$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft File: XsGmrXajq_3B4TKesmN8AYZLSAg.mft (raw, json) Hash identifier: D0vUkEBYWT6wFTELqUC9wKhCeoF59ZBcmug/B/jpElg= Subject key identifier: A0:D3:27:BF:4F:66:47:C1:6B:0E:0A:11:E8:12:0D:6D:6D:BA:2C:B5 Authority key identifier: 5E:C1:A6:AD:76:A3:AB:FD:C1:E1:32:9E:B2:63:7C:01:86:4B:48:08 Certificate issuer: /CN=A91AB20B/serialNumber=5EC1A6AD76A3ABFDC1E1329EB2637C01864B4808 Certificate serial: 08A5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft Manifest number: 0858 Signing time: Thu 16 Apr 2026 20:54:37 +0000 Manifest this update: Thu 16 Apr 2026 20:54:36 +0000 Manifest next update: Thu 23 Apr 2026 20:54:36 +0000 Files and hashes: 1: XsGmrXajq_3B4TKesmN8AYZLSAg.crl (hash: EbEyl6Bppvl8uHsi3qhYFyXlHaqmngGCRcuD1O3QSsQ=) 2: 82BB885E4B9811EB85F74960C4F9AE02.roa (hash: +r+gvF4pkq6hFHbY+ZoaIiUoalmLLSMykW5BxcQDeFU=) 3: E3AAE94243B511EB8DA3F473C4F9AE02.roa (hash: i7X6zewMmXOfmuZsHLNceM/lQghxWwQZ7AxU0vSWV0M=) 4: CF41132A1DE811EB9DE34963C4F9AE02.roa (hash: JkwlB4IFE4Dgm1EcLQn9CRo6PclYWkjqCYFJJbMHsj0=) 5: 046130D225FC11EC9D57EA7CC4F9AE02.roa (hash: ESImnuHKksdWJK2TDU4E1UVvcvoZ37KeHVw4wPPeVXE=) 6: B512A570109211ECA693D74EC4F9AE02.roa (hash: L7d1U3gGL3grFk1wnPeyJKdZ3FejFM4vvmLKY3IRi5A=) 7: 46D6261876A511EB82E04A2FC4F9AE02.roa (hash: +cRs2PboXe8g3+V+AJzpQpdTweZR3TGc016yIhZSQMI=) 8: 7CF84F084B9111EBBA09CA72C4F9AE02.roa (hash: 2mIyjIYN6IO7ZQ4FUwscfGnk78kTtsjolDojwIN0av0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.crl rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Apr 2026 20:54:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2213 (0x8a5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AB20B, serialNumber=5EC1A6AD76A3ABFDC1E1329EB2637C01864B4808 Validity Not Before: Apr 16 20:54:36 2026 GMT Not After : Apr 23 20:54:36 2026 GMT Subject: CN=69e14c8d-6cf6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:8e:db:74:c2:54:c4:65:e5:bc:9e:3f:55:39: e8:47:63:ff:b3:e1:9a:87:a2:cc:70:0d:25:d3:b3: c6:33:15:4a:f0:bf:15:05:fc:b3:72:98:68:04:1f: f1:c5:24:b6:04:bd:1b:9e:4b:d7:f4:54:79:f5:19: 3c:27:d3:c5:ad:33:e0:70:3f:6d:7a:d7:f9:de:f0: c0:95:d2:ac:8a:76:9a:2e:19:da:8c:53:0b:01:77: b4:be:37:2a:62:7b:62:ba:16:d8:5d:d0:57:a8:a5: bb:65:99:d5:f8:e7:c4:22:88:75:bd:59:4d:05:b9: 06:aa:af:05:2e:07:ac:f2:32:07:7e:23:a1:5c:02: 34:e9:68:bd:9a:60:72:46:ab:6e:b0:68:f1:a3:47: a7:ae:d8:25:31:26:0f:a0:c5:68:f7:bd:c4:ce:54: eb:bb:27:ff:04:a5:12:ea:2f:b6:d3:2a:ca:2e:90: 12:cc:7e:94:15:ef:17:cd:5c:ea:cf:1a:62:62:90: db:7a:62:01:ed:7c:71:d9:9d:e3:25:50:2a:ad:e3: 4e:a1:11:9d:71:db:49:4c:ae:ba:a9:f5:2d:aa:62: de:24:b8:4f:e2:b9:75:ce:16:db:36:c2:df:33:a2: 47:6d:7d:b6:47:0d:c2:95:91:1f:8c:89:ab:dd:e3: 