$ rpki-client -vvf rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.mft File: km2a3G-4c9dlu0EicoDB8RhG7hc.mft (raw, json) Hash identifier: bwpYCNTyMDR5l1d4IirdCQCVI5wUvz0IA+fJrVHyEOI= Subject key identifier: CB:9F:CE:2D:87:F1:2B:2E:06:6C:CA:04:5B:F5:DD:7F:15:67:14:7C Authority key identifier: 92:6D:9A:DC:6F:B8:73:D7:65:BB:41:22:72:80:C1:F1:18:46:EE:17 Certificate issuer: /CN=A91EBA0E/serialNumber=926D9ADC6FB873D765BB41227280C1F11846EE17 Certificate serial: 0245 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/km2a3G-4c9dlu0EicoDB8RhG7hc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.mft Manifest number: 023A Signing time: Sun 01 Mar 2026 03:24:22 +0000 Manifest this update: Sun 01 Mar 2026 03:24:21 +0000 Manifest next update: Sun 08 Mar 2026 03:24:21 +0000 Files and hashes: 1: km2a3G-4c9dlu0EicoDB8RhG7hc.crl (hash: 1c55Ep+AKkpmVgzyGUL99A15ZZhbBB/LBfm5nkmcPd0=) 2: 1B5E26228FA911EF90043A7CC4F9AE02.roa (hash: B6AplExmLrIT4R5ziT3lWEDw+OK86D2hSg+6JuEpzR0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.crl rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/km2a3G-4c9dlu0EicoDB8RhG7hc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 03:24:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 581 (0x245) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EBA0E, serialNumber=926D9ADC6FB873D765BB41227280C1F11846EE17 Validity Not Before: Mar 1 03:24:21 2026 GMT Not After : Mar 8 03:24:21 2026 GMT Subject: CN=69a3b166-ca60 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:db:43:95:17:3c:95:d2:36:90:ec:2c:28:0c: 70:2b:8b:3c:b0:95:3b:21:ad:a0:bf:cf:b0:14:27: 6c:e7:66:86:ff:8b:f1:71:2f:be:f4:0d:1f:a0:bf: 6c:96:63:f2:5f:86:67:63:c5:c2:c6:26:73:33:09: 4a:2a:a7:b9:a2:09:3b:c1:6d:c3:cb:0d:24:7c:83: f1:3c:bd:84:bf:0a:47:fd:c7:4b:be:32:d2:6f:dc: 58:1f:eb:b8:38:10:fe:72:87:f0:42:13:1e:63:09: 27:ba:af:63:65:0a:3e:1d:b3:4d:e1:ee:ac:97:8f: 95:0c:66:af:6a:f1:64:db:0c:d1:05:0c:44:e5:87: 11:30:96:35:94:ac:00:3d:c3:1d:a8:22:54:4f:ca: 19:b9:84:d4:e5:c2:98:b8:c2:57:91:d3:4f:91:65: 0f:eb:a5:42:02:db:fe:8a:11:49:17:30:50:65:0c: 2a:1e:7d:e1:d7:86:93:61:90:79:0f:97:9a:ac:af: d8:24:ef:a8:30:e9:ba:f0:01:63:65:b9:ef:82:d4: 68:29:39:a3:7a:e2:fa:a8:e4:51:38:19:eb:05:f4: 43:dc:b8:a2:8b:7b:df:86:66:b7:0e:3d:99:a5:16: 4f:3b:2a:a5:22:16:44:b4:b5:ec:a7:25:6a:46:79: 8f:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:9F:CE:2D:87:F1:2B:2E:06:6C:CA:04:5B:F5:DD:7F:15:67:14:7C X509v3 Authority Key Identifier: keyid:92:6D:9A:DC:6F:B8:73:D7:65:BB:41:22:72:80:C1:F1:18:46:EE:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/km2a3G-4c9dlu0EicoDB8RhG7hc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption cc:e0:4b:e8:01:f1:16:0c:b4:b6:7f:76:69:82:70:d1:ce:61: db:b7:db:2a:75:f8:7a:a3:41:88:b4:44:7f:a9:04:17:89:e4: df:db:91:04:8b:15:ef:1e:1f:59:36:fc:38:0e:9b:1c:9d:58: fa:74:1b:88:91:1b:0b:68:f8:85:80:b8:9d:cd:b0:02:04:70: 1e:87:00:80:90:7a:7a:cc:60:aa:2b:48:a7:9d:84:bb:51:e2: 59:18:38:44:d4:f1:b1:83:7f:ef:44:57:72:82:9e:02:62:c2: 78:23:8e:2c:cc:c9:0c:7d:82:e3:80:fd:91:a9:97:a7:3f:7a: c6:f7:70:ca:fd:eb:29:72:28:82:2b:3d:03:7f:8f:8b:f2:8c: c5:1f:75:a6:1a:f0:e6:a9:60:3c:70:85:67:b0:77:46:83:9a: 00:7b:7e:d2:03:b0:dc:ba:b7:52:1d:23:12:dd:de:26:78:eb: 83:bd:38:4b:45:85:f5:ba:93:94:1b:d4:e4:6f:f6:b7:e7:00: b7:d2:46:16:bf:e0:2e:91:cb:ed:f3:6f:52:1a:ec:da:af:c1: 4a:e7:51:ba:a7:8b:8a:7f:00:e2:86:23:d2:94:97:fd:24:d0: 19:13:e1:b4:97:8a:0a:b7:e0:92:a9:cb:d5:bf:0c:34:cb:54: f2:dc:e8:87 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICAkUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUJBMEUxMTAvBgNVBAUTKDkyNkQ5QURDNkZCODczRDc2NUJCNDEyMjcyODBDMUYx MTg0NkVFMTcwHhcNMjYwMzAxMDMyNDIxWhcNMjYwMzA4MDMyNDIxWjAYMRYwFAYD VQQDDA02OWEzYjE2Ni1jYTYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3NtDlRc8ldI2kOwsKAxwK4s8sJU7Ia2gv8+wFCds52aG/4vxcS++9A0foL9s lmPyX4ZnY8XCxiZzMwlKKqe5ogk7wW3Dyw0kfIPxPL2EvwpH/cdLvjLSb9xYH+u4 OBD+cofwQhMeYwknuq9jZQo+HbNN4e6sl4+VDGavavFk2wzRBQxE5YcRMJY1lKwA PcMdqCJUT8oZuYTU5cKYuMJXkdNPkWUP66VCAtv+ihFJFzBQZQwqHn3h14aTYZB5 D5earK/YJO+oMOm68AFjZbnvgtRoKTmjeuL6qORROBnrBfRD3Liii3vfhma3Dj2Z pRZPOyqlIhZEtLXspyVqRnmPzwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFMufzi2H 8SsuBmzKBFv13X8VZxR8MB8GA1UdIwQYMBaAFJJtmtxvuHPXZbtBInKAwfEYRu4X MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQkEwRS9EQkJFRDIwNkMw MDUxMUVEQTI1NUZBMTBDNEY5QUUwMi9rbTJhM0ctNGM5ZGx1MEVpY29EQjhSaEc3 aGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ttMmEzRy00YzlkbHUwRWljb0RCOFJoRzdoYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QkEwRS9EQkJFRDIwNkMwMDUxMUVEQTI1NUZBMTBDNEY5QUUwMi9rbTJhM0ctNGM5 ZGx1MEVpY29EQjhSaEc3aGMubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAzOBL6AHxFgy0tn92aYJw0c5h27fbKnX4eqNBiLREf6kEF4nk39uRBIsV7x4f WTb8OA6bHJ1Y+nQbiJEbC2j4hYC4nc2wAgRwHocAgJB6esxgqitIp52Eu1HiWRg4 RNTxsYN/70RXcoKeAmLCeCOOLMzJDH2C44D9kamXpz96xvdwyv3rKXIogis9A3+P i/KMxR91phrw5qlgPHCFZ7B3RoOaAHt+0gOw3Lq3Uh0jEt3eJnjrg704S0WF9bqT lBvU5G/2t+cAt9JGFr/gLpHL7fNvUhrs2q/BSudRuqeLin8A4oYj0pSX/STQGRPh tJeKCrfgkqnL1b8MNMtU8tzohw== -----END CERTIFICATE-----Generated at Sun Mar 1 20:14:22 2026 by rpki-client