$ rpki-client -vvf rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.mft File: OxaIpfe3JKr754IKLGPZey6o5SI.mft (raw, json) Hash identifier: +yRdKk64qSCWVQqRm26oih/yMapGmQq9YvjiUN7LRCM= Subject key identifier: AD:25:2A:45:AA:1C:B5:46:04:0F:8D:6C:0A:F7:41:BB:81:7F:5C:63 Authority key identifier: 3B:16:88:A5:F7:B7:24:AA:FB:E7:82:0A:2C:63:D9:7B:2E:A8:E5:22 Certificate issuer: /CN=A91772FA/serialNumber=3B1688A5F7B724AAFBE7820A2C63D97B2EA8E522 Certificate serial: 03C5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OxaIpfe3JKr754IKLGPZey6o5SI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.mft Manifest number: 03BB Signing time: Sun 05 Apr 2026 00:25:33 +0000 Manifest this update: Sun 05 Apr 2026 00:25:32 +0000 Manifest next update: Sun 12 Apr 2026 00:25:32 +0000 Files and hashes: 1: OxaIpfe3JKr754IKLGPZey6o5SI.crl (hash: lBJxTFbwf/l9dI4AsaxG9fWmHyEuKvWVughcxTPKtbo=) 2: 2D613294CD7611EC83259862C4F9AE02.roa (hash: 6eoyUSOvVZ6K062G+XqAjy4oqU5ot0onLxElkewTe48=) 3: EF8CB49CD78F11EC91680D49C4F9AE02.roa (hash: M2pvQ304fe+2dKpg+pZivkjVtCyNRoxTwvcWntgc488=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.crl rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OxaIpfe3JKr754IKLGPZey6o5SI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 Apr 2026 00:25:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 965 (0x3c5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91772FA, serialNumber=3B1688A5F7B724AAFBE7820A2C63D97B2EA8E522 Validity Not Before: Apr 5 00:25:32 2026 GMT Not After : Apr 12 00:25:32 2026 GMT Subject: CN=69d1abfd-05d7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f5:e1:5e:12:7d:7c:1d:74:f7:34:d7:37:9e:35: 6f:6a:b3:38:ca:de:cc:7b:8f:bf:8e:ec:c5:f7:d6: 89:c6:53:32:99:fc:fe:09:f8:f3:17:50:4f:ba:08: 2d:d1:77:35:82:7e:65:69:2e:8f:c3:27:15:d7:a7: 44:08:21:82:6a:b1:e8:2f:d0:04:2b:13:0a:b5:c2: 74:e9:ca:d5:e1:d9:74:0f:43:ab:4c:f9:c0:3c:99: 63:f2:43:d4:20:ab:14:0a:7f:1d:18:cd:2f:97:f2: bc:e2:88:89:fb:0f:aa:ef:17:42:73:e0:fe:51:87: f1:2c:db:e1:92:b0:a8:8c:da:96:54:1d:0c:6f:42: 62:3d:c3:20:72:10:22:31:56:0f:e8:b3:96:13:2b: c1:06:28:a5:ee:3b:eb:46:e4:02:dc:9b:5a:97:0f: b8:6e:e7:64:8f:49:4d:c7:b0:15:ec:84:ab:67:2d: ef:01:23:dd:4b:d2:b3:fe:14:17:ea:33:5d:99:82: f6:4b:ab:83:09:d1:f0:74:0a:e7:2a:ea:c7:f2:54: 26:ab:73:c1:b7:f8:50:a5:00:20:9d:69:0b:99:96: ec:f8:11:dc:30:9e:74:85:d2:cb:ec:c4:b4:21:6c: 4a:85:76:8d:f5:68:cc:96:0f:ab:c6:4f:ae:df:64: a2:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:25:2A:45:AA:1C:B5:46:04:0F:8D:6C:0A:F7:41:BB:81:7F:5C:63 X509v3 Authority Key Identifier: keyid:3B:16:88:A5:F7:B7:24:AA:FB:E7:82:0A:2C:63:D9:7B:2E:A8:E5:22 