$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB1C2/0F910754DCA311F085D6F15B436F56BC/XTDuvxHkF41iO-G95Nu0y1nMhDc.mft File: XTDuvxHkF41iO-G95Nu0y1nMhDc.mft (raw, json) Hash identifier: BS/JetO51SS/p8QQx/PD2ROZeqjqSNAXwh3XA/b5rgc= Subject key identifier: 8F:A1:A5:AB:93:DB:FE:51:0F:01:50:9B:F4:64:71:6A:C9:33:B6:59 Authority key identifier: 5D:30:EE:BF:11:E4:17:8D:62:3B:E1:BD:E4:DB:B4:CB:59:CC:84:37 Certificate issuer: /CN=A91AB1C2/serialNumber=5D30EEBF11E4178D623BE1BDE4DBB4CB59CC8437 Certificate serial: 33 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XTDuvxHkF41iO-G95Nu0y1nMhDc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AB1C2/0F910754DCA311F085D6F15B436F56BC/XTDuvxHkF41iO-G95Nu0y1nMhDc.mft Manifest number: 2D Signing time: Sun 01 Mar 2026 10:14:51 +0000 Manifest this update: Sun 01 Mar 2026 10:14:50 +0000 Manifest next update: Sun 08 Mar 2026 10:14:50 +0000 Files and hashes: 1: XTDuvxHkF41iO-G95Nu0y1nMhDc.crl (hash: BicQG+sJzBl64STIKs7aRsgy/iU/knXX2tehFcerIMQ=) 2: 24992E62E0FC11F0B50D6A7D5F6F56BC.roa (hash: eAx7dd7W8IzFugozPftJzHrtY4Ej4f42CnK31HLLaRE=) 3: 253978EAE0FC11F0B50D6A7D5F6F56BC.roa (hash: 6RxldyO2/Y3wToEhzB/mHNRPtNgIGcUmqFl9NgQBrdA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AB1C2/0F910754DCA311F085D6F15B436F56BC/XTDuvxHkF41iO-G95Nu0y1nMhDc.crl rsync://rpki.apnic.net/member_repository/A91AB1C2/0F910754DCA311F085D6F15B436F56BC/XTDuvxHkF41iO-G95Nu0y1nMhDc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XTDuvxHkF41iO-G95Nu0y1nMhDc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 10:14:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51 (0x33) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AB1C2, serialNumber=5D30EEBF11E4178D623BE1BDE4DBB4CB59CC8437 Validity Not Before: Mar 1 10:14:50 2026 GMT Not After : Mar 8 10:14:50 2026 GMT Subject: CN=69a4119b-0539 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:d3:4b:0b:9d:4b:6a:fa:88:10:2e:eb:69:05: 81:23:1a:f0:53:ef:1c:67:45:53:81:e4:d7:10:e5: 13:80:08:b5:39:36:2f:7f:27:1c:01:2b:7f:0b:b7: 3d:ee:66:56:bc:e5:60:1a:f6:26:e7:52:d6:de:f4: 73:34:ad:ff:7a:50:4a:ab:2e:2b:1c:9b:c2:ce:dc: 51:39:e2:17:fc:ba:6a:e0:6a:7a:e1:60:a4:6a:4c: 02:58:85:80:27:aa:91:9b:0c:0f:1a:2a:31:d1:75: 81:c9:6a:68:b8:43:7e:6e:84:44:49:80:94:cd:ac: e9:1a:68:fe:b1:df:8c:fe:c0:0f:b8:78:d4:bd:39: b5:59:d2:49:b8:57:dd:35:72:f7:ee:8a:d7:17:16: 68:ab:93:fa:55:55:37:d2:82:3f:bd:a5:0f:3b:76: 92:09:df:72:75:59:f1:ea:ae:82:72:d2:d1:f0:82: f6:d7:29:b4:09:6e:4f:29:5a:04:c9:55:29:a4:64: a0:0d:4e:bf:70:1f:62:e1:00:ca:44:24:3e:f0:15: 7d:5d:db:07:75:f6:e8:5c:da:58:06:44:3a:c7:f0: cd:80:36:48:cc:bd:cd:57:c1:8e:34:29:ce:ae:b9: e7:6f:6e:81:db:49:bf:0e:07:d9:d0:63:51:ea:ba: 47:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:A1:A5:AB:93:DB:FE:51:0F:01:50:9B:F4:64:71:6A:C9:33:B6:59 X509v3 Authority Key Identifier: keyid:5D:30:EE:BF:11:E4:17:8D:62:3B:E1:BD:E4:DB:B4:CB:59:CC:84:37 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AB1C2/0F910754DCA311F085D6F15B436F56BC/XTDuvxHkF41iO-G95Nu0y1nMhDc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XTDuvxHkF41iO-G95Nu0y1nMhDc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB1C2/0F910754DCA311F085D6F15B436F56BC/XTDuvxHkF41iO-G95Nu0y1nMhDc.