$ rpki-client -vvf rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.mft File: d3ZhKkPCLQpmuPE2gLMFi-1dmJI.mft (raw, json) Hash identifier: Y+ZLUFoEm+Nncrb9DNi7N/vaMau6oLT3KlDFyYYI6ow= Subject key identifier: D5:DF:D6:D0:07:49:45:66:9D:EB:D0:07:6B:79:50:61:7C:5B:8F:63 Authority key identifier: 77:76:61:2A:43:C2:2D:0A:66:B8:F1:36:80:B3:05:8B:ED:5D:98:92 Certificate issuer: /CN=A91DEB81/serialNumber=7776612A43C22D0A66B8F13680B3058BED5D9892 Certificate serial: 051F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.mft Manifest number: 04D7 Signing time: Thu 16 Apr 2026 23:49:23 +0000 Manifest this update: Thu 16 Apr 2026 23:49:22 +0000 Manifest next update: Thu 23 Apr 2026 23:49:22 +0000 Files and hashes: 1: d3ZhKkPCLQpmuPE2gLMFi-1dmJI.crl (hash: 77pTqn8X2+XSlwDAjpi7gwQcfEiPbLRHol/eSCt7/sI=) 2: 1FBEA1EEDE9711EC9289256FC4F9AE02.roa (hash: GS31bTdPfKVJ1J6UCJ9YLKFQUEEmZi77Y2aiEp3HKVY=) 3: E84DD6FAC9C311F0ACE5A118C4F9AE02.roa (hash: u2rzRUism7xTPxp63V3W7DOQwUN/ky3ASLXGx242uU8=) 4: 216DB034DE9711EC9289256FC4F9AE02.roa (hash: w1LkgMGS8oqwPRuQKx3FjuBZt3rf+t0hZFmWkXtaaSY=) 5: E184C6F48F2C11EEA361B22FC4F9AE02.roa (hash: kXgZNQ9cWIHfXiEIAxnhKXY51BGRFvcRzJmJYDyHg78=) 6: E0C5B7148F2C11EEA361B22FC4F9AE02.roa (hash: a2Eak+r8Eojdu+clly0gi9Nawkq6TirHUh3AZGHAXRg=) 7: EEECC55A8C3611EFA07E612DC4F9AE02.roa (hash: D21a7LlMu8RnxWZ8YgRZ6sV/m0f2ZXrJTQlAZBy166E=) 8: 204E25DADE9711EC9289256FC4F9AE02.roa (hash: xijaZu6pAwwNLd6WONxWQ6mZqU3GdiHzZC1uaLYBENo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.crl rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Apr 2026 23:49:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1311 (0x51f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DEB81, serialNumber=7776612A43C22D0A66B8F13680B3058BED5D9892 Validity Not Before: Apr 16 23:49:22 2026 GMT Not After : Apr 23 23:49:22 2026 GMT Subject: CN=69e17583-a64f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:9c:e5:94:3e:cd:8d:92:3b:d8:9d:72:9d:db: a6:bd:2b:11:91:e7:b1:8f:4d:cb:b9:2b:7f:4f:03: 53:9d:fe:3f:2f:99:36:78:59:70:ef:99:1a:81:ac: 3a:dd:50:84:dd:9f:68:db:66:56:74:ac:8d:14:7c: 6c:a0:f1:c3:d9:fa:f9:5f:cb:b2:1d:52:5d:55:11: 0a:5d:37:e0:c7:c2:80:57:ff:8a:46:7e:93:72:a7: d2:f2:51:9c:64:c4:35:8d:98:93:93:8a:86:0f:9e: 7a:5b:da:3c:b8:cc:ba:bc:e4:5c:25:92:82:61:ce: 50:39:a7:7e:3b:1a:78:31:a6:27:3b:aa:ba:04:96: d6:84:dd:be:2f:e4:f1:8e:0d:58:4f:df:07:34:fc: 76:db:41:b0:cd:2e:aa:e9:79:f8:ee:03:9c:4a:e2: 7c:bb:a5:9a:8c:0c:7e:e0:19:14:cd:50:c1:a3:7b: e4:a5:09:84:11:9c:10:88:2a:e2:bf:5e:5c:2e:80: 65:17:54:57:f3:f2:31:95:81:6d:e8:ee:88:e5:af: 80:90:5b:da:54:26:87:ef:2f:01:05:61:4f:fc:45: b7:33:d7:77:22:88:f5:ee:84:cc:59:f5:63:73:4d: 86:02:c2:02:ca:97:82:13:46:2c:15:9a:45:87:0a: 