0d:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:D3:27:BF:4F:66:47:C1:6B:0E:0A:11:E8:12:0D:6D:6D:BA:2C:B5 X509v3 Authority Key Identifier: keyid:5E:C1:A6:AD:76:A3:AB:FD:C1:E1:32:9E:B2:63:7C:01:86:4B:48:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5d:2d:19:34:8b:c5:05:f8:b7:42:f3:16:3a:9d:73:3f:97:b3: fd:85:48:f7:d1:12:a8:9a:b3:ee:48:b4:65:d9:9c:52:a9:a9: 96:2e:55:9c:94:b6:c0:eb:97:db:e8:55:b5:17:89:a5:63:2c: 90:e7:54:0a:b6:46:62:a3:33:78:06:ab:02:65:d4:da:c8:ae: 96:cc:99:e9:34:f3:ba:9e:95:f7:c0:e5:49:0e:91:94:90:44: 10:55:4f:c1:51:17:c5:dd:f3:7d:88:86:cd:9b:c9:02:64:10: a9:00:76:26:2b:c0:eb:9f:d3:f2:35:96:2e:ea:2a:99:b4:70: 00:9c:79:cf:ce:f3:1e:e9:7f:1a:d4:e5:2a:f7:95:42:5f:4b: ca:8d:0e:fd:01:b6:94:f3:51:bc:a2:16:7b:01:79:7c:91:2e: 7d:d3:bb:3b:05:90:a9:a4:a7:8b:65:db:ca:3f:11:da:48:fc: e4:ad:a5:89:04:cd:e8:4d:8d:61:f5:b6:d3:df:68:8c:5a:38: e8:ee:58:a2:1d:9a:78:df:7b:cb:9b:60:6d:cc:cb:97:20:0e: b5:4e:9d:d5:98:70:83:99:3c:ba:05:91:64:62:1f:85:86:7f: e9:53:86:73:73:3f:3b:dd:82:ba:b0:36:16:49:9e:5e:3f:c3: c1:2d:0d:50 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICCKUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUIyMEIxMTAvBgNVBAUTKDVFQzFBNkFENzZBM0FCRkRDMUUxMzI5RUIyNjM3QzAx ODY0QjQ4MDgwHhcNMjYwNDE2MjA1NDM2WhcNMjYwNDIzMjA1NDM2WjAYMRYwFAYD VQQDEw02OWUxNGM4ZC02Y2Y2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsY7bdMJUxGXlvJ4/VTnoR2P/s+Gah6LMcA0l07PGMxVK8L8VBfyzcphoBB/x xSS2BL0bnkvX9FR59Rk8J9PFrTPgcD9tetf53vDAldKsinaaLhnajFMLAXe0vjcq YntiuhbYXdBXqKW7ZZnV+OfEIoh1vVlNBbkGqq8FLges8jIHfiOhXAI06Wi9mmBy RqtusGjxo0enrtglMSYPoMVo973EzlTruyf/BKUS6i+20yrKLpASzH6UFe8XzVzq zxpiYpDbemIB7Xxx2Z3jJVAqreNOoRGdcdtJTK66qfUtqmLeJLhP4rl1zhbbNsLf M6JHbX22Rw3ClZEfjImr3eMNDQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFKDTJ79P ZkfBaw4KEegSDW1tuiy1MB8GA1UdIwQYMBaAFF7Bpq12o6v9weEynrJjfAGGS0gI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjIwQi9CQTcxQjY0ODEy MDMxMUVCQkFBMTk0MTRDNEY5QUUwMi9Yc0dtclhhanFfM0I0VEtlc21OOEFZWkxT QWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hzR21yWGFqcV8zQjRUS2VzbU44QVlaTFNBZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QjIwQi9CQTcxQjY0ODEyMDMxMUVCQkFBMTk0MTRDNEY5QUUwMi9Yc0dtclhhanFf M0I0VEtlc21OOEFZWkxTQWcubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAXS0ZNIvFBfi3QvMWOp1zP5ez/YVI99ESqJqz7ki0ZdmcUqmpli5VnJS2wOuX 2+hVtReJpWMskOdUCrZGYqMzeAarAmXU2siulsyZ6TTzup6V98DlSQ6RlJBEEFVP wVEXxd3zfYiGzZvJAmQQqQB2JivA65/T8jWWLuoqmbRwAJx5z87zHul/GtTlKveV Ql9Lyo0O/QG2lPNRvKIWewF5fJEufdO7OwWQqaSni2Xbyj8R2kj85K2liQTN6E2N YfW2099ojFo46O5Yoh2aeN97y5tgbczLlyAOtU6d1Zhwg5k8ugWRZGIfhYZ/6VOG c3M/O92CurA2FkmeXj/DwS0NUA== -----END CERTIFICATE-----Generated at Fri Apr 17 17:09:21 2026 by rpki-client