$ rpki-client -vvf rpki.apnic.net/member_repository/A91F5972/9BF6C44EF03111EB95F76748C4F9AE02/r3mHQ9q2R4aKtmZzr3oTbC6g6ls.mft File: r3mHQ9q2R4aKtmZzr3oTbC6g6ls.mft (raw, json) Hash identifier: g+0kMrPMgZiI2lWoXb4g9IG0bgvdTpCXVqNVpSlBf0M= Subject key identifier: DF:13:2E:BE:07:E1:84:F5:19:C1:D0:A4:7D:6A:02:7B:1F:27:C8:B5 Authority key identifier: AF:79:87:43:DA:B6:47:86:8A:B6:66:73:AF:7A:13:6C:2E:A0:EA:5B Certificate issuer: /CN=A91F5972/serialNumber=AF798743DAB647868AB66673AF7A136C2EA0EA5B Certificate serial: 064C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r3mHQ9q2R4aKtmZzr3oTbC6g6ls.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F5972/9BF6C44EF03111EB95F76748C4F9AE02/r3mHQ9q2R4aKtmZzr3oTbC6g6ls.mft Manifest number: 0627 Signing time: Tue 12 May 2026 22:58:55 +0000 Manifest this update: Tue 12 May 2026 22:58:55 +0000 Manifest next update: Tue 19 May 2026 22:58:55 +0000 Files and hashes: 1: r3mHQ9q2R4aKtmZzr3oTbC6g6ls.crl (hash: PN3VHYos4BzI3hCvwwP8r1lvW9rPTYTBxpZTEVxSgFw=) 2: B0203536062A11F185F9D5F9263D8C67.roa (hash: 6dnR2Nm3KNO6A8Yh2KSvhbTBZD8W+AyXyUMBx8JMzbg=) 3: 75125118FE5F11F0956342DD516F56BC.roa (hash: Whh/5V1YlqO85bcjOHvfWe0PcIZNVRDICOUqC1FzhpY=) 4: A18C330A055611F1B80F1E722C3D8C67.roa (hash: BX80cDVzZBpalgIyEiFZUq6L3s4iGC1yQ7gUj1TwOQ8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F5972/9BF6C44EF03111EB95F76748C4F9AE02/r3mHQ9q2R4aKtmZzr3oTbC6g6ls.crl rsync://rpki.apnic.net/member_repository/A91F5972/9BF6C44EF03111EB95F76748C4F9AE02/r3mHQ9q2R4aKtmZzr3oTbC6g6ls.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r3mHQ9q2R4aKtmZzr3oTbC6g6ls.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 19 May 2026 22:58:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1612 (0x64c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F5972, serialNumber=AF798743DAB647868AB66673AF7A136C2EA0EA5B Validity Not Before: May 12 22:58:55 2026 GMT Not After : May 19 22:58:55 2026 GMT Subject: CN=6a03b0af-b851 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:8c:22:f6:b9:94:cd:ee:c8:96:aa:c4:f8:de: 91:2f:6c:07:32:9e:be:b6:83:33:c6:3c:87:b9:26: b1:0e:cf:ff:a2:4a:af:ec:a2:45:7f:40:38:34:e8: 49:2c:af:f0:7a:d7:8f:92:ea:69:16:10:be:eb:69: 2b:0f:35:22:2c:14:bf:23:76:b7:a7:f3:91:51:49: 20:c6:e0:95:a3:1b:3f:68:25:4a:fb:e6:15:92:1b: 3e:76:f5:5e:14:c1:7c:bf:d3:82:2c:91:83:98:71: 73:ae:16:24:34:60:04:f6:44:07:67:f0:bb:6c:ac: 99:9c:56:61:ed:7d:27:64:bc:c7:01:62:2b:27:3a: 43:b6:f7:77:a5:c9:66:10:1f:79:86:24:77:b0:0b: df:8c:19:50:be:39:b4:0b:3b:73:c6:ca:56:f2:1d: 86:5c:a3:d3:dc:dc:7e:7c:61:7f:c6:26:5d:2f:8b: e7:77:d0:da:62:9c:f9:00:04:19:53:fb:69:c5:7c: 1d:ad:78:cd:05:0a:f2:95:a4:68:46:45:84:d9:08: 2c:4c:69:de:a9:bb:37:a8:d1:2f:9c:4c:38:b2:d7: c2:82:39:78:11:a6:79:c6:26:b0:c6:6a:a5:26:e2: b5:15:bc:8c:c0:db:d3:5f:c3:03:31:ac:d2:c8:8b: e8:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:13:2E:BE:07:E1:84:F5:19:C1:D0:A4:7D:6A:02:7B:1F:27:C8:B5 X509v3 Authority Key Identifier: keyid:AF:79:87:43:DA:B6:47:86:8A:B6:66:73:AF:7A:13:6C:2E:A0:EA:5B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F5972/9BF6C44EF03111EB95F76748C4F9AE02/r3mHQ9q2R4aKtmZzr3oTbC6g6ls.