$ rpki-client -vvf rpki.apnic.net/member_repository/A91CF9F5/8B926D2A5B9E11EF8BF9175BC4F9AE02/h7HuPp7irRoRPyeipU4sC41a-zQ.mft File: h7HuPp7irRoRPyeipU4sC41a-zQ.mft (raw, json) Hash identifier: C0ni9wJv4UmmzhB+2hcVVm4lABZ68YpUvkIvKX6G73g= Subject key identifier: 78:E1:B5:58:6B:61:E6:8F:D3:54:08:50:6D:D0:71:64:0F:BC:68:38 Authority key identifier: 87:B1:EE:3E:9E:E2:AD:1A:11:3F:27:A2:A5:4E:2C:0B:8D:5A:FB:34 Certificate issuer: /CN=A91CF9F5/serialNumber=87B1EE3E9EE2AD1A113F27A2A54E2C0B8D5AFB34 Certificate serial: 0149 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h7HuPp7irRoRPyeipU4sC41a-zQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CF9F5/8B926D2A5B9E11EF8BF9175BC4F9AE02/h7HuPp7irRoRPyeipU4sC41a-zQ.mft Manifest number: 0140 Signing time: Fri 17 Apr 2026 05:04:45 +0000 Manifest this update: Fri 17 Apr 2026 05:04:44 +0000 Manifest next update: Fri 24 Apr 2026 05:04:44 +0000 Files and hashes: 1: h7HuPp7irRoRPyeipU4sC41a-zQ.crl (hash: TWs5IWt0nrEZaVUjm9l/iDNjDIo1q/L6akrxsRXm2OE=) 2: 2FAD450250E411F0A6B4892AC4F9AE02.roa (hash: 5FVZeeMmHHgD5LWgKUCAHIiyRLhCr4xloYA6n+HE21g=) 3: 56EC0F5EABD411F0ADCDD73CC4F9AE02.roa (hash: LRGLmwGa2a/I5gvOrv+UPiIF3N2WlDmpx8kIsDZcKzI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CF9F5/8B926D2A5B9E11EF8BF9175BC4F9AE02/h7HuPp7irRoRPyeipU4sC41a-zQ.crl rsync://rpki.apnic.net/member_repository/A91CF9F5/8B926D2A5B9E11EF8BF9175BC4F9AE02/h7HuPp7irRoRPyeipU4sC41a-zQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h7HuPp7irRoRPyeipU4sC41a-zQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Apr 2026 05:04:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 329 (0x149) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CF9F5, serialNumber=87B1EE3E9EE2AD1A113F27A2A54E2C0B8D5AFB34 Validity Not Before: Apr 17 05:04:44 2026 GMT Not After : Apr 24 05:04:44 2026 GMT Subject: CN=69e1bf6c-7598 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:74:1d:e0:a3:4a:8c:39:35:a5:2f:51:a4:b7: f6:05:bd:9f:cd:cb:91:67:d7:91:10:9e:ea:d8:18: 0e:68:f3:ee:38:af:70:6a:b6:d2:92:3e:29:69:18: cb:df:f3:99:39:b9:9d:cc:5a:46:c9:16:c2:2b:c1: 35:72:62:ac:b2:95:0e:16:99:66:ca:b9:52:00:ae: ea:7a:3c:cd:02:0b:1e:a2:a9:81:2b:f3:ee:f9:2e: de:91:b0:36:b0:9e:2a:b1:a2:18:16:96:79:80:7c: 16:46:a5:2c:cc:20:e9:f7:c2:c6:b0:48:36:61:49: 04:0b:cc:ac:75:70:c4:26:8f:c5:cb:67:53:76:49: cd:58:e2:a5:43:0d:42:d8:ef:72:94:45:6f:0c:59: 14:c3:ad:de:de:a6:dc:b9:de:36:5e:16:bb:1f:a7: 03:e0:15:e2:ec:95:dc:b9:29:9f:1e:e3:42:61:40: 31:8e:2d:84:32:99:f9:c9:72:2f:85:a9:71:d8:6e: fb:f1:8c:66:a2:01:3f:f3:60:d8:7e:98:b3:d6:5a: 38:8e:56:8e:34:0f:2e:b1:37:6b:cd:80:8a:e5:c9: 73:e5:83:f3:68:a2:3b:aa:d3:97:58:ec:b5:e5:e9: f9:2d:16:d5:47:61:50:37:fc:42:f9:f2:18:b4:43: 78:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:E1:B5:58:6B:61:E6:8F:D3:54:08:50:6D:D0:71:64:0F:BC:68:38 X509v3 Authority Key Identifier: keyid:87:B1:EE:3E:9E:E2:AD:1A:11:3F:27:A2:A5:4E:2C:0B:8D:5A:FB:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CF9F5/8B926D2A5B9E11EF8BF9175BC4F9AE02/h7HuPp7irRoRPyeipU4sC41a-zQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h7HuPp7irRoRPyeipU4sC41a-zQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CF9F5/8B926D2A5B9E11EF8BF9175BC4F9AE02/h7HuPp7irRoRPyeipU4sC41a-zQ.