$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7B89/41BE4F44D9A011F093130E0768D3641D/XnhkKwPMN-Jv1BXn12G-SEc2xWY.mft File: XnhkKwPMN-Jv1BXn12G-SEc2xWY.mft (raw, json) Hash identifier: +0GrUizuuQ6e24FxDarAFzBpCbE4sdyx2YCnu2EhQVM= Subject key identifier: 2E:E6:72:41:59:53:49:F2:59:28:35:88:63:A5:E0:6D:48:7A:90:7F Authority key identifier: 5E:78:64:2B:03:CC:37:E2:6F:D4:15:E7:D7:61:BE:48:47:36:C5:66 Certificate issuer: /CN=A91E7B89/serialNumber=5E78642B03CC37E26FD415E7D761BE484736C566 Certificate serial: 46 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XnhkKwPMN-Jv1BXn12G-SEc2xWY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E7B89/41BE4F44D9A011F093130E0768D3641D/XnhkKwPMN-Jv1BXn12G-SEc2xWY.mft Manifest number: 42 Signing time: Fri 17 Apr 2026 08:08:21 +0000 Manifest this update: Fri 17 Apr 2026 08:08:21 +0000 Manifest next update: Fri 24 Apr 2026 08:08:21 +0000 Files and hashes: 1: XnhkKwPMN-Jv1BXn12G-SEc2xWY.crl (hash: 7OpIF5nxsqhQk6rHcR4Z73TQKc1Qbnk8EPmwAMUf2FA=) 2: 1C61CBFA1D1A11F1B8E79D60103D8C67.roa (hash: wYka0Jo+ri8cUtmDcLdxLnFG7gW5TQTaHwdh/jeTkn4=) 3: 72480DC0D9A111F0989DD75268D3641D.roa (hash: /m7dePdPhCd+iFe1dsv0pa92EOKO9ZVeLTSq8mVj9oY=) 4: 1BD6E18E1D1A11F1B8E79D60103D8C67.roa (hash: FWUBzi+iodYXnW4vMdTTKwC/KG79KdBqlOoiZl/TPEw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E7B89/41BE4F44D9A011F093130E0768D3641D/XnhkKwPMN-Jv1BXn12G-SEc2xWY.crl rsync://rpki.apnic.net/member_repository/A91E7B89/41BE4F44D9A011F093130E0768D3641D/XnhkKwPMN-Jv1BXn12G-SEc2xWY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XnhkKwPMN-Jv1BXn12G-SEc2xWY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Apr 2026 08:08:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70 (0x46) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E7B89, serialNumber=5E78642B03CC37E26FD415E7D761BE484736C566 Validity Not Before: Apr 17 08:08:21 2026 GMT Not After : Apr 24 08:08:21 2026 GMT Subject: CN=69e1ea75-5dfa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:c5:fa:4d:19:69:e7:d5:e1:07:49:8f:73:1a: 07:20:f2:71:92:09:f2:79:f2:8b:52:38:e1:93:bd: fc:00:a8:f2:4e:f0:d9:b5:81:70:88:69:be:5e:ea: e8:af:cc:de:b2:24:99:3c:57:3b:3f:9f:c5:b6:78: 9b:8a:f1:8f:f3:fd:bc:17:b2:11:5f:96:9f:4c:24: 92:75:48:17:8c:bc:12:27:69:6c:31:e1:55:ee:9e: 44:1c:54:f9:13:78:e7:06:15:49:30:b4:5f:4f:a4: 03:08:4a:a1:29:1f:79:eb:8e:6e:c1:7a:ae:78:a2: f9:7f:f4:de:e4:a1:7a:70:56:a6:c5:97:96:14:c7: fd:6d:bf:49:35:22:f5:e0:75:da:12:df:44:71:6e: 9d:83:59:f8:d5:69:82:b8:a1:e9:e6:63:78:11:ca: 57:a0:e8:92:d7:7e:8b:b5:1f:cf:17:bb:f3:54:33: 09:22:6d:91:df:10:f0:2a:4c:00:e2:b9:9c:48:ed: 6b:f3:71:36:bb:87:e9:66:21:d9:8e:55:a5:dd:09: 5a:5f:fe:8a:3f:ba:7a:5f:d9:59:a2:a6:75:b5:a0: 4a:19:e6:fe:62:4e:bf:fc:2d:14:3f:cf:e1:19:1c: 9e:74:fd:b4:08:d4:c3:3f:65:2b:24:7f:0f:62:ea: ff:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:E6:72:41:59:53:49:F2:59:28:35:88:63:A5:E0:6D:48:7A:90:7F X509v3 Authority Key Identifier: keyid:5E:78:64:2B:03:CC:37:E2:6F:D4:15:E7:D7:61:BE:48:47:36:C5:66 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E7B89/41BE4F44D9A011F093130E0768D3641D/XnhkKwPMN-Jv1BXn12G-SEc2xWY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XnhkKwPMN-Jv1BXn12G-SEc2xWY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7B89/41BE4F44D9A011F093130E0768D3641D/XnhkKwPMN-Jv1BXn12G-SEc2xWY.