$ rpki-client -vvf rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.mft File: iXa1-0jy5BEdeNWjzVovyhlhOXo.mft (raw, json) Hash identifier: 25jT5ffyO+XfD1iDUA70ssk3BfVtU9BosRMFuY4jWoo= Subject key identifier: BE:6A:51:58:BE:9F:C3:A4:C4:CB:BF:97:EC:C1:95:9F:A7:E7:56:66 Authority key identifier: 89:76:B5:FB:48:F2:E4:11:1D:78:D5:A3:CD:5A:2F:CA:19:61:39:7A Certificate issuer: /CN=A9128C7F/serialNumber=8976B5FB48F2E4111D78D5A3CD5A2FCA1961397A Certificate serial: 02A6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iXa1-0jy5BEdeNWjzVovyhlhOXo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.mft Manifest number: 0295 Signing time: Sun 01 Mar 2026 02:25:17 +0000 Manifest this update: Sun 01 Mar 2026 02:25:17 +0000 Manifest next update: Sun 08 Mar 2026 02:25:17 +0000 Files and hashes: 1: iXa1-0jy5BEdeNWjzVovyhlhOXo.crl (hash: BkESNoIYHtxeXbPjYNDbbFJcQ9UTg5uW0ACC6HvmwYU=) 2: FBE538ECC55511F0B6ACB62BC4F9AE02.roa (hash: Xm8YDhtFdsbSB/JaCf1eeLvxGvfVGvAsGyj9y3iXBIE=) 3: A0A9D798C0AB11F0B1CBD10FC4F9AE02.roa (hash: meFnR87+GI3v6nomBtYeU7WZPVYP4nD3qbJitsfc+J0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.crl rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iXa1-0jy5BEdeNWjzVovyhlhOXo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 02:25:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 678 (0x2a6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9128C7F, serialNumber=8976B5FB48F2E4111D78D5A3CD5A2FCA1961397A Validity Not Before: Mar 1 02:25:17 2026 GMT Not After : Mar 8 02:25:17 2026 GMT Subject: CN=69a3a38d-af2c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:27:ee:09:95:a5:cd:a0:21:80:d9:b8:6f:d4: e1:43:3d:6a:7b:fb:0d:8a:4e:7c:29:dd:01:48:c1: a9:27:e5:9d:b4:3a:cb:4f:73:90:74:ff:15:09:9b: 75:61:a5:e4:9a:fa:e3:c6:41:37:40:d4:b3:18:eb: 8e:f6:83:cb:b4:d7:54:d8:d2:65:e5:3a:e2:6b:5a: c0:27:34:f5:4a:45:59:55:4a:01:e2:16:c9:b3:9e: df:9b:1e:a1:f2:72:e5:7c:18:1f:2f:8c:e0:be:26: 0d:8f:c8:82:97:9e:75:95:38:af:35:18:a1:8a:0a: 71:18:b5:45:c8:67:a3:be:93:a4:6a:d3:81:f4:94: eb:36:e9:fb:45:d4:fe:de:1d:54:5f:9e:9f:41:c1: c0:9d:96:70:26:2d:1b:80:e6:b4:83:ce:a6:88:9e: 6e:57:ca:da:f5:a3:2e:85:15:9d:29:93:be:86:2a: 8e:de:bf:86:f5:1c:ac:7e:b9:68:9e:f1:f4:83:a8: 66:a4:76:f1:37:d7:b6:ed:a6:1a:dc:79:96:87:de: 7e:4c:63:a3:fa:f9:f3:d8:1c:b0:ea:8f:ba:9e:e6: 33:49:b1:73:53:45:03:47:13:a0:5f:95:c5:7b:28: f9:36:a7:1b:b5:f8:7e:f2:2d:29:e6:5a:dc:7b:ad: 92:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:6A:51:58:BE:9F:C3:A4:C4:CB:BF:97:EC:C1:95:9F:A7:E7:56:66 X509v3 Authority Key Identifier: keyid:89:76:B5:FB:48:F2:E4:11:1D:78:D5:A3:CD:5A:2F:CA:19:61:39:7A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iXa1-0jy5BEdeNWjzVovyhlhOXo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 94:92:8d:69:20:e4:5f:56:8b:eb:80:19:f1:50:38:5b:c4:c3: dd:dd:f5:e2:de:f3:7f:ee:6b:07:74:01:64:c1:17:cb:47:97: 76:ba:62:90:ff:af:5e:36:ae:9c:1a:55:47:50:03:c2:4c:21: 21:0b:eb:3b:f1:1f:50:9a:66:f7:3b:d4:cf:51:57:8a:a1:6f: fb:33:38:9a:9c:76:30:ef:b5:64:a7:38:20:6f:d8:f1:26:f1: d7:48:1a:a9:60:80:47:99:5d:98:11:b6:bd:c5:85:77:da:7d: b2:28:08:fe:aa:09:b9:4a:f6:5c:ac:d4:8a:11:a2:3a:27:59: d1:6e:78:49:26:50:e6:d3:43:ab:e0:37:44:eb:29:5a:ff:bf: 3e:11:b3:db:c5:a5:1d:a9:74:fc:df:2c:95:84:8b:37:a7:88: cf:45:d1:bf:31:9d:d3:36:30:4b:b5:08:8e:5d:e1:02:04:3a: 02:ee:c7:18:3e:82:5e:50:b7:4c:ce:d8:16:06:e0:d3:bc:d8: b8:ee:9d:c9:c3:a2:8e:8d:56:aa:44:d0:cf:91:37:bc:d0:4a: 63:43:0d:35:d2:7f:dd:04:b3:ff:29:30:c2:36:c5:12:af:90: d5:e6:ee:88:f0:35:fa:d6:71:fb:15:f0:7b:fb:65:9f:bb:00: 4f:28:e7:3d -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICAqYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjhDN0YxMTAvBgNVBAUTKDg5NzZCNUZCNDhGMkU0MTExRDc4RDVBM0NENUEyRkNB MTk2MTM5N0EwHhcNMjYwMzAxMDIyNTE3WhcNMjYwMzA4MDIyNTE3WjAYMRYwFAYD VQQDDA02OWEzYTM4ZC1hZjJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAryfuCZWlzaAhgNm4b9ThQz1qe/sNik58Kd0BSMGpJ+WdtDrLT3OQdP8VCZt1 YaXkmvrjxkE3QNSzGOuO9oPLtNdU2NJl5Tria1rAJzT1SkVZVUoB4hbJs57fmx6h 8nLlfBgfL4zgviYNj8iCl551lTivNRihigpxGLVFyGejvpOkatOB9JTrNun7RdT+ 3h1UX56fQcHAnZZwJi0bgOa0g86miJ5uV8ra9aMuhRWdKZO+hiqO3r+G9Rysfrlo nvH0g6hmpHbxN9e27aYa3HmWh95+TGOj+vnz2Byw6o+6nuYzSbFzU0UDRxOgX5XF eyj5Nqcbtfh+8i0p5lrce62S/wIDAQABo4ICczCCAm8wHQYDVR0OBBYEFL5qUVi+ n8OkxMu/l+zBlZ+n51ZmMB8GA1UdIwQYMBaAFIl2tftI8uQRHXjVo81aL8oZYTl6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOEM3Ri8zQjdCREFCRTNG QzcxMUVEQUM5QjIyMURDNEY5QUUwMi9pWGExLTBqeTVCRWRlTldqelZvdnlobGhP WG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lYYTEtMGp5NUJFZGVOV2p6Vm92eWhsaE9Yby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy OEM3Ri8zQjdCREFCRTNGQzcxMUVEQUM5QjIyMURDNEY5QUUwMi9pWGExLTBqeTVC RWRlTldqelZvdnlobGhPWG8ubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAlJKNaSDkX1aL64AZ8VA4W8TD3d314t7zf+5rB3QBZMEXy0eXdrpikP+vXjau nBpVR1ADwkwhIQvrO/EfUJpm9zvUz1FXiqFv+zM4mpx2MO+1ZKc4IG/Y8Sbx10ga qWCAR5ldmBG2vcWFd9p9sigI/qoJuUr2XKzUihGiOidZ0W54SSZQ5tNDq+A3ROsp Wv+/PhGz28WlHal0/N8slYSLN6eIz0XRvzGd0zYwS7UIjl3hAgQ6Au7HGD6CXlC3 TM7YFgbg07zYuO6dycOijo1WqkTQz5E3vNBKY0MNNdJ/3QSz/ykwwjbFEq+Q1ebu iPA1+tZx+xXwe/tln7sATyjnPQ== -----END CERTIFICATE-----Generated at Sun Mar 1 20:37:41 2026 by rpki-client