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ac:0a:45:73:7d:fe:0e:59:9b:4c:b9:d7:6f:8f:d5:16:cb:7d: 1b:e1:c8:18:75:6d:90:85:17:3d:2b:3b:72:e3:fc:0f:7d:18: 74:9c:86:fb:de:ed:38:be:73:30:41:67:0a:9e:e1:6e:82:61: 11:c2:81:2f:d7:59:44:70:53:78:93:b1:41:67:e7:c6:5a:83: 1f:f4:07:e7:92:f6:c4:70:fb:8f:32:12:e0:d8:85:4b:a6:fb: 10:22:3c:06:d9:c8:f3:04:67:ce:0c:22:ba:89:ae:0d:e0:67: 48:ae:c8:be:88:d3:de:4c:ea:5e:f1:99:cb:d0:e5:fd:ea:95: f1:0f:57:de:b8:04:e9:75:f4:bb:d9:eb:45:36:e2:d6:6b:d8: f1:1c:eb:cb:b3:99:07:43:b7:8b:71:04:28:82:77:21:49:dd: ca:7b:dc:9f:13:cd:77:5d:6f:60:a4:bb:7b:a0:7b:c9:37:a6: 2e:bf:b7:1d:5e:00:15:23:b9:8e:6e:a5:f0:99:18:54:ba:a9: 7a:f5:76:1c:82:c1:1b:a9:09:b0:ab:2b:0e:50:d5:e0:82:63: 0d:aa:b0:7f:d6:43:42:4a:76:76:2b:a7:d0:77:63:a4:b3:da: 32:1a:d3:19:95:c5:27:3e:40:3b:d6:7d:62:c4:23:51:1a:6a: e6:3b:22:63 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICAUkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0Y5RjUxMTAvBgNVBAUTKDg3QjFFRTNFOUVFMkFEMUExMTNGMjdBMkE1NEUyQzBC OEQ1QUZCMzQwHhcNMjYwNDE3MDUwNDQ0WhcNMjYwNDI0MDUwNDQ0WjAYMRYwFAYD VQQDEw02OWUxYmY2Yy03NTk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsXQd4KNKjDk1pS9RpLf2Bb2fzcuRZ9eREJ7q2BgOaPPuOK9warbSkj4paRjL 3/OZObmdzFpGyRbCK8E1cmKsspUOFplmyrlSAK7qejzNAgseoqmBK/Pu+S7ekbA2 sJ4qsaIYFpZ5gHwWRqUszCDp98LGsEg2YUkEC8ysdXDEJo/Fy2dTdknNWOKlQw1C 2O9ylEVvDFkUw63e3qbcud42Xha7H6cD4BXi7JXcuSmfHuNCYUAxji2EMpn5yXIv halx2G778YxmogE/82DYfpiz1lo4jlaONA8usTdrzYCK5clz5YPzaKI7qtOXWOy1 5en5LRbVR2FQN/xC+fIYtEN4ZQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFHjhtVhr YeaP01QIUG3QcWQPvGg4MB8GA1UdIwQYMBaAFIex7j6e4q0aET8noqVOLAuNWvs0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRjlGNS84QjkyNkQyQTVC OUUxMUVGOEJGOTE3NUJDNEY5QUUwMi9oN0h1UHA3aXJSb1JQeWVpcFU0c0M0MWEt elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2g3SHVQcDdpclJvUlB5ZWlwVTRzQzQxYS16US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RjlGNS84QjkyNkQyQTVCOUUxMUVGOEJGOTE3NUJDNEY5QUUwMi9oN0h1UHA3aXJS b1JQeWVpcFU0c0M0MWEtelEubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEArApFc33+DlmbTLnXb4/VFst9G+HIGHVtkIUXPSs7cuP8D30YdJyG+97tOL5z MEFnCp7hboJhEcKBL9dZRHBTeJOxQWfnxlqDH/QH55L2xHD7jzIS4NiFS6b7ECI8 BtnI8wRnzgwiuomuDeBnSK7IvojT3kzqXvGZy9Dl/eqV8Q9X3rgE6XX0u9nrRTbi 1mvY8Rzry7OZB0O3i3EEKIJ3IUndynvcnxPNd11vYKS7e6B7yTemLr+3HV4AFSO5 jm6l8JkYVLqpevV2HILBG6kJsKsrDlDV4IJjDaqwf9ZDQkp2diun0HdjpLPaMhrT GZXFJz5AO9Z9YsQjURpq5jsiYw== -----END CERTIFICATE-----Generated at Fri Apr 17 17:39:59 2026 by rpki-client