$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft File: He4XpqM4DuSI7ztuISW4eOZAckg.mft (raw, json) Hash identifier: gY403Lci3EyvPRDj7HpJG4rASTiSKiRtyRfc+RO0HCQ= Subject key identifier: BC:51:61:6C:E2:1C:B4:0F:CE:A1:CF:0A:A1:F3:06:15:F8:1E:73:37 Authority key identifier: 1D:EE:17:A6:A3:38:0E:E4:88:EF:3B:6E:21:25:B8:78:E6:40:72:48 Certificate issuer: /CN=A91E8D22/serialNumber=1DEE17A6A3380EE488EF3B6E2125B878E6407248 Certificate serial: 022A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He4XpqM4DuSI7ztuISW4eOZAckg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft Manifest number: 0221 Signing time: Fri 17 Apr 2026 02:32:59 +0000 Manifest this update: Fri 17 Apr 2026 02:32:58 +0000 Manifest next update: Fri 24 Apr 2026 02:32:58 +0000 Files and hashes: 1: He4XpqM4DuSI7ztuISW4eOZAckg.crl (hash: 801be5p4CdBCI6HEskZ4hpA8KdRGB89K1YNZqK+lqnU=) 2: 8405155C69EB11EF933A993CC4F9AE02.roa (hash: 6/dXduBGzp0fOt3H0jel27vj2BC5gLfjT1zUeVEO9J0=) 3: 805A2E74660311EF90397033C4F9AE02.roa (hash: 5vtGlk0S0hYad6mDuGYTky+IHAV1KVmi2xi5vEoQKNE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.crl rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He4XpqM4DuSI7ztuISW4eOZAckg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Apr 2026 02:32:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 554 (0x22a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E8D22, serialNumber=1DEE17A6A3380EE488EF3B6E2125B878E6407248 Validity Not Before: Apr 17 02:32:58 2026 GMT Not After : Apr 24 02:32:58 2026 GMT Subject: CN=69e19bda-1756 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:ee:64:50:6c:0c:d7:fd:7a:93:0b:eb:9e:b4: 85:e3:b7:f4:7d:fc:43:68:b8:39:01:55:1c:90:f3: 97:a7:97:63:26:14:75:d8:b4:c8:0c:ee:e1:15:5c: 69:2d:c1:c0:67:9d:6e:31:c3:7a:63:22:01:6e:5b: 3e:6b:d5:b3:77:aa:40:64:09:e8:9c:0f:b1:0c:38: 9e:6a:74:26:05:4b:74:7b:fc:d4:70:6e:ad:78:0f: 68:d3:dc:47:19:0b:83:8d:c0:37:62:25:33:1d:c2: 6f:c7:af:e9:0b:46:46:bf:15:f4:67:72:af:d5:6d: 5b:bd:e9:57:48:e3:92:89:40:f0:e6:2c:1c:fe:30: 89:28:ff:1f:12:47:8a:73:07:eb:bf:d0:a9:f6:d4: a2:2e:9f:05:a8:d8:cc:37:97:cb:1b:e6:b6:ae:18: a3:24:6a:33:26:7a:08:64:7d:74:b9:92:c0:3d:82: 98:56:cf:11:24:63:ea:2f:55:e1:e0:46:a2:9f:d2: 94:24:20:89:79:bc:91:b3:14:60:1a:7a:80:80:7e: 68:3b:2a:d9:b2:e4:53:6b:0f:9c:f4:9d:7a:3b:f9: 0a:25:89:9b:31:6e:4c:3b:c8:23:f8:4e:93:0d:ad: ae:5b:15:7b:12:6f:ec:ef:03:1d:59:ba:57:67:8d: e2:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:51:61:6C:E2:1C:B4:0F:CE:A1:CF:0A:A1:F3:06:15:F8:1E:73:37 X509v3 Authority Key Identifier: