$ rpki-client -vvf rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.mft File: kGA-NU21aLPKQpAOcDAR55ZiiS4.mft (raw, json) Hash identifier: d6hDHMc1X4LPg8e8d34vSuzU9R4RhjTjw8QSug9/qYw= Subject key identifier: F4:B5:E5:91:62:AF:01:1A:08:87:0F:11:9F:BC:2A:A7:C3:A2:8E:F4 Authority key identifier: 90:60:3E:35:4D:B5:68:B3:CA:42:90:0E:70:30:11:E7:96:62:89:2E Certificate issuer: /CN=A91F731E/serialNumber=90603E354DB568B3CA42900E703011E79662892E Certificate serial: 0696 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kGA-NU21aLPKQpAOcDAR55ZiiS4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.mft Manifest number: 0686 Signing time: Mon 02 Mar 2026 02:03:22 +0000 Manifest this update: Mon 02 Mar 2026 02:03:20 +0000 Manifest next update: Mon 09 Mar 2026 02:03:20 +0000 Files and hashes: 1: kGA-NU21aLPKQpAOcDAR55ZiiS4.crl (hash: X5RazFiDAf0Wmg09NKNNvdJbyVuwXxXGCDyBqMSPedA=) 2: 30857DB6CBA211ECAE233133C4F9AE02.roa (hash: po/i8uxPFYRsNFTlJU1d5KEDrihE5XxUDGJv65GiON0=) 3: 8CD64094BDFE11EBBBB16A42C4F9AE02.roa (hash: yCmJKCeUjCX4/1rndfEcZXyyAy1UCnlaRalfod8v7Ts=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.crl rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kGA-NU21aLPKQpAOcDAR55ZiiS4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 02:03:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1686 (0x696) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F731E, serialNumber=90603E354DB568B3CA42900E703011E79662892E Validity Not Before: Mar 2 02:03:20 2026 GMT Not After : Mar 9 02:03:20 2026 GMT Subject: CN=69a4efe9-9d8f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:27:05:52:8a:91:6a:9f:89:71:b8:61:2d:90: 7d:ff:39:5f:78:e3:18:be:7f:d6:9b:22:eb:36:ed: 4d:d0:84:f6:1a:c7:ba:50:eb:39:9f:71:26:1b:9e: 19:66:4c:34:f6:32:a4:59:a0:99:ac:b6:bd:32:86: 58:6d:3f:7b:04:8d:6f:b6:a1:b6:e1:1c:e4:4e:04: 8e:0e:b7:f1:3c:c7:09:ee:75:71:09:11:6f:f2:7f: 3b:9a:cf:37:1e:bd:20:a7:e2:a3:d3:bc:05:33:e1: 93:cc:d8:57:48:ba:ef:9d:97:61:b5:f5:1e:cf:5a: 24:d2:e4:b6:d1:fe:00:1f:02:0e:25:f9:0e:93:d4: 95:76:7b:f1:2d:60:dd:37:ac:5f:b8:e1:f4:ec:10: 83:0f:b6:b7:5e:c8:51:70:8f:53:f6:ef:bb:36:01: bd:54:13:a7:03:f4:1f:e9:9d:24:82:1a:8d:ae:0e: a4:ff:66:ce:a0:8b:6d:6b:c4:d9:e0:2f:cd:e7:e3: ff:78:ce:ec:e1:4a:e8:c7:f1:4a:13:12:6c:cd:1f: 3f:b2:d1:e3:f2:6d:5a:cc:14:b2:6c:3f:88:72:0b: f9:85:32:e2:95:c6:73:33:7e:7a:88:77:d9:8e:f3: 22:04:bb:d0:57:c8:6e:5c:b4:b7:83:24:2b:9a:8b: cb:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:B5:E5:91:62:AF:01:1A:08:87:0F:11:9F:BC:2A:A7:C3:A2:8E:F4 X509v3 Authority Key Identifier: keyid:90:60:3E:35:4D:B5:68:B3:CA:42:90:0E:70:30:11:E7:96:62:89:2E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kGA-NU21aLPKQpAOcDAR55ZiiS4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0a:b3:82:94:62:d5:c0:3e:41:8e:5b:b7:e0:f5:d8:61:cb:0a: ed:58:46:10:4c:ee:6f:03:41:10:71:11:9b:18:6f:78:31:9e: 4b:ce:89:45:44:c4:dc:f5:0e:bb:35:d1:f8:f2:69:02:38:a2: 57:21:b8:7f:41:25:ef:34:e1:84:70:97:ee:2b:c6:36:b2:1c: 51:83:68:a0:e2:ef:a2:f6:10:e0:64:53:e3:93:5d:2a:1c:d9: a9:c2:de:05:9d:bc:d8:cb:2d:97:7c:9c:be:94:d9:2e:91:82: a6:d0:09:b1:d1:61:7b:7e:f5:57:a4:a8:28:37:7c:87:d1:b8: c8:2a:f9:d0:ac:53:ab:46:af:af:2a:7b:bd:d2:05:99:63:57: 88:95:ab:66:46:2b:90:71:04:e4:8e:b9:d7:eb:89:61:40:bf: 62:77:90:27:98:c0:ce:66:9c:c2:bd:44:87:3e:18:f5:2b:f1: 28:21:26:85:b1:69:44:51:09:ce:83:66:86:2b:ac:0e:cc:1f: 2d:f7:6e:96:23:6b:95:61:11:5c:4c:4b:f3:f1:95:7f:6a:68: ef:bd:f6:67:a1:26:66:6f:65:7d:bc:69:8d:ca:bf:61:f6:29: ad:66:0e:f3:cc:74:21:f6:35:13:1e:00:ca:f4:37:b0:3f:f7: 90:66:2e:9a -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICBpYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjczMUUxMTAvBgNVBAUTKDkwNjAzRTM1NERCNTY4QjNDQTQyOTAwRTcwMzAxMUU3 OTY2Mjg5MkUwHhcNMjYwMzAyMDIwMzIwWhcNMjYwMzA5MDIwMzIwWjAYMRYwFAYD VQQDEw02OWE0ZWZlOS05ZDhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApicFUoqRap+JcbhhLZB9/zlfeOMYvn/WmyLrNu1N0IT2Gse6UOs5n3EmG54Z Zkw09jKkWaCZrLa9MoZYbT97BI1vtqG24RzkTgSODrfxPMcJ7nVxCRFv8n87ms83 Hr0gp+Kj07wFM+GTzNhXSLrvnZdhtfUez1ok0uS20f4AHwIOJfkOk9SVdnvxLWDd N6xfuOH07BCDD7a3XshRcI9T9u+7NgG9VBOnA/Qf6Z0kghqNrg6k/2bOoItta8TZ 4C/N5+P/eM7s4Urox/FKExJszR8/stHj8m1azBSybD+Icgv5hTLilcZzM356iHfZ jvMiBLvQV8huXLS3gyQrmovLBwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFPS15ZFi rwEaCIcPEZ+8KqfDoo70MB8GA1UdIwQYMBaAFJBgPjVNtWizykKQDnAwEeeWYoku MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNzMxRS9FQUExOUNCNEIy REMxMUVCODYyMUNCNTZDNEY5QUUwMi9rR0EtTlUyMWFMUEtRcEFPY0RBUjU1Wmlp UzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2tHQS1OVTIxYUxQS1FwQU9jREFSNTVaaWlTNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NzMxRS9FQUExOUNCNEIyREMxMUVCODYyMUNCNTZDNEY5QUUwMi9rR0EtTlUyMWFM UEtRcEFPY0RBUjU1WmlpUzQubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEACrOClGLVwD5Bjlu34PXYYcsK7VhGEEzubwNBEHERmxhveDGeS86JRUTE3PUO uzXR+PJpAjiiVyG4f0El7zThhHCX7ivGNrIcUYNooOLvovYQ4GRT45NdKhzZqcLe BZ282Mstl3ycvpTZLpGCptAJsdFhe371V6SoKDd8h9G4yCr50KxTq0avryp7vdIF mWNXiJWrZkYrkHEE5I651+uJYUC/YneQJ5jAzmacwr1Ehz4Y9SvxKCEmhbFpRFEJ zoNmhiusDswfLfduliNrlWERXExL8/GVf2po7732Z6EmZm9lfbxpjcq/YfYprWYO 88x0IfY1Ex4AyvQ3sD/3kGYumg== -----END CERTIFICATE-----Generated at Mon Mar 2 12:37:25 2026 by rpki-client