$ rpki-client -vvf rpki.apnic.net/member_repository/A91DFA25/70F978F2E07511F0A5642F05396F56BC/zHDYc0KJ0wWlIzqZsJzXi4_WZks.mft File: zHDYc0KJ0wWlIzqZsJzXi4_WZks.mft (raw, json) Hash identifier: L2BQPWSPyNg5AtZzfRM53VZLnK9/KdoJqhoPj32/P6w= Subject key identifier: E1:51:C8:AE:51:AD:6A:F2:2C:46:48:85:17:7C:A2:B9:C5:44:96:2B Authority key identifier: CC:70:D8:73:42:89:D3:05:A5:23:3A:99:B0:9C:D7:8B:8F:D6:66:4B Certificate issuer: /CN=A91DFA25/serialNumber=CC70D8734289D305A5233A99B09CD78B8FD6664B Certificate serial: 2C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zHDYc0KJ0wWlIzqZsJzXi4_WZks.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DFA25/70F978F2E07511F0A5642F05396F56BC/zHDYc0KJ0wWlIzqZsJzXi4_WZks.mft Manifest number: 2A Signing time: Mon 02 Mar 2026 11:17:05 +0000 Manifest this update: Mon 02 Mar 2026 11:17:05 +0000 Manifest next update: Mon 09 Mar 2026 11:17:05 +0000 Files and hashes: 1: zHDYc0KJ0wWlIzqZsJzXi4_WZks.crl (hash: Hd3A4kGG2hRPOsMKeSdfsAdF0pSr2bu5DxY0TVoumV8=) 2: 9E283D22E07A11F0AD28F7913A6F56BC.roa (hash: kvLeQTrBrWwHA2shiEotr3VQqnyo8ZeA1spX1g7O3vU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DFA25/70F978F2E07511F0A5642F05396F56BC/zHDYc0KJ0wWlIzqZsJzXi4_WZks.crl rsync://rpki.apnic.net/member_repository/A91DFA25/70F978F2E07511F0A5642F05396F56BC/zHDYc0KJ0wWlIzqZsJzXi4_WZks.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zHDYc0KJ0wWlIzqZsJzXi4_WZks.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 11:17:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44 (0x2c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DFA25, serialNumber=CC70D8734289D305A5233A99B09CD78B8FD6664B Validity Not Before: Mar 2 11:17:05 2026 GMT Not After : Mar 9 11:17:05 2026 GMT Subject: CN=69a571b1-717d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:3d:dd:8b:17:d8:66:d9:42:cc:82:e3:c1:a2: 3c:7d:ff:59:f1:0d:44:79:14:eb:20:f1:58:7c:52: 02:c2:ba:3f:cf:66:76:ca:a7:61:a0:26:e5:7c:84: c4:41:ff:95:b2:93:7d:0c:28:81:e8:26:59:63:dc: 72:b9:a8:05:c0:71:ec:29:ae:1a:04:52:e5:1f:88: a2:a7:97:8a:54:0f:d3:d8:86:53:b3:08:c1:75:58: d7:1c:2f:7f:b8:a5:cb:a3:c8:9e:5f:43:38:14:be: 8f:b4:75:39:21:51:f9:c6:fe:de:f1:ef:97:84:27: 10:09:7e:9d:46:bf:1e:33:2e:31:df:a4:3e:1d:bc: b2:3c:95:1b:45:a8:fc:02:f4:0d:57:b5:e7:cd:6f: 89:48:40:fe:44:8c:b4:3c:4c:bd:72:c9:f4:73:45: be:10:83:55:b6:f6:be:c1:99:b3:45:99:29:e7:14: ec:49:fe:d0:5f:65:86:ec:1a:eb:66:c3:64:c6:bf: f2:a5:23:dd:42:aa:fa:3c:d2:aa:6c:f1:f9:ac:b5: 8a:a5:2e:e0:75:c2:10:82:6c:4d:d8:85:59:a5:24: 7f:ff:75:c8:d6:75:9f:6d:2f:27:60:ad:7c:f3:23: ad:d3:1f:02:05:11:f8:76:6c:0c:e2:9e:c8:11:30: eb:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:51:C8:AE:51:AD:6A:F2:2C:46:48:85:17:7C:A2:B9:C5:44:96:2B X509v3 Authority Key Identifier: keyid:CC:70:D8:73:42:89:D3:05:A5:23:3A:99:B0:9C:D7:8B:8F:D6:66:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DFA25/70F978F2E07511F0A5642F05396F56BC/zHDYc0KJ0wWlIzqZsJzXi4_WZks.