$ rpki-client -vvf rpki.apnic.net/member_repository/A91B80BD/B5A636D8FE5C11E2AEC042505911EA32/oKMiStDIKz-aYvNHrKP5RdsI8rA.mft File: oKMiStDIKz-aYvNHrKP5RdsI8rA.mft (raw, json) Hash identifier: 5CPwpTBKngFTPNnBKDMt0s+gwdblg2YfbLyB8f0ZEZU= Subject key identifier: 9E:27:0D:FE:74:07:F1:44:93:13:D6:12:C5:B3:7D:19:71:C4:62:5B Authority key identifier: A0:A3:22:4A:D0:C8:2B:3F:9A:62:F3:47:AC:A3:F9:45:DB:08:F2:B0 Certificate issuer: /CN=A91B80BD/serialNumber=A0A3224AD0C82B3F9A62F347ACA3F945DB08F2B0 Certificate serial: 30FC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oKMiStDIKz-aYvNHrKP5RdsI8rA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B80BD/B5A636D8FE5C11E2AEC042505911EA32/oKMiStDIKz-aYvNHrKP5RdsI8rA.mft Manifest number: 30B9 Signing time: Mon 02 Mar 2026 00:41:27 +0000 Manifest this update: Mon 02 Mar 2026 00:41:24 +0000 Manifest next update: Mon 09 Mar 2026 00:41:24 +0000 Files and hashes: 1: oKMiStDIKz-aYvNHrKP5RdsI8rA.crl (hash: DEjsaaPvm4Osf1qaOrVSIKU5YvZZ7VabgCPGUODzmao=) 2: 583C1F6854F611E79DF7E643C4F9AE02.roa (hash: lwr9nC4UsLO+CstnxF9nceFQvC7Cn2zpuf42Kf45VK4=) 3: 4C72E61CB0EC11E5A6934B42C4F9AE02.roa (hash: OkaUmaryTCd8a/I3ZrQPq7caYJ9Rkrimebo+q+ex1ZU=) 4: 915E51B8F3BE11ED8B9B1450C4F9AE02.roa (hash: G3oMGlKbPp4EzU03SrRYusoBeGFn1A26h8n+e60pf4g=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B80BD/B5A636D8FE5C11E2AEC042505911EA32/oKMiStDIKz-aYvNHrKP5RdsI8rA.crl rsync://rpki.apnic.net/member_repository/A91B80BD/B5A636D8FE5C11E2AEC042505911EA32/oKMiStDIKz-aYvNHrKP5RdsI8rA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oKMiStDIKz-aYvNHrKP5RdsI8rA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 00:41:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12540 (0x30fc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B80BD, serialNumber=A0A3224AD0C82B3F9A62F347ACA3F945DB08F2B0 Validity Not Before: Mar 2 00:41:24 2026 GMT Not After : Mar 9 00:41:24 2026 GMT Subject: CN=69a4dcb7-8752 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:83:67:3d:16:b7:1d:ee:bb:63:b2:3f:dc:b3: d6:6e:15:71:d0:2f:33:0f:54:1e:62:17:86:5a:72: 97:19:f9:47:08:ff:a2:46:10:14:3d:7a:08:1a:31: f6:05:42:39:0c:16:f7:66:98:c0:d8:f6:3f:4b:a9: 4f:25:bb:fc:90:35:2f:40:e6:8b:bc:37:b9:c5:39: 9c:aa:57:5a:21:a9:85:74:45:b5:bb:ae:c9:59:70: 2a:1a:63:82:79:24:75:00:6e:03:af:b0:d8:4f:1a: 54:af:8c:04:d5:dc:d1:ef:3e:b8:ef:88:a4:01:39: 5f:42:f6:a9:d9:0a:9a:d5:2b:e2:d5:79:f7:3e:4e: fb:e0:cb:aa:64:6d:cc:99:64:f3:45:48:ec:7a:89: f8:07:15:4b:a6:28:8d:d7:2d:b8:10:3c:14:38:95: ed:27:44:bf:45:78:a9:0b:a4:73:9a:b0:3a:3b:d5: 94:22:c7:ba:02:54:b8:02:9b:b2:a6:b1:ca:b5:9f: bd:14:70:6b:72:63:85:ea:e0:84:a1:26:94:09:66: 18:72:8f:36:3e:83:15:f9:7b:63:c4:ad:8d:f3:2b: 94:b2:88:e0:29:79:ab:71:cf:a4:6f:d9:5c:a4:c4: fd:94:35:56:97:63:8f:5e:90:e8:ca:04:27:95:f6: 23:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:27:0D:FE:74:07:F1:44:93:13:D6:12:C5:B3:7D:19:71:C4:62:5B X509v3 Authority Key Identifier: keyid:A0:A3:22:4A:D0:C8:2B:3F:9A:62:F3:47:AC:A3:F9:45:DB:08:F2:B0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B80BD/B5A636D8FE5C11E2AEC042505911EA32/oKMiStDIKz-aYvNHrKP5RdsI8rA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oKMiStDIKz-aYvNHrKP5RdsI8rA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B80BD/B5A636D8FE5C11E2AEC042505911EA32/oKMiStDIKz-aYvNHrKP5RdsI8rA.