$ rpki-client -vvf rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.mft File: FION2NTh_gMXFCZnF24W4KW2hlE.mft (raw, json) Hash identifier: C1teIDohJ40Oe2x7B9M2MV8u6jlISFMhiP3yrmQyIUc= Subject key identifier: 22:DE:EC:4A:C1:FB:B7:4F:AA:A4:37:C4:76:40:A2:07:94:2A:AD:84 Authority key identifier: 14:83:8D:D8:D4:E1:FE:03:17:14:26:67:17:6E:16:E0:A5:B6:86:51 Certificate issuer: /CN=A91991D9/serialNumber=14838DD8D4E1FE0317142667176E16E0A5B68651 Certificate serial: 0E8B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FION2NTh_gMXFCZnF24W4KW2hlE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.mft Manifest number: 0E81 Signing time: Sat 04 Apr 2026 17:37:20 +0000 Manifest this update: Sat 04 Apr 2026 17:37:19 +0000 Manifest next update: Sat 11 Apr 2026 17:37:19 +0000 Files and hashes: 1: FION2NTh_gMXFCZnF24W4KW2hlE.crl (hash: m6SDBAsM7QNz3Z85fkap8SsYi8Rqt7Jb5iGZp3ByO6E=) 2: 14E68648B42D11E9A44FF25BC4F9AE02.roa (hash: k8KPSV6AIo1KPs7202z0z5rLKfEOuxcDMiUELQD0ouE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.crl rsync://rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FION2NTh_gMXFCZnF24W4KW2hlE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 Apr 2026 17:37:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3723 (0xe8b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91991D9, serialNumber=14838DD8D4E1FE0317142667176E16E0A5B68651 Validity Not Before: Apr 4 17:37:19 2026 GMT Not After : Apr 11 17:37:19 2026 GMT Subject: CN=69d14c50-7af3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:1f:90:05:bd:19:12:8c:62:c7:8f:de:17:3b: 8e:e6:d3:66:3e:23:f2:cb:4f:48:66:d7:da:fd:18: ab:bb:2a:24:cd:4e:2b:25:1d:23:13:6b:50:93:b5: 22:ca:08:0e:43:65:bd:f1:9e:99:ad:fb:f2:14:08: 80:81:11:a2:0b:f1:51:4a:76:3d:a2:98:d8:07:42: 23:16:33:09:0e:78:61:c0:2d:36:c7:4f:f9:e1:61: 0d:3f:f9:6c:e3:13:fb:f4:5c:2a:a3:38:dc:d5:b9: d0:31:b7:db:98:9e:24:db:c4:0c:0a:14:8e:8c:3a: 17:cd:36:6e:0c:74:26:01:e0:4f:cf:c9:2c:c2:3b: 1c:2c:ab:e7:88:2f:a2:00:86:31:d6:1d:52:c7:4a: 4c:5a:4d:fd:52:31:75:f1:14:87:ff:3d:d9:19:30: 57:f2:15:b6:d1:00:95:a8:30:99:b6:55:de:49:19: bb:89:2c:19:82:ae:38:fb:49:19:c1:ba:52:2d:31: c3:d9:a3:f2:a4:36:6a:eb:8e:83:ec:3f:a5:16:d2: 71:f0:95:05:23:6d:39:4e:00:70:75:42:2f:15:ea: b0:50:10:37:25:4d:5b:17:4a:a2:39:75:1c:26:7e: 48:54:67:bb:6b:d6:ec:21:d0:cf:8b:6d:2c:ad:09: 82:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:DE:EC:4A:C1:FB:B7:4F:AA:A4:37:C4:76:40:A2:07:94:2A:AD:84 X509v3 Authority Key Identifier: keyid:14:83:8D:D8:D4:E1:FE:03:17:14:26:67:17:6E:16:E0:A5:B6:86:51 