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zHDYc0KJ0wWlIzqZsJzXi4_WZks.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DFA25/70F978F2E07511F0A5642F05396F56BC/zHDYc0KJ0wWlIzqZsJzXi4_WZks.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3c:0a:cc:b0:2f:8f:6a:cc:fb:f6:48:9d:68:78:56:4e:ef:2d: 74:ee:95:55:a1:71:96:c6:17:62:6a:f2:e7:d7:62:6b:5a:3d: 23:98:60:6f:40:cf:a8:a3:c7:88:bd:e9:4a:07:11:33:a7:20: d8:af:bc:5c:3c:70:60:b7:64:4b:d7:f6:8e:e8:19:2d:0e:65: 7e:1d:34:64:3c:9c:86:73:76:e8:1a:b2:ca:20:3b:58:dc:56: c2:a6:e4:fc:77:0c:75:34:64:7c:0a:2f:51:d2:c8:34:57:cb: 3b:43:9b:d7:ae:2d:85:c7:e8:08:0d:74:e2:e4:cb:a0:79:dc: e1:51:e0:a2:09:89:39:f1:48:6f:3f:35:74:b5:3a:36:ef:98: c4:56:ea:87:70:dc:90:3c:92:61:90:e6:6e:93:fc:d5:b8:b5: 68:6e:69:63:83:6d:00:58:07:78:e5:6c:bb:45:b2:1a:fa:f5: 06:0b:7a:86:29:a6:12:b9:7e:16:2c:d1:25:79:11:80:0f:e9: 3c:86:53:3a:8b:c2:27:55:58:e1:c1:b9:d2:0d:cc:1b:58:02: db:a1:bd:c7:7e:38:a7:a3:73:a1:a2:be:bb:06:19:c7:6c:eb: f4:ef:d7:38:99:3a:c1:d3:4f:cc:73:bc:df:aa:f7:64:e4:9a: 7e:8f:ee:fc -----BEGIN CERTIFICATE----- MIIFTjCCBDagAwIBAgIBLDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE RkEyNTExMC8GA1UEBRMoQ0M3MEQ4NzM0Mjg5RDMwNUE1MjMzQTk5QjA5Q0Q3OEI4 RkQ2NjY0QjAeFw0yNjAzMDIxMTE3MDVaFw0yNjAzMDkxMTE3MDVaMBgxFjAUBgNV BAMTDTY5YTU3MWIxLTcxN2QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQClPd2LF9hm2ULMguPBojx9/1nxDUR5FOsg8Vh8UgLCuj/PZnbKp2GgJuV8hMRB /5Wyk30MKIHoJllj3HK5qAXAcewprhoEUuUfiKKnl4pUD9PYhlOzCMF1WNccL3+4 pcujyJ5fQzgUvo+0dTkhUfnG/t7x75eEJxAJfp1Gvx4zLjHfpD4dvLI8lRtFqPwC 9A1XtefNb4lIQP5EjLQ8TL1yyfRzRb4Qg1W29r7BmbNFmSnnFOxJ/tBfZYbsGutm w2TGv/KlI91Cqvo80qps8fmstYqlLuB1whCCbE3YhVmlJH//dcjWdZ9tLydgrXzz I63THwIFEfh2bAzinsgRMOuNAgMBAAGjggJzMIICbzAdBgNVHQ4EFgQU4VHIrlGt avIsRkiFF3yiucVEliswHwYDVR0jBBgwFoAUzHDYc0KJ0wWlIzqZsJzXi4/WZksw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURGQTI1LzcwRjk3OEYyRTA3 NTExRjBBNTY0MkYwNTM5NkY1NkJDL3pIRFljMEtKMHdXbEl6cVpzSnpYaTRfV1pr cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvekhEWWMwS0owd1dsSXpxWnNKelhpNF9XWmtzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgZAGCCsGAQUFBwELBIGDMIGAMH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURG QTI1LzcwRjk3OEYyRTA3NTExRjBBNTY0MkYwNTM5NkY1NkJDL3pIRFljMEtKMHdX bEl6cVpzSnpYaTRfV1prcy5tZnQwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQA8CsywL49qzPv2SJ1oeFZO7y107pVVoXGWxhdiavLn12JrWj0jmGBvQM+oo8eI velKBxEzpyDYr7xcPHBgt2RL1/aO6BktDmV+HTRkPJyGc3boGrLKIDtY3FbCpuT8 dwx1NGR8Ci9R0sg0V8s7Q5vXri2Fx+gIDXTi5MugedzhUeCiCYk58UhvPzV0tTo2 75jEVuqHcNyQPJJhkOZuk/zVuLVobmljg20AWAd45Wy7RbIa+vUGC3qGKaYSuX4W LNEleRGAD+k8hlM6i8InVVjhwbnSDcwbWALbob3Hfjino3Ohor67BhnHbOv079c4 mTrB00/Mc7zfqvdk5Jp+j+78 -----END CERTIFICATE-----Generated at Mon Mar 2 16:50:28 2026 by rpki-client