$ rpki-client -vvf rpki.apnic.net/member_repository/A91A5BCD/61D0C4867A3A11EABF8B5826C4F9AE02/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.mft File: hZ0YT0HDSJi3KYyZEHXMz1FnmvE.mft (raw, json) Hash identifier: 8G/6kW+hPCuUmfqK8ObmvUhUK8UkyTj5MuLWWc4O5XQ= Subject key identifier: A0:C6:9B:5C:B6:6D:16:E1:F6:2C:99:A7:27:D3:77:D3:0E:28:96:4E Authority key identifier: 85:9D:18:4F:41:C3:48:98:B7:29:8C:99:10:75:CC:CF:51:67:9A:F1 Certificate issuer: /CN=A91A5BCD/serialNumber=859D184F41C34898B7298C991075CCCF51679AF1 Certificate serial: 0AA0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A5BCD/61D0C4867A3A11EABF8B5826C4F9AE02/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.mft Manifest number: 0A8E Signing time: Sat 04 Apr 2026 19:21:44 +0000 Manifest this update: Sat 04 Apr 2026 19:21:43 +0000 Manifest next update: Sat 11 Apr 2026 19:21:43 +0000 Files and hashes: 1: hZ0YT0HDSJi3KYyZEHXMz1FnmvE.crl (hash: 7w4cna3cEH/TaVS+dlohevCogRkW4yEAJGZQ9xeBPkQ=) 2: 5A3B7CECDDBC11EC8378E737C4F9AE02.roa (hash: wS6WujKS1RlUSlM65oSTLz34uOnLb4N0Cqn3TGYDt4w=) 3: 92A9A67EB40211F09714C855C4F9AE02.roa (hash: 4hs5ZsgD34lurWWtqzwS5KhH9/xLR1O9eIzz8X0YnUU=) 4: 808D8B4AB40211F0AD5B7354C4F9AE02.roa (hash: tU35KeQjtZgc7V5YAzYuL51TG9tcBGSRzKoyTO6zrr8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A5BCD/61D0C4867A3A11EABF8B5826C4F9AE02/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.crl rsync://rpki.apnic.net/member_repository/A91A5BCD/61D0C4867A3A11EABF8B5826C4F9AE02/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 Apr 2026 19:21:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2720 (0xaa0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A5BCD, serialNumber=859D184F41C34898B7298C991075CCCF51679AF1 Validity Not Before: Apr 4 19:21:43 2026 GMT Not After : Apr 11 19:21:43 2026 GMT Subject: CN=69d164c7-d530 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:bd:43:67:87:0c:e7:ee:53:a0:c3:45:e2:e4: 9d:d6:49:08:8e:e0:0b:d0:6a:89:c3:9a:70:ea:1e: 03:83:44:1b:4a:9c:f0:56:81:e7:ce:6f:1a:ff:c3: be:4e:5c:1a:93:88:6d:18:5f:15:6b:f6:03:8d:a9: 47:76:bd:d7:98:3d:66:bc:57:7a:00:6f:71:f0:d9: d2:03:d7:ad:73:5d:62:b3:de:5a:ab:66:e8:76:77: 2b:70:66:7e:9c:89:a9:b4:9d:72:9c:4a:4c:3c:d8: 02:29:cd:e9:4e:4a:5b:bd:7f:91:fa:1a:cd:2d:9d: ce:86:1d:69:82:6f:c2:f3:8f:89:17:9b:6f:e4:5d: bd:59:42:cb:8d:7d:7f:0f:d9:2a:ee:07:1c:5a:93: 1f:d3:dc:74:af:a6:b7:6c:5e:3c:66:05:50:b6:16: 67:a4:c4:2a:f8:35:06:53:d4:cc:31:9b:4f:ad:98: 1b:6b:21:80:76:53:42:3f:98:e8:66:d0:8d:2e:3d: d6:b8:40:28:e6:b8:39:74:26:c2:06:7d:49:24:cd: e7:8e:b7:c7:2e:84:7c:c2:19:4b:ce:82:dd:12:fe: cf:a0:17:be:25:85:43:55:a1:00:94:bb:ab:65:5d: 24:2c:33:ea:3f:aa:b7:a7:39:09:7e:07:13:6f:5b: f8:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:C6:9B:5C:B6:6D:16:E1:F6:2C:99:A7:27:D3:77:D3:0E:28:96:4E X509v3 Authority Key Identifier: keyid:85:9D:18:4F:41:C3:48:98:B7:29:8C:99:10:75:CC:CF:51:67:9A:F1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A5BCD/61D0C4867A3A11EABF8B5826C4F9AE02/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A5BCD/61D0C4867A3A11EABF8B5826C4F9AE02/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 37:88:52:ed:10:d8:39:31:45:df:0d:4c:80:1b:ad:dc:34:16: 28:c6:40:c3:5b:f3:11:72:4e:7c:07:eb:a3:3f:76:a4:2f:28: e4:fd:47:40:d2:e6:12:fa:55:07:b9:e7:86:61:69:75:ea:e7: f7:4c:25:90:b7:fd:4d:54:ce:8e:5c:c3:bb:a0:98:08:d5:f1: 71:2a:35:a5:a2:35:09:4b:ea:53:cf:3d:75:d3:54:8f:61:79: