$ rpki-client -vvf rpki.apnic.net/member_repository/A918B0B9/9CBF3D908FA011EAAA9BBA18C4F9AE02/XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.mft File: XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.mft (raw, json) Hash identifier: GnkiNePjbk+tLbA920fv6H8kvm11Ou3JXTyGZU4I1/g= Subject key identifier: AB:82:D7:38:7B:A0:23:21:60:93:A7:EC:DD:89:BE:99:04:2D:C6:E2 Authority key identifier: 5C:5A:4F:AE:4A:F0:1F:FD:C9:27:53:55:CC:BA:B8:C8:10:18:9F:54 Certificate issuer: /CN=A918B0B9/serialNumber=5C5A4FAE4AF01FFDC9275355CCBAB8C810189F54 Certificate serial: 0A33 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918B0B9/9CBF3D908FA011EAAA9BBA18C4F9AE02/XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.mft Manifest number: 0A1B Signing time: Sun 01 Mar 2026 22:32:10 +0000 Manifest this update: Sun 01 Mar 2026 22:32:08 +0000 Manifest next update: Sun 08 Mar 2026 22:32:08 +0000 Files and hashes: 1: XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.crl (hash: X1nt2P9o1h572gosNZ8zzikj/Ik+q7zfhWKeG7BkbW8=) 2: BED54F1A9B1611EA939F5A3FC4F9AE02.roa (hash: vTD8xn0iYmYF0FCpYg76YMcwnWDZovAXcFL69UbAO9c=) 3: 52F955A89B1511EA9BEFA53BC4F9AE02.roa (hash: ULVz6gtv7Lj17GsbY0DraIvlqeAo9m+ryNVdzpRY8/w=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918B0B9/9CBF3D908FA011EAAA9BBA18C4F9AE02/XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.crl rsync://rpki.apnic.net/member_repository/A918B0B9/9CBF3D908FA011EAAA9BBA18C4F9AE02/XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 22:32:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2611 (0xa33) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918B0B9, serialNumber=5C5A4FAE4AF01FFDC9275355CCBAB8C810189F54 Validity Not Before: Mar 1 22:32:08 2026 GMT Not After : Mar 8 22:32:08 2026 GMT Subject: CN=69a4be6a-d718 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:8e:b0:eb:43:f9:64:ea:92:2c:82:a2:de:3b: a4:1d:76:3e:c5:5b:d3:1c:71:68:d8:d4:11:2a:b7: 6d:6c:3e:b5:08:fa:d2:d4:72:57:f3:20:eb:b8:c7: b9:a0:f8:79:a1:19:dd:8c:8d:9b:59:75:30:4d:91: 7e:76:45:e1:59:b6:a3:25:be:43:95:03:a1:57:dc: 76:13:58:7a:05:37:39:4b:52:34:1c:68:68:15:a6: 20:7e:8e:3c:4c:81:c2:b9:8d:69:d5:01:56:ff:3c: 78:03:5c:81:a7:44:9d:9f:a4:d2:1b:ad:40:a0:19: 46:ed:40:de:e9:c6:ae:d4:45:a5:c9:25:61:c5:29: 4b:d1:7f:7d:ba:f4:39:c6:47:79:2e:f1:71:53:ab: 96:21:2f:f5:8c:06:25:18:d3:48:08:0a:f6:f8:c2: a5:4c:4b:6a:5e:7d:8b:7d:ed:8a:00:2c:26:fb:a1: 59:18:64:d4:db:4e:28:42:40:7c:dc:e4:58:1e:2b: ee:aa:dc:b0:2c:4b:99:48:b7:12:5d:cb:82:54:f8: ce:38:bb:f5:45:2a:2a:8c:e4:8b:c2:26:8d:8a:5d: 6b:12:ae:86:16:61:f7:2f:82:e6:2e:3b:44:7d:d5: 50:39:9b:e8:19:ab:18:85:0d:8e:6d:40:19:99:7e: a8:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:82:D7:38:7B:A0:23:21:60:93:A7:EC:DD:89:BE:99:04:2D:C6:E2 