fc:8a:46: be:75:48:e2:6c:49:27:6a:2d:44:93:b1:58:9b:1d:de:0c:1b: 8e:fe:59:bc:6f:90:01:12:6b:ec:79:ee:b1:ed:f0:ef:4c:6c: b9:36:e7:3d:3f:86:44:07:61:6a:30:f7:9f:27:f5:0f:bd:43: 09:4d:a6:7e:45:1e:4d:e3:19:a5:7f:79:a7:d1:13:4e:73:55: 55:27:f0:0e:20:94:2e:65:90:a9:2f:f6:3d:a7:0e:28:2e:87: 5d:ac:60:a8:8f:42:79:ca:80:4e:17:50:70:4d:56:c5:cc:6a: 9d:76:ab:3d:34:7c:de:e5:aa:73:7c:36:3b:dd:fc:eb:95:90: 78:2e:c0:5a:b0:67:e4:bc:ce:16:5a:ad:c0:a3:69:80:b9:d8: 8d:9b:a6:51:43:83:40:57:f8:a9:c7:3e:0b:38:c5:c6:c5:cb: b2:40:45:3d:a5:6f:d8:f7:77:d6:ea:e1:15:c6:f5:4a:26:4e: 53:ab:b9:c8 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICAIswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjE3QjMxMTAvBgNVBAUTKDY3N0YwQ0Q2NEE1REUyQzFCMDI4RUQwMDNDNTY4NzRC NDhGQTJFMjEwHhcNMjYwMzI1MDcwMTU5WhcNMjYwNDAxMDcwMTU5WjAYMRYwFAYD VQQDEw02OWMzODg2Ny02NmUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAq4KOqqTNYCVt+hEcRr0rWDRplA2yRvKhLIvwKacRoKeNDqskVr2Ah+BxbcHi WKDWsUO/tTyWqfyjz5xVDg1DpTbXsZGbeyvgVIOUgiDHq+cI16uqCrhTNlCfF3ve GiAnXB2bFiGR856Vx7d2u7pEdkvLNOQssxVw4gg7s1Y+ZyAnOassLECdH/gQTDCi /z/GbPzb18K/nT5xQvLVQ4cKt41Hbyi4+8D5rk6FzliogEmaPEfDFhkT7DYHf4RS JeGB1CHxZIG3bBO93vx1dKL5J5xf1BeLMGDAfCnIT+MyjHn6JDhhbAU6wOE6yy0K risfki69RcGEkyshAeXrpOolXwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFJiqscpG XRHIr9fpWwE9g9JLnudfMB8GA1UdIwQYMBaAFGd/DNZKXeLBsCjtADxWh0tI+i4h MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMTdCMy81NThDNjA5ODc5 Q0QxMUYwQTlCOTAzMjFDNEY5QUUwMi9aMzhNMWtwZDRzR3dLTzBBUEZhSFMwajZM aUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1ozOE0xa3BkNHNHd0tPMEFQRmFIUzBqNkxpRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MTdCMy81NThDNjA5ODc5Q0QxMUYwQTlCOTAzMjFDNEY5QUUwMi9aMzhNMWtwZDRz R3dLTzBBUEZhSFMwajZMaUUubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAXQ5H1zK3p52sras8c08jxKxfykhZroKIrn9RPfZWepQx+up0V3RRtIYj71IZ M8Ub6uM2HdaeKFWYTsAmqkvvJWLzigjx/IpGvnVI4mxJJ2otRJOxWJsd3gwbjv5Z vG+QARJr7Hnuse3w70xsuTbnPT+GRAdhajD3nyf1D71DCU2mfkUeTeMZpX95p9ET TnNVVSfwDiCULmWQqS/2PacOKC6HXaxgqI9CecqAThdQcE1WxcxqnXarPTR83uWq c3w2O93865WQeC7AWrBn5LzOFlqtwKNpgLnYjZumUUODQFf4qcc+CzjFxsXLskBF PaVv2Pd31urhFcb1SiZOU6u5yA== -----END CERTIFICATE-----Generated at Thu Mar 26 12:57:17 2026 by rpki-client