$ rpki-client -vvf rpki.apnic.net/member_repository/A91E9D1A/C59B02DA1D7011E286F147B508B02CD2/CXb8PSMYbUjGcXc3QIkc9U4xuA4.mft File: CXb8PSMYbUjGcXc3QIkc9U4xuA4.mft (raw, json) Hash identifier: 4C7Uyy4AzRah53unX5NUCgbocXW4ahkmAlet9lw7xnY= Subject key identifier: A9:EA:3F:96:36:B5:0B:CF:98:D8:CD:9B:E5:E8:01:C7:AE:EC:0D:FB Authority key identifier: 09:76:FC:3D:23:18:6D:48:C6:71:77:37:40:89:1C:F5:4E:31:B8:0E Certificate issuer: /CN=A91E9D1A/serialNumber=0976FC3D23186D48C671773740891CF54E31B80E Certificate serial: 3572 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CXb8PSMYbUjGcXc3QIkc9U4xuA4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E9D1A/C59B02DA1D7011E286F147B508B02CD2/CXb8PSMYbUjGcXc3QIkc9U4xuA4.mft Manifest number: 3550 Signing time: Sat 18 Apr 2026 14:19:25 +0000 Manifest this update: Sat 18 Apr 2026 14:19:25 +0000 Manifest next update: Sat 25 Apr 2026 14:19:25 +0000 Files and hashes: 1: CXb8PSMYbUjGcXc3QIkc9U4xuA4.crl (hash: e/wJooVAL8jEyCtDdSzVE5xKXpSLl3iG+6TiSRxyi7c=) 2: 81C9B5A4BBFA11ED99272016C4F9AE02.roa (hash: wULzE/YcKLKygpTy9Qm31PPUJvQ48rS9tgycJrdEzjc=) 3: E404430CB0F811E595E0F761C4F9AE02.roa (hash: owZAiKzsMVZHcu5y/uvghCfcRo2W0WEoElBFnrF91Ts=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E9D1A/C59B02DA1D7011E286F147B508B02CD2/CXb8PSMYbUjGcXc3QIkc9U4xuA4.crl rsync://rpki.apnic.net/member_repository/A91E9D1A/C59B02DA1D7011E286F147B508B02CD2/CXb8PSMYbUjGcXc3QIkc9U4xuA4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CXb8PSMYbUjGcXc3QIkc9U4xuA4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Apr 2026 14:19:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13682 (0x3572) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E9D1A, serialNumber=0976FC3D23186D48C671773740891CF54E31B80E Validity Not Before: Apr 18 14:19:25 2026 GMT Not After : Apr 25 14:19:25 2026 GMT Subject: CN=69e392ed-07c4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:93:a1:ea:a3:3f:6e:48:62:9d:96:66:1e:d0: b4:ab:8e:94:c1:eb:fa:db:a0:67:cf:be:e0:84:2b: 68:6e:da:f6:7f:50:fa:70:f4:dc:59:13:bf:4c:b4: ef:9f:99:11:7d:63:d1:24:51:77:cf:5e:a7:25:24: ed:c3:6c:8e:4a:35:9a:ca:03:70:2a:71:f2:6a:c1: 3b:2c:77:16:d3:b8:5f:8a:99:b5:e1:83:68:30:ce: 14:eb:2e:b9:b4:9b:51:0b:6e:cb:c6:11:a2:9b:bd: 43:d0:05:0b:69:fe:59:1b:b8:50:6b:f0:25:04:ce: 76:92:7a:f4:be:40:90:42:c4:b3:fd:da:5b:38:56: fe:da:75:5f:53:2d:5f:7b:f6:85:03:fc:c1:75:d6: 1a:75:9e:44:5a:b7:bf:75:c1:ba:6f:dc:23:67:c0: 56:32:a5:d4:67:db:d8:16:93:6f:29:02:f6:c1:e4: 64:54:a1:df:08:d0:c7:0f:d1:ca:72:5d:c6:e8:09: 2f:26:bb:82:38:4d:da:39:17:83:68:ba:64:34:a6: 35:ac:12:7b:dd:b5:e7:51:f7:5d:95:c3:6b:1a:cc: d3:ce:b7:86:77:d4:8b:e6:cc:5d:0a:20:1a:ca:c6: 85:c3:b3:42:65:0a:e6:29:7c:9b:ae:27:ae:a2:ca: ce:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:EA:3F:96:36:B5:0B:CF:98:D8:CD:9B:E5:E8:01:C7:AE:EC:0D:FB X509v3 Authority Key Identifier: keyid:09:76:FC:3D:23:18:6D:48:C6:71:77:37:40:89:1C:F5:4E:31:B8:0E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E9D1A/C59B02DA1D7011E286F147B508B02CD2/CXb8PSMYbUjGcXc3QIkc9U4xuA4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CXb8PSMYbUjGcXc3QIkc9U4xuA4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E9D1A/C59B02DA1D7011E286F147B508B02CD2/CXb8PSMYbUjGcXc3QIkc9U4xuA4.