keyid:1D:EE:17:A6:A3:38:0E:E4:88:EF:3B:6E:21:25:B8:78:E6:40:72:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He4XpqM4DuSI7ztuISW4eOZAckg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4e:b7:04:b9:8e:5e:c1:6f:47:68:d6:27:6f:94:68:84:5a:55: ec:33:eb:04:83:8f:be:ee:d1:71:2c:0f:eb:50:b7:c0:d6:a5: 95:10:48:ae:02:3b:21:c4:f1:e8:16:80:3e:3c:58:cc:d1:1c: ac:03:82:b5:96:a6:34:44:0a:25:d3:cb:e3:c1:dc:c5:12:63: 58:ae:35:cc:b1:51:22:fd:15:b1:12:aa:55:c0:a5:8f:b0:59: 24:48:cc:bf:4c:41:4a:60:34:be:25:2f:05:8a:2c:8f:51:c3: ce:3b:d7:b2:16:b5:b2:d6:fb:42:ec:1d:f0:03:ef:85:b6:6f: 12:63:34:cf:22:be:a9:c3:f0:bb:82:f7:69:e4:22:39:e7:45: 8e:d4:97:4b:52:5c:c1:09:de:89:b7:e6:63:65:54:fb:bb:f7: 5f:ed:16:44:70:4a:b1:41:2e:5c:a3:3e:15:1d:4b:a9:3c:2c: 1b:fd:34:eb:a0:ac:d1:a1:85:66:34:24:35:df:1f:a1:a4:0b: 50:20:5d:83:c5:f0:ae:76:62:e5:f4:61:62:72:e5:b8:e4:17: 27:fd:82:40:aa:f4:ad:ea:1b:ea:7a:04:ad:d3:0e:d8:81:9d: f2:b0:f3:d9:aa:bd:d7:ea:80:80:5f:c6:17:3a:fc:af:4e:f1: 72:62:cc:4d -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICAiowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RThEMjIxMTAvBgNVBAUTKDFERUUxN0E2QTMzODBFRTQ4OEVGM0I2RTIxMjVCODc4 RTY0MDcyNDgwHhcNMjYwNDE3MDIzMjU4WhcNMjYwNDI0MDIzMjU4WjAYMRYwFAYD VQQDEw02OWUxOWJkYS0xNzU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAju5kUGwM1/16kwvrnrSF47f0ffxDaLg5AVUckPOXp5djJhR12LTIDO7hFVxp LcHAZ51uMcN6YyIBbls+a9Wzd6pAZAnonA+xDDieanQmBUt0e/zUcG6teA9o09xH GQuDjcA3YiUzHcJvx6/pC0ZGvxX0Z3Kv1W1bvelXSOOSiUDw5iwc/jCJKP8fEkeK cwfrv9Cp9tSiLp8FqNjMN5fLG+a2rhijJGozJnoIZH10uZLAPYKYVs8RJGPqL1Xh 4Eain9KUJCCJebyRsxRgGnqAgH5oOyrZsuRTaw+c9J16O/kKJYmbMW5MO8gj+E6T Da2uWxV7Em/s7wMdWbpXZ43iWQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFLxRYWzi HLQPzqHPCqHzBhX4HnM3MB8GA1UdIwQYMBaAFB3uF6ajOA7kiO87biEluHjmQHJI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEQyMi8zRjdENjhBOEZE RTUxMUVEODc4NDE3NzBDNEY5QUUwMi9IZTRYcHFNNER1U0k3enR1SVNXNGVPWkFj a2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hlNFhwcU00RHVTSTd6dHVJU1c0ZU9aQWNrZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF OEQyMi8zRjdENjhBOEZERTUxMUVEODc4NDE3NzBDNEY5QUUwMi9IZTRYcHFNNER1 U0k3enR1SVNXNGVPWkFja2cubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEATrcEuY5ewW9HaNYnb5RohFpV7DPrBIOPvu7RcSwP61C3wNallRBIrgI7IcTx 6BaAPjxYzNEcrAOCtZamNEQKJdPL48HcxRJjWK41zLFRIv0VsRKqVcClj7BZJEjM v0xBSmA0viUvBYosj1HDzjvXsha1stb7Quwd8APvhbZvEmM0zyK+qcPwu4L3aeQi OedFjtSXS1JcwQneibfmY2VU+7v3X+0WRHBKsUEuXKM+FR1LqTwsG/0066Cs0aGF ZjQkNd8foaQLUCBdg8XwrnZi5fRhYnLluOQXJ/2CQKr0reob6noErdMO2IGd8rDz 2aq91+qAgF/GFzr8r07xcmLMTQ== -----END CERTIFICATE-----Generated at Fri Apr 17 10:37:35 2026 by rpki-client