$ rpki-client -vvf rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.mft File: OxaIpfe3JKr754IKLGPZey6o5SI.mft (raw, json) Hash identifier: z5uW61fgnOektG9BiIz9VOjU4+PxV2ZzFjlYxB2Nv+s= Subject key identifier: C5:F1:51:A0:5D:7F:A1:66:DB:E7:88:CD:C6:60:66:BC:67:F8:1F:D4 Authority key identifier: 3B:16:88:A5:F7:B7:24:AA:FB:E7:82:0A:2C:63:D9:7B:2E:A8:E5:22 Certificate issuer: /CN=A91772FA/serialNumber=3B1688A5F7B724AAFBE7820A2C63D97B2EA8E522 Certificate serial: 03CB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OxaIpfe3JKr754IKLGPZey6o5SI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.mft Manifest number: 03C1 Signing time: Fri 17 Apr 2026 00:32:24 +0000 Manifest this update: Fri 17 Apr 2026 00:32:24 +0000 Manifest next update: Fri 24 Apr 2026 00:32:24 +0000 Files and hashes: 1: OxaIpfe3JKr754IKLGPZey6o5SI.crl (hash: PDujGKkVmIKKm7UcZSD4WZggNtzhsETYlC/0x3hlmOw=) 2: 2D613294CD7611EC83259862C4F9AE02.roa (hash: 6eoyUSOvVZ6K062G+XqAjy4oqU5ot0onLxElkewTe48=) 3: EF8CB49CD78F11EC91680D49C4F9AE02.roa (hash: M2pvQ304fe+2dKpg+pZivkjVtCyNRoxTwvcWntgc488=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.crl rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OxaIpfe3JKr754IKLGPZey6o5SI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Apr 2026 00:32:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 971 (0x3cb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91772FA, serialNumber=3B1688A5F7B724AAFBE7820A2C63D97B2EA8E522 Validity Not Before: Apr 17 00:32:24 2026 GMT Not After : Apr 24 00:32:24 2026 GMT Subject: CN=69e17f98-b41a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:52:bc:52:f7:b1:f4:4c:b6:e1:a3:34:85:02: cb:e3:42:b3:b6:57:41:23:a0:7f:6a:a4:34:6f:4f: 10:7c:71:3d:8a:85:04:3e:0e:d4:52:ed:44:d8:a1: 14:a0:61:52:9b:4c:a1:de:d5:ff:52:19:a5:a5:65: a3:46:82:3f:bd:da:e8:1e:9b:33:2f:5e:92:47:e4: e8:ab:fe:6e:8d:e4:5e:5d:26:e3:03:51:86:75:ed: 8f:e6:b8:e3:21:b7:c8:03:6d:1b:61:d3:19:24:d1: ad:dd:b5:e3:25:1a:8f:68:a6:37:9c:f2:5b:c4:c7: 73:c7:fc:24:64:9b:c3:45:a0:f9:a2:23:c5:09:4f: d2:c6:b1:81:71:6c:45:34:82:92:c0:69:fc:cb:e8: cc:93:f6:06:3e:0d:9a:85:96:09:d7:ef:11:ff:78: 3f:d7:3f:cf:16:ce:cd:60:9b:09:b3:c5:18:d6:02: 42:c9:08:36:37:bf:81:2b:51:a6:2d:be:1a:81:68: 0a:70:b1:fe:a3:be:bd:67:d4:ce:e2:ef:56:6b:57: be:9c:14:52:89:dd:e1:2c:8d:ac:c5:dd:ac:b8:90: 8b:08:f4:75:0a:31:2d:b0:4f:a7:ae:86:dc:fa:7c: 23:9d:c6:4b:55:15:d0:4d:54:e8:64:7d:3c:51:35: 59:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:F1:51:A0:5D:7F:A1:66:DB:E7:88:CD:C6:60:66:BC:67:F8:1F:D4 X509v3 Authority Key Identifier: keyid:3B:16:88:A5:F7:B7:24:AA:FB:E7:82:0A:2C:63:D9:7B:2E:A8:E5:22 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OxaIpfe3JKr754IKLGPZey6o5SI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1b:b5:c4:57:41:e8:c3:f9:5f:ed:5b:93:e4:d0:b0:f7:87:7b: df:bb:dd:93:79:1c:28:43:30:ef:2d:5d:78:4d:c9:3b:a7:00: 31:c2:40:63:38:5c:94:73:35:c4:72:63:9b:9f:ac:9e:ae:cf: 19:ba:69:5b:c8:71:a7:a2:52:3c:63:a7:4c:08:7a:da:4c:6a: 9d:f8:0e:dd:39:a4:8f:4c:de:0f:f9:c1:e1:49:47:f4:1f:d0: ae:a9:b0:e3:51:13:4f:f0:26:92:a6:87:3a:53:15:18:35:f5: 80:71:c1:d4:c1:30:3f:5b:fd:ec:25:b2:fd:4a:b2:53:7c:18: 28:a2:40:cf:08:3b:f4:71:69:45:33:ad:e9:e1:97:7c:2a:54: d5:b7:e2:5f:d8:00:8f:e1:c3:b3:14:b3:c6:1b:75:1c:66:4b: 9e:ed:fe:b5:76:b9:f3:c0:bf:83:be:c9:e1:4f:46:4e:df:e4: 2d:62:d0:af:e4:c3:9a:63:59:1d:fc:09:b3:93:57:15:cd:20: a6:99:b7:dc:71:d5:f5:4f:5c:29:cc:51:36:d5:19:af:f5:4f: b2:51:a4:b6:28:6b:23:ea:94:70:92:f5:b7:f4:70:53:4c:cc: 91:a5:43:3f:2a:1c:a5:73:b6:13:08:43:33:a7:2c:84:1f:f0: 92:af:f6:84 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICA8swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzcyRkExMTAvBgNVBAUTKDNCMTY4OEE1RjdCNzI0QUFGQkU3ODIwQTJDNjNEOTdC MkVBOEU1MjIwHhcNMjYwNDE3MDAzMjI0WhcNMjYwNDI0MDAzMjI0WjAYMRYwFAYD VQQDEw02OWUxN2Y5OC1iNDFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw1K8Uvex9Ey24aM0hQLL40KztldBI6B/aqQ0b08QfHE9ioUEPg7UUu1E2KEU oGFSm0yh3tX/UhmlpWWjRoI/vdroHpszL16SR+Toq/5ujeReXSbjA1GGde2P5rjj IbfIA20bYdMZJNGt3bXjJRqPaKY3nPJbxMdzx/wkZJvDRaD5oiPFCU/SxrGBcWxF NIKSwGn8y+jMk/YGPg2ahZYJ1+8R/3g/1z/PFs7NYJsJs8UY1gJCyQg2N7+BK1Gm Lb4agWgKcLH+o769Z9TO4u9Wa1e+nBRSid3hLI2sxd2suJCLCPR1CjEtsE+nrobc +nwjncZLVRXQTVToZH08UTVZ0wIDAQABo4ICczCCAm8wHQYDVR0OBBYEFMXxUaBd f6Fm2+eIzcZgZrxn+B/UMB8GA1UdIwQYMBaAFDsWiKX3tySq++eCCixj2XsuqOUi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NzJGQS9ENzI0NDU2MkNE NzMxMUVDQTBBQTgwNjFDNEY5QUUwMi9PeGFJcGZlM0pLcjc1NElLTEdQWmV5Nm81 U0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL094YUlwZmUzSktyNzU0SUtMR1BaZXk2bzVTSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 NzJGQS9ENzI0NDU2MkNENzMxMUVDQTBBQTgwNjFDNEY5QUUwMi9PeGFJcGZlM0pL cjc1NElLTEdQWmV5Nm81U0kubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAG7XEV0How/lf7VuT5NCw94d737vdk3kcKEMw7y1deE3JO6cAMcJAYzhclHM1 xHJjm5+snq7PGbppW8hxp6JSPGOnTAh62kxqnfgO3Tmkj0zeD/nB4UlH9B/Qrqmw 41ETT/AmkqaHOlMVGDX1gHHB1MEwP1v97CWy/UqyU3wYKKJAzwg79HFpRTOt6eGX fCpU1bfiX9gAj+HDsxSzxht1HGZLnu3+tXa588C/g77J4U9GTt/kLWLQr+TDmmNZ HfwJs5NXFc0gppm33HHV9U9cKcxRNtUZr/VPslGktihrI+qUcJL1t/RwU0zMkaVD PyocpXO2EwhDM6cshB/wkq/2hA== -----END CERTIFICATE-----Generated at Fri Apr 17 17:01:12 2026 by rpki-client