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 72:8b:5a:bd:84:b4:aa:46:42:67:ef:bd:f1:b7:ab:c2:6b:fa: 13:12:04:91:bd:00:11:65:b2:87:02:6e:c8:ab:60:40:19:1a: 48:f1:eb:13:56:b4:c8:e6:4c:09:e6:e0:b5:a8:b6:c9:68:67: de:b9:a4:43:ca:d7:86:b1:02:f4:19:45:90:bf:a9:33:d6:1a: 25:8b:6d:93:33:c1:ee:82:fa:66:36:d1:39:29:53:e7:11:91: d6:ca:e1:05:d9:46:76:f8:94:75:9f:20:f3:f3:a5:bc:99:67: be:da:e2:0e:dd:dd:1c:53:6b:0e:7c:e4:c5:1c:f7:54:ef:27: ff:a7:8d:6e:3e:64:a1:2a:4d:be:fe:1b:1f:41:7a:52:e8:72: a4:f5:1c:b8:f9:f1:69:30:27:b1:26:6f:1d:f7:f0:af:d4:84: bd:f5:7b:9b:63:ef:3a:fc:f6:26:63:b4:b3:fb:bc:a9:d7:e9: 1d:35:31:b6:83:e1:1d:d8:cb:b7:90:af:1a:92:87:06:df:b9: bb:04:92:24:66:ba:37:72:b3:80:d7:3f:52:80:97:4e:0a:3e: 3b:63:85:24:2a:05:a1:d0:0d:2b:d3:ed:02:65:37:6d:0d:3e: 3d:b0:4a:96:58:6c:75:32:c3:f5:1b:bf:3e:d0:2c:90:8b:57: df:26:ad:5d -----BEGIN CERTIFICATE----- MIIFTjCCBDagAwIBAgIBRjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF N0I4OTExMC8GA1UEBRMoNUU3ODY0MkIwM0NDMzdFMjZGRDQxNUU3RDc2MUJFNDg0 NzM2QzU2NjAeFw0yNjA0MTcwODA4MjFaFw0yNjA0MjQwODA4MjFaMBgxFjAUBgNV BAMTDTY5ZTFlYTc1LTVkZmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCtxfpNGWnn1eEHSY9zGgcg8nGSCfJ58otSOOGTvfwAqPJO8Nm1gXCIab5e6uiv zN6yJJk8Vzs/n8W2eJuK8Y/z/bwXshFflp9MJJJ1SBeMvBInaWwx4VXunkQcVPkT eOcGFUkwtF9PpAMISqEpH3nrjm7Beq54ovl/9N7koXpwVqbFl5YUx/1tv0k1IvXg ddoS30Rxbp2DWfjVaYK4oenmY3gRyleg6JLXfou1H88Xu/NUMwkibZHfEPAqTADi uZxI7WvzcTa7h+lmIdmOVaXdCVpf/oo/unpf2VmipnW1oEoZ5v5iTr/8LRQ/z+EZ HJ50/bQI1MM/ZSskfw9i6v9XAgMBAAGjggJzMIICbzAdBgNVHQ4EFgQULuZyQVlT SfJZKDWIY6XgbUh6kH8wHwYDVR0jBBgwFoAUXnhkKwPMN+Jv1BXn12G+SEc2xWYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU3Qjg5LzQxQkU0RjQ0RDlB MDExRjA5MzEzMEUwNzY4RDM2NDFEL1huaGtLd1BNTi1KdjFCWG4xMkctU0VjMnhX WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvWG5oa0t3UE1OLUp2MUJYbjEyRy1TRWMyeFdZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgZAGCCsGAQUFBwELBIGDMIGAMH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU3 Qjg5LzQxQkU0RjQ0RDlBMDExRjA5MzEzMEUwNzY4RDM2NDFEL1huaGtLd1BNTi1K djFCWG4xMkctU0VjMnhXWS5tZnQwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQByi1q9hLSqRkJn773xt6vCa/oTEgSRvQARZbKHAm7Iq2BAGRpI8esTVrTI5kwJ 5uC1qLbJaGfeuaRDyteGsQL0GUWQv6kz1holi22TM8HugvpmNtE5KVPnEZHWyuEF 2UZ2+JR1nyDz86W8mWe+2uIO3d0cU2sOfOTFHPdU7yf/p41uPmShKk2+/hsfQXpS 6HKk9Ry4+fFpMCexJm8d9/Cv1IS99XubY+86/PYmY7Sz+7yp1+kdNTG2g+Ed2Mu3 kK8akocG37m7BJIkZro3crOA1z9SgJdOCj47Y4UkKgWh0A0r0+0CZTdtDT49sEqW WGx1MsP1G78+0CyQi1ffJq1d -----END CERTIFICATE-----Generated at Fri Apr 17 22:49:23 2026 by rpki-client