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OxaIpfe3JKr754IKLGPZey6o5SI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5f:90:a2:bf:f5:b4:80:4b:fd:e1:91:fb:39:3a:94:eb:8d:de: 87:1e:1f:4f:54:96:44:a7:d3:18:66:e5:74:a9:ca:74:f8:a7: cf:88:5a:32:2d:63:cf:90:70:7d:c3:cd:a4:1c:04:a4:3e:35: 71:e0:e8:fa:43:00:45:08:b4:7b:4d:1e:36:a6:9d:b0:a7:84: 56:53:96:82:9d:fd:c5:7b:a3:94:d6:6d:c9:28:a7:22:3a:af: 3d:e2:3d:55:9c:a6:46:ff:2c:6d:72:51:8f:03:0f:25:40:82: 60:ef:91:55:d3:aa:d3:33:b6:d0:7a:69:40:93:39:cd:45:60: 4e:f6:26:73:d4:da:2d:83:f5:06:82:6f:07:28:2c:63:db:c5: c9:00:7d:7a:6c:74:47:ee:bc:62:80:29:c5:e6:cc:52:5e:32: b6:03:e5:59:29:29:ac:ef:3a:28:1d:74:b5:99:51:5e:c7:1b: f8:d3:57:ec:bd:a9:f6:d8:63:8d:dd:d7:96:45:25:4b:17:f9: 5f:c1:1d:0c:b1:26:5d:aa:6c:bb:97:f2:1a:fd:01:f5:33:7e: 11:4a:18:46:d2:b9:81:96:35:a0:c6:58:d4:f4:82:77:6b:e4: e6:88:32:4e:c4:fa:86:fa:4f:59:fd:78:c7:48:76:be:0e:c3: aa:d3:34:50 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICA8UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzcyRkExMTAvBgNVBAUTKDNCMTY4OEE1RjdCNzI0QUFGQkU3ODIwQTJDNjNEOTdC MkVBOEU1MjIwHhcNMjYwNDA1MDAyNTMyWhcNMjYwNDEyMDAyNTMyWjAYMRYwFAYD VQQDEw02OWQxYWJmZC0wNWQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA9eFeEn18HXT3NNc3njVvarM4yt7Me4+/juzF99aJxlMymfz+CfjzF1BPuggt 0Xc1gn5laS6PwycV16dECCGCarHoL9AEKxMKtcJ06crV4dl0D0OrTPnAPJlj8kPU IKsUCn8dGM0vl/K84oiJ+w+q7xdCc+D+UYfxLNvhkrCojNqWVB0Mb0JiPcMgchAi MVYP6LOWEyvBBiil7jvrRuQC3Jtalw+4budkj0lNx7AV7ISrZy3vASPdS9Kz/hQX 6jNdmYL2S6uDCdHwdArnKurH8lQmq3PBt/hQpQAgnWkLmZbs+BHcMJ50hdLL7MS0 IWxKhXaN9WjMlg+rxk+u32SiOQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFK0lKkWq HLVGBA+NbAr3QbuBf1xjMB8GA1UdIwQYMBaAFDsWiKX3tySq++eCCixj2XsuqOUi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NzJGQS9ENzI0NDU2MkNE NzMxMUVDQTBBQTgwNjFDNEY5QUUwMi9PeGFJcGZlM0pLcjc1NElLTEdQWmV5Nm81 U0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL094YUlwZmUzSktyNzU0SUtMR1BaZXk2bzVTSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 NzJGQS9ENzI0NDU2MkNENzMxMUVDQTBBQTgwNjFDNEY5QUUwMi9PeGFJcGZlM0pL cjc1NElLTEdQWmV5Nm81U0kubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAX5Civ/W0gEv94ZH7OTqU643ehx4fT1SWRKfTGGbldKnKdPinz4haMi1jz5Bw fcPNpBwEpD41ceDo+kMARQi0e00eNqadsKeEVlOWgp39xXujlNZtySinIjqvPeI9 VZymRv8sbXJRjwMPJUCCYO+RVdOq0zO20HppQJM5zUVgTvYmc9TaLYP1BoJvBygs Y9vFyQB9emx0R+68YoApxebMUl4ytgPlWSkprO86KB10tZlRXscb+NNX7L2p9thj jd3XlkUlSxf5X8EdDLEmXapsu5fyGv0B9TN+EUoYRtK5gZY1oMZY1PSCd2vk5ogy TsT6hvpPWf14x0h2vg7DqtM0UA== -----END CERTIFICATE-----Generated at Sun Apr 5 19:53:10 2026 by rpki-client