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 30:6a:d0:0a:04:e3:22:3e:99:a4:cc:89:f8:c9:55:b6:6c:59: bc:46:86:d5:ba:3b:64:f6:2b:b6:8a:a5:8b:16:86:68:5b:e0: 3d:e4:77:d1:63:17:39:9d:e2:e2:32:b2:06:4a:83:30:01:33: 39:ee:7b:30:36:41:16:9b:9b:2f:61:8a:62:4f:f2:9b:c7:31: 88:e3:58:cc:49:d8:af:b7:b4:23:1a:b4:9e:b1:4d:6a:19:98: cd:3c:74:d8:58:75:66:9b:0b:17:c5:4a:1c:1c:14:20:c5:a5: 6d:75:9d:23:8c:93:0b:64:0a:2f:0c:87:fb:a5:0b:59:0f:c7: d7:42:91:0b:b8:93:5e:f2:3f:f3:58:34:bb:18:93:fe:6a:88: 42:0c:d8:2e:77:ab:3e:d3:de:7b:e4:38:25:8c:9e:1e:e3:37: 30:3e:29:d1:c4:9d:9a:15:78:2a:4a:7f:bd:c9:07:e7:fb:f6: d3:fd:bd:59:b3:df:99:2c:1b:78:20:4d:f0:54:8b:22:d7:e0: a1:05:81:81:8a:7d:f1:bf:91:d1:47:72:82:8d:4a:16:2c:31: ed:f1:24:dd:ce:2a:a9:90:48:9a:e6:74:5a:0e:75:71:15:35: 07:1e:a8:ab:16:0f:61:e8:b6:b3:23:02:1b:26:58:ad:28:b5: 49:0e:47:a4 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICNXIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTlEMUExMTAvBgNVBAUTKDA5NzZGQzNEMjMxODZENDhDNjcxNzczNzQwODkxQ0Y1 NEUzMUI4MEUwHhcNMjYwNDE4MTQxOTI1WhcNMjYwNDI1MTQxOTI1WjAYMRYwFAYD VQQDEw02OWUzOTJlZC0wN2M0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx5Oh6qM/bkhinZZmHtC0q46Uwev626Bnz77ghCtobtr2f1D6cPTcWRO/TLTv n5kRfWPRJFF3z16nJSTtw2yOSjWaygNwKnHyasE7LHcW07hfipm14YNoMM4U6y65 tJtRC27LxhGim71D0AULaf5ZG7hQa/AlBM52knr0vkCQQsSz/dpbOFb+2nVfUy1f e/aFA/zBddYadZ5EWre/dcG6b9wjZ8BWMqXUZ9vYFpNvKQL2weRkVKHfCNDHD9HK cl3G6AkvJruCOE3aOReDaLpkNKY1rBJ73bXnUfddlcNrGszTzreGd9SL5sxdCiAa ysaFw7NCZQrmKXybrieuosrOmwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFKnqP5Y2 tQvPmNjNm+XoAceu7A37MB8GA1UdIwQYMBaAFAl2/D0jGG1IxnF3N0CJHPVOMbgO MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOUQxQS9DNTlCMDJEQTFE NzAxMUUyODZGMTQ3QjUwOEIwMkNEMi9DWGI4UFNNWWJVakdjWGMzUUlrYzlVNHh1 QTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NYYjhQU01ZYlVqR2NYYzNRSWtjOVU0eHVBNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF OUQxQS9DNTlCMDJEQTFENzAxMUUyODZGMTQ3QjUwOEIwMkNEMi9DWGI4UFNNWWJV akdjWGMzUUlrYzlVNHh1QTQubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAMGrQCgTjIj6ZpMyJ+MlVtmxZvEaG1bo7ZPYrtoqlixaGaFvgPeR30WMXOZ3i 4jKyBkqDMAEzOe57MDZBFpubL2GKYk/ym8cxiONYzEnYr7e0Ixq0nrFNahmYzTx0 2Fh1ZpsLF8VKHBwUIMWlbXWdI4yTC2QKLwyH+6ULWQ/H10KRC7iTXvI/81g0uxiT /mqIQgzYLnerPtPee+Q4JYyeHuM3MD4p0cSdmhV4Kkp/vckH5/v20/29WbPfmSwb eCBN8FSLItfgoQWBgYp98b+R0Udygo1KFiwx7fEk3c4qqZBImuZ0Wg51cRU1Bx6o qxYPYei2syMCGyZYrSi1SQ5HpA== -----END CERTIFICATE-----Generated at Sun Apr 19 08:55:27 2026 by rpki-client