$ rpki-client -vvf rpki.apnic.net/member_repository/A918B0B9/9CBF3D908FA011EAAA9BBA18C4F9AE02/XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.mft File: XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.mft (raw, json) Hash identifier: 8J8FYqFI0dQkbZx4VHvze0yhljXUCTghU6U8SAqedCY= Subject key identifier: 40:6B:E9:0E:2D:0B:99:1A:14:B3:9D:E4:0F:7B:90:48:7A:5A:A9:63 Authority key identifier: 5C:5A:4F:AE:4A:F0:1F:FD:C9:27:53:55:CC:BA:B8:C8:10:18:9F:54 Certificate issuer: /CN=A918B0B9/serialNumber=5C5A4FAE4AF01FFDC9275355CCBAB8C810189F54 Certificate serial: 0A4E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918B0B9/9CBF3D908FA011EAAA9BBA18C4F9AE02/XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.mft Manifest number: 0A34 Signing time: Thu 16 Apr 2026 19:40:57 +0000 Manifest this update: Thu 16 Apr 2026 19:40:57 +0000 Manifest next update: Thu 23 Apr 2026 19:40:57 +0000 Files and hashes: 1: XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.crl (hash: sedIW6aexusB+l1neb8DBm0jpsWbq87TiUOOeoB5KMg=) 2: BED54F1A9B1611EA939F5A3FC4F9AE02.roa (hash: onxrfn2R6ig2K9q93zM3JJGyF8TFo8y2BhAaG52JL84=) 3: 52F955A89B1511EA9BEFA53BC4F9AE02.roa (hash: mNeRqaSY4bVJ7ErHkgjVt3OEqspS9nVqduSxSH22Fmw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918B0B9/9CBF3D908FA011EAAA9BBA18C4F9AE02/XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.crl rsync://rpki.apnic.net/member_repository/A918B0B9/9CBF3D908FA011EAAA9BBA18C4F9AE02/XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Apr 2026 19:40:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2638 (0xa4e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918B0B9, serialNumber=5C5A4FAE4AF01FFDC9275355CCBAB8C810189F54 Validity Not Before: Apr 16 19:40:57 2026 GMT Not After : Apr 23 19:40:57 2026 GMT Subject: CN=69e13b49-ef13 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:1b:e0:7b:c7:c5:2c:2c:19:84:fc:4d:06:4d: 08:b7:2e:b9:db:89:8b:4a:77:ad:01:98:48:b6:70: cd:77:35:9e:a9:27:45:36:db:8f:f9:9f:a1:8d:54: d0:e6:85:17:4e:51:20:bd:47:02:dc:72:ad:6f:81: 64:0e:ca:a5:5a:87:00:8f:61:64:63:a9:7c:07:4c: 56:f2:c3:f6:f7:bf:9c:76:73:37:b6:de:d0:40:ba: 3c:2d:67:90:2c:43:ec:4c:72:55:b9:91:9c:12:c4: be:92:fb:5c:a4:f8:20:a3:49:9a:ed:64:ff:4e:e2: 58:c3:63:f8:bc:3f:d7:3f:8c:e9:44:2a:18:67:20: 26:6a:6d:91:22:44:27:f8:59:d0:af:ab:e5:1a:62: 43:ea:68:c5:e2:df:4e:45:62:72:8d:cb:d6:f4:a5: 6f:cd:04:3e:3a:31:9a:1e:d1:bd:79:0b:32:97:9d: ed:53:a0:30:36:8b:99:10:dc:f4:d1:6a:ae:f1:45: a2:4f:a1:9a:8c:6b:95:55:a3:18:38:74:68:be:0e: 61:c2:cc:03:b0:a1:67:32:d7:7b:bf:1b:1e:02:ec: 8d:14:6c:d3:02:cf:1a:e1:1d:10:c6:61:6c:5b:1b: 91:fa:40:31:e5:98:45:9c:57:8a:48:12:9f:a9:4c: 8e:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:6B:E9:0E:2D:0B:99:1A:14:B3:9D:E4:0F:7B:90:48:7A:5A:A9:63 X509v3 