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r3mHQ9q2R4aKtmZzr3oTbC6g6ls.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F5972/9BF6C44EF03111EB95F76748C4F9AE02/r3mHQ9q2R4aKtmZzr3oTbC6g6ls.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a0:0a:e0:b5:f7:12:8a:5b:b5:f8:e3:ea:72:56:cb:de:b6:58: c9:cd:86:20:8e:a6:0c:06:6b:33:1f:98:fe:b0:83:56:51:67: bb:89:cf:08:0f:21:d9:12:e0:1c:c3:0e:4d:36:a4:11:6d:f3: e4:84:f5:4a:6a:9c:32:8b:79:0f:a2:32:43:18:66:22:48:62: 66:4e:d8:52:2b:8a:01:8d:a8:5c:e8:bb:e8:b9:3c:14:21:da: e8:f6:a9:dc:25:00:0d:d3:c9:a8:9a:7f:87:99:88:08:87:fb: e7:27:a1:39:26:f2:6f:c8:16:d8:14:c8:a7:a8:a9:5c:90:3c: f5:19:4a:79:c8:94:0b:fd:d0:30:94:6f:3c:54:dc:47:8d:90: c1:cb:8b:24:d2:be:01:a7:a6:b2:49:49:e7:ce:19:8c:63:72: 7d:45:2b:3c:a7:0e:f2:23:eb:95:e3:c3:24:ae:99:a7:08:d2: 77:dc:8a:df:95:b9:1e:05:da:c0:59:75:f9:28:c1:b8:5a:2d: 63:fe:79:a8:d9:24:39:9b:3a:4a:be:e0:aa:d3:34:d1:ed:01: e8:35:da:bf:35:b2:ed:ac:c7:cf:58:c7:07:2f:00:ea:9e:88: b7:ea:a6:13:89:79:29:1a:40:e7:b2:bf:8b:09:42:b4:6a:f1: 73:f7:90:5d -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICBkwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjU5NzIxMTAvBgNVBAUTKEFGNzk4NzQzREFCNjQ3ODY4QUI2NjY3M0FGN0ExMzZD MkVBMEVBNUIwHhcNMjYwNTEyMjI1ODU1WhcNMjYwNTE5MjI1ODU1WjAYMRYwFAYD VQQDEw02YTAzYjBhZi1iODUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAi4wi9rmUze7IlqrE+N6RL2wHMp6+toMzxjyHuSaxDs//okqv7KJFf0A4NOhJ LK/wetePkuppFhC+62krDzUiLBS/I3a3p/ORUUkgxuCVoxs/aCVK++YVkhs+dvVe FMF8v9OCLJGDmHFzrhYkNGAE9kQHZ/C7bKyZnFZh7X0nZLzHAWIrJzpDtvd3pclm EB95hiR3sAvfjBlQvjm0CztzxspW8h2GXKPT3Nx+fGF/xiZdL4vnd9DaYpz5AAQZ U/tpxXwdrXjNBQrylaRoRkWE2QgsTGneqbs3qNEvnEw4stfCgjl4EaZ5xiawxmql JuK1FbyMwNvTX8MDMazSyIvoCQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFN8TLr4H 4YT1GcHQpH1qAnsfJ8i1MB8GA1UdIwQYMBaAFK95h0PatkeGirZmc696E2wuoOpb MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNTk3Mi85QkY2QzQ0RUYw MzExMUVCOTVGNzY3NDhDNEY5QUUwMi9yM21IUTlxMlI0YUt0bVp6cjNvVGJDNmc2 bHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3IzbUhROXEyUjRhS3RtWnpyM29UYkM2ZzZscy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NTk3Mi85QkY2QzQ0RUYwMzExMUVCOTVGNzY3NDhDNEY5QUUwMi9yM21IUTlxMlI0 YUt0bVp6cjNvVGJDNmc2bHMubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAoArgtfcSilu1+OPqclbL3rZYyc2GII6mDAZrMx+Y/rCDVlFnu4nPCA8h2RLg HMMOTTakEW3z5IT1SmqcMot5D6IyQxhmIkhiZk7YUiuKAY2oXOi76Lk8FCHa6Pap 3CUADdPJqJp/h5mICIf75yehOSbyb8gW2BTIp6ipXJA89RlKeciUC/3QMJRvPFTc R42QwcuLJNK+AaemsklJ584ZjGNyfUUrPKcO8iPrlePDJK6ZpwjSd9yK35W5HgXa wFl1+SjBuFotY/55qNkkOZs6Sr7gqtM00e0B6DXavzWy7azHz1jHBy8A6p6It+qm E4l5KRpA57K/iwlCtGrxc/eQXQ== -----END CERTIFICATE-----Generated at Wed May 13 04:59:07 2026 by rpki-client