$ rpki-client -vvf rpki.apnic.net/member_repository/A91DF0EC/991CEF7E795811EA93AE9646C4F9AE02/2itDzBg8qOD2qPbapUzdcwb4Yig.mft File: 2itDzBg8qOD2qPbapUzdcwb4Yig.mft (raw, json) Hash identifier: WIpfHJ84UQ3ZnKnxVO6HM6drnycwtFztcukzMZ3mf9Q= Subject key identifier: A1:06:C4:87:D0:5E:66:A2:39:31:BE:6E:54:EB:59:4B:CA:0E:20:80 Authority key identifier: DA:2B:43:CC:18:3C:A8:E0:F6:A8:F6:DA:A5:4C:DD:73:06:F8:62:28 Certificate issuer: /CN=A91DF0EC/serialNumber=DA2B43CC183CA8E0F6A8F6DAA54CDD7306F86228 Certificate serial: 0ABE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2itDzBg8qOD2qPbapUzdcwb4Yig.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DF0EC/991CEF7E795811EA93AE9646C4F9AE02/2itDzBg8qOD2qPbapUzdcwb4Yig.mft Manifest number: 0AA4 Signing time: Sat 18 Apr 2026 19:24:29 +0000 Manifest this update: Sat 18 Apr 2026 19:24:29 +0000 Manifest next update: Sat 25 Apr 2026 19:24:29 +0000 Files and hashes: 1: 2itDzBg8qOD2qPbapUzdcwb4Yig.crl (hash: DmdUuzXhRGbt/Mc2MzhliD1lsSTOSPQmM6QpN6IHxTI=) 2: FD114232912711EFBCB4ED6EC4F9AE02.roa (hash: m31d9LY6Fb+rpx0iPU2nTzyFxPrcr/nSM8utNGuQQUI=) 3: C8A0E422831611EA95762453C4F9AE02.roa (hash: zy8s2JOSWvYwBrRrmYSE0kwJEPoK1AaNF1yfDHC6Css=) 4: 0D6FFE56BA3511ECA20A3817C4F9AE02.roa (hash: T6idJL8aHggzjv6s1JmSSpHwZuTbLSQAyDk/XLJrS3o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DF0EC/991CEF7E795811EA93AE9646C4F9AE02/2itDzBg8qOD2qPbapUzdcwb4Yig.crl rsync://rpki.apnic.net/member_repository/A91DF0EC/991CEF7E795811EA93AE9646C4F9AE02/2itDzBg8qOD2qPbapUzdcwb4Yig.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2itDzBg8qOD2qPbapUzdcwb4Yig.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Apr 2026 19:24:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2750 (0xabe) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DF0EC, serialNumber=DA2B43CC183CA8E0F6A8F6DAA54CDD7306F86228 Validity Not Before: Apr 18 19:24:29 2026 GMT Not After : Apr 25 19:24:29 2026 GMT Subject: CN=69e3da6d-b424 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:64:84:b7:b0:ae:e8:53:72:fe:f9:d0:61:1f: 18:bd:2d:ef:73:f6:35:67:59:b6:d1:02:ef:3f:9b: 95:ed:0f:d1:40:67:a8:e6:41:ea:e8:f7:26:51:54: 07:24:74:73:c1:e0:50:cb:d8:1a:25:e0:48:43:35: c7:9e:a9:34:0b:f5:70:a8:69:be:21:25:51:4f:4a: 93:b6:0a:c7:93:60:11:28:de:e5:5f:1b:30:52:1e: 42:f8:c8:66:c7:76:24:45:22:19:53:bd:74:5a:7f: 66:59:3a:40:9b:19:d0:7f:d5:e2:f9:e0:2a:5f:1c: 8b:a3:b7:47:27:a3:f3:3b:fc:e7:30:f7:ea:12:33: 6f:02:fb:09:12:44:d0:5c:eb:2a:53:fb:cb:24:48: 03:f8:30:bd:81:a2:1f:05:ff:c0:d1:31:25:51:d3: ef:88:d1:65:f8:70:b3:26:70:97:ff:0d:a1:56:6d: 41:c3:72:c8:21:59:3f:a9:6e:47:0a:4e:0e:52:d5: de:bc:f7:63:44:92:6d:34:b1:4f:27:8b:14:34:24: b8:f6:59:8f:c8:08:2a:cb:81:9a:20:73:61:e4:d8: 35:8d:70:d8:2d:4c:99:20:46:86:ae:71:99:bc:fd: b6:77:fa:a1:1a:96:dc:f6:62:03:be:1b:de:63:56: 11:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:06:C4:87:D0:5E:66:A2:39:31:BE:6E:54:EB:59:4B:CA:0E:20:80 X509v3 Authority Key Identifier: keyid:DA:2B:43:CC:18:3C:A8:E0:F6:A8:F6:DA:A5:4C:DD:73:06:F8:62:28 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DF0EC/991CEF7E795811EA93AE9646C4F9AE02/2itDzBg8qOD2qPbapUzdcwb4Yig.