$ rpki-client -vvf rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft File: KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft (raw, json) Hash identifier: 0U2nEmIqvZAVHd0zDEblyLm0XHrfJtiEVh5e+h93JpU= Subject key identifier: 5A:25:A2:F3:B7:8C:B3:39:A7:E3:80:44:8D:8C:48:77:05:5C:43:1E Authority key identifier: 29:76:87:67:53:D6:55:62:A7:CA:85:E3:E9:E8:DF:75:07:97:C9:48 Certificate issuer: /CN=A914F521/serialNumber=2976876753D65562A7CA85E3E9E8DF750797C948 Certificate serial: 0E5C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft Manifest number: 0E3E Signing time: Sat 04 Apr 2026 17:40:48 +0000 Manifest this update: Sat 04 Apr 2026 17:40:48 +0000 Manifest next update: Sat 11 Apr 2026 17:40:48 +0000 Files and hashes: 1: KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl (hash: Vja1erT75gDpaumRKgkFz1zbPTjhrqFbMaAhz2P110o=) 2: 757320342E4011EEBC464879C4F9AE02.roa (hash: PNck+uUGNd+dXPiz0RHoIOTdAVNh1nYpLyv0JCvf9SY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 Apr 2026 17:40:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3676 (0xe5c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914F521, serialNumber=2976876753D65562A7CA85E3E9E8DF750797C948 Validity Not Before: Apr 4 17:40:48 2026 GMT Not After : Apr 11 17:40:48 2026 GMT Subject: CN=69d14d20-236b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:eb:74:11:15:fa:79:0a:0a:36:1a:7b:bb:0b: 90:a0:9a:e2:2f:8a:06:b7:ae:8d:c2:6b:5e:de:ba: da:82:4a:8d:c0:cf:80:ad:80:cc:63:f1:a0:4b:17: a9:29:01:67:26:52:ed:e6:93:b6:31:8b:f1:e1:6f: 0a:46:1f:6e:dd:1c:04:0c:b8:48:e4:5f:79:8c:f3: 5c:1d:b3:ec:82:50:b7:a0:61:d5:d8:05:1f:39:6c: 94:18:a5:ae:51:50:28:9f:e8:7d:42:25:c6:67:1c: 7c:ab:74:6d:aa:85:74:49:c7:4f:07:d4:c9:31:3d: 17:19:13:27:71:78:fc:c7:7a:b2:b8:77:ac:56:de: 16:f4:bd:6f:1c:e2:6c:e2:c5:3f:7c:1c:d4:1f:d3: ee:f1:ec:a5:3d:a4:02:13:09:eb:e4:dc:48:a1:23: 57:76:2d:e3:fd:82:e4:82:15:18:51:7c:b0:0e:c4: 60:9f:57:d5:ef:73:5e:2d:5c:0e:c0:73:ea:69:fb: 34:2e:8e:37:b2:48:46:3c:ba:d0:02:3f:e9:e5:f8: 4f:1c:05:09:c0:22:0d:00:2e:0b:07:60:67:50:e6: 41:e8:bf:4f:23:a8:75:3a:53:1a:3b:02:09:db:9f: 8a:45:f1:ac:63:38:d6:5e:dd:48:e1:20:d2:5b:74: 5a:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:25:A2:F3:B7:8C:B3:39:A7:E3:80:44:8D:8C:48:77:05:5C:43:1E X509v3 Authority Key Identifier: keyid:29:76:87:67:53:D6:55:62:A7:CA:85:E3:E9:E8:DF:75:07:97:C9:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 