$ rpki-client -vvf rpki.apnic.net/member_repository/A91FB297/BBF28DDAD99511F09A18623B64D3641D/oPy-m8tDKKnovMofXhSWrMLOLtk.mft File: oPy-m8tDKKnovMofXhSWrMLOLtk.mft (raw, json) Hash identifier: A2/ch0ThYGLaB5wQvQIg3jBCVqi1ITbze4um/QqpyNM= Subject key identifier: F1:41:94:C2:29:14:01:E1:A5:CC:5E:15:71:96:CC:68:05:F5:7C:8F Authority key identifier: A0:FC:BE:9B:CB:43:28:A9:E8:BC:CA:1F:5E:14:96:AC:C2:CE:2E:D9 Certificate issuer: /CN=A91FB297/serialNumber=A0FCBE9BCB4328A9E8BCCA1F5E1496ACC2CE2ED9 Certificate serial: 38 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oPy-m8tDKKnovMofXhSWrMLOLtk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FB297/BBF28DDAD99511F09A18623B64D3641D/oPy-m8tDKKnovMofXhSWrMLOLtk.mft Manifest number: 38 Signing time: Wed 25 Mar 2026 03:33:08 +0000 Manifest this update: Wed 25 Mar 2026 03:33:08 +0000 Manifest next update: Wed 01 Apr 2026 03:33:08 +0000 Files and hashes: 1: oPy-m8tDKKnovMofXhSWrMLOLtk.crl (hash: s5vyjXmIIflSrOE/rxjZ4kSdzH4ksqz/CWbXmjKnQcc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FB297/BBF28DDAD99511F09A18623B64D3641D/oPy-m8tDKKnovMofXhSWrMLOLtk.crl rsync://rpki.apnic.net/member_repository/A91FB297/BBF28DDAD99511F09A18623B64D3641D/oPy-m8tDKKnovMofXhSWrMLOLtk.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oPy-m8tDKKnovMofXhSWrMLOLtk.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 Apr 2026 03:33:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56 (0x38) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FB297, serialNumber=A0FCBE9BCB4328A9E8BCCA1F5E1496ACC2CE2ED9 Validity Not Before: Mar 25 03:33:08 2026 GMT Not After : Apr 1 03:33:08 2026 GMT Subject: CN=69c35774-8f73 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:02:d7:f8:ff:c3:f6:c1:ba:d6:1c:0e:e1:2d: 58:3b:60:ba:a2:bd:6e:a7:a6:88:2e:21:00:6a:eb: 12:be:1a:ac:b7:4c:30:79:8f:1b:21:35:5d:cf:79: 53:50:36:86:80:76:3d:70:6b:a5:c2:e8:63:3d:40: b6:3e:8e:89:cd:c1:3a:3f:70:bb:1a:7a:2a:fa:fa: f8:3d:54:52:53:ec:c5:99:ba:aa:82:07:d7:ff:da: 6a:26:59:66:b8:dd:8b:75:49:bb:11:7b:07:5d:04: 64:80:17:55:4b:be:b1:4e:c8:b4:dc:3c:f3:c2:18: eb:4c:08:92:ce:ef:30:a8:3f:f0:e7:ad:d8:d3:d8: fa:80:aa:5b:71:bb:28:e4:08:74:07:ee:13:e1:48: 0a:53:d4:4c:20:48:d0:56:a9:88:14:d8:29:a6:0f: 68:0a:1b:da:76:5c:84:d9:c7:9a:61:4e:dd:54:99: 87:6b:08:e7:14:38:ef:44:d3:cf:82:57:84:cc:55: 53:d2:42:5a:87:6a:8b:a1:a7:19:0a:ef:f7:e2:c8: e8:9e:f5:cd:dd:d6:32:48:d7:25:95:22:11:d3:b9: 0e:0f:53:54:7b:82:ab:41:97:9d:32:70:47:7a:4b: 48:ed:b0:32:e8:5c:f7:23:80:a8:c7:db:2e:b2:f9: 3d:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:41:94:C2:29:14:01:E1:A5:CC:5E:15:71:96:CC:68:05:F5:7C:8F X509v3 Authority Key Identifier: keyid:A0:FC:BE:9B:CB:43:28:A9:E8:BC:CA:1F:5E:14:96:AC:C2:CE:2E:D9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FB297/BBF28DDAD99511F09A18623B64D3641D/oPy-m8tDKKnovMofXhSWrMLOLtk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oPy-m8tDKKnovMofXhSWrMLOLtk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FB297/BBF28DDAD99511F09A18623B64D3641D/oPy-m8tDKKnovMofXhSWrMLOLtk.