$ rpki-client -vvf rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft File: KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft (raw, json) Hash identifier: FeZ514J2gBZToTew/nkdbJgHolnT6V7xBdbMHhUqUUA= Subject key identifier: 55:7B:1C:EB:2F:52:5D:B4:D6:7D:69:11:9B:29:29:F8:4B:A5:EB:5D Authority key identifier: 29:76:87:67:53:D6:55:62:A7:CA:85:E3:E9:E8:DF:75:07:97:C9:48 Certificate issuer: /CN=A914F521/serialNumber=2976876753D65562A7CA85E3E9E8DF750797C948 Certificate serial: 0E4A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft Manifest number: 0E2C Signing time: Mon 02 Mar 2026 00:57:28 +0000 Manifest this update: Mon 02 Mar 2026 00:57:25 +0000 Manifest next update: Mon 09 Mar 2026 00:57:25 +0000 Files and hashes: 1: KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl (hash: FGjuFUIQLA0EH3aEssgMoZfncBCQ4LVveOuEnHqAjjI=) 2: 757320342E4011EEBC464879C4F9AE02.roa (hash: PNck+uUGNd+dXPiz0RHoIOTdAVNh1nYpLyv0JCvf9SY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 00:57:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3658 (0xe4a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914F521, serialNumber=2976876753D65562A7CA85E3E9E8DF750797C948 Validity Not Before: Mar 2 00:57:25 2026 GMT Not After : Mar 9 00:57:25 2026 GMT Subject: CN=69a4e078-9cd3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:bc:ef:5c:8b:df:2e:5b:87:e8:90:80:11:81: a1:ca:22:ec:57:d1:28:e8:c1:ec:ee:bf:80:46:31: 8f:fe:dd:f6:fc:2b:b9:df:2f:8a:63:90:8a:72:bb: 75:ad:17:da:55:47:d7:9f:01:29:50:04:5e:6d:a7: 08:94:4c:ac:4b:e4:9c:e6:3c:b3:f0:6a:56:c3:56: 8f:4c:08:9c:d5:ce:6d:4b:0b:2c:f9:09:c4:a9:1a: e5:ce:ad:02:ab:aa:7d:7e:70:86:30:25:d0:94:b7: 01:f8:35:a8:60:46:f6:7a:d9:70:39:4d:b3:8f:da: a2:9f:4e:77:94:4c:11:fc:5f:07:f7:93:b3:e5:a4: 7b:8d:b0:80:9b:69:cd:45:ee:59:7f:88:ff:db:f3: 55:18:51:8b:ed:c3:30:6b:36:c4:05:e1:c6:7f:5f: 79:e4:f2:38:18:49:06:68:be:04:9d:1f:c7:d2:71: 42:c2:ac:b3:5d:31:53:ab:65:93:99:0e:f5:13:13: 18:58:b7:db:12:d2:9a:ea:9d:a2:8f:71:a8:4d:1a: c9:cd:dd:54:85:f3:b5:09:d7:da:da:ac:03:7c:0a: ae:23:c8:ff:77:bc:8e:f0:7b:5d:c9:6e:9c:95:08: 8f:5c:89:30:84:18:00:7e:15:5b:5a:49:57:e9:58: 2d:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 55:7B:1C:EB:2F:52:5D:B4:D6:7D:69:11:9B:29:29:F8:4B:A5:EB:5D X509v3 Authority Key Identifier: keyid:29:76:87:67:53:D6:55:62:A7:CA:85:E3:E9:E8:DF:75:07:97:C9:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 