$ rpki-client -vvf rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.mft File: OxaIpfe3JKr754IKLGPZey6o5SI.mft (raw, json) Hash identifier: U6cDG+NV7G4nVwcHwChw5HmcWLXHFYQ2QOn7GXdPlHs= Subject key identifier: 42:AF:1B:AD:6F:8C:C9:96:FD:BA:72:9E:53:D5:28:A1:BB:2D:FF:DD Authority key identifier: 3B:16:88:A5:F7:B7:24:AA:FB:E7:82:0A:2C:63:D9:7B:2E:A8:E5:22 Certificate issuer: /CN=A91772FA/serialNumber=3B1688A5F7B724AAFBE7820A2C63D97B2EA8E522 Certificate serial: 03AF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OxaIpfe3JKr754IKLGPZey6o5SI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.mft Manifest number: 03A7 Signing time: Sun 01 Mar 2026 01:33:20 +0000 Manifest this update: Sun 01 Mar 2026 01:33:20 +0000 Manifest next update: Sun 08 Mar 2026 01:33:20 +0000 Files and hashes: 1: OxaIpfe3JKr754IKLGPZey6o5SI.crl (hash: klQ7bJS68M9uC0OzKUp7yJd2G3P1PLMrj+A83b257Q4=) 2: 2D613294CD7611EC83259862C4F9AE02.roa (hash: HUqC6JNil8MpabByxXZUWUh1z061818LFUdkHBUaghY=) 3: EF8CB49CD78F11EC91680D49C4F9AE02.roa (hash: m1T9GaVF/kOA3y3lDclBiCBdGMqPbCm1SzZbjGctr8o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.crl rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OxaIpfe3JKr754IKLGPZey6o5SI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 01:33:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 943 (0x3af) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91772FA, serialNumber=3B1688A5F7B724AAFBE7820A2C63D97B2EA8E522 Validity Not Before: Mar 1 01:33:20 2026 GMT Not After : Mar 8 01:33:20 2026 GMT Subject: CN=69a39760-c01c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:2f:22:ad:71:33:15:17:30:07:05:65:7f:d3: e8:e4:cb:bf:30:9f:37:89:81:5a:e4:87:cf:ec:b2: eb:ca:28:bb:18:c5:16:70:bc:71:30:51:e6:35:b4: 2c:e6:d4:5f:7d:57:c5:ce:13:f1:3f:e8:27:70:95: 7d:94:43:3d:76:2c:23:cc:44:51:24:01:c7:42:cb: 7c:80:ef:96:44:3d:38:33:a8:24:26:01:2a:c2:69: 9c:48:27:d9:ff:13:9c:73:86:76:a7:84:09:d1:cd: 10:5f:7b:83:53:70:3a:66:88:f9:8d:4c:52:7c:b7: 3e:33:5e:47:ed:18:3b:7b:03:9f:2f:22:f2:35:43: 8e:e8:0c:7f:59:09:b1:df:57:0f:37:b5:cd:82:12: b8:8f:44:e8:a4:c1:cf:75:ab:52:26:75:17:56:18: 21:f1:b9:be:8d:2a:22:05:ff:25:d6:e9:f7:2d:6b: 54:ce:a8:85:74:39:cd:05:33:e8:1f:d2:69:12:2f: 43:b8:8b:70:c3:a3:bd:84:6c:75:56:71:ec:e4:63: 50:e1:b0:e7:89:38:2b:45:d8:ae:62:44:cb:0f:ae: 31:f2:65:96:54:b3:d0:dc:9e:5b:32:7a:d9:70:c3: 5b:ee:1d:7d:e4:0f:b5:39:6d:fe:e7:99:85:f8:e0: c1:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:AF:1B:AD:6F:8C:C9:96:FD:BA:72:9E:53:D5:28:A1:BB:2D:FF:DD X509v3 Authority Key Identifier: keyid:3B:16:88:A5:F7:B7:24:AA:FB:E7:82:0A:2C:63:D9:7B:2E:A8:E5:22 