X509v3 Authority Key Identifier: keyid:5C:5A:4F:AE:4A:F0:1F:FD:C9:27:53:55:CC:BA:B8:C8:10:18:9F:54 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918B0B9/9CBF3D908FA011EAAA9BBA18C4F9AE02/XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918B0B9/9CBF3D908FA011EAAA9BBA18C4F9AE02/XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8b:a9:f4:ed:05:98:49:ae:79:a1:d1:24:ae:85:3c:aa:f4:fe: ef:39:05:41:61:c9:c5:46:78:a4:08:50:56:24:28:bd:42:8b: 1f:e1:eb:a1:13:bc:b0:df:ec:51:1c:9a:a4:d2:a4:51:be:36: 9d:4d:e8:86:81:9c:35:95:e6:78:48:83:e1:f8:ef:d8:00:84: b9:38:84:26:7a:72:35:28:48:32:71:e8:08:85:11:81:31:47: 13:0b:18:23:ab:7b:ef:33:da:3f:fb:7e:44:9b:9c:9f:d3:1a: 5c:26:c5:af:0f:b4:15:a9:e0:b6:73:45:41:18:15:52:50:4e: dd:58:0c:84:3d:2b:ec:df:a1:dd:ca:ca:0a:63:e0:65:ec:a8: d1:f1:50:ce:1c:8c:e1:32:a0:b0:0f:4f:ca:f1:ac:df:29:75: c4:76:a3:f6:2f:d1:d6:83:fb:26:fd:a2:1e:b7:07:f3:9f:51: a8:07:c1:11:d5:ad:14:31:85:16:ce:cd:21:7d:b3:94:48:d9: 4e:fd:eb:81:ef:4c:e2:88:80:d8:ed:43:3e:02:1d:fd:5f:c3: d9:0c:ee:11:73:d6:4e:3d:15:0f:7b:25:a0:c0:cc:4f:bd:60: 8e:e7:bb:33:ab:1e:8e:74:05:50:d9:1a:a5:32:0e:94:28:22: 6b:85:02:38 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICCjMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEIwQjkxMTAvBgNVBAUTKDVDNUE0RkFFNEFGMDFGRkRDOTI3NTM1NUNDQkFCOEM4 MTAxODlGNTQwHhcNMjYwMzAxMjIzMjA4WhcNMjYwMzA4MjIzMjA4WjAYMRYwFAYD VQQDEw02OWE0YmU2YS1kNzE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuY6w60P5ZOqSLIKi3jukHXY+xVvTHHFo2NQRKrdtbD61CPrS1HJX8yDruMe5 oPh5oRndjI2bWXUwTZF+dkXhWbajJb5DlQOhV9x2E1h6BTc5S1I0HGhoFaYgfo48 TIHCuY1p1QFW/zx4A1yBp0Sdn6TSG61AoBlG7UDe6cau1EWlySVhxSlL0X99uvQ5 xkd5LvFxU6uWIS/1jAYlGNNICAr2+MKlTEtqXn2Lfe2KACwm+6FZGGTU204oQkB8 3ORYHivuqtywLEuZSLcSXcuCVPjOOLv1RSoqjOSLwiaNil1rEq6GFmH3L4LmLjtE fdVQOZvoGasYhQ2ObUAZmX6oywIDAQABo4ICczCCAm8wHQYDVR0OBBYEFKuC1zh7 oCMhYJOn7N2JvpkELcbiMB8GA1UdIwQYMBaAFFxaT65K8B/9ySdTVcy6uMgQGJ9U MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QjBCOS85Q0JGM0Q5MDhG QTAxMUVBQUE5QkJBMThDNEY5QUUwMi9YRnBQcmtyd0hfM0pKMU5WekxxNHlCQVlu MVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hGcFBya3J3SF8zSkoxTlZ6THE0eUJBWW4xUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 QjBCOS85Q0JGM0Q5MDhGQTAxMUVBQUE5QkJBMThDNEY5QUUwMi9YRnBQcmtyd0hf M0pKMU5WekxxNHlCQVluMVEubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAi6n07QWYSa55odEkroU8qvT+7zkFQWHJxUZ4pAhQViQovUKLH+HroRO8sN/s URyapNKkUb42nU3ohoGcNZXmeEiD4fjv2ACEuTiEJnpyNShIMnHoCIURgTFHEwsY I6t77zPaP/t+RJucn9MaXCbFrw+0FangtnNFQRgVUlBO3VgMhD0r7N+h3crKCmPg Zeyo0fFQzhyM4TKgsA9PyvGs3yl1xHaj9i/R1oP7Jv2iHrcH859RqAfBEdWtFDGF Fs7NIX2zlEjZTv3rge9M4oiA2O1DPgId/V/D2QzuEXPWTj0VD3sloMDMT71gjue7 M6sejnQFUNkapTIOlCgia4UCOA== -----END CERTIFICATE-----Generated at Mon Mar 2 04:59:54 2026 by rpki-client