$ rpki-client -vvf rpki.apnic.net/member_repository/A91CD314/365974C6097A11F1804F5EA1103D8C67/3iZtavC5PenIaScyCi6du8nPnMI.mft File: 3iZtavC5PenIaScyCi6du8nPnMI.mft (raw, json) Hash identifier: sZQZkJV+WlolzB22CwLeSauEtHAvY/+RKpYBJ0XwIrI= Subject key identifier: B6:7D:22:B1:FE:A0:C1:1F:58:AD:26:98:30:D7:82:C4:46:29:7F:30 Authority key identifier: DE:26:6D:6A:F0:B9:3D:E9:C8:69:27:32:0A:2E:9D:BB:C9:CF:9C:C2 Certificate issuer: /CN=A91CD314/serialNumber=DE266D6AF0B93DE9C86927320A2E9DBBC9CF9CC2 Certificate serial: 29 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/3iZtavC5PenIaScyCi6du8nPnMI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CD314/365974C6097A11F1804F5EA1103D8C67/3iZtavC5PenIaScyCi6du8nPnMI.mft Manifest number: 25 Signing time: Fri 17 Apr 2026 08:33:18 +0000 Manifest this update: Fri 17 Apr 2026 08:33:17 +0000 Manifest next update: Fri 24 Apr 2026 08:33:17 +0000 Files and hashes: 1: 3iZtavC5PenIaScyCi6du8nPnMI.crl (hash: wetArwI37PYlSIyueWBTCdnfm/FWN/cf5e8xQyXvTOc=) 2: 604F4E3C0D6611F1AAA528DE1B3D8C67.roa (hash: zn+Y2EzBvu1Td2sgtLKQfgs/gBSjMOZeXn2CBE9VYms=) 3: C4D99CDE097B11F1B8223907113D8C67.roa (hash: KEWr/3hG6gAXbw8XNIv0hau0dk9zYvinvGd5h59v7Jw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CD314/365974C6097A11F1804F5EA1103D8C67/3iZtavC5PenIaScyCi6du8nPnMI.crl rsync://rpki.apnic.net/member_repository/A91CD314/365974C6097A11F1804F5EA1103D8C67/3iZtavC5PenIaScyCi6du8nPnMI.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/3iZtavC5PenIaScyCi6du8nPnMI.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Apr 2026 04:43:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41 (0x29) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD314, serialNumber=DE266D6AF0B93DE9C86927320A2E9DBBC9CF9CC2 Validity Not Before: Apr 17 08:33:17 2026 GMT Not After : Apr 24 08:33:17 2026 GMT Subject: CN=69e1f04e-b492 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:4a:46:3a:81:d3:1d:52:58:bd:70:57:18:39: a5:7d:71:b0:3e:56:d2:8f:f2:f2:8c:39:3d:11:f4: 35:df:ed:23:90:cb:b2:ae:f8:18:07:f9:01:32:cf: c5:88:46:1b:5e:8e:36:ff:12:dd:2c:39:70:59:72: 4d:c1:cf:fe:0d:1d:b2:6c:1c:cc:57:13:85:f7:62: 8c:c7:15:46:5b:7c:f2:b6:29:81:38:c1:b0:5c:b9: 1e:cd:24:6e:d6:99:9f:3c:d3:e6:72:0e:4c:cd:a8: a0:71:29:45:d9:90:41:e3:8d:10:3b:48:f1:63:49: be:44:d4:4c:85:b9:88:d8:b5:9c:5f:e0:10:89:2b: 29:96:af:b0:6c:58:65:85:8a:7b:fd:21:10:fa:93: e0:1a:a3:14:06:2e:bc:e4:c8:d5:da:e4:b6:f5:17: 87:20:b8:ee:dc:cd:5b:ad:48:37:be:ae:be:fe:44: 01:b0:0c:7e:fd:94:4d:e4:bc:98:7b:06:b7:0c:3b: 3f:32:d3:b2:e7:95:b7:b9:ca:81:1e:cf:53:1d:31: 5e:0b:1a:b6:9a:81:fe:99:fe:5b:46:62:93:2d:bf: b0:75:ca:47:9b:a2:c1:7d:17:71:5d:a2:6e:d1:b5: ad:23:a8:76:8b:5e:10:2d:29:68:13:97:a7:48:cb: aa:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:7D:22:B1:FE:A0:C1:1F:58:AD:26:98:30:D7:82:C4:46:29:7F:30 X509v3 Authority Key Identifier: keyid:DE:26:6D:6A:F0:B9:3D:E9:C8:69:27:32:0A:2E:9D:BB:C9:CF:9C:C2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CD314/365974C6097A11F1804F5EA1103D8C67/3iZtavC5PenIaScyCi6du8nPnMI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/3iZtavC5PenIaScyCi6du8nPnMI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CD314/365974C6097A11F1804F5EA1103D8C67/3iZtavC5PenIaScyCi6du8nPnMI.