$ rpki-client -vvf rpki.apnic.net/member_repository/A91DFA25/70F978F2E07511F0A5642F05396F56BC/zHDYc0KJ0wWlIzqZsJzXi4_WZks.mft File: zHDYc0KJ0wWlIzqZsJzXi4_WZks.mft (raw, json) Hash identifier: p8lQlJj+XcJDtzEYF2Awxk3JtwThpl8WIx7SwHYuDww= Subject key identifier: 71:F8:09:00:16:BF:0C:78:48:92:A8:A7:F6:5F:9E:C3:68:DD:B1:52 Authority key identifier: CC:70:D8:73:42:89:D3:05:A5:23:3A:99:B0:9C:D7:8B:8F:D6:66:4B Certificate issuer: /CN=A91DFA25/serialNumber=CC70D8734289D305A5233A99B09CD78B8FD6664B Certificate serial: 46 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zHDYc0KJ0wWlIzqZsJzXi4_WZks.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DFA25/70F978F2E07511F0A5642F05396F56BC/zHDYc0KJ0wWlIzqZsJzXi4_WZks.mft Manifest number: 43 Signing time: Fri 17 Apr 2026 08:11:31 +0000 Manifest this update: Fri 17 Apr 2026 08:11:31 +0000 Manifest next update: Fri 24 Apr 2026 08:11:31 +0000 Files and hashes: 1: zHDYc0KJ0wWlIzqZsJzXi4_WZks.crl (hash: CuNLIYfFCasooNSJw70NZ7YwKxxXyaktE2Ek46hKJ2s=) 2: 9E283D22E07A11F0AD28F7913A6F56BC.roa (hash: zM/gqOyVFktPoDA/WeuwpVQb7+CuTjfIizkBCA5c5Lg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DFA25/70F978F2E07511F0A5642F05396F56BC/zHDYc0KJ0wWlIzqZsJzXi4_WZks.crl rsync://rpki.apnic.net/member_repository/A91DFA25/70F978F2E07511F0A5642F05396F56BC/zHDYc0KJ0wWlIzqZsJzXi4_WZks.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zHDYc0KJ0wWlIzqZsJzXi4_WZks.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Apr 2026 08:11:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70 (0x46) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DFA25, serialNumber=CC70D8734289D305A5233A99B09CD78B8FD6664B Validity Not Before: Apr 17 08:11:31 2026 GMT Not After : Apr 24 08:11:31 2026 GMT Subject: CN=69e1eb33-d222 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:6e:07:6d:3c:38:93:33:3d:b9:94:4f:ba:4e: 79:b9:99:59:19:e1:c4:cd:f2:f9:1a:24:33:fc:c3: 43:7a:a1:63:b2:6a:ca:ca:06:85:35:57:42:0b:27: 20:00:27:76:c7:b6:4a:04:6f:71:a2:d9:b0:1c:d4: cd:17:54:56:fb:7d:30:63:e4:22:35:39:c5:0b:01: 70:64:12:d5:de:f4:f4:72:c6:7c:e6:78:ff:c4:14: fd:55:de:e4:31:98:d2:bd:1a:02:a9:f1:4a:d4:2a: 41:51:8c:6d:fd:fd:95:13:72:1b:e3:75:14:2f:ec: e8:e0:c3:13:25:1e:9f:cd:51:99:b9:06:88:61:a1: 54:af:5c:0f:c0:6e:97:38:fd:61:7e:fc:5f:32:f7: ce:50:41:8c:a4:f6:03:a4:e8:4d:f2:60:d5:1a:f7: 5b:62:e0:af:c1:49:0e:29:2b:31:7a:9d:2b:b3:7b: b4:09:34:7f:d4:a2:92:f5:89:44:3d:1c:38:5a:ff: 95:0a:41:9b:6b:65:3e:b0:22:da:1e:08:d7:08:ae: 46:67:b5:03:f7:fc:3f:02:59:7e:f3:0d:bf:3d:d0: 1c:f6:94:e0:78:b7:10:d7:5a:2e:11:2d:38:a3:18: 3c:d0:a0:1f:06:8d:b8:8e:3a:15:6a:92:a9:a8:d6: 93:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:F8:09:00:16:BF:0C:78:48:92:A8:A7:F6:5F:9E:C3:68:DD:B1:52 X509v3 Authority Key Identifier: keyid:CC:70:D8:73:42:89:D3:05:A5:23:3A:99:B0:9C:D7:8B:8F:D6:66:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DFA25/70F978F2E07511F0A5642F05396F56BC/zHDYc0KJ0wWlIzqZsJzXi4_WZks.