$ rpki-client -vvf rpki.apnic.net/member_repository/A9170C53/DB63C9A2117611EE9C559A3EC4F9AE02/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.mft File: -UBKpSTUNX4MzGnH1A0-ZqLk5t8.mft (raw, json) Hash identifier: b7VDKDfgMqs2ejEDa8efyffoeGSyaSaEVnA06AmbDO0= Subject key identifier: 12:E3:60:94:59:24:8D:1C:88:6C:9B:4A:CF:74:C5:12:94:5F:64:DC Authority key identifier: F9:40:4A:A5:24:D4:35:7E:0C:CC:69:C7:D4:0D:3E:66:A2:E4:E6:DF Certificate issuer: /CN=A9170C53/serialNumber=F9404AA524D4357E0CCC69C7D40D3E66A2E4E6DF Certificate serial: 0216 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9170C53/DB63C9A2117611EE9C559A3EC4F9AE02/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.mft Manifest number: 0212 Signing time: Fri 17 Apr 2026 02:20:25 +0000 Manifest this update: Fri 17 Apr 2026 02:20:24 +0000 Manifest next update: Fri 24 Apr 2026 02:20:24 +0000 Files and hashes: 1: -UBKpSTUNX4MzGnH1A0-ZqLk5t8.crl (hash: 4wJIjyfOfZD26MDDsDGXPRWal+ZUm3+sSnvHEE5WT/s=) 2: C3BB51160DAC11EFB00E6B16C4F9AE02.roa (hash: +cbg7WTVhCN77TjlGhzVzZ8b4DdK8TdFQRR1HQcoMJ8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9170C53/DB63C9A2117611EE9C559A3EC4F9AE02/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.crl rsync://rpki.apnic.net/member_repository/A9170C53/DB63C9A2117611EE9C559A3EC4F9AE02/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Apr 2026 02:20:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 534 (0x216) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9170C53, serialNumber=F9404AA524D4357E0CCC69C7D40D3E66A2E4E6DF Validity Not Before: Apr 17 02:20:24 2026 GMT Not After : Apr 24 02:20:24 2026 GMT Subject: CN=69e198e9-22b5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:54:c0:66:2e:c5:81:6b:06:0e:b5:95:15:ca: b4:b3:0c:37:10:03:2f:f5:3b:2f:58:9b:57:ae:50: 59:67:16:63:ed:a6:fa:ee:cc:19:6f:99:76:1c:a3: d8:9c:2c:b9:7d:86:db:5a:02:de:b6:21:d0:30:dc: 49:81:dd:16:8e:a0:b0:17:f6:07:e7:07:f1:5f:e3: c0:20:87:13:d0:67:1f:44:30:20:29:3b:22:ab:c8: bb:d3:46:a8:d2:7f:f0:fb:1d:9f:63:85:db:bf:f9: 87:23:a4:63:28:07:aa:1d:dc:02:96:bc:6e:2e:56: 8e:97:c3:88:2f:00:e6:db:a5:8b:d0:e2:d1:4c:bc: 5b:59:f1:da:fc:5d:a4:5a:3a:fa:5b:7a:a4:3c:f5: 14:b6:c5:cb:79:e3:6d:ae:a9:14:8d:7a:0b:4b:7a: 97:91:b3:c7:92:5a:94:ae:b8:1f:7a:7b:d3:bc:fc: 42:13:2a:a0:d3:18:fe:64:6b:c6:ef:86:b9:cb:1d: 1c:5e:40:98:26:73:04:60:25:3a:dd:31:85:c9:e0: 50:7a:63:4f:d1:b4:d7:78:56:e7:19:44:43:d4:d6: d3:9a:6b:37:bb:ef:f0:2d:73:e8:16:48:c7:a8:5e: 2f:53:9b:3a:52:99:62:b9:11:cd:5f:67:fc:d9:b0: c6:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:E3:60:94:59:24:8D:1C:88:6C:9B:4A:CF:74:C5:12:94:5F:64:DC X509v3 Authority Key Identifier: keyid:F9:40:4A:A5:24:D4:35:7E:0C:CC:69:C7:D4:0D:3E:66:A2:E4:E6:DF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9170C53/DB63C9A2117611EE9C559A3EC4F9AE02/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170C53/DB63C9A2117611EE9C559A3EC4F9AE02/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bf:10:7b:38:76:5a:fb:97:21:37:78:5a:81:29:f5:55:1a:2d: 7e:0d:6c:a5:a9:8a:71:ad:34:24:7b:4e:0d:67:3b:7e:7b:54: 8a:e0:5c:19:41:d1:cb:9c:7d:2b:99:7e:66:ea:5d:1c:7d:08: 2e:ae:d7:6f:3b:b5:a0:bc:14:bc:c2:08:d5:2b:30:6d:ab:2c: ef:ca:43:78:14:b1:89:b8:0a:33:1d:9b:58:6f:91:ac:5f:dc: d5:d4:da:cf:64:c5:38:fc:2f:51:4f:7b:85:3d:ed:1b:df:69: 78:3c:67:c1:9d:f9:5b:b8:79:5e:6c:9a:9b:06:d9:d3:54:f2: 65:0c:06:7b:b0:f8:55:b9:0a:0c:a1:7c:6e:ef:07:28:a0:fb: 59:a7:ab:b8:20:c3:77:c9:2e:35:3b:c2:b8:2e:4e:e4:69:19: e9:ba:09:c4:7c:b4:dd:79:ea:5a:64:88:4e:3a:66:e1:75:bb: 71:17:90:0c:d7:36:0a:65:ae:37:c5:60:23:c0:ee:c7:15:db: 31:01:43:ad:9e:e1:58:33:6b:43:e3:b7:9e:ba:41:e5:c8:7e: a1:38:12:be:d7:9a:72:62:65:25:6b:ec:c6:59:05:02:ca:61: 09:e8:30:a1:5d:a0:e6:14:4b:8b:43:bd:ad:ce:75:5d:80:b8: 78:24:b9:fa -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICAhYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzBDNTMxMTAvBgNVBAUTKEY5NDA0QUE1MjRENDM1N0UwQ0NDNjlDN0Q0MEQzRTY2 QTJFNEU2REYwHhcNMjYwNDE3MDIyMDI0WhcNMjYwNDI0MDIyMDI0WjAYMRYwFAYD VQQDEw02OWUxOThlOS0yMmI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0FTAZi7FgWsGDrWVFcq0sww3EAMv9TsvWJtXrlBZZxZj7ab67swZb5l2HKPY nCy5fYbbWgLetiHQMNxJgd0WjqCwF/YH5wfxX+PAIIcT0GcfRDAgKTsiq8i700ao 0n/w+x2fY4Xbv/mHI6RjKAeqHdwClrxuLlaOl8OILwDm26WL0OLRTLxbWfHa/F2k Wjr6W3qkPPUUtsXLeeNtrqkUjXoLS3qXkbPHklqUrrgfenvTvPxCEyqg0xj+ZGvG 74a5yx0cXkCYJnMEYCU63TGFyeBQemNP0bTXeFbnGURD1NbTmms3u+/wLXPoFkjH qF4vU5s6UpliuRHNX2f82bDGhwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFBLjYJRZ JI0ciGybSs90xRKUX2TcMB8GA1UdIwQYMBaAFPlASqUk1DV+DMxpx9QNPmai5Obf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MEM1My9EQjYzQzlBMjEx NzYxMUVFOUM1NTlBM0VDNEY5QUUwMi8tVUJLcFNUVU5YNE16R25IMUEwLVpxTGs1 dDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLy1VQktwU1RVTlg0TXpHbkgxQTAtWnFMazV0OC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MEM1My9EQjYzQzlBMjExNzYxMUVFOUM1NTlBM0VDNEY5QUUwMi8tVUJLcFNUVU5Y NE16R25IMUEwLVpxTGs1dDgubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAvxB7OHZa+5chN3hagSn1VRotfg1spamKca00JHtODWc7fntUiuBcGUHRy5x9 K5l+ZupdHH0ILq7Xbzu1oLwUvMII1Sswbass78pDeBSxibgKMx2bWG+RrF/c1dTa z2TFOPwvUU97hT3tG99peDxnwZ35W7h5XmyamwbZ01TyZQwGe7D4VbkKDKF8bu8H KKD7WaeruCDDd8kuNTvCuC5O5GkZ6boJxHy03XnqWmSITjpm4XW7cReQDNc2CmWu N8VgI8DuxxXbMQFDrZ7hWDNrQ+O3nrpB5ch+oTgSvteacmJlJWvsxlkFAsphCegw oV2g5hRLi0O9rc51XYC4eCS5+g== -----END CERTIFICATE-----Generated at Fri Apr 17 16:58:50 2026 by rpki-client