59:47:42:11:ae:bf:72:e5:61:3f:2d:87:1d:8b:34:ea:b7:cd: c9:44:b5:cc:b7:70:0e:44:5a:bd:f0:d8:70:01:d2:cb:ac:ed: 57:90:83:2b:f8:46:76:68:87:92:e7:e9:fa:6d:a8:ef:7c:13: a8:92:6a:42:6d:d9:8b:58:61:0b:57:4c:e4:ce:79:2d:aa:10: d4:89:a4:b3:f8:20:18:6a:60:bf:3b:f8:b9:87:2f:ff:1a:ef: 2b:7e:27:d2:bc:9a:cf:46:ef:38:57:35:fb:df:ae:c0:13:69: 82:05:9d:1c:93:a3:ff:9c:45:1d:cf:b3:5d:83:c1:56:20:2d: 65:da:4c:1d:b0:ed:41:3f:8a:b0:9e:28:a8:10:91:f3:83:b7: 52:70:12:bc:f4:c8:26:4b:62:ae:49:27:f6:0c:c4:0f:33:42: 45:f2:e8:ed:24:67:c8:e6:38:59:cd:bc:13:1e:93:a8:28:ea: 24:a5:f9:27:1b:e4:38:ca:b5:12:94:cf:83:51:5a:9d:28:37: 98:fd:62:79:e8:0a:21:34:3d:bf:31:9a:9c:66:4e:f2:4d:0b: 11:c3:09:c7:f2:31:02:39:da:a0:19:01:76:27:40:9d:71:05: 43:d2:45:8c:7f:10:97:ae:54:c4:3a:fc:fd:9e:98:9d:c7:58: 45:31:18:93 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICDkowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEY1MjExMTAvBgNVBAUTKDI5NzY4NzY3NTNENjU1NjJBN0NBODVFM0U5RThERjc1 MDc5N0M5NDgwHhcNMjYwMzAyMDA1NzI1WhcNMjYwMzA5MDA1NzI1WjAYMRYwFAYD VQQDEw02OWE0ZTA3OC05Y2QzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArLzvXIvfLluH6JCAEYGhyiLsV9Eo6MHs7r+ARjGP/t32/Cu53y+KY5CKcrt1 rRfaVUfXnwEpUARebacIlEysS+Sc5jyz8GpWw1aPTAic1c5tSwss+QnEqRrlzq0C q6p9fnCGMCXQlLcB+DWoYEb2etlwOU2zj9qin053lEwR/F8H95Oz5aR7jbCAm2nN Re5Zf4j/2/NVGFGL7cMwazbEBeHGf1955PI4GEkGaL4EnR/H0nFCwqyzXTFTq2WT mQ71ExMYWLfbEtKa6p2ij3GoTRrJzd1UhfO1Cdfa2qwDfAquI8j/d7yO8HtdyW6c lQiPXIkwhBgAfhVbWklX6VgtNQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFFV7HOsv Ul201n1pEZspKfhLpetdMB8GA1UdIwQYMBaAFCl2h2dT1lVip8qF4+no33UHl8lI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RjUyMS8yMTY1ODgyMEM2 N0UxMUU5QUYzQkE3NjVDNEY5QUUwMi9LWGFIWjFQV1ZXS255b1hqNmVqZmRRZVh5 VWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tYYUhaMVBXVldLbnlvWGo2ZWpmZFFlWHlVZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RjUyMS8yMTY1ODgyMEM2N0UxMUU5QUYzQkE3NjVDNEY5QUUwMi9LWGFIWjFQV1ZX S255b1hqNmVqZmRRZVh5VWcubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAWUdCEa6/cuVhPy2HHYs06rfNyUS1zLdwDkRavfDYcAHSy6ztV5CDK/hGdmiH kufp+m2o73wTqJJqQm3Zi1hhC1dM5M55LaoQ1Imks/ggGGpgvzv4uYcv/xrvK34n 0ryaz0bvOFc1+9+uwBNpggWdHJOj/5xFHc+zXYPBViAtZdpMHbDtQT+KsJ4oqBCR 84O3UnASvPTIJktirkkn9gzEDzNCRfLo7SRnyOY4Wc28Ex6TqCjqJKX5JxvkOMq1 EpTPg1FanSg3mP1ieegKITQ9vzGanGZO8k0LEcMJx/IxAjnaoBkBdidAnXEFQ9JF jH8Ql65UxDr8/Z6YncdYRTEYkw== -----END CERTIFICATE-----Generated at Mon Mar 2 04:18:03 2026 by rpki-client