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zHDYc0KJ0wWlIzqZsJzXi4_WZks.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DFA25/70F978F2E07511F0A5642F05396F56BC/zHDYc0KJ0wWlIzqZsJzXi4_WZks.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 80:4f:9a:82:85:fa:69:dc:1f:49:c7:f8:3f:25:fe:fa:d0:9a: a4:1c:76:ac:2f:cf:88:19:21:c9:a8:f2:ae:e8:b3:f0:fd:c4: 44:90:38:8a:ca:b7:b5:f4:ff:95:c8:b8:6c:c2:55:c1:ae:44: 7a:dc:41:85:ba:f6:26:9e:6a:ad:03:c4:d3:79:c3:5b:78:a7: 4c:fd:b3:d7:62:38:51:87:5a:4b:1c:bf:17:40:29:e5:44:b7: 09:e2:a9:8e:e4:10:7d:ec:5f:7d:b7:54:e4:1a:d7:5b:c5:72: bc:34:ab:d0:36:a7:17:43:c9:84:f8:c4:8e:df:a9:84:73:c7: 07:48:4c:e4:05:6d:24:49:2a:07:23:7f:bc:58:dc:5b:02:33: e7:d7:bb:86:9b:7d:bd:09:75:3d:b3:34:10:d3:d4:8c:b3:d3: 8f:f5:59:e8:38:f0:13:31:6e:dc:de:b1:8c:d0:6e:0a:aa:87: 8c:b3:34:95:2a:16:6b:4c:a6:7c:ed:6d:d6:aa:0c:da:bf:f8: b9:94:92:16:dc:c8:07:05:cf:d0:b1:99:b4:71:21:99:d7:d8: 7c:9a:d5:f3:fa:c9:95:1f:44:74:05:95:e7:29:30:b9:d5:d1: 8e:2b:d2:58:97:59:c0:c2:2d:f8:c2:10:77:04:ae:55:e6:be: 77:94:98:42 -----BEGIN CERTIFICATE----- MIIFTjCCBDagAwIBAgIBRjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE RkEyNTExMC8GA1UEBRMoQ0M3MEQ4NzM0Mjg5RDMwNUE1MjMzQTk5QjA5Q0Q3OEI4 RkQ2NjY0QjAeFw0yNjA0MTcwODExMzFaFw0yNjA0MjQwODExMzFaMBgxFjAUBgNV BAMTDTY5ZTFlYjMzLWQyMjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCzbgdtPDiTMz25lE+6Tnm5mVkZ4cTN8vkaJDP8w0N6oWOyasrKBoU1V0ILJyAA J3bHtkoEb3Gi2bAc1M0XVFb7fTBj5CI1OcULAXBkEtXe9PRyxnzmeP/EFP1V3uQx mNK9GgKp8UrUKkFRjG39/ZUTchvjdRQv7OjgwxMlHp/NUZm5BohhoVSvXA/Abpc4 /WF+/F8y985QQYyk9gOk6E3yYNUa91ti4K/BSQ4pKzF6nSuze7QJNH/UopL1iUQ9 HDha/5UKQZtrZT6wItoeCNcIrkZntQP3/D8CWX7zDb890Bz2lOB4txDXWi4RLTij GDzQoB8GjbiOOhVqkqmo1pPXAgMBAAGjggJzMIICbzAdBgNVHQ4EFgQUcfgJABa/ DHhIkqin9l+ew2jdsVIwHwYDVR0jBBgwFoAUzHDYc0KJ0wWlIzqZsJzXi4/WZksw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURGQTI1LzcwRjk3OEYyRTA3 NTExRjBBNTY0MkYwNTM5NkY1NkJDL3pIRFljMEtKMHdXbEl6cVpzSnpYaTRfV1pr cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvekhEWWMwS0owd1dsSXpxWnNKelhpNF9XWmtzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgZAGCCsGAQUFBwELBIGDMIGAMH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURG QTI1LzcwRjk3OEYyRTA3NTExRjBBNTY0MkYwNTM5NkY1NkJDL3pIRFljMEtKMHdX bEl6cVpzSnpYaTRfV1prcy5tZnQwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQCAT5qChfpp3B9Jx/g/Jf760JqkHHasL8+IGSHJqPKu6LPw/cREkDiKyre19P+V yLhswlXBrkR63EGFuvYmnmqtA8TTecNbeKdM/bPXYjhRh1pLHL8XQCnlRLcJ4qmO 5BB97F99t1TkGtdbxXK8NKvQNqcXQ8mE+MSO36mEc8cHSEzkBW0kSSoHI3+8WNxb AjPn17uGm329CXU9szQQ09SMs9OP9VnoOPATMW7c3rGM0G4KqoeMszSVKhZrTKZ8 7W3Wqgzav/i5lJIW3MgHBc/QsZm0cSGZ19h8mtXz+smVH0R0BZXnKTC51dGOK9JY l1nAwi34whB3BK5V5r53lJhC -----END CERTIFICATE-----Generated at Fri Apr 17 20:05:53 2026 by rpki-client