$ rpki-client -vvf rpki.apnic.net/member_repository/A91F3B5F/B170C912136611F082E3C50DC4F9AE02/3rTAuQf6yhxdN3a9SUb0uqjKazA.mft File: 3rTAuQf6yhxdN3a9SUb0uqjKazA.mft (raw, json) Hash identifier: 5AMGrGPnGOO4gATkPfKssHKKPTpYNU9/oCpAYt5SK/U= Subject key identifier: C7:2E:CB:78:77:92:80:E3:4F:2C:6C:0F:22:B0:DD:76:25:83:66:38 Authority key identifier: DE:B4:C0:B9:07:FA:CA:1C:5D:37:76:BD:49:46:F4:BA:A8:CA:6B:30 Certificate issuer: /CN=A91F3B5F/serialNumber=DEB4C0B907FACA1C5D3776BD4946F4BAA8CA6B30 Certificate serial: B2 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3rTAuQf6yhxdN3a9SUb0uqjKazA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F3B5F/B170C912136611F082E3C50DC4F9AE02/3rTAuQf6yhxdN3a9SUb0uqjKazA.mft Manifest number: AE Signing time: Mon 02 Mar 2026 13:20:59 +0000 Manifest this update: Mon 02 Mar 2026 13:20:59 +0000 Manifest next update: Mon 09 Mar 2026 13:20:59 +0000 Files and hashes: 1: 3rTAuQf6yhxdN3a9SUb0uqjKazA.crl (hash: ISnFEv+cLguDAYTx0XNjpO5bmh76YLeXnL+x/0bX3I8=) 2: 0B65C980136D11F09F542C81C4F9AE02.roa (hash: wGUGCDLQuCuMzbcHbV/cBOi37S+j6xYKnWjU86HEOho=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F3B5F/B170C912136611F082E3C50DC4F9AE02/3rTAuQf6yhxdN3a9SUb0uqjKazA.crl rsync://rpki.apnic.net/member_repository/A91F3B5F/B170C912136611F082E3C50DC4F9AE02/3rTAuQf6yhxdN3a9SUb0uqjKazA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3rTAuQf6yhxdN3a9SUb0uqjKazA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 13:20:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 178 (0xb2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F3B5F, serialNumber=DEB4C0B907FACA1C5D3776BD4946F4BAA8CA6B30 Validity Not Before: Mar 2 13:20:59 2026 GMT Not After : Mar 9 13:20:59 2026 GMT Subject: CN=69a58ebb-3e14 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:69:bf:1f:a6:19:80:b3:ea:9f:85:90:55:bb: 64:2c:f7:fc:36:f8:bd:3c:d6:68:22:a7:e7:9b:ed: b5:91:d5:7a:23:1b:b7:b8:d5:49:37:fd:08:9b:a4: 66:71:a9:14:a3:58:5d:cd:91:46:47:4d:f2:cd:d0: 86:99:d4:86:8d:f7:01:62:55:27:30:c5:a7:80:91: c7:9b:0a:38:01:8f:b8:52:15:8d:47:2b:ab:dd:52: 65:46:0b:79:5c:ea:64:48:db:74:bc:0e:40:70:d4: a3:88:3c:56:43:f6:82:7f:ac:30:05:d5:25:bb:1f: e1:bb:91:90:db:70:8b:72:7c:4a:2c:8a:80:9e:e6: 74:88:32:43:60:72:5b:1a:55:85:36:68:cd:56:64: 82:15:7c:80:7f:4f:d7:e6:c6:74:84:7f:32:4b:b8: ec:dc:88:aa:1b:44:30:f7:73:e7:d2:de:8a:d5:a1: d0:fb:f9:78:75:e0:ed:43:a9:89:52:9c:ed:30:f2: c3:ec:de:8e:c9:d3:53:3e:33:e9:cb:e9:3a:b8:c2: 66:8d:20:ad:ab:2e:04:2c:70:d1:e7:9d:cc:e0:0f: da:1d:47:e4:48:18:08:d8:9f:66:e9:92:d1:d1:43: 16:46:5d:5b:c6:e5:29:74:ad:c9:2c:fa:56:ce:2c: e7:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:2E:CB:78:77:92:80:E3:4F:2C:6C:0F:22:B0:DD:76:25:83:66:38 X509v3 Authority Key Identifier: keyid:DE:B4:C0:B9:07:FA:CA:1C:5D:37:76:BD:49:46:F4:BA:A8:CA:6B:30 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F3B5F/B170C912136611F082E3C50DC4F9AE02/3rTAuQf6yhxdN3a9SUb0uqjKazA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3rTAuQf6yhxdN3a9SUb0uqjKazA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F3B5F/B170C912136611F082E3C50DC4F9AE02/3rTAuQf6yhxdN3a9SUb0uqjKazA.