1c:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:DF:D6:D0:07:49:45:66:9D:EB:D0:07:6B:79:50:61:7C:5B:8F:63 X509v3 Authority Key Identifier: keyid:77:76:61:2A:43:C2:2D:0A:66:B8:F1:36:80:B3:05:8B:ED:5D:98:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 23:8c:fc:df:95:4a:df:21:9a:44:37:72:8d:d2:6f:cb:28:e3: d0:04:00:80:62:bc:b3:9b:e1:af:68:a5:fa:de:be:0f:6c:30: 02:61:dd:76:df:04:fd:7f:2a:37:54:8c:4d:4e:f6:f0:9a:08: 48:29:d8:13:e7:85:be:21:d2:37:73:fd:f5:c1:f5:d7:15:08: e3:e8:05:ad:8c:f0:1e:92:dc:a2:54:d7:67:b4:44:55:59:a8: 9a:b4:5a:49:1e:81:b8:b6:c8:4a:f1:c3:d1:40:21:45:1e:61: f1:ea:5e:fe:0f:12:d6:85:a2:ed:b0:30:6f:1c:95:bd:34:1b: 60:3d:fe:10:1c:8f:91:68:07:84:a2:31:77:87:f3:90:2d:bb: 9b:d8:95:cd:ff:55:db:d8:12:35:64:06:c8:c4:a3:7d:15:62: 04:17:0e:b3:08:cc:fb:65:fe:69:5e:c8:ad:3c:e3:a6:c9:1c: d6:42:44:ab:3d:97:71:dd:1b:f6:55:bb:b6:90:76:ab:0f:9d: 93:c0:65:e4:ff:ed:d2:06:ed:db:00:f7:c1:11:18:54:a0:f2: 85:dd:16:87:b0:ee:92:7d:9b:2a:d4:d7:8e:08:cb:57:e3:e8: 0b:34:0b:c5:a7:ae:f9:c7:2e:ae:de:7d:ba:98:f6:00:58:a8: c7:a9:5e:40 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICBR8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REVCODExMTAvBgNVBAUTKDc3NzY2MTJBNDNDMjJEMEE2NkI4RjEzNjgwQjMwNThC RUQ1RDk4OTIwHhcNMjYwNDE2MjM0OTIyWhcNMjYwNDIzMjM0OTIyWjAYMRYwFAYD VQQDEw02OWUxNzU4My1hNjRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArpzllD7NjZI72J1yndumvSsRkeexj03LuSt/TwNTnf4/L5k2eFlw75kagaw6 3VCE3Z9o22ZWdKyNFHxsoPHD2fr5X8uyHVJdVREKXTfgx8KAV/+KRn6TcqfS8lGc ZMQ1jZiTk4qGD556W9o8uMy6vORcJZKCYc5QOad+Oxp4MaYnO6q6BJbWhN2+L+Tx jg1YT98HNPx220GwzS6q6Xn47gOcSuJ8u6WajAx+4BkUzVDBo3vkpQmEEZwQiCri v15cLoBlF1RX8/IxlYFt6O6I5a+AkFvaVCaH7y8BBWFP/EW3M9d3Ioj17oTMWfVj c02GAsICypeCE0YsFZpFhwocLwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFNXf1tAH SUVmnevQB2t5UGF8W49jMB8GA1UdIwQYMBaAFHd2YSpDwi0KZrjxNoCzBYvtXZiS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERUI4MS9DRjk2NjNDNjcw RjcxMUVDQjMxOEU0M0FDNEY5QUUwMi9kM1poS2tQQ0xRcG11UEUyZ0xNRmktMWRt SkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2QzWmhLa1BDTFFwbXVQRTJnTE1GaS0xZG1KSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE RUI4MS9DRjk2NjNDNjcwRjcxMUVDQjMxOEU0M0FDNEY5QUUwMi9kM1poS2tQQ0xR cG11UEUyZ0xNRmktMWRtSkkubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAI4z835VK3yGaRDdyjdJvyyjj0AQAgGK8s5vhr2il+t6+D2wwAmHddt8E/X8q N1SMTU728JoISCnYE+eFviHSN3P99cH11xUI4+gFrYzwHpLcolTXZ7REVVmomrRa SR6BuLbISvHD0UAhRR5h8epe/g8S1oWi7bAwbxyVvTQbYD3+EByPkWgHhKIxd4fz kC27m9iVzf9V29gSNWQGyMSjfRViBBcOswjM+2X+aV7IrTzjpskc1kJEqz2Xcd0b 9lW7tpB2qw+dk8Bl5P/t0gbt2wD3wREYVKDyhd0Wh7Dukn2bKtTXjgjLV+PoCzQL xaeu+ccurt59upj2AFiox6leQA== -----END CERTIFICATE-----Generated at Fri Apr 17 12:36:07 2026 by rpki-client