$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3E8B/04DE2B92BE2211F0B38DB519C4F9AE02/Xb7wLCg84I1tzonzkSoMMKcBkMg.mft File: Xb7wLCg84I1tzonzkSoMMKcBkMg.mft (raw, json) Hash identifier: icQcb1YWfWse2NHHcHmz2FDC6fLTobqtVmINX7XiISA= Subject key identifier: 79:6D:C5:79:A6:78:F7:D8:6F:C4:BB:A5:E8:B3:EF:86:2A:FC:80:65 Authority key identifier: 5D:BE:F0:2C:28:3C:E0:8D:6D:CE:89:F3:91:2A:0C:30:A7:01:90:C8 Certificate issuer: /CN=A91E3E8B/serialNumber=5DBEF02C283CE08D6DCE89F3912A0C30A70190C8 Certificate serial: 3B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xb7wLCg84I1tzonzkSoMMKcBkMg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3E8B/04DE2B92BE2211F0B38DB519C4F9AE02/Xb7wLCg84I1tzonzkSoMMKcBkMg.mft Manifest number: 3B Signing time: Sun 01 Mar 2026 09:53:54 +0000 Manifest this update: Sun 01 Mar 2026 09:53:54 +0000 Manifest next update: Sun 08 Mar 2026 09:53:54 +0000 Files and hashes: 1: Xb7wLCg84I1tzonzkSoMMKcBkMg.crl (hash: gC1UeFOv6zdGeRGszmTS/BXyVc9kstW80UF6gbmxjcM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3E8B/04DE2B92BE2211F0B38DB519C4F9AE02/Xb7wLCg84I1tzonzkSoMMKcBkMg.crl rsync://rpki.apnic.net/member_repository/A91E3E8B/04DE2B92BE2211F0B38DB519C4F9AE02/Xb7wLCg84I1tzonzkSoMMKcBkMg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xb7wLCg84I1tzonzkSoMMKcBkMg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 09:53:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59 (0x3b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3E8B, serialNumber=5DBEF02C283CE08D6DCE89F3912A0C30A70190C8 Validity Not Before: Mar 1 09:53:54 2026 GMT Not After : Mar 8 09:53:54 2026 GMT Subject: CN=69a40cb2-21d5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:d0:c6:d8:35:e7:af:b9:99:a3:45:45:76:65: e9:fc:b5:06:24:df:7a:18:06:ba:40:0c:3f:2f:7f: 42:6e:b4:e7:5c:77:2d:cb:9e:b5:6c:98:30:78:f4: 42:19:cf:96:8a:25:14:89:76:80:8d:c8:b2:63:dd: 0e:72:c4:62:04:a0:f2:b7:95:a9:e7:e8:e5:91:4f: f5:23:f3:e5:ee:7e:a2:7a:04:28:69:fa:e0:64:ad: 22:32:02:6f:ef:2c:e0:7a:67:ef:05:72:f1:7f:79: 39:fb:30:c7:cd:6c:45:13:15:51:36:65:d5:60:04: 0c:db:13:50:e6:d4:6b:98:2a:a5:87:a1:43:41:95: 67:d5:1d:70:0f:3c:8c:b2:18:1e:38:34:69:c0:89: ac:2d:26:87:d5:4e:f6:75:c6:78:69:2d:4b:c1:44: ba:54:6b:e8:3b:ba:aa:38:bc:9a:d3:56:54:18:e5: ba:46:f5:f0:10:6b:f6:bb:72:ce:10:05:02:89:ce: bf:30:6c:05:f7:f8:98:79:8e:ca:fa:d0:44:f6:7b: c5:3e:fb:87:33:d9:e1:d7:71:79:39:fe:69:6c:5e: d0:02:40:bb:f9:e0:4d:dc:bf:ea:6b:82:3b:df:74: 6c:3f:3c:25:e8:79:2e:c6:87:8d:f7:4d:bc:5c:de: 00:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:6D:C5:79:A6:78:F7:D8:6F:C4:BB:A5:E8:B3:EF:86:2A:FC:80:65 X509v3 Authority Key Identifier: keyid:5D:BE:F0:2C:28:3C:E0:8D:6D:CE:89:F3:91:2A:0C:30:A7:01:90:C8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3E8B/04DE2B92BE2211F0B38DB519C4F9AE02/Xb7wLCg84I1tzonzkSoMMKcBkMg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xb7wLCg84I1tzonzkSoMMKcBkMg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3E8B/04DE2B92BE2211F0B38DB519C4F9AE02/Xb7wLCg84I1tzonzkSoMMKcBkMg.