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4b:cb:85:d6:26:e9:c9:be:58:7b:fb:4a:41:f8:8c:8d:52:a0: 57:02:78:6e:26:cc:6d:9b:92:76:ad:54:fd:a1:37:c5:c3:75: 8e:be:be:c6:67:46:f2:55:44:86:74:07:27:23:56:f3:7f:83: 50:8d:78:1a:66:27:9c:97:42:d2:7a:6c:28:cd:09:73:a0:a1: 59:93:ad:df:78:a0:86:65:fc:2e:d9:af:13:42:85:46:c9:e8: ab:e4:4a:a3:1d:91:91:6c:74:5d:08:b1:c1:29:ee:88:5d:90: 51:b2:36:ca:d2:1e:1a:87:cc:16:cc:5c:3c:d7:34:f0:0b:fb: 16:f9:7d:15:e3:c0:a6:95:9f:26:73:b2:8c:4b:f2:dc:dd:ef: 2f:38:d6:40:8f:cd:f8:02:d0:4a:5c:bb:39:92:a2:7d:ea:f5: 9f:05:c9:a6:38:d1:6a:a2:f7:01:91:46:89:1d:70:98:c4:3f: b2:d9:22:a2:73:fe:79:5a:77:2e:be:14:81:58:52:60:a4:cc: 57:bb:6e:47:cf:40:5e:fd:90:bc:30:25:08:52:84:54:de:bd: a9:f6:b5:11:62:e4:32:7a:14:c4:91:4b:d1:83:6e:f5:ca:ac: 0e:7b:e3:16:e6:20:8e:43:d0:bc:64:0e:f9:df:50:3f:11:1b: c8:4b:9b:3a -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICALIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjNCNUYxMTAvBgNVBAUTKERFQjRDMEI5MDdGQUNBMUM1RDM3NzZCRDQ5NDZGNEJB QThDQTZCMzAwHhcNMjYwMzAyMTMyMDU5WhcNMjYwMzA5MTMyMDU5WjAYMRYwFAYD VQQDEw02OWE1OGViYi0zZTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAjmm/H6YZgLPqn4WQVbtkLPf8Nvi9PNZoIqfnm+21kdV6Ixu3uNVJN/0Im6Rm cakUo1hdzZFGR03yzdCGmdSGjfcBYlUnMMWngJHHmwo4AY+4UhWNRyur3VJlRgt5 XOpkSNt0vA5AcNSjiDxWQ/aCf6wwBdUlux/hu5GQ23CLcnxKLIqAnuZ0iDJDYHJb GlWFNmjNVmSCFXyAf0/X5sZ0hH8yS7js3IiqG0Qw93Pn0t6K1aHQ+/l4deDtQ6mJ UpztMPLD7N6OydNTPjPpy+k6uMJmjSCtqy4ELHDR553M4A/aHUfkSBgI2J9m6ZLR 0UMWRl1bxuUpdK3JLPpWziznbQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFMcuy3h3 koDjTyxsDyKw3XYlg2Y4MB8GA1UdIwQYMBaAFN60wLkH+socXTd2vUlG9Lqoymsw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGM0I1Ri9CMTcwQzkxMjEz NjYxMUYwODJFM0M1MERDNEY5QUUwMi8zclRBdVFmNnloeGROM2E5U1ViMHVxakth ekEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzNyVEF1UWY2eWh4ZE4zYTlTVWIwdXFqS2F6QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG M0I1Ri9CMTcwQzkxMjEzNjYxMUYwODJFM0M1MERDNEY5QUUwMi8zclRBdVFmNnlo eGROM2E5U1ViMHVxakthekEubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAS8uF1ibpyb5Ye/tKQfiMjVKgVwJ4bibMbZuSdq1U/aE3xcN1jr6+xmdG8lVE hnQHJyNW83+DUI14GmYnnJdC0npsKM0Jc6ChWZOt33ighmX8LtmvE0KFRsnoq+RK ox2RkWx0XQixwSnuiF2QUbI2ytIeGofMFsxcPNc08Av7Fvl9FePAppWfJnOyjEvy 3N3vLzjWQI/N+ALQSly7OZKifer1nwXJpjjRaqL3AZFGiR1wmMQ/stkionP+eVp3 Lr4UgVhSYKTMV7tuR89AXv2QvDAlCFKEVN69qfa1EWLkMnoUxJFL0YNu9cqsDnvj FuYgjkPQvGQO+d9QPxEbyEubOg== -----END CERTIFICATE-----Generated at Mon Mar 2 17:28:23 2026 by rpki-client