Authority Key Identifier: keyid:5C:5A:4F:AE:4A:F0:1F:FD:C9:27:53:55:CC:BA:B8:C8:10:18:9F:54 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918B0B9/9CBF3D908FA011EAAA9BBA18C4F9AE02/XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918B0B9/9CBF3D908FA011EAAA9BBA18C4F9AE02/XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7d:36:3f:af:ea:2e:13:ef:77:20:8d:8f:7b:23:44:da:da:e2: a3:d7:5d:5e:75:de:f7:0e:5e:ce:40:48:45:34:05:b4:74:1d: 29:a1:17:dc:f5:63:1d:2e:f7:b7:64:5f:94:4a:c2:a8:71:f8: a5:d9:55:ff:13:55:03:07:fb:5b:16:d4:b2:7c:cc:f2:90:7f: c0:e1:c5:f2:38:0d:93:21:42:49:52:d2:a8:6a:70:f1:4c:d0: 2d:43:32:e1:c4:bf:5c:91:0a:16:3e:c7:74:d8:dd:05:7d:6f: 4b:bc:84:87:ab:17:2c:f2:ab:ea:c7:df:a5:19:ee:de:26:7c: 70:97:b4:38:98:7f:49:31:e7:39:7e:40:94:9e:ef:82:5b:70: 99:b6:c3:c0:6d:72:05:16:0d:d6:39:95:86:fe:ab:e9:cd:af: f8:d9:eb:c5:e5:db:ae:f8:0b:04:1d:31:2e:4e:a8:c4:d4:8a: c3:b8:a3:9b:0b:13:25:e7:6e:05:0a:c0:9f:67:e3:f7:73:4c: 81:24:34:05:fe:4c:71:3b:5a:a0:2b:e1:72:92:ef:94:19:0a: d8:f3:d9:85:8a:d0:a1:1d:17:07:dd:c8:06:42:f6:6b:80:b4: 7f:2d:fd:73:59:b3:e0:64:6d:d4:cb:79:c1:aa:bc:c4:28:eb: 89:9a:6a:95 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICCk4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEIwQjkxMTAvBgNVBAUTKDVDNUE0RkFFNEFGMDFGRkRDOTI3NTM1NUNDQkFCOEM4 MTAxODlGNTQwHhcNMjYwNDE2MTk0MDU3WhcNMjYwNDIzMTk0MDU3WjAYMRYwFAYD VQQDEw02OWUxM2I0OS1lZjEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3Rvge8fFLCwZhPxNBk0Ity6524mLSnetAZhItnDNdzWeqSdFNtuP+Z+hjVTQ 5oUXTlEgvUcC3HKtb4FkDsqlWocAj2FkY6l8B0xW8sP297+cdnM3tt7QQLo8LWeQ LEPsTHJVuZGcEsS+kvtcpPggo0ma7WT/TuJYw2P4vD/XP4zpRCoYZyAmam2RIkQn +FnQr6vlGmJD6mjF4t9ORWJyjcvW9KVvzQQ+OjGaHtG9eQsyl53tU6AwNouZENz0 0Wqu8UWiT6GajGuVVaMYOHRovg5hwswDsKFnMtd7vxseAuyNFGzTAs8a4R0QxmFs WxuR+kAx5ZhFnFeKSBKfqUyOPQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFEBr6Q4t C5kaFLOd5A97kEh6WqljMB8GA1UdIwQYMBaAFFxaT65K8B/9ySdTVcy6uMgQGJ9U MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QjBCOS85Q0JGM0Q5MDhG QTAxMUVBQUE5QkJBMThDNEY5QUUwMi9YRnBQcmtyd0hfM0pKMU5WekxxNHlCQVlu MVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hGcFBya3J3SF8zSkoxTlZ6THE0eUJBWW4xUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 QjBCOS85Q0JGM0Q5MDhGQTAxMUVBQUE5QkJBMThDNEY5QUUwMi9YRnBQcmtyd0hf M0pKMU5WekxxNHlCQVluMVEubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAfTY/r+ouE+93II2PeyNE2trio9ddXnXe9w5ezkBIRTQFtHQdKaEX3PVjHS73 t2RflErCqHH4pdlV/xNVAwf7WxbUsnzM8pB/wOHF8jgNkyFCSVLSqGpw8UzQLUMy 4cS/XJEKFj7HdNjdBX1vS7yEh6sXLPKr6sffpRnu3iZ8cJe0OJh/STHnOX5AlJ7v gltwmbbDwG1yBRYN1jmVhv6r6c2v+NnrxeXbrvgLBB0xLk6oxNSKw7ijmwsTJedu BQrAn2fj93NMgSQ0Bf5McTtaoCvhcpLvlBkK2PPZhYrQoR0XB93IBkL2a4C0fy39 c1mz4GRt1Mt5waq8xCjriZpqlQ== -----END CERTIFICATE-----Generated at Fri Apr 17 15:21:36 2026 by rpki-client