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OxaIpfe3JKr754IKLGPZey6o5SI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3b:82:1a:30:9a:59:cd:8b:77:47:79:48:ff:3c:f9:ad:38:92: f8:c7:ba:a2:b4:98:4e:17:91:c3:0c:8e:01:a1:9e:01:cf:7e: 0b:59:58:0e:a1:36:3d:d2:f8:21:74:8e:ee:de:8b:bc:f0:2a: 97:e7:d3:e6:1e:81:da:7a:b1:65:45:2a:35:70:05:98:6d:3c: c6:e1:7c:37:a3:94:9f:c4:d1:37:83:c6:4b:be:e1:dc:fd:cc: a0:7d:83:c6:a9:00:30:8f:c1:89:53:e6:4f:37:47:24:fb:ba: 3b:c3:c9:70:f3:51:38:51:7e:db:7f:e4:75:a2:0c:2e:81:52: 3b:25:40:b5:1f:83:7e:6e:f4:a6:e0:56:20:5e:a1:07:f5:02: 6f:bd:5d:81:11:f4:22:cc:d9:c3:b6:e4:15:c8:5f:cf:45:55: ad:90:bf:31:3e:18:de:40:1e:11:82:e2:4f:0f:01:a1:e2:28: 79:aa:e5:4f:95:be:f0:8f:b1:a4:76:9b:41:85:90:4c:3f:45: a3:2f:22:fa:c9:cd:bd:dc:f4:14:a7:34:85:a8:b6:f6:49:a5: c6:f0:03:c9:46:ea:11:13:67:ec:ee:10:4d:f3:2b:28:09:07: 17:e9:68:22:1b:87:9b:4e:60:86:21:d0:31:50:59:d2:ee:af: c0:c7:89:93 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICA68wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzcyRkExMTAvBgNVBAUTKDNCMTY4OEE1RjdCNzI0QUFGQkU3ODIwQTJDNjNEOTdC MkVBOEU1MjIwHhcNMjYwMzAxMDEzMzIwWhcNMjYwMzA4MDEzMzIwWjAYMRYwFAYD VQQDDA02OWEzOTc2MC1jMDFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuS8irXEzFRcwBwVlf9Po5Mu/MJ83iYFa5IfP7LLryii7GMUWcLxxMFHmNbQs 5tRffVfFzhPxP+gncJV9lEM9diwjzERRJAHHQst8gO+WRD04M6gkJgEqwmmcSCfZ /xOcc4Z2p4QJ0c0QX3uDU3A6Zoj5jUxSfLc+M15H7Rg7ewOfLyLyNUOO6Ax/WQmx 31cPN7XNghK4j0TopMHPdatSJnUXVhgh8bm+jSoiBf8l1un3LWtUzqiFdDnNBTPo H9JpEi9DuItww6O9hGx1VnHs5GNQ4bDniTgrRdiuYkTLD64x8mWWVLPQ3J5bMnrZ cMNb7h195A+1OW3+55mF+ODBYwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFEKvG61v jMmW/bpynlPVKKG7Lf/dMB8GA1UdIwQYMBaAFDsWiKX3tySq++eCCixj2XsuqOUi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NzJGQS9ENzI0NDU2MkNE NzMxMUVDQTBBQTgwNjFDNEY5QUUwMi9PeGFJcGZlM0pLcjc1NElLTEdQWmV5Nm81 U0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL094YUlwZmUzSktyNzU0SUtMR1BaZXk2bzVTSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 NzJGQS9ENzI0NDU2MkNENzMxMUVDQTBBQTgwNjFDNEY5QUUwMi9PeGFJcGZlM0pL cjc1NElLTEdQWmV5Nm81U0kubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAO4IaMJpZzYt3R3lI/zz5rTiS+Me6orSYTheRwwyOAaGeAc9+C1lYDqE2PdL4 IXSO7t6LvPAql+fT5h6B2nqxZUUqNXAFmG08xuF8N6OUn8TRN4PGS77h3P3MoH2D xqkAMI/BiVPmTzdHJPu6O8PJcPNROFF+23/kdaIMLoFSOyVAtR+Dfm70puBWIF6h B/UCb71dgRH0IszZw7bkFchfz0VVrZC/MT4Y3kAeEYLiTw8BoeIoearlT5W+8I+x pHabQYWQTD9Foy8i+snNvdz0FKc0hai29kmlxvADyUbqERNn7O4QTfMrKAkHF+lo IhuHm05ghiHQMVBZ0u6vwMeJkw== -----END CERTIFICATE-----Generated at Sun Mar 1 20:54:01 2026 by rpki-client