$ rpki-client -vvf rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.mft File: OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.mft (raw, json) Hash identifier: qVasQ2coWuF/taycspcHT851ZdKeH+EqIXTb7/CQvus= Subject key identifier: 6D:91:19:1D:10:45:C6:77:52:A8:A4:D4:CF:1A:1F:A3:84:BE:B5:7F Authority key identifier: 39:C4:39:67:57:00:87:F5:83:E4:25:A9:FE:9B:69:B9:50:6A:59:BD Certificate issuer: /CN=A9157D67/serialNumber=39C43967570087F583E425A9FE9B69B9506A59BD Certificate serial: 0C28 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.mft Manifest number: 0A4A Signing time: Mon 02 Mar 2026 03:02:37 +0000 Manifest this update: Mon 02 Mar 2026 03:02:35 +0000 Manifest next update: Mon 09 Mar 2026 03:02:35 +0000 Files and hashes: 1: OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.crl (hash: brl58cXnXRWnzZekdsw0sWTXqISDaknZCQz1cHeqwhE=) 2: B8D1EFFECFF111F085D0CF76C4F9AE02.roa (hash: HUQUUIa3JTbhzjl+kzm7+2BBxPdE0gxUwosqJf+QgLY=) 3: AB96EF3852CD11ECAB209C5FC4F9AE02.roa (hash: J0sAShMAS7TBXIrBTuQVLuuil+RzIlr22j/AeepAcBs=) 4: 93EE047E4BB511EE9309AA4EC4F9AE02.roa (hash: TZoK6id0rUzh56KPEUCZAm7vzhoQKcumpCyH1Z185+Y=) 5: 3CE7D21201A311F1A14FC5D2686F56BC.roa (hash: o8Efs0Zmsyf+yPslQE6u+yFKAm4P6NONEQAjk5sGm4c=) 6: 263DB02C4BB611EE9B959267C4F9AE02.roa (hash: w6yzFziDeBAoUWZ59xaLHwBZh42R2pzo/qzXpmN8kyk=) 7: 72C9BE36950211EFAC892C5EC4F9AE02.roa (hash: ye8jq88ep0wSruy1WtzE0bv/JRbtY6NOkRlK24kmsxo=) 8: 61EE2500936E11F091943583C4F9AE02.roa (hash: ZyGCDqU+jxTVQMJAawzSWK1wR7ajHs+Yg6/pfAsiZZE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.crl rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 03:02:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3112 (0xc28) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157D67, serialNumber=39C43967570087F583E425A9FE9B69B9506A59BD Validity Not Before: Mar 2 03:02:35 2026 GMT Not After : Mar 9 03:02:35 2026 GMT Subject: CN=69a4fdcd-c24c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:79:0b:f2:68:2e:4e:80:bb:99:42:85:e9:7f: 59:24:8f:05:b6:4f:60:fa:ad:92:1f:60:d8:73:c5: 18:a3:e9:74:bf:8a:8f:21:98:93:85:f1:f3:f7:2c: c5:cf:75:34:cf:bf:e1:ad:48:03:d7:a1:60:6c:ba: 38:fc:69:54:e9:ad:8a:c1:91:6b:3a:38:09:e8:b5: ea:15:f1:ce:2c:98:3a:91:fd:8b:e5:38:13:65:32: e1:e9:2c:cc:8e:6e:9a:bb:8a:1b:c8:74:2c:7b:87: 40:b1:82:d6:8f:f1:8c:59:b5:76:c9:fc:02:11:7f: f1:4e:62:c1:07:84:18:28:c0:5e:65:38:3b:d5:cf: 05:a6:c7:d6:a7:78:2b:43:cc:32:42:ab:1f:d0:47: 3b:f6:b4:81:01:c8:8e:6d:ff:53:1a:09:81:74:06: 45:10:0b:df:59:4e:1e:6d:8b:b3:0e:7d:11:00:17: b5:31:b8:85:f1:7f:9a:e4:60:e0:19:f6:12:28:aa: 7f:02:43:4b:6c:3b:34:3c:28:dd:fe:88:03:73:56: b1:e3:d4:2b:04:ae:83:57:0a:fe:12:5a:48:76:7a: 42:2a:45:3f:ec:1d:9e:b0:99:a9:a7:76:b3:cf:11: b5:b8:78:0e:d5:89:4e:4e:a2:64:d7:29:50:aa:90: 8b:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:91:19:1D:10:45:C6:77:52:A8:A4:D4:CF:1A:1F:A3:84:BE:B5:7F X509v3 Authority Key Identifier: keyid:39:C4:39:67:57:00:87:F5:83:E4:25:A9:FE:9B:69:B9:50:6A:59:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b0:32:b7:c9:f8:21:f9:9c:f2:2f:cd:46:9e:0b:0a:54:f4:71: 42:35:77:8f:60:1b:7d:2b:3f:c9:a9:2e:3c:c0:d1:02:f8:94: 31:48:45:e4:29:17:2a:3f:b4:ff:5c:33:7f:e6:15:10:37:bb: 9a:94:35:f7:3d:98:3e:10:cc:6f:08:55:eb:98:cf:b8:fe:1c: 13:c4:69:84:33:eb:a2:38:fc:ce:6f:2b:f2:18:a5:e7:2d:70: bc:a8:5c:ab:e0:74:24:28:cd:20:e9:3c:9d:67:85:b1:ef:10: cf:f7:6f:61:d3:b1:75:a0:54:d4:6f:59:b1:e2:0e:b3:8d:1b: f5:c4:e0:2d:b6:ba:0e:ec:f7:ef:c4:f1:3f:6e:be:c8:a7:7c: 54:bf:c5:36:0c:9b:8b:c0:d1:05:a4:1a:65:a9:4a:8e:a5:77: cc:d8:84:c6:82:99:96:cf:6a:f9:f6:0f:2b:ed:8c:64:f0:5f: 0c:f0:a2:e6:8d:eb:2e:71:97:3c:13:5c:6c:02:b6:b4:0c:c1: e6:dc:2f:9f:00:80:fc:c1:14:22:c4:86:6a:65:07:4b:a8:c1: ba:99:9e:03:27:79:7c:de:f4:e2:6d:cf:c2:cb:4c:5b:32:1e: ff:32:03:44:71:73:94:a0:13:48:d7:ae:ed:51:8c:65:e1:20: 29:28:30:ff -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICDCgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdENjcxMTAvBgNVBAUTKDM5QzQzOTY3NTcwMDg3RjU4M0U0MjVBOUZFOUI2OUI5 NTA2QTU5QkQwHhcNMjYwMzAyMDMwMjM1WhcNMjYwMzA5MDMwMjM1WjAYMRYwFAYD VQQDEw02OWE0ZmRjZC1jMjRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz3kL8mguToC7mUKF6X9ZJI8Ftk9g+q2SH2DYc8UYo+l0v4qPIZiThfHz9yzF z3U0z7/hrUgD16FgbLo4/GlU6a2KwZFrOjgJ6LXqFfHOLJg6kf2L5TgTZTLh6SzM jm6au4obyHQse4dAsYLWj/GMWbV2yfwCEX/xTmLBB4QYKMBeZTg71c8FpsfWp3gr Q8wyQqsf0Ec79rSBAciObf9TGgmBdAZFEAvfWU4ebYuzDn0RABe1MbiF8X+a5GDg GfYSKKp/AkNLbDs0PCjd/ogDc1ax49QrBK6DVwr+ElpIdnpCKkU/7B2esJmpp3az zxG1uHgO1YlOTqJk1ylQqpCL+QIDAQABo4ICczCCAm8wHQYDVR0OBBYEFG2RGR0Q RcZ3Uqik1M8aH6OEvrV/MB8GA1UdIwQYMBaAFDnEOWdXAIf1g+Qlqf6bablQalm9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0Q2Ny82OUU2QzE2QTQ0 MkExMUVCOTU5OUFEMzhDNEY5QUUwMi9PY1E1WjFjQWhfV0Q1Q1dwX3B0cHVWQnFX YjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09jUTVaMWNBaF9XRDVDV3BfcHRwdVZCcVdiMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 N0Q2Ny82OUU2QzE2QTQ0MkExMUVCOTU5OUFEMzhDNEY5QUUwMi9PY1E1WjFjQWhf V0Q1Q1dwX3B0cHVWQnFXYjAubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAsDK3yfgh+ZzyL81GngsKVPRxQjV3j2AbfSs/yakuPMDRAviUMUhF5CkXKj+0 /1wzf+YVEDe7mpQ19z2YPhDMbwhV65jPuP4cE8RphDProjj8zm8r8hil5y1wvKhc q+B0JCjNIOk8nWeFse8Qz/dvYdOxdaBU1G9ZseIOs40b9cTgLba6Duz378TxP26+ yKd8VL/FNgybi8DRBaQaZalKjqV3zNiExoKZls9q+fYPK+2MZPBfDPCi5o3rLnGX PBNcbAK2tAzB5twvnwCA/MEUIsSGamUHS6jBupmeAyd5fN704m3PwstMWzIe/zID RHFzlKATSNeu7VGMZeEgKSgw/w== -----END CERTIFICATE-----Generated at Mon Mar 2 10:54:06 2026 by rpki-client