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2itDzBg8qOD2qPbapUzdcwb4Yig.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DF0EC/991CEF7E795811EA93AE9646C4F9AE02/2itDzBg8qOD2qPbapUzdcwb4Yig.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 23:52:e4:3c:14:37:2b:fe:21:0b:11:2b:62:ab:f7:c2:4c:a8: 11:6b:dc:54:f3:2f:66:c6:5c:31:20:ff:e9:3a:61:e9:ef:18: 55:03:d2:4a:07:95:2a:63:c2:a9:1a:fe:8a:9a:2e:73:f6:a5: 36:ae:52:b0:76:68:ba:2f:a6:96:f7:86:51:eb:02:05:61:5e: 28:46:51:f0:fc:5a:8e:28:d9:8a:2b:0e:9c:9d:f9:04:6c:78: 34:c8:70:cc:64:9a:76:e6:e8:a5:ab:c8:28:cc:60:87:da:29: 45:13:94:b4:bf:c8:21:3a:32:24:76:1c:73:b6:18:e0:a8:46: 9f:90:a3:06:62:3e:48:27:be:03:3b:2d:5d:65:d4:3d:5b:fe: a5:31:04:2b:04:20:ed:1e:70:63:73:2b:d1:6a:67:ed:ca:e3: 04:e1:75:18:f3:2a:ab:1d:36:34:d1:fe:13:21:4d:b8:1d:c1: b4:26:9c:9d:13:83:ef:5d:c9:1c:ba:3a:19:1d:b1:1c:89:93: 71:01:36:40:d0:97:0f:7a:e2:c8:c4:2e:4d:e2:57:80:db:bd: 52:28:16:26:4f:a3:03:25:85:c3:3d:4e:5d:ba:ea:6b:e7:31: 41:86:5b:d6:3a:ee:f1:ab:bc:ca:ce:2b:8c:08:4b:a1:f3:f0: 28:ba:23:11 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICCr4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REYwRUMxMTAvBgNVBAUTKERBMkI0M0NDMTgzQ0E4RTBGNkE4RjZEQUE1NENERDcz MDZGODYyMjgwHhcNMjYwNDE4MTkyNDI5WhcNMjYwNDI1MTkyNDI5WjAYMRYwFAYD VQQDEw02OWUzZGE2ZC1iNDI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6GSEt7Cu6FNy/vnQYR8YvS3vc/Y1Z1m20QLvP5uV7Q/RQGeo5kHq6PcmUVQH JHRzweBQy9gaJeBIQzXHnqk0C/VwqGm+ISVRT0qTtgrHk2ARKN7lXxswUh5C+Mhm x3YkRSIZU710Wn9mWTpAmxnQf9Xi+eAqXxyLo7dHJ6PzO/znMPfqEjNvAvsJEkTQ XOsqU/vLJEgD+DC9gaIfBf/A0TElUdPviNFl+HCzJnCX/w2hVm1Bw3LIIVk/qW5H Ck4OUtXevPdjRJJtNLFPJ4sUNCS49lmPyAgqy4GaIHNh5Ng1jXDYLUyZIEaGrnGZ vP22d/qhGpbc9mIDvhveY1YRuQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFKEGxIfQ XmaiOTG+blTrWUvKDiCAMB8GA1UdIwQYMBaAFNorQ8wYPKjg9qj22qVM3XMG+GIo MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERjBFQy85OTFDRUY3RTc5 NTgxMUVBOTNBRTk2NDZDNEY5QUUwMi8yaXREekJnOHFPRDJxUGJhcFV6ZGN3YjRZ aWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJpdER6Qmc4cU9EMnFQYmFwVXpkY3diNFlpZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE RjBFQy85OTFDRUY3RTc5NTgxMUVBOTNBRTk2NDZDNEY5QUUwMi8yaXREekJnOHFP RDJxUGJhcFV6ZGN3YjRZaWcubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAI1LkPBQ3K/4hCxErYqv3wkyoEWvcVPMvZsZcMSD/6Tph6e8YVQPSSgeVKmPC qRr+ipouc/alNq5SsHZoui+mlveGUesCBWFeKEZR8PxajijZiisOnJ35BGx4NMhw zGSadubopavIKMxgh9opRROUtL/IIToyJHYcc7YY4KhGn5CjBmI+SCe+AzstXWXU PVv+pTEEKwQg7R5wY3Mr0Wpn7crjBOF1GPMqqx02NNH+EyFNuB3BtCacnROD713J HLo6GR2xHImTcQE2QNCXD3riyMQuTeJXgNu9UigWJk+jAyWFwz1OXbrqa+cxQYZb 1jru8au8ys4rjAhLofPwKLojEQ== -----END CERTIFICATE-----Generated at Sun Apr 19 08:55:38 2026 by rpki-client