18:dc:1b:22:33:39:8e:47:12:eb:b3:6a:4f:73:54:7d:ce:38: 51:88:0b:f6:06:2b:5c:cb:20:66:b5:7a:29:bb:26:7b:f3:40: ee:ed:e2:3e:f7:d7:d3:31:80:55:04:0b:c7:c1:78:69:1a:6c: bc:0c:08:dd:96:9a:bd:d9:ec:90:7d:b9:29:06:58:57:4d:86: 78:3b:c3:78:f9:b7:19:18:74:20:49:75:b0:15:a1:de:25:02: 92:84:84:97:2b:46:d9:bf:67:3f:42:45:22:28:ce:c0:ef:b5: 2f:99:83:52:46:ed:b3:5b:4e:bf:16:16:94:49:40:00:e8:47: f1:b7:06:48:2d:c2:61:fa:ff:1e:52:ff:01:5d:c9:66:c2:48: 35:5c:5a:c5:75:c9:26:d2:29:ae:87:79:5d:19:d4:e0:f3:57: 08:54:70:b0:4d:c3:3c:40:c5:30:aa:53:8e:f5:e1:70:9c:6d: 14:f6:44:0a:49:71:ca:61:90:09:58:ac:18:29:1c:8e:5d:d0: 32:f9:a7:32:2b:a3:06:49:fd:80:8f:11:3d:c5:39:53:d1:40: 13:49:0d:00:00:5e:0d:5e:e9:d7:63:8a:df:12:61:6c:de:aa: ae:14:ca:a6:61:7c:08:75:6d:79:83:d5:29:d4:92:77:92:ae: d0:17:aa:e4 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICDlwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEY1MjExMTAvBgNVBAUTKDI5NzY4NzY3NTNENjU1NjJBN0NBODVFM0U5RThERjc1 MDc5N0M5NDgwHhcNMjYwNDA0MTc0MDQ4WhcNMjYwNDExMTc0MDQ4WjAYMRYwFAYD VQQDEw02OWQxNGQyMC0yMzZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoOt0ERX6eQoKNhp7uwuQoJriL4oGt66Nwmte3rragkqNwM+ArYDMY/GgSxep KQFnJlLt5pO2MYvx4W8KRh9u3RwEDLhI5F95jPNcHbPsglC3oGHV2AUfOWyUGKWu UVAon+h9QiXGZxx8q3RtqoV0ScdPB9TJMT0XGRMncXj8x3qyuHesVt4W9L1vHOJs 4sU/fBzUH9Pu8eylPaQCEwnr5NxIoSNXdi3j/YLkghUYUXywDsRgn1fV73NeLVwO wHPqafs0Lo43skhGPLrQAj/p5fhPHAUJwCINAC4LB2BnUOZB6L9PI6h1OlMaOwIJ 25+KRfGsYzjWXt1I4SDSW3Ra3wIDAQABo4ICczCCAm8wHQYDVR0OBBYEFFolovO3 jLM5p+OARI2MSHcFXEMeMB8GA1UdIwQYMBaAFCl2h2dT1lVip8qF4+no33UHl8lI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RjUyMS8yMTY1ODgyMEM2 N0UxMUU5QUYzQkE3NjVDNEY5QUUwMi9LWGFIWjFQV1ZXS255b1hqNmVqZmRRZVh5 VWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tYYUhaMVBXVldLbnlvWGo2ZWpmZFFlWHlVZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RjUyMS8yMTY1ODgyMEM2N0UxMUU5QUYzQkE3NjVDNEY5QUUwMi9LWGFIWjFQV1ZX S255b1hqNmVqZmRRZVh5VWcubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAGNwbIjM5jkcS67NqT3NUfc44UYgL9gYrXMsgZrV6Kbsme/NA7u3iPvfX0zGA VQQLx8F4aRpsvAwI3ZaavdnskH25KQZYV02GeDvDePm3GRh0IEl1sBWh3iUCkoSE lytG2b9nP0JFIijOwO+1L5mDUkbts1tOvxYWlElAAOhH8bcGSC3CYfr/HlL/AV3J ZsJINVxaxXXJJtIprod5XRnU4PNXCFRwsE3DPEDFMKpTjvXhcJxtFPZECklxymGQ CVisGCkcjl3QMvmnMiujBkn9gI8RPcU5U9FAE0kNAABeDV7p12OK3xJhbN6qrhTK pmF8CHVteYPVKdSSd5Ku0Beq5A== -----END CERTIFICATE-----Generated at Sun Apr 5 19:52:09 2026 by rpki-client