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 52:9c:57:c9:c9:bc:6e:b0:15:4a:07:22:8a:0e:76:d7:a4:6f: 0a:56:d1:4e:ff:e0:39:00:0b:98:f7:7e:fe:7c:5b:17:56:0f: 9e:06:05:ab:18:e5:ff:9f:b2:b9:7c:83:91:d9:db:99:26:8d: f1:54:a1:71:29:92:a6:5e:49:fa:28:db:90:2b:26:ff:0d:16: 4b:83:06:63:0a:58:62:dc:bf:4b:00:8c:c1:12:99:20:7e:ce: 83:93:3d:fd:94:c2:06:5e:4f:fd:cc:fa:4a:77:36:e1:97:c4: 1a:45:2f:df:78:44:04:b1:99:50:57:c0:0a:bf:34:f7:3d:ea: 06:7c:44:8e:2d:bd:e9:eb:c2:12:57:f6:05:6f:cd:12:a3:08: 1c:94:8b:ab:f7:1a:6f:6e:26:4c:49:b1:7f:f9:38:87:ce:67: dd:10:7d:1d:c5:39:db:ca:83:57:00:77:b6:6d:29:22:f9:84: 1a:15:3e:fd:c6:aa:93:f7:62:08:f0:66:60:00:0d:17:61:0a: ad:e6:34:1a:d3:28:6b:fd:1d:7d:fd:ff:2d:3e:8f:b9:ea:1e: 64:63:3a:04:25:98:28:e4:f6:0a:ef:b8:1d:e6:7a:6b:45:5c: 89:dc:c2:2f:da:8d:96:ae:94:7f:b5:cd:03:84:ce:bb:22:b7: 6b:4b:2f:a2 -----BEGIN CERTIFICATE----- MIIFTjCCBDagAwIBAgIBOzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF M0U4QjExMC8GA1UEBRMoNURCRUYwMkMyODNDRTA4RDZEQ0U4OUYzOTEyQTBDMzBB NzAxOTBDODAeFw0yNjAzMDEwOTUzNTRaFw0yNjAzMDgwOTUzNTRaMBgxFjAUBgNV BAMTDTY5YTQwY2IyLTIxZDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC80MbYNeevuZmjRUV2Zen8tQYk33oYBrpADD8vf0JutOdcdy3LnrVsmDB49EIZ z5aKJRSJdoCNyLJj3Q5yxGIEoPK3lann6OWRT/Uj8+XufqJ6BChp+uBkrSIyAm/v LOB6Z+8FcvF/eTn7MMfNbEUTFVE2ZdVgBAzbE1Dm1GuYKqWHoUNBlWfVHXAPPIyy GB44NGnAiawtJofVTvZ1xnhpLUvBRLpUa+g7uqo4vJrTVlQY5bpG9fAQa/a7cs4Q BQKJzr8wbAX3+Jh5jsr60ET2e8U++4cz2eHXcXk5/mlsXtACQLv54E3cv+prgjvf dGw/PCXoeS7Gh433Tbxc3gAXAgMBAAGjggJzMIICbzAdBgNVHQ4EFgQUeW3FeaZ4 99hvxLul6LPvhir8gGUwHwYDVR0jBBgwFoAUXb7wLCg84I1tzonzkSoMMKcBkMgw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUUzRThCLzA0REUyQjkyQkUy MjExRjBCMzhEQjUxOUM0RjlBRTAyL1hiN3dMQ2c4NEkxdHpvbnprU29NTUtjQmtN Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvWGI3d0xDZzg0STF0em9uemtTb01NS2NCa01nLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgZAGCCsGAQUFBwELBIGDMIGAMH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUUz RThCLzA0REUyQjkyQkUyMjExRjBCMzhEQjUxOUM0RjlBRTAyL1hiN3dMQ2c4NEkx dHpvbnprU29NTUtjQmtNZy5tZnQwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQBSnFfJybxusBVKByKKDnbXpG8KVtFO/+A5AAuY937+fFsXVg+eBgWrGOX/n7K5 fIOR2duZJo3xVKFxKZKmXkn6KNuQKyb/DRZLgwZjClhi3L9LAIzBEpkgfs6Dkz39 lMIGXk/9zPpKdzbhl8QaRS/feEQEsZlQV8AKvzT3PeoGfESOLb3p68ISV/YFb80S owgclIur9xpvbiZMSbF/+TiHzmfdEH0dxTnbyoNXAHe2bSki+YQaFT79xqqT92II 8GZgAA0XYQqt5jQa0yhr/R19/f8tPo+56h5kYzoEJZgo5PYK77gd5nprRVyJ3MIv 2o2WrpR/tc0DhM67IrdrSy+i -----END CERTIFICATE-----Generated at Mon Mar 2 12:01:50 2026 by rpki-client