$ rpki-client -vvf rpki.apnic.net/member_repository/A9144EC5/439E3C28C51111EB91640C87C4F9AE02/WAfnFR1ax7dL8iyZCSvS6S6mBig.mft File: WAfnFR1ax7dL8iyZCSvS6S6mBig.mft (raw, json) Hash identifier: Mf1CCLjJaHh4vGDp3wO177P54/fabo5FpjVvEwyWgIE= Subject key identifier: F2:95:4D:70:5E:67:BC:F1:72:E6:87:FE:3B:15:76:FE:4E:AD:E4:3C Authority key identifier: 58:07:E7:15:1D:5A:C7:B7:4B:F2:2C:99:09:2B:D2:E9:2E:A6:06:28 Certificate issuer: /CN=A9144EC5/serialNumber=5807E7151D5AC7B74BF22C99092BD2E92EA60628 Certificate serial: 0671 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WAfnFR1ax7dL8iyZCSvS6S6mBig.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9144EC5/439E3C28C51111EB91640C87C4F9AE02/WAfnFR1ax7dL8iyZCSvS6S6mBig.mft Manifest number: 0665 Signing time: Thu 16 Apr 2026 22:32:28 +0000 Manifest this update: Thu 16 Apr 2026 22:32:28 +0000 Manifest next update: Thu 23 Apr 2026 22:32:28 +0000 Files and hashes: 1: WAfnFR1ax7dL8iyZCSvS6S6mBig.crl (hash: 0u0qTSAesfEHtXrZP7fBQfkWTbkLpAHDdvuTE5/ApHE=) 2: 9CCB30B0C5F411EB8A6F1525C4F9AE02.roa (hash: W1AZdRPnUqP6po+2nyCEliB/EeCDTXtY0YkQggT0wxc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9144EC5/439E3C28C51111EB91640C87C4F9AE02/WAfnFR1ax7dL8iyZCSvS6S6mBig.crl rsync://rpki.apnic.net/member_repository/A9144EC5/439E3C28C51111EB91640C87C4F9AE02/WAfnFR1ax7dL8iyZCSvS6S6mBig.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WAfnFR1ax7dL8iyZCSvS6S6mBig.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Apr 2026 22:32:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1649 (0x671) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9144EC5, serialNumber=5807E7151D5AC7B74BF22C99092BD2E92EA60628 Validity Not Before: Apr 16 22:32:28 2026 GMT Not After : Apr 23 22:32:28 2026 GMT Subject: CN=69e1637c-5e17 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:99:d2:d3:b0:11:69:be:55:57:23:05:25:b1: 71:db:ea:02:c6:fe:37:89:05:26:14:3a:d0:f3:ac: 85:c6:85:f5:43:ac:52:66:c0:f8:01:5c:20:77:61: db:9e:01:bd:08:b2:b9:c3:ec:6c:f1:91:46:ee:a7: b8:0a:d4:c3:b4:d4:cd:a8:3a:40:99:37:4d:76:3b: af:dd:8e:13:67:8f:a4:4f:4d:21:c4:7d:e4:a2:ef: 18:22:38:24:50:fa:40:03:b1:3a:fb:00:23:17:84: 22:e8:73:1c:48:f3:af:70:55:27:1d:1f:0c:12:50: cc:aa:a6:7f:aa:19:ab:6f:eb:ab:5e:12:5b:06:2d: 0a:89:be:ba:93:e1:7b:f0:9a:cd:01:31:1e:0b:52: 17:e9:20:d8:01:62:bc:52:7f:30:6f:60:73:84:a7: 36:19:29:41:6a:42:25:2b:da:10:74:8e:6b:0b:c1: 50:6a:b1:80:b3:89:97:88:ea:4e:e3:8d:e3:98:f0: 78:8b:1e:b2:60:7e:16:dc:f8:aa:97:4b:37:3a:f6: 6a:7d:2f:5b:f8:a5:f4:f8:a0:d1:70:26:6b:f3:73: fe:a3:f4:f2:13:ec:fe:da:6f:cc:b5:6a:f4:33:1b: 90:a6:1d:ed:13:90:d3:bc:c6:50:07:4e:b2:bf:36: 87:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:95:4D:70:5E:67:BC:F1:72:E6:87:FE:3B:15:76:FE:4E:AD:E4:3C X509v3 Authority Key Identifier: keyid:58:07:E7:15:1D:5A:C7:B7:4B:F2:2C:99:09:2B:D2:E9:2E:A6:06:28 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9144EC5/439E3C28C51111EB91640C87C4F9AE02/WAfnFR1ax7dL8iyZCSvS6S6mBig.