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 21:dc:a6:14:51:cf:65:89:bd:c0:fe:a4:82:14:63:3e:78:34: 02:c9:a7:06:c7:e0:8f:f3:3a:16:5a:47:e1:d8:26:15:28:7c: 85:3e:17:d5:0c:a2:43:43:82:bf:06:73:ea:0f:71:9e:58:a6: e2:7c:14:16:a4:e8:65:3a:82:5a:f0:6a:56:e5:39:8f:c2:55: b4:ed:b8:c7:73:4a:28:83:f2:6a:ce:af:75:1e:66:83:ee:59: 45:e8:38:c9:ab:0c:9a:6a:76:87:c6:e2:28:4d:65:4f:a9:be: d7:0c:57:5a:0d:be:71:16:eb:9f:f5:16:eb:8f:3c:24:b2:d0: 78:6a:6f:85:b5:df:4d:07:d8:4a:7e:8d:bf:8b:0a:da:13:73: c3:5d:4c:88:fc:cc:c2:8a:9e:e7:22:86:3b:56:8a:12:d4:92: e6:5d:18:2d:06:c0:cd:1a:25:0b:87:6c:fd:83:56:a9:e9:18: aa:ec:db:c3:ff:6e:63:e7:09:b5:93:f7:2a:59:c4:12:49:1f: 95:5a:19:4b:cc:66:be:4d:46:20:65:bd:64:b2:22:14:66:a4: a5:fc:72:b7:8e:4a:3a:91:f2:c9:de:ee:cc:e7:ff:2b:3c:7e: 19:11:ff:61:b6:e5:c5:f5:1b:e2:f8:da:1b:17:c0:8a:66:ef: 94:25:45:67 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICMPwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjgwQkQxMTAvBgNVBAUTKEEwQTMyMjRBRDBDODJCM0Y5QTYyRjM0N0FDQTNGOTQ1 REIwOEYyQjAwHhcNMjYwMzAyMDA0MTI0WhcNMjYwMzA5MDA0MTI0WjAYMRYwFAYD VQQDEw02OWE0ZGNiNy04NzUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs4NnPRa3He67Y7I/3LPWbhVx0C8zD1QeYheGWnKXGflHCP+iRhAUPXoIGjH2 BUI5DBb3ZpjA2PY/S6lPJbv8kDUvQOaLvDe5xTmcqldaIamFdEW1u67JWXAqGmOC eSR1AG4Dr7DYTxpUr4wE1dzR7z6474ikATlfQvap2Qqa1Svi1Xn3Pk774MuqZG3M mWTzRUjseon4BxVLpiiN1y24EDwUOJXtJ0S/RXipC6RzmrA6O9WUIse6AlS4Apuy prHKtZ+9FHBrcmOF6uCEoSaUCWYYco82PoMV+XtjxK2N8yuUsojgKXmrcc+kb9lc pMT9lDVWl2OPXpDoygQnlfYjhwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFJ4nDf50 B/FEkxPWEsWzfRlxxGJbMB8GA1UdIwQYMBaAFKCjIkrQyCs/mmLzR6yj+UXbCPKw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCODBCRC9CNUE2MzZEOEZF NUMxMUUyQUVDMDQyNTA1OTExRUEzMi9vS01pU3RESUt6LWFZdk5IcktQNVJkc0k4 ckEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29LTWlTdERJS3otYVl2TkhyS1A1UmRzSThyQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC ODBCRC9CNUE2MzZEOEZFNUMxMUUyQUVDMDQyNTA1OTExRUEzMi9vS01pU3RESUt6 LWFZdk5IcktQNVJkc0k4ckEubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAIdymFFHPZYm9wP6kghRjPng0AsmnBsfgj/M6FlpH4dgmFSh8hT4X1QyiQ0OC vwZz6g9xnlim4nwUFqToZTqCWvBqVuU5j8JVtO24x3NKKIPyas6vdR5mg+5ZReg4 yasMmmp2h8biKE1lT6m+1wxXWg2+cRbrn/UW6488JLLQeGpvhbXfTQfYSn6Nv4sK 2hNzw11MiPzMwoqe5yKGO1aKEtSS5l0YLQbAzRolC4ds/YNWqekYquzbw/9uY+cJ tZP3KlnEEkkflVoZS8xmvk1GIGW9ZLIiFGakpfxyt45KOpHyyd7uzOf/Kzx+GRH/ YbblxfUb4vjaGxfAimbvlCVFZw== -----END CERTIFICATE-----Generated at Mon Mar 2 10:14:55 2026 by rpki-client