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 08:03:f0:fd:0c:b9:b0:da:a4:c3:30:f5:87:c4:a3:99:19:b5: ec:8d:cc:7c:da:3f:c4:00:c6:b6:4d:ae:2d:23:ac:6d:0d:1f: 97:b8:60:5c:f3:d3:05:9f:1d:1e:a4:e5:a8:0a:0f:4d:d4:49: 2e:43:4a:47:16:c8:37:33:2e:18:90:5c:4b:0c:a1:bb:bb:79: 7b:db:57:8c:f4:dc:b6:c5:35:2e:f4:30:06:10:95:1a:e9:27: 8f:0f:4a:da:d5:ba:78:81:ed:26:f0:53:14:07:58:62:b3:72: 08:f6:89:f2:b5:5f:72:c5:c1:b7:ca:67:85:ed:8f:a3:e6:7d: 4f:9a:0c:e8:12:1c:6e:87:23:7e:87:06:31:29:55:ef:64:6d: 1b:36:b9:4b:6a:d5:f7:4f:30:9d:9b:ce:61:7c:09:86:c4:d2: 6f:b4:5b:7d:01:b8:af:03:80:9d:36:a6:5e:7c:92:09:f4:59: 11:9f:10:df:fb:d7:9a:06:e5:e0:be:e1:d9:5e:76:46:67:c8: 9c:e9:d6:d6:b2:b8:ce:70:db:60:b2:0f:53:2d:55:2f:fa:61: e5:91:d0:ca:62:fa:eb:a9:65:ce:b9:da:bb:ad:56:d9:5a:d2: 61:f9:66:01:c2:6c:c6:17:57:a6:55:6f:88:ba:bf:7f:70:c7: 24:ec:14:54 -----BEGIN CERTIFICATE----- MIIFTjCCBDagAwIBAgIBKTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD RDMxNDExMC8GA1UEBRMoREUyNjZENkFGMEI5M0RFOUM4NjkyNzMyMEEyRTlEQkJD OUNGOUNDMjAeFw0yNjA0MTcwODMzMTdaFw0yNjA0MjQwODMzMTdaMBgxFjAUBgNV BAMTDTY5ZTFmMDRlLWI0OTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCYSkY6gdMdUli9cFcYOaV9cbA+VtKP8vKMOT0R9DXf7SOQy7Ku+BgH+QEyz8WI Rhtejjb/Et0sOXBZck3Bz/4NHbJsHMxXE4X3YozHFUZbfPK2KYE4wbBcuR7NJG7W mZ880+ZyDkzNqKBxKUXZkEHjjRA7SPFjSb5E1EyFuYjYtZxf4BCJKymWr7BsWGWF inv9IRD6k+AaoxQGLrzkyNXa5Lb1F4cguO7czVutSDe+rr7+RAGwDH79lE3kvJh7 BrcMOz8y07Lnlbe5yoEez1MdMV4LGraagf6Z/ltGYpMtv7B1ykebosF9F3Fdom7R ta0jqHaLXhAtKWgTl6dIy6qrAgMBAAGjggJzMIICbzAdBgNVHQ4EFgQUtn0isf6g wR9YrSaYMNeCxEYpfzAwHwYDVR0jBBgwFoAU3iZtavC5PenIaScyCi6du8nPnMIw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNEMzE0LzM2NTk3NEM2MDk3 QTExRjE4MDRGNUVBMTEwM0Q4QzY3LzNpWnRhdkM1UGVuSWFTY3lDaTZkdThuUG5N SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjMyMkE1RjQxRDY2MTFFMkEzRjI3RjdDNzJG RDFGRjIvM2ladGF2QzVQZW5JYVNjeUNpNmR1OG5Qbk1JLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgZAGCCsGAQUFBwELBIGDMIGAMH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNE MzE0LzM2NTk3NEM2MDk3QTExRjE4MDRGNUVBMTEwM0Q4QzY3LzNpWnRhdkM1UGVu SWFTY3lDaTZkdThuUG5NSS5tZnQwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQAIA/D9DLmw2qTDMPWHxKOZGbXsjcx82j/EAMa2Ta4tI6xtDR+XuGBc89MFnx0e pOWoCg9N1EkuQ0pHFsg3My4YkFxLDKG7u3l721eM9Ny2xTUu9DAGEJUa6SePD0ra 1bp4ge0m8FMUB1his3II9onytV9yxcG3ymeF7Y+j5n1PmgzoEhxuhyN+hwYxKVXv ZG0bNrlLatX3TzCdm85hfAmGxNJvtFt9AbivA4CdNqZefJIJ9FkRnxDf+9eaBuXg vuHZXnZGZ8ic6dbWsrjOcNtgsg9TLVUv+mHlkdDKYvrrqWXOudq7rVbZWtJh+WYB wmzGF1emVW+Iur9/cMck7BRU -----END CERTIFICATE-----Generated at Fri Apr 17 13:42:12 2026 by rpki-client