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WAfnFR1ax7dL8iyZCSvS6S6mBig.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9144EC5/439E3C28C51111EB91640C87C4F9AE02/WAfnFR1ax7dL8iyZCSvS6S6mBig.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 20:0e:b4:99:c1:08:c0:54:c5:47:bd:5e:18:3d:74:1e:a1:81: 38:b7:45:8a:91:36:fe:9b:63:02:af:73:4e:de:e6:4a:a6:14: bd:31:9a:e8:6d:55:57:64:b5:56:92:16:a9:37:30:51:2a:bf: 08:ef:4e:3d:db:26:d5:e5:ba:6c:aa:7c:70:17:b9:8c:96:52: 5b:2b:31:2f:cb:96:c9:cd:6a:8e:6f:22:bc:cb:77:94:8b:36: f7:65:20:31:89:ef:86:0b:59:c4:23:2f:41:6a:c6:ad:15:59: 9d:27:8c:3a:5e:87:ef:87:4e:82:ea:6f:13:8b:4a:de:6f:1f: 88:4c:b1:17:7a:d7:8f:f0:76:79:38:f5:32:8e:55:38:b6:b6: 0e:23:ef:d6:15:e0:ee:0f:b0:ea:13:bc:f4:76:9e:c5:54:9d: b9:f5:f9:ad:53:e6:89:dd:54:5f:fa:fd:5c:69:66:2e:8e:01: f7:fe:45:59:59:76:39:fc:41:59:97:94:4d:4b:ec:0d:7a:ef: 5c:4e:5f:d6:5c:9a:95:5a:09:7f:67:fd:37:85:60:e6:2c:cc: 26:a3:a4:20:f6:69:54:84:45:58:78:52:01:e7:e4:b2:fd:ed: 2f:ae:e8:75:8c:09:4c:12:20:43:d1:5d:3a:f4:b7:b5:d1:6f: 40:a1:40:29 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICBnEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDRFQzUxMTAvBgNVBAUTKDU4MDdFNzE1MUQ1QUM3Qjc0QkYyMkM5OTA5MkJEMkU5 MkVBNjA2MjgwHhcNMjYwNDE2MjIzMjI4WhcNMjYwNDIzMjIzMjI4WjAYMRYwFAYD VQQDEw02OWUxNjM3Yy01ZTE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzJnS07ARab5VVyMFJbFx2+oCxv43iQUmFDrQ86yFxoX1Q6xSZsD4AVwgd2Hb ngG9CLK5w+xs8ZFG7qe4CtTDtNTNqDpAmTdNdjuv3Y4TZ4+kT00hxH3kou8YIjgk UPpAA7E6+wAjF4Qi6HMcSPOvcFUnHR8MElDMqqZ/qhmrb+urXhJbBi0Kib66k+F7 8JrNATEeC1IX6SDYAWK8Un8wb2BzhKc2GSlBakIlK9oQdI5rC8FQarGAs4mXiOpO 443jmPB4ix6yYH4W3Piql0s3OvZqfS9b+KX0+KDRcCZr83P+o/TyE+z+2m/MtWr0 MxuQph3tE5DTvMZQB06yvzaHUwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFPKVTXBe Z7zxcuaH/jsVdv5OreQ8MB8GA1UdIwQYMBaAFFgH5xUdWse3S/IsmQkr0ukupgYo MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NEVDNS80MzlFM0MyOEM1 MTExMUVCOTE2NDBDODdDNEY5QUUwMi9XQWZuRlIxYXg3ZEw4aXlaQ1N2UzZTNm1C aWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1dBZm5GUjFheDdkTDhpeVpDU3ZTNlM2bUJpZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 NEVDNS80MzlFM0MyOEM1MTExMUVCOTE2NDBDODdDNEY5QUUwMi9XQWZuRlIxYXg3 ZEw4aXlaQ1N2UzZTNm1CaWcubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAIA60mcEIwFTFR71eGD10HqGBOLdFipE2/ptjAq9zTt7mSqYUvTGa6G1VV2S1 VpIWqTcwUSq/CO9OPdsm1eW6bKp8cBe5jJZSWysxL8uWyc1qjm8ivMt3lIs292Ug MYnvhgtZxCMvQWrGrRVZnSeMOl6H74dOgupvE4tK3m8fiEyxF3rXj/B2eTj1Mo5V OLa2DiPv1hXg7g+w6hO89HaexVSdufX5rVPmid1UX/r9XGlmLo4B9/5FWVl2OfxB WZeUTUvsDXrvXE5f1lyalVoJf2f9N4Vg5izMJqOkIPZpVIRFWHhSAefksv3tL67o dYwJTBIgQ9FdOvS3tdFvQKFAKQ== -----END CERTIFICATE-----Generated at Fri Apr 17 13:36:58 2026 by rpki-client