$ rpki-client -vvf rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.mft File: dg5qfwi3L_gOtW9nUDI7Fkpw2h0.mft (raw, json) Hash identifier: Rt4Q80V/bccmXhBE+Mq8A8Iro4tNAtCxtXCvQi3E0a4= Subject key identifier: 5A:43:58:6E:97:A3:FC:8E:2B:57:EC:0E:E3:9F:D2:43:C6:03:F0:46 Authority key identifier: 76:0E:6A:7F:08:B7:2F:F8:0E:B5:6F:67:50:32:3B:16:4A:70:DA:1D Certificate issuer: /CN=A9157DAE/serialNumber=760E6A7F08B72FF80EB56F6750323B164A70DA1D Certificate serial: 04F9 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.mft Manifest number: 04DF Signing time: Sat 28 Feb 2026 17:06:49 +0000 Manifest this update: Sat 28 Feb 2026 17:06:49 +0000 Manifest next update: Sat 07 Mar 2026 17:06:49 +0000 Files and hashes: 1: dg5qfwi3L_gOtW9nUDI7Fkpw2h0.crl (hash: kFjiV4ZiIrYyyUdhRPfNrEfIC7bjXpJb0i4ICVfwsCo=) 2: D36F0B6ECF4411ECB6B61825C4F9AE02.roa (hash: DmIrGfhktKfgLCQnjaBl110FFfgBFAV9ezdr8MQEUXY=) 3: F5A921B85BE911EF8624AA20C4F9AE02.roa (hash: LSEFGm5YHmuzFm7AHwmKEbs7DnP8Z8GxvqismyoqpxY=) 4: 1479C514596A11ECB1394271C4F9AE02.roa (hash: Wyxy9+iCUkuevTtRSNVP3QalBsjOjf/cD3BqszIe2mo=) 5: 13EE3260596A11ECB1394271C4F9AE02.roa (hash: pNXwK+NLW6WN3eFo++mYFK5ET5lmuZ4PR6VBVBIThu8=) 6: F91F0C028A2E11EC98A2702CC4F9AE02.roa (hash: KlPccjW9S2oslSs/m9+b9l8M4oIVNWUx4ZPvJF9e3h0=) 7: 9CD16392309711F09EFD0C4CC4F9AE02.roa (hash: gnyXtw8DPj8NyIoRF5c+juRZssMLm6JD2BAlodHTge8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.crl rsync://rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Mar 2026 17:06:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1273 (0x4f9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157DAE, serialNumber=760E6A7F08B72FF80EB56F6750323B164A70DA1D Validity Not Before: Feb 28 17:06:49 2026 GMT Not After : Mar 7 17:06:49 2026 GMT Subject: CN=69a320a9-fa43 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:00:fc:f1:bf:a0:0e:c1:7b:b9:61:2b:70:d2: d2:14:74:e0:28:c2:61:d3:8a:9f:be:d3:fd:7d:ed: 3d:49:19:7e:29:e0:e5:65:5d:fe:3b:9b:fa:73:34: a1:a8:d6:f4:50:71:dc:0c:b6:d7:27:6f:d5:20:b8: 68:c2:91:cc:07:06:75:20:a8:12:49:70:77:53:e3: 91:24:27:a4:9d:1e:37:70:19:f5:92:5e:fa:34:68: 4e:67:2c:14:41:31:c6:d5:47:44:39:de:65:ca:e1: d0:2b:8f:89:13:ed:37:9f:34:94:d9:87:f6:1a:d2: ff:35:e8:9c:3e:83:f6:a0:f8:24:bd:3f:ea:ff:69: 78:a4:6b:cf:ef:7c:94:2a:a5:ad:2b:5a:ad:f2:a6: d5:cd:9c:2f:f1:5a:c2:cd:a8:49:61:ae:e6:b0:5c: e4:1d:2d:0f:e0:96:21:b6:ce:20:e7:e4:ec:e4:b1: 9d:df:26:67:9a:6a:2b:72:34:e3:ff:9b:6a:7c:03: a7:34:39:ff:53:99:88:96:85:57:ea:80:8f:2c:9c: 05:c1:ca:57:b1:de:c3:06:a7:fc:39:b1:7d:65:aa: f7:ad:41:42:45:08:98:e7:45:86:17:1f:fc:21:56: 5f:f0:9e:40:33:8a:5d:2e:3f:78:40:57:45:fe:fb: 61:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:43:58:6E:97:A3:FC:8E:2B:57:EC:0E:E3:9F:D2:43:C6:03:F0:46 X509v3 Authority Key Identifier: keyid:76:0E:6A:7F:08:B7:2F:F8:0E:B5:6F:67:50:32:3B:16:4A:70:DA:1D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5c:7c:a3:5d:d7:d3:ef:21:84:b2:2c:db:de:e2:8c:0e:79:e8: 4d:b4:7f:11:36:49:66:a1:98:6b:6a:50:f3:9f:05:67:31:dc: 77:01:5c:d7:12:15:6d:dc:bd:eb:a9:29:d9:51:09:d9:73:c0: 9a:7a:c2:66:f1:84:4c:88:82:21:fe:42:4d:6d:06:26:ba:16: 6f:fb:0b:8d:d6:c7:dc:c0:f3:7b:1e:d7:3a:ba:88:b4:ee:44: 75:f4:5c:74:de:ca:dc:e7:2c:87:cf:1e:94:08:a6:b7:61:76: 4d:9a:6b:d6:ab:fa:f1:99:1f:23:61:4d:54:48:ce:03:d9:c8: 95:89:60:fd:da:fe:55:a6:eb:f8:0d:49:47:8f:f1:77:94:1a: 99:0f:63:79:6c:46:ea:c3:c6:d5:8d:6b:b7:2f:b7:b0:c4:2f: bd:65:ad:5b:61:6f:20:6b:26:0f:f9:2e:39:ae:1a:ee:95:1c: 38:0e:70:e2:dd:42:d1:79:58:68:8f:60:f2:84:fc:6b:a0:3e: 6e:39:75:7a:44:9f:7f:02:24:2d:3b:38:22:cd:32:12:71:02: 79:6d:34:1a:ab:f2:ec:be:47:a6:2b:bf:3b:59:7f:bb:7a:dc: 36:bc:df:1c:69:ed:14:bb:ca:b1:12:08:0d:5a:f5:8b:b3:59: e5:bc:5b:a8 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICBPkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdEQUUxMTAvBgNVBAUTKDc2MEU2QTdGMDhCNzJGRjgwRUI1NkY2NzUwMzIzQjE2 NEE3MERBMUQwHhcNMjYwMjI4MTcwNjQ5WhcNMjYwMzA3MTcwNjQ5WjAYMRYwFAYD VQQDDA02OWEzMjBhOS1mYTQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnwD88b+gDsF7uWErcNLSFHTgKMJh04qfvtP9fe09SRl+KeDlZV3+O5v6czSh qNb0UHHcDLbXJ2/VILhowpHMBwZ1IKgSSXB3U+ORJCeknR43cBn1kl76NGhOZywU QTHG1UdEOd5lyuHQK4+JE+03nzSU2Yf2GtL/NeicPoP2oPgkvT/q/2l4pGvP73yU KqWtK1qt8qbVzZwv8VrCzahJYa7msFzkHS0P4JYhts4g5+Ts5LGd3yZnmmorcjTj /5tqfAOnNDn/U5mIloVX6oCPLJwFwcpXsd7DBqf8ObF9Zar3rUFCRQiY50WGFx/8 IVZf8J5AM4pdLj94QFdF/vthrwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFFpDWG6X o/yOK1fsDuOf0kPGA/BGMB8GA1UdIwQYMBaAFHYOan8Ity/4DrVvZ1AyOxZKcNod MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0RBRS81QjRDNEUzNjU5 NjkxMUVDOTRBM0U3NzBDNEY5QUUwMi9kZzVxZndpM0xfZ090VzluVURJN0ZrcHcy aDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2RnNXFmd2kzTF9nT3RXOW5VREk3RmtwdzJoMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 N0RBRS81QjRDNEUzNjU5NjkxMUVDOTRBM0U3NzBDNEY5QUUwMi9kZzVxZndpM0xf Z090VzluVURJN0ZrcHcyaDAubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAXHyjXdfT7yGEsizb3uKMDnnoTbR/ETZJZqGYa2pQ858FZzHcdwFc1xIVbdy9 66kp2VEJ2XPAmnrCZvGETIiCIf5CTW0GJroWb/sLjdbH3MDzex7XOrqItO5EdfRc dN7K3Ocsh88elAimt2F2TZpr1qv68ZkfI2FNVEjOA9nIlYlg/dr+Vabr+A1JR4/x d5QamQ9jeWxG6sPG1Y1rty+3sMQvvWWtW2FvIGsmD/kuOa4a7pUcOA5w4t1C0XlY aI9g8oT8a6A+bjl1ekSffwIkLTs4Is0yEnECeW00Gqvy7L5Hpiu/O1l/u3rcNrzf HGntFLvKsRIIDVr1i7NZ5bxbqA== -----END CERTIFICATE-----Generated at Sun Mar 1 22:34:08 2026 by rpki-client