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 65:e9:20:9a:0c:3f:e5:17:0f:78:18:24:37:4e:ba:b8:9b:d1: 44:44:ce:1d:f3:55:d7:c5:cf:e5:a1:06:87:dc:f6:3e:26:c0: 05:ae:c4:5d:c6:ad:47:0d:1e:69:ed:4f:a8:f8:bf:f5:0e:98: c4:52:98:f8:51:bf:2f:a2:27:16:43:05:8c:cd:72:48:4c:68: ca:bc:b3:53:b2:39:7c:a8:79:21:e1:49:ff:9e:9c:93:e1:63: 18:67:c3:f1:4c:25:3d:17:ea:36:ff:b2:82:87:69:d7:df:05: 7b:a5:af:92:84:d3:7d:15:43:73:91:b5:c5:ae:00:d6:87:f5: 17:95:c5:1c:3f:b2:d2:47:bf:c3:8c:69:1a:70:15:c1:59:85: 3c:f0:93:cb:aa:02:13:63:b9:dd:69:5d:ee:1f:a0:91:e0:6a: c6:17:bd:7c:cb:d2:11:98:a6:cf:ad:a3:ba:53:7a:8d:e0:49: ca:d1:be:97:cc:07:77:99:1a:a0:4e:08:76:5e:f5:70:65:d1: 4c:61:bd:4a:a1:1f:54:14:01:0e:b7:8c:e0:ea:d3:17:13:8a: f3:ec:7e:f7:26:fc:88:97:81:d3:91:f6:2f:ef:12:fe:4a:9c: c9:d7:1c:1b:fd:74:67:60:e2:eb:2a:aa:c6:e8:ad:e1:10:d9: de:e0:f2:97 -----BEGIN CERTIFICATE----- MIIFTjCCBDagAwIBAgIBMzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB QjFDMjExMC8GA1UEBRMoNUQzMEVFQkYxMUU0MTc4RDYyM0JFMUJERTREQkI0Q0I1 OUNDODQzNzAeFw0yNjAzMDExMDE0NTBaFw0yNjAzMDgxMDE0NTBaMBgxFjAUBgNV BAMTDTY5YTQxMTliLTA1MzkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCs00sLnUtq+ogQLutpBYEjGvBT7xxnRVOB5NcQ5ROACLU5Ni9/JxwBK38Ltz3u Zla85WAa9ibnUtbe9HM0rf96UEqrLiscm8LO3FE54hf8umrganrhYKRqTAJYhYAn qpGbDA8aKjHRdYHJami4Q35uhERJgJTNrOkaaP6x34z+wA+4eNS9ObVZ0km4V901 cvfuitcXFmirk/pVVTfSgj+9pQ87dpIJ33J1WfHqroJy0tHwgvbXKbQJbk8pWgTJ VSmkZKANTr9wH2LhAMpEJD7wFX1d2wd19uhc2lgGRDrH8M2ANkjMvc1XwY40Kc6u uedvboHbSb8OB9nQY1Hqukf3AgMBAAGjggJzMIICbzAdBgNVHQ4EFgQUj6Glq5Pb /lEPAVCb9GRxaskztlkwHwYDVR0jBBgwFoAUXTDuvxHkF41iO+G95Nu0y1nMhDcw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFCMUMyLzBGOTEwNzU0RENB MzExRjA4NUQ2RjE1QjQzNkY1NkJDL1hURHV2eEhrRjQxaU8tRzk1TnUweTFuTWhE Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvWFREdXZ4SGtGNDFpTy1HOTVOdTB5MW5NaERjLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgZAGCCsGAQUFBwELBIGDMIGAMH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFC MUMyLzBGOTEwNzU0RENBMzExRjA4NUQ2RjE1QjQzNkY1NkJDL1hURHV2eEhrRjQx aU8tRzk1TnUweTFuTWhEYy5tZnQwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQBl6SCaDD/lFw94GCQ3Trq4m9FERM4d81XXxc/loQaH3PY+JsAFrsRdxq1HDR5p 7U+o+L/1DpjEUpj4Ub8voicWQwWMzXJITGjKvLNTsjl8qHkh4Un/npyT4WMYZ8Px TCU9F+o2/7KCh2nX3wV7pa+ShNN9FUNzkbXFrgDWh/UXlcUcP7LSR7/DjGkacBXB WYU88JPLqgITY7ndaV3uH6CR4GrGF718y9IRmKbPraO6U3qN4EnK0b6XzAd3mRqg Tgh2XvVwZdFMYb1KoR9UFAEOt4zg6tMXE4rz7H73JvyIl4HTkfYv7xL+SpzJ1xwb /XRnYOLrKqrG6K3hENne4PKX -----END CERTIFICATE-----Generated at Mon Mar 2 12:26:53 2026 by rpki-client