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FION2NTh_gMXFCZnF24W4KW2hlE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b6:1f:d3:26:d1:01:f1:9a:f3:b7:88:50:56:9d:82:93:ec:8f: 5f:67:68:59:6c:8c:11:f4:3b:1c:53:52:d9:90:77:32:6d:b3: e7:34:87:fb:a5:cf:bd:21:55:68:8c:4d:0e:a7:42:cd:d5:77: 12:e8:8a:f1:0e:f4:2c:85:30:06:dc:fd:64:77:3e:f6:07:37: 7f:07:63:d2:b9:d2:ca:3b:84:26:a3:61:a4:32:b1:cc:f0:0c: b8:dd:b6:5f:19:2a:a4:35:4f:79:7c:52:b7:99:e5:11:76:3e: cc:1a:5e:d8:38:cc:78:9c:6c:ad:c9:22:03:9c:8b:16:e4:2e: 05:a6:67:11:ae:18:65:da:b2:dc:e0:24:3f:5e:e6:ab:62:bd: 5e:cb:2d:c5:22:41:a7:bf:4f:cc:ad:b3:50:41:38:71:ca:0d: f3:73:87:a4:79:e0:e3:66:f1:0f:ca:7d:7f:bf:e0:5b:b1:00: 78:43:15:6c:0b:90:7b:ea:b0:ee:c5:1c:82:6e:70:38:c3:1f: f2:32:62:6c:e8:12:79:e5:98:10:84:7a:c3:36:bd:f8:f9:01: ad:a2:fd:ee:81:65:3a:62:bd:0b:16:b0:52:36:43:ae:39:bf: 83:6f:17:a4:0d:98:3b:24:70:a6:b0:19:6e:0a:f9:42:1d:f8: 01:58:34:96 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICDoswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTkxRDkxMTAvBgNVBAUTKDE0ODM4REQ4RDRFMUZFMDMxNzE0MjY2NzE3NkUxNkUw QTVCNjg2NTEwHhcNMjYwNDA0MTczNzE5WhcNMjYwNDExMTczNzE5WjAYMRYwFAYD VQQDEw02OWQxNGM1MC03YWYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxh+QBb0ZEoxix4/eFzuO5tNmPiPyy09IZtfa/RiruyokzU4rJR0jE2tQk7Ui yggOQ2W98Z6ZrfvyFAiAgRGiC/FRSnY9opjYB0IjFjMJDnhhwC02x0/54WENP/ls 4xP79Fwqozjc1bnQMbfbmJ4k28QMChSOjDoXzTZuDHQmAeBPz8kswjscLKvniC+i AIYx1h1Sx0pMWk39UjF18RSH/z3ZGTBX8hW20QCVqDCZtlXeSRm7iSwZgq44+0kZ wbpSLTHD2aPypDZq646D7D+lFtJx8JUFI205TgBwdUIvFeqwUBA3JU1bF0qiOXUc Jn5IVGe7a9bsIdDPi20srQmCVQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFCLe7ErB +7dPqqQ3xHZAogeUKq2EMB8GA1UdIwQYMBaAFBSDjdjU4f4DFxQmZxduFuCltoZR MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5OTFEOS8xQzNERDk2NkI0 MjYxMUU5OERFMDg4NEFDNEY5QUUwMi9GSU9OMk5UaF9nTVhGQ1puRjI0VzRLVzJo bEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZJT04yTlRoX2dNWEZDWm5GMjRXNEtXMmhsRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 OTFEOS8xQzNERDk2NkI0MjYxMUU5OERFMDg4NEFDNEY5QUUwMi9GSU9OMk5UaF9n TVhGQ1puRjI0VzRLVzJobEUubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAth/TJtEB8Zrzt4hQVp2Ck+yPX2doWWyMEfQ7HFNS2ZB3Mm2z5zSH+6XPvSFV aIxNDqdCzdV3EuiK8Q70LIUwBtz9ZHc+9gc3fwdj0rnSyjuEJqNhpDKxzPAMuN22 XxkqpDVPeXxSt5nlEXY+zBpe2DjMeJxsrckiA5yLFuQuBaZnEa4YZdqy3OAkP17m q2K9XsstxSJBp79PzK2zUEE4ccoN83OHpHng42bxD8p9f7/gW7EAeEMVbAuQe+qw 7sUcgm5wOMMf8jJibOgSeeWYEIR6wza9+PkBraL97oFlOmK9CxawUjZDrjm/g28X pA2YOyRwprAZbgr5Qh34AVg0lg== -----END CERTIFICATE-----Generated at Sun Apr 5 19:44:09 2026 by rpki-client