$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft File: He4XpqM4DuSI7ztuISW4eOZAckg.mft (raw, json) Hash identifier: kQ2sGqkRmuCMuyFpiRYZ1qWcyZMCRN/cVfQQX7YTb+M= Subject key identifier: 5A:4B:FD:A9:A0:0C:64:8E:23:61:48:7F:66:93:C7:5A:91:BE:6E:97 Authority key identifier: 1D:EE:17:A6:A3:38:0E:E4:88:EF:3B:6E:21:25:B8:78:E6:40:72:48 Certificate issuer: /CN=A91E8D22/serialNumber=1DEE17A6A3380EE488EF3B6E2125B878E6407248 Certificate serial: 020A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He4XpqM4DuSI7ztuISW4eOZAckg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft Manifest number: 0205 Signing time: Sun 01 Mar 2026 03:48:37 +0000 Manifest this update: Sun 01 Mar 2026 03:48:36 +0000 Manifest next update: Sun 08 Mar 2026 03:48:36 +0000 Files and hashes: 1: He4XpqM4DuSI7ztuISW4eOZAckg.crl (hash: Xs8E5Il2w2L7L89Y8cg6yMo1UlnEYBRXhMQRoev0GMA=) 2: 8405155C69EB11EF933A993CC4F9AE02.roa (hash: Nc218pLJmDdsf2Z9Kv612BkBE9ixmiOBUD2+vg6KRQA=) 3: 805A2E74660311EF90397033C4F9AE02.roa (hash: kr3XK/LA3ME6CWbcxw7hFQfhU6QavtLWXc2+mP6aHgc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.crl rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He4XpqM4DuSI7ztuISW4eOZAckg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 03:48:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 522 (0x20a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E8D22, serialNumber=1DEE17A6A3380EE488EF3B6E2125B878E6407248 Validity Not Before: Mar 1 03:48:36 2026 GMT Not After : Mar 8 03:48:36 2026 GMT Subject: CN=69a3b715-7005 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:f8:6a:ae:2c:e8:fe:8e:6e:b4:f6:b2:2e:62: 6e:13:9c:43:1f:5b:5c:4d:70:9f:61:16:42:69:ee: fb:36:2f:83:e4:d6:5c:1d:b8:0e:4d:95:3e:f6:0b: 9e:b6:39:de:46:71:68:cf:c1:aa:f9:91:67:79:fc: 69:da:40:84:5b:5b:7d:77:8b:22:c8:c8:89:a1:a7: 4d:95:86:dd:ed:59:cb:0c:10:ee:b4:d3:4b:5e:c3: f6:d5:c8:6e:9e:76:11:81:d8:58:6b:a5:ad:d2:28: f7:61:a7:3a:5a:3b:d7:c9:ec:85:b6:5e:c8:c0:2d: 19:9a:24:53:10:69:58:96:e2:7b:34:b3:3a:66:c6: b2:8b:e3:d5:bb:33:d3:0c:8d:69:e1:d4:dd:b4:26: e2:0d:24:55:ac:53:95:96:ef:0c:5d:57:71:0b:a8: 4d:59:11:bf:31:62:6a:b0:0d:7a:62:2b:79:c3:e3: 26:06:1e:d4:b5:e0:d7:bb:cb:c7:fd:38:76:2d:25: 0a:5f:ba:18:57:59:71:ec:7b:28:6a:43:62:a7:f2: 5a:17:54:3a:a4:68:06:77:c0:25:67:3a:c2:9e:ce: fb:f2:40:3d:00:02:ef:1b:59:59:a3:88:ce:32:d0: 2c:39:cf:46:00:26:77:ce:bb:36:71:6a:3a:0b:82: b5:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:4B:FD:A9:A0:0C:64:8E:23:61:48:7F:66:93:C7:5A:91:BE:6E:97 X509v3 Authority Key Identifier: keyid:1D:EE:17:A6:A3:38:0E:E4:88:EF:3B:6E:21:25:B8:78:E6:40:72:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He4XpqM4DuSI7ztuISW4eOZAckg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 12:22:e1:c8:e5:5d:17:09:45:8f:d6:12:20:3f:8c:79:ab:d0: 53:7f:26:c0:6b:d5:61:a7:c1:fd:89:0e:83:5c:0a:fb:57:4d: 2b:83:a9:e2:85:66:e0:43:7a:d4:8e:c7:b7:86:52:4a:ac:9a: 02:1f:d7:a3:fe:78:fb:12:c7:0b:d4:7f:42:ad:9e:91:29:24: b9:e6:ab:9d:04:67:32:9e:42:dd:98:15:d7:ac:31:44:72:c0: db:39:02:24:75:b6:89:32:4d:0f:31:c0:2c:24:37:dc:d7:6d: a8:90:01:a4:ce:27:08:5d:2c:93:78:90:7a:87:d6:f3:c5:35: 03:38:68:38:58:97:f5:45:1b:a7:1c:e9:7e:eb:75:39:c5:b3: f8:47:b0:f5:a9:22:6d:11:f2:08:cd:aa:ac:08:d2:26:2e:1e: e2:ef:78:e2:25:ea:d7:aa:98:cb:dc:91:2b:29:bb:51:c7:8a: a7:1d:4a:66:66:a5:ab:d4:a8:5b:ef:0b:3a:63:d4:61:ba:41: 15:90:7d:8a:52:70:4f:c1:a3:ce:92:4f:5f:a4:27:87:c9:8a: 09:64:82:e5:55:14:e5:8a:a1:7b:42:43:c9:4e:aa:68:d3:29: 11:28:fe:a8:ea:7b:ab:18:e0:b8:f6:6d:8e:39:b7:a8:06:de: 19:c0:d0:12 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICAgowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RThEMjIxMTAvBgNVBAUTKDFERUUxN0E2QTMzODBFRTQ4OEVGM0I2RTIxMjVCODc4 RTY0MDcyNDgwHhcNMjYwMzAxMDM0ODM2WhcNMjYwMzA4MDM0ODM2WjAYMRYwFAYD VQQDDA02OWEzYjcxNS03MDA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvfhqrizo/o5utPayLmJuE5xDH1tcTXCfYRZCae77Ni+D5NZcHbgOTZU+9gue tjneRnFoz8Gq+ZFnefxp2kCEW1t9d4siyMiJoadNlYbd7VnLDBDutNNLXsP21chu nnYRgdhYa6Wt0ij3Yac6WjvXyeyFtl7IwC0ZmiRTEGlYluJ7NLM6Zsayi+PVuzPT DI1p4dTdtCbiDSRVrFOVlu8MXVdxC6hNWRG/MWJqsA16Yit5w+MmBh7UteDXu8vH /Th2LSUKX7oYV1lx7HsoakNip/JaF1Q6pGgGd8AlZzrCns778kA9AALvG1lZo4jO MtAsOc9GACZ3zrs2cWo6C4K1SQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFFpL/amg DGSOI2FIf2aTx1qRvm6XMB8GA1UdIwQYMBaAFB3uF6ajOA7kiO87biEluHjmQHJI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEQyMi8zRjdENjhBOEZE RTUxMUVEODc4NDE3NzBDNEY5QUUwMi9IZTRYcHFNNER1U0k3enR1SVNXNGVPWkFj a2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hlNFhwcU00RHVTSTd6dHVJU1c0ZU9aQWNrZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF OEQyMi8zRjdENjhBOEZERTUxMUVEODc4NDE3NzBDNEY5QUUwMi9IZTRYcHFNNER1 U0k3enR1SVNXNGVPWkFja2cubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAEiLhyOVdFwlFj9YSID+MeavQU38mwGvVYafB/YkOg1wK+1dNK4Op4oVm4EN6 1I7Ht4ZSSqyaAh/Xo/54+xLHC9R/Qq2ekSkkuearnQRnMp5C3ZgV16wxRHLA2zkC JHW2iTJNDzHALCQ33NdtqJABpM4nCF0sk3iQeofW88U1AzhoOFiX9UUbpxzpfut1 OcWz+Eew9akibRHyCM2qrAjSJi4e4u944iXq16qYy9yRKym7UceKpx1KZmalq9So W+8LOmPUYbpBFZB9ilJwT8GjzpJPX6Qnh8mKCWSC5VUU5Yqhe0JDyU6qaNMpESj+ qOp7qxjguPZtjjm3qAbeGcDQEg== -----END CERTIFICATE-----Generated at Sun Mar 1 20:39:58 2026 by rpki-client