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0b:68:70:97:b9:de:06:39:9b:8b:33:11:90:45:9e:79:12:4b: f6:4c:0b:b6:0d:c8:51:a0:3c:2d:e3:bd:29:65:60:6b:b7:9f: d6:31:c5:fb:7e:4a:4b:53:85:95:0a:31:9a:56:99:65:a6:e0: ee:38:95:6c:b8:5f:fb:58:6c:11:66:d4:e9:2f:4b:00:62:fc: a0:14:76:4b:c5:44:63:80:e2:79:ff:49:2f:0f:80:f0:a0:25: 7c:42:97:6e:57:df:d8:74:21:0a:db:35:c8:86:55:03:48:89: d8:1b:b3:53:74:58:e0:f7:19:02:3b:f6:17:4a:7c:18:9d:58: 3a:ac:f9:17:73:ae:52:b9:30:fd:c5:23:a5:c0:a9:af:33:bd: e4:1f:69:5f:73:cd:09:0c:55:3a:96:98:63:6e:49:dc:8a:c3: fd:c1:05:fc:d9:e6:60:f0:61:1e:f8:7a:87:86:1e:67:72:cd: 0a:31:a1:cc:7c:07:8f:dd:a1:92:15:ff:87:8c:94:f5:40:9f: ae:fb:12:b5:32:07:da:34:f6:5e:68:cf:60:88:5b:0b:2f:1e: d8:b5:e1:7a:63:74:3b:19:9c:a1:36:23:38:3f:02:ba:5c:a5: e3:7d:ad:fd:c6:de:40:39:bf:96:b8:57:ed:da:54:eb:d6:4f: 36:07:26:cd -----BEGIN CERTIFICATE----- MIIFTjCCBDagAwIBAgIBODANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG QjI5NzExMC8GA1UEBRMoQTBGQ0JFOUJDQjQzMjhBOUU4QkNDQTFGNUUxNDk2QUND MkNFMkVEOTAeFw0yNjAzMjUwMzMzMDhaFw0yNjA0MDEwMzMzMDhaMBgxFjAUBgNV BAMTDTY5YzM1Nzc0LThmNzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC5Atf4/8P2wbrWHA7hLVg7YLqivW6npoguIQBq6xK+Gqy3TDB5jxshNV3PeVNQ NoaAdj1wa6XC6GM9QLY+jonNwTo/cLsaeir6+vg9VFJT7MWZuqqCB9f/2momWWa4 3Yt1SbsRewddBGSAF1VLvrFOyLTcPPPCGOtMCJLO7zCoP/DnrdjT2PqAqltxuyjk CHQH7hPhSApT1EwgSNBWqYgU2CmmD2gKG9p2XITZx5phTt1UmYdrCOcUOO9E08+C V4TMVVPSQlqHaouhpxkK7/fiyOie9c3d1jJI1yWVIhHTuQ4PU1R7gqtBl50ycEd6 S0jtsDLoXPcjgKjH2y6y+T2JAgMBAAGjggJzMIICbzAdBgNVHQ4EFgQU8UGUwikU AeGlzF4VcZbMaAX1fI8wHwYDVR0jBBgwFoAUoPy+m8tDKKnovMofXhSWrMLOLtkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZCMjk3L0JCRjI4RERBRDk5 NTExRjA5QTE4NjIzQjY0RDM2NDFEL29QeS1tOHRES0tub3ZNb2ZYaFNXck1MT0x0 ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvb1B5LW04dERLS25vdk1vZlhoU1dyTUxPTHRrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgZAGCCsGAQUFBwELBIGDMIGAMH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZC Mjk3L0JCRjI4RERBRDk5NTExRjA5QTE4NjIzQjY0RDM2NDFEL29QeS1tOHRES0tu b3ZNb2ZYaFNXck1MT0x0ay5tZnQwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQALaHCXud4GOZuLMxGQRZ55Ekv2TAu2DchRoDwt470pZWBrt5/WMcX7fkpLU4WV CjGaVpllpuDuOJVsuF/7WGwRZtTpL0sAYvygFHZLxURjgOJ5/0kvD4DwoCV8Qpdu V9/YdCEK2zXIhlUDSInYG7NTdFjg9xkCO/YXSnwYnVg6rPkXc65SuTD9xSOlwKmv M73kH2lfc80JDFU6lphjbkncisP9wQX82eZg8GEe+HqHhh5ncs0KMaHMfAeP3aGS Ff+HjJT1QJ+u+xK1MgfaNPZeaM9giFsLLx7YteF6Y3Q7GZyhNiM4PwK6XKXjfa39 xt5AOb+WuFft2lTr1k82BybN -----END CERTIFICATE-----Generated at Thu Mar 26 15:41:16 2026 by rpki-client