$ rpki-client -vvf rpki.apnic.net/member_repository/A91F916A/1D7AD0BA458D11E5B3957A79C4F9AE02/z3rG54U-SVgocAZDAHZYRlfgyVA.mft File: z3rG54U-SVgocAZDAHZYRlfgyVA.mft (raw, json) Hash identifier: iUr9RmyCcQHhHTl8PBZFifMNfDRf8EvCVBwjcNUUbrY= Subject key identifier: 46:B3:25:60:39:C8:CB:D2:FC:97:C2:48:DB:E7:44:D5:E1:AA:4A:37 Authority key identifier: CF:7A:C6:E7:85:3E:49:58:28:70:06:43:00:76:58:46:57:E0:C9:50 Certificate issuer: /CN=A91F916A/serialNumber=CF7AC6E7853E4958287006430076584657E0C950 Certificate serial: 2542 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3rG54U-SVgocAZDAHZYRlfgyVA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F916A/1D7AD0BA458D11E5B3957A79C4F9AE02/z3rG54U-SVgocAZDAHZYRlfgyVA.mft Manifest number: 2525 Signing time: Tue 24 Mar 2026 15:42:01 +0000 Manifest this update: Tue 24 Mar 2026 15:42:01 +0000 Manifest next update: Tue 31 Mar 2026 15:42:01 +0000 Files and hashes: 1: z3rG54U-SVgocAZDAHZYRlfgyVA.crl (hash: MqdChh3Wuxe+/Ry4wk7rhXVsJlfQB7/pKhcTXe5I3bo=) 2: 81C0C29CB0F311E5AB30F151C4F9AE02.roa (hash: cElICATR0lwG51iK+/dfA9tn8Dsne03XwCHtnpMdsVc=) 3: 93957C3A25B211ECB5356475C4F9AE02.roa (hash: i5b2+LERDCQarikCUvYju79lG476god+IalkVg/Oozo=) 4: 54040CE414F111F08814732CC4F9AE02.roa (hash: oAPFqh7JlYzzoOFTZFjvYHDih/9V54IJj2eqz87eTwA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F916A/1D7AD0BA458D11E5B3957A79C4F9AE02/z3rG54U-SVgocAZDAHZYRlfgyVA.crl rsync://rpki.apnic.net/member_repository/A91F916A/1D7AD0BA458D11E5B3957A79C4F9AE02/z3rG54U-SVgocAZDAHZYRlfgyVA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3rG54U-SVgocAZDAHZYRlfgyVA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 15:42:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9538 (0x2542) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F916A, serialNumber=CF7AC6E7853E4958287006430076584657E0C950 Validity Not Before: Mar 24 15:42:01 2026 GMT Not After : Mar 31 15:42:01 2026 GMT Subject: CN=69c2b0c9-5bbc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:2e:25:d4:4a:90:e0:8f:61:64:d9:82:c0:69: f9:d4:71:b2:45:f1:ec:f5:8e:60:d4:52:9a:6d:57: 3e:34:07:81:08:9e:a4:da:44:73:46:5f:96:f3:1a: 8a:52:4c:bc:cb:f7:bd:a6:32:72:b1:cc:ac:86:56: d8:32:b8:db:3f:37:d3:05:cb:0b:90:9b:f8:7a:ed: 00:1b:d3:4b:89:5a:03:5e:37:f2:dd:33:37:a7:01: de:7c:36:d4:dc:b7:14:d5:44:05:41:c1:54:fa:b7: 92:c7:5f:e1:85:ec:fe:6d:98:93:62:92:bc:6f:1b: 79:ee:3e:a8:11:22:20:64:e5:98:31:8e:56:45:75: fe:ad:d9:63:5e:6a:61:58:7e:f7:b7:46:04:1d:c2: 8e:c4:ff:dd:f5:55:e1:6a:53:9b:1c:01:83:c4:d0: fb:29:ac:ac:1a:21:ab:08:38:5e:16:8c:31:9c:38: 17:87:ee:58:1b:59:86:71:00:eb:f0:93:e5:50:76: 09:ab:1d:8b:56:86:86:5d:bd:63:9d:6e:84:03:e7: 42:f8:a4:dc:e4:ce:ca:b0:ca:05:9a:e4:3c:a0:fc: 15:ba:d8:44:ab:74:94:c8:2d:c0:80:a3:52:7d:e5: 88:05:a3:d0:1a:9d:e9:e8:6e:d2:fd:9e:9b:5f:a8: fc:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:B3:25:60:39:C8:CB:D2:FC:97:C2:48:DB:E7:44:D5:E1:AA:4A:37 X509v3 Authority Key Identifier: keyid:CF:7A:C6:E7:85:3E:49:58:28:70:06:43:00:76:58:46:57:E0:C9:50 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F916A/1D7AD0BA458D11E5B3957A79C4F9AE02/z3rG54U-SVgocAZDAHZYRlfgyVA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3rG54U-SVgocAZDAHZYRlfgyVA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F916A/1D7AD0BA458D11E5B3957A79C4F9AE02/z3rG54U-SVgocAZDAHZYRlfgyVA.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 11:21:9c:5c:63:db:eb:ff:d4:07:c2:39:8f:a5:0b:67:04:7e: 21:75:e0:93:a6:1f:35:7f:18:a9:96:00:0e:1d:fa:4f:c1:87: 88:67:96:67:03:e7:eb:86:f2:f0:32:d4:ca:d6:68:e6:62:b6: e7:3a:80:e9:5d:a9:07:4f:63:27:c2:f7:e1:a7:91:92:c1:c4: 8f:4b:a3:01:35:fd:98:74:e9:9a:85:be:69:20:43:b8:5a:16: 3f:b8:7e:4a:2b:f3:4f:f7:8f:68:18:c3:b4:c4:28:86:30:d6: 7a:3e:07:e6:91:30:f3:56:4f:de:b3:0f:82:94:42:0c:3a:7a: 70:4a:34:04:6c:4c:35:1e:7d:58:bc:3b:7d:48:d3:d7:6e:63: df:0d:3d:98:00:8f:21:76:e6:4d:af:0e:66:d5:3f:5f:76:c0: 87:45:de:bd:95:6c:fc:1c:78:d2:e3:3c:f8:5d:f8:08:f3:1f: a1:6d:3f:fd:93:d6:9a:69:a0:22:1e:c4:70:68:9e:78:34:56: 7b:3b:3a:5e:72:f6:4c:84:03:30:f6:f9:dd:40:a7:4e:c4:32: 34:05:17:c4:4d:f6:e5:46:e2:4f:ab:d8:db:18:3c:77:fc:b3: 00:74:86:d0:e8:01:2a:19:c6:a5:4e:8e:3e:6d:16:c2:86:54: 0d:20:f5:bb -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICJUIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjkxNkExMTAvBgNVBAUTKENGN0FDNkU3ODUzRTQ5NTgyODcwMDY0MzAwNzY1ODQ2 NTdFMEM5NTAwHhcNMjYwMzI0MTU0MjAxWhcNMjYwMzMxMTU0MjAxWjAYMRYwFAYD VQQDEw02OWMyYjBjOS01YmJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoi4l1EqQ4I9hZNmCwGn51HGyRfHs9Y5g1FKabVc+NAeBCJ6k2kRzRl+W8xqK Uky8y/e9pjJyscyshlbYMrjbPzfTBcsLkJv4eu0AG9NLiVoDXjfy3TM3pwHefDbU 3LcU1UQFQcFU+reSx1/hhez+bZiTYpK8bxt57j6oESIgZOWYMY5WRXX+rdljXmph WH73t0YEHcKOxP/d9VXhalObHAGDxND7KaysGiGrCDheFowxnDgXh+5YG1mGcQDr 8JPlUHYJqx2LVoaGXb1jnW6EA+dC+KTc5M7KsMoFmuQ8oPwVuthEq3SUyC3AgKNS feWIBaPQGp3p6G7S/Z6bX6j8bQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFEazJWA5 yMvS/JfCSNvnRNXhqko3MB8GA1UdIwQYMBaAFM96xueFPklYKHAGQwB2WEZX4MlQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOTE2QS8xRDdBRDBCQTQ1 OEQxMUU1QjM5NTdBNzlDNEY5QUUwMi96M3JHNTRVLVNWZ29jQVpEQUhaWVJsZmd5 VkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ozckc1NFUtU1Znb2NBWkRBSFpZUmxmZ3lWQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG OTE2QS8xRDdBRDBCQTQ1OEQxMUU1QjM5NTdBNzlDNEY5QUUwMi96M3JHNTRVLVNW Z29jQVpEQUhaWVJsZmd5VkEubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAESGcXGPb6//UB8I5j6ULZwR+IXXgk6YfNX8YqZYADh36T8GHiGeWZwPn64by 8DLUytZo5mK25zqA6V2pB09jJ8L34aeRksHEj0ujATX9mHTpmoW+aSBDuFoWP7h+ SivzT/ePaBjDtMQohjDWej4H5pEw81ZP3rMPgpRCDDp6cEo0BGxMNR59WLw7fUjT 125j3w09mACPIXbmTa8OZtU/X3bAh0XevZVs/Bx40uM8+F34CPMfoW0//ZPWmmmg Ih7EcGieeDRWezs6XnL2TIQDMPb53UCnTsQyNAUXxE325UbiT6vY2xg8d/yzAHSG 0OgBKhnGpU6OPm0WwoZUDSD1uw== -----END CERTIFICATE-----Generated at Thu Mar 26 15:51:20 2026 by rpki-client