$ rpki-client -vvf rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.mft File: OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.mft (raw, json) Hash identifier: VDlimkyVHUDt01rmZSnQFiXYoOv1gvF/d4zkiK5lDCk= Subject key identifier: 3A:61:EE:52:51:F5:A9:16:6E:76:E0:C4:AE:4E:A6:B9:71:CF:D4:95 Authority key identifier: 39:C4:39:67:57:00:87:F5:83:E4:25:A9:FE:9B:69:B9:50:6A:59:BD Certificate issuer: /CN=A9157D67/serialNumber=39C43967570087F583E425A9FE9B69B9506A59BD Certificate serial: 0C52 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.mft Manifest number: 0A6C Signing time: Fri 17 Apr 2026 08:10:57 +0000 Manifest this update: Fri 17 Apr 2026 08:10:57 +0000 Manifest next update: Fri 24 Apr 2026 08:10:57 +0000 Files and hashes: 1: OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.crl (hash: /gZFqQfyo6lKg5VT781f9XgWCxHvL/MVCMITdgyWzA0=) 2: 263DB02C4BB611EE9B959267C4F9AE02.roa (hash: w6yzFziDeBAoUWZ59xaLHwBZh42R2pzo/qzXpmN8kyk=) 3: 93EE047E4BB511EE9309AA4EC4F9AE02.roa (hash: TZoK6id0rUzh56KPEUCZAm7vzhoQKcumpCyH1Z185+Y=) 4: 61EE2500936E11F091943583C4F9AE02.roa (hash: 8ckVb9qNZshEQ+HiBQT/0gq9CzwPXii/w1rZWO7m+Zw=) 5: 18E343FA3A3411F195AC72659C833773.roa (hash: KmC1y6Iu7HBzh2swaBdIcYsNGsBp1fh+v0hV3x9SRrk=) 6: AB96EF3852CD11ECAB209C5FC4F9AE02.roa (hash: J0sAShMAS7TBXIrBTuQVLuuil+RzIlr22j/AeepAcBs=) 7: 3CE7D21201A311F1A14FC5D2686F56BC.roa (hash: o8Efs0Zmsyf+yPslQE6u+yFKAm4P6NONEQAjk5sGm4c=) 8: 72C9BE36950211EFAC892C5EC4F9AE02.roa (hash: ye8jq88ep0wSruy1WtzE0bv/JRbtY6NOkRlK24kmsxo=) 9: B8D1EFFECFF111F085D0CF76C4F9AE02.roa (hash: s77Ei8EC37Djt+pew6TOMR9zQCEM+rq8eyiOuZgQork=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.crl rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Apr 2026 07:47:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3154 (0xc52) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157D67, serialNumber=39C43967570087F583E425A9FE9B69B9506A59BD Validity Not Before: Apr 17 08:10:57 2026 GMT Not After : Apr 24 08:10:57 2026 GMT Subject: CN=69e1eb11-f49d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:3c:c1:9f:2b:0c:13:e6:7e:a8:a8:40:b9:ab: 28:2e:90:02:af:a9:7e:9c:1a:bf:24:95:25:85:12: 46:c4:c7:b9:cc:08:e4:6e:57:56:58:4b:41:a7:5d: b9:43:74:ec:1c:64:34:d7:c1:7c:e0:df:d0:25:bb: 02:01:89:34:4d:4e:9c:b7:65:ab:01:e3:b7:05:87: b1:61:c2:cc:eb:22:a9:50:a6:ef:1a:04:57:22:a6: ca:53:bc:3a:a6:38:b6:cd:cc:06:47:0e:b3:d0:51: 41:88:b5:c8:1b:3c:e7:58:ab:61:c9:60:7a:0a:eb: b8:8b:a6:8d:37:b9:bc:4f:18:85:03:05:4d:e4:04: 2d:fc:74:04:a4:ab:ea:c4:19:22:c4:ac:3e:58:b1: d9:85:32:a0:e2:a3:df:a4:94:5c:3c:af:ae:21:b4: af:95:6e:c1:ce:31:93:02:96:00:4f:86:a6:6b:82: 32:d8:eb:99:4d:6d:2e:0a:c1:db:fa:c0:93:bd:4e: 5d:c2:cc:e0:45:f1:40:5a:5c:25:78:bc:bd:00:e5: 38:2b:b0:f0:81:9f:f8:24:da:e8:be:2c:1c:56:e7: f6:c6:ec:aa:d2:dc:5b:a9:d3:6b:3b:f1:b6:94:f6: aa:7d:ec:4f:6b:57:26:64:f3:c6:a9:3d:9b:8c:08: 30:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:61:EE:52:51:F5:A9:16:6E:76:E0:C4:AE:4E:A6:B9:71:CF:D4:95 X509v3 Authority Key Identifier: keyid:39:C4:39:67:57:00:87:F5:83:E4:25:A9:FE:9B:69:B9:50:6A:59:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5d:eb:87:09:7d:e2:41:f3:0c:c5:f2:fd:1c:28:6e:d3:de:b5: 9b:3a:ec:2d:06:ed:8b:16:1b:d3:06:a7:f5:23:10:26:c0:33: e5:3d:af:11:33:a3:39:6c:4b:fc:ff:d7:88:33:64:98:0d:b9: a1:81:77:3c:b4:a8:85:99:94:04:45:87:b4:05:46:38:21:6f: 3b:b9:1e:e0:39:a1:86:d4:f5:e8:f4:c8:ac:cb:c5:2b:a6:ac: 55:7c:27:02:e5:3d:35:c2:3a:63:ad:7e:8b:7b:3e:6a:cd:35: a2:5c:49:a1:7b:15:cb:56:b6:93:e0:5a:d7:63:73:61:36:96: 90:f1:40:da:09:40:8a:76:e5:10:95:73:c3:71:49:9c:1c:93: 82:c1:b7:fb:72:f2:72:c7:e6:32:8d:f1:6c:5d:6c:b2:ee:94: 22:c3:75:0a:68:51:d8:2c:21:70:da:f9:b1:7e:c4:ef:25:fc: 0f:23:4f:a1:60:da:9e:eb:d1:54:9d:dc:3f:e4:fe:e7:1d:02: 89:99:5f:6d:ae:cd:fe:b1:d4:80:eb:97:dc:2e:5e:9a:9a:13: 6f:1f:40:eb:5f:0c:2f:79:90:9d:0a:3a:72:27:ee:ed:09:d4: 8c:3b:2b:7e:b7:50:17:1d:1a:c0:27:c4:79:bb:d3:a1:fd:af: 36:79:1e:43 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICDFIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdENjcxMTAvBgNVBAUTKDM5QzQzOTY3NTcwMDg3RjU4M0U0MjVBOUZFOUI2OUI5 NTA2QTU5QkQwHhcNMjYwNDE3MDgxMDU3WhcNMjYwNDI0MDgxMDU3WjAYMRYwFAYD VQQDEw02OWUxZWIxMS1mNDlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAkjzBnysME+Z+qKhAuasoLpACr6l+nBq/JJUlhRJGxMe5zAjkbldWWEtBp125 Q3TsHGQ018F84N/QJbsCAYk0TU6ct2WrAeO3BYexYcLM6yKpUKbvGgRXIqbKU7w6 pji2zcwGRw6z0FFBiLXIGzznWKthyWB6Cuu4i6aNN7m8TxiFAwVN5AQt/HQEpKvq xBkixKw+WLHZhTKg4qPfpJRcPK+uIbSvlW7BzjGTApYAT4ama4Iy2OuZTW0uCsHb +sCTvU5dwszgRfFAWlwleLy9AOU4K7DwgZ/4JNroviwcVuf2xuyq0txbqdNrO/G2 lPaqfexPa1cmZPPGqT2bjAgwcwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFDph7lJR 9akWbnbgxK5Oprlxz9SVMB8GA1UdIwQYMBaAFDnEOWdXAIf1g+Qlqf6bablQalm9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0Q2Ny82OUU2QzE2QTQ0 MkExMUVCOTU5OUFEMzhDNEY5QUUwMi9PY1E1WjFjQWhfV0Q1Q1dwX3B0cHVWQnFX YjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09jUTVaMWNBaF9XRDVDV3BfcHRwdVZCcVdiMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 N0Q2Ny82OUU2QzE2QTQ0MkExMUVCOTU5OUFEMzhDNEY5QUUwMi9PY1E1WjFjQWhf V0Q1Q1dwX3B0cHVWQnFXYjAubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAXeuHCX3iQfMMxfL9HChu0961mzrsLQbtixYb0wan9SMQJsAz5T2vETOjOWxL /P/XiDNkmA25oYF3PLSohZmUBEWHtAVGOCFvO7ke4DmhhtT16PTIrMvFK6asVXwn AuU9NcI6Y61+i3s+as01olxJoXsVy1a2k+Ba12NzYTaWkPFA2glAinblEJVzw3FJ nByTgsG3+3LycsfmMo3xbF1ssu6UIsN1CmhR2CwhcNr5sX7E7yX8DyNPoWDanuvR VJ3cP+T+5x0CiZlfba7N/rHUgOuX3C5empoTbx9A618ML3mQnQo6cifu7QnUjDsr frdQFx0awCfEebvTof2vNnkeQw== -----END CERTIFICATE-----Generated at Fri Apr 17 09:41:56 2026 by rpki-client