$ rpki-client -vvf rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.mft File: kGA-NU21aLPKQpAOcDAR55ZiiS4.mft (raw, json) Hash identifier: 0OLA5BXX28ip+3R5zFt3qaPu/JsAeitKCu/tBUlIID0= Subject key identifier: 48:B1:40:96:F8:F4:47:BD:12:9E:54:88:44:FC:1C:74:62:48:0D:8F Authority key identifier: 90:60:3E:35:4D:B5:68:B3:CA:42:90:0E:70:30:11:E7:96:62:89:2E Certificate issuer: /CN=A91F731E/serialNumber=90603E354DB568B3CA42900E703011E79662892E Certificate serial: 06A3 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kGA-NU21aLPKQpAOcDAR55ZiiS4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.mft Manifest number: 0693 Signing time: Thu 26 Mar 2026 15:59:43 +0000 Manifest this update: Thu 26 Mar 2026 15:59:43 +0000 Manifest next update: Thu 02 Apr 2026 15:59:43 +0000 Files and hashes: 1: kGA-NU21aLPKQpAOcDAR55ZiiS4.crl (hash: NNo+9VeZ4zDPnVwxbXnPyMfsUktw5Cl2nuqLwqvRma8=) 2: 30857DB6CBA211ECAE233133C4F9AE02.roa (hash: po/i8uxPFYRsNFTlJU1d5KEDrihE5XxUDGJv65GiON0=) 3: 8CD64094BDFE11EBBBB16A42C4F9AE02.roa (hash: yCmJKCeUjCX4/1rndfEcZXyyAy1UCnlaRalfod8v7Ts=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.crl rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kGA-NU21aLPKQpAOcDAR55ZiiS4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 02 Apr 2026 15:59:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1699 (0x6a3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F731E, serialNumber=90603E354DB568B3CA42900E703011E79662892E Validity Not Before: Mar 26 15:59:43 2026 GMT Not After : Apr 2 15:59:43 2026 GMT Subject: CN=69c557ef-37b4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:bc:69:9d:01:1d:b1:4d:71:98:51:ee:de:46: 88:8a:17:a1:97:a4:02:22:da:f9:04:be:1d:4b:3f: 53:fe:95:0b:67:f9:d9:a9:a6:54:a8:12:9f:c3:a1: 2a:fc:15:f5:44:6c:ad:e0:a5:c1:af:ac:e0:d2:40: bd:71:d3:4e:ff:f3:8e:0c:f9:9b:3d:72:2b:5d:9a: ca:08:3f:06:46:ca:01:97:0c:3b:f5:13:28:0e:0e: 53:a0:71:91:58:c6:b7:07:84:6a:cc:ed:38:a4:a8: 9b:9d:74:f2:1c:54:ec:1f:98:40:9b:87:79:01:8a: 81:4c:03:73:08:99:a9:86:18:59:cf:f7:ad:9e:99: f0:85:d6:62:dd:a6:63:61:37:8b:06:ad:ad:11:5d: ef:e5:ac:1a:73:5b:62:52:da:61:ae:cc:f7:db:f4: 0c:3d:84:78:24:00:98:4a:de:4a:8d:a9:56:cf:89: 15:f3:39:93:34:af:04:28:4d:5b:35:01:69:bb:3e: fa:1c:b8:36:0d:31:c5:e3:d5:f0:5e:2f:bf:c8:8c: 4d:37:fa:32:81:76:c8:ac:9e:90:21:ea:46:a4:ba: 51:3f:7a:c7:d4:e1:2b:c6:88:cf:15:0b:75:a7:f9: eb:2b:f4:54:b9:68:39:5b:5a:8c:45:00:4c:af:b4: 34:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:B1:40:96:F8:F4:47:BD:12:9E:54:88:44:FC:1C:74:62:48:0D:8F X509v3 Authority Key Identifier: keyid:90:60:3E:35:4D:B5:68:B3:CA:42:90:0E:70:30:11:E7:96:62:89:2E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kGA-NU21aLPKQpAOcDAR55ZiiS4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 81:cf:9b:86:e8:22:18:75:7d:23:a6:e3:a9:8f:27:87:a7:cc: 89:63:9f:3c:3b:af:06:fb:a9:a9:38:14:1e:43:11:c9:aa:cd: da:f9:1e:bc:f1:30:96:e8:af:4b:59:a8:ff:ef:47:c7:e4:05: bf:14:48:88:68:f1:fd:25:a8:71:fd:71:10:65:9b:26:59:b0: 3b:45:53:48:d7:a7:dd:de:0a:1c:3e:81:23:c8:57:51:c5:eb: 57:55:8f:ed:75:b7:d5:a3:7e:1a:9f:ff:07:d8:c8:49:c0:0c: 44:04:24:11:3b:e1:86:02:ec:fa:33:d5:b2:0d:a7:e5:a1:97: be:f1:2e:6f:6c:0f:1e:95:d1:3a:ed:e5:a6:8e:64:46:0f:4c: 70:1b:6f:f9:a1:1a:c9:28:52:a0:1f:94:01:58:7a:50:a3:c9: 71:01:a7:9b:c8:03:71:e4:9c:c1:e7:fc:57:dc:f7:aa:8e:c6: 98:1f:3b:7f:94:54:45:a0:c6:e3:cb:99:9e:cc:9a:ae:92:fe: 7b:8c:7c:95:3b:e0:72:45:2d:8a:25:36:b8:76:90:c3:ec:ca: f0:84:7a:75:2d:a3:4a:98:1f:e6:97:82:59:c8:89:1c:20:bb: 98:3e:09:e8:2c:f1:68:f7:7a:f0:3b:88:44:de:f1:34:0a:dd: bb:a0:64:64 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICBqMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjczMUUxMTAvBgNVBAUTKDkwNjAzRTM1NERCNTY4QjNDQTQyOTAwRTcwMzAxMUU3 OTY2Mjg5MkUwHhcNMjYwMzI2MTU1OTQzWhcNMjYwNDAyMTU1OTQzWjAYMRYwFAYD VQQDEw02OWM1NTdlZi0zN2I0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvbxpnQEdsU1xmFHu3kaIihehl6QCItr5BL4dSz9T/pULZ/nZqaZUqBKfw6Eq /BX1RGyt4KXBr6zg0kC9cdNO//OODPmbPXIrXZrKCD8GRsoBlww79RMoDg5ToHGR WMa3B4RqzO04pKibnXTyHFTsH5hAm4d5AYqBTANzCJmphhhZz/etnpnwhdZi3aZj YTeLBq2tEV3v5awac1tiUtphrsz32/QMPYR4JACYSt5KjalWz4kV8zmTNK8EKE1b NQFpuz76HLg2DTHF49XwXi+/yIxNN/oygXbIrJ6QIepGpLpRP3rH1OErxojPFQt1 p/nrK/RUuWg5W1qMRQBMr7Q0TwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFEixQJb4 9Ee9Ep5UiET8HHRiSA2PMB8GA1UdIwQYMBaAFJBgPjVNtWizykKQDnAwEeeWYoku MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNzMxRS9FQUExOUNCNEIy REMxMUVCODYyMUNCNTZDNEY5QUUwMi9rR0EtTlUyMWFMUEtRcEFPY0RBUjU1Wmlp UzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2tHQS1OVTIxYUxQS1FwQU9jREFSNTVaaWlTNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NzMxRS9FQUExOUNCNEIyREMxMUVCODYyMUNCNTZDNEY5QUUwMi9rR0EtTlUyMWFM UEtRcEFPY0RBUjU1WmlpUzQubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAgc+bhugiGHV9I6bjqY8nh6fMiWOfPDuvBvupqTgUHkMRyarN2vkevPEwluiv S1mo/+9Hx+QFvxRIiGjx/SWocf1xEGWbJlmwO0VTSNen3d4KHD6BI8hXUcXrV1WP 7XW31aN+Gp//B9jIScAMRAQkETvhhgLs+jPVsg2n5aGXvvEub2wPHpXROu3lpo5k Rg9McBtv+aEayShSoB+UAVh6UKPJcQGnm8gDceScwef8V9z3qo7GmB87f5RURaDG 48uZnsyarpL+e4x8lTvgckUtiiU2uHaQw+zK8IR6dS2jSpgf5peCWciJHCC7mD4J 6CzxaPd68DuIRN7xNArdu6BkZA== -----END CERTIFICATE-----Generated at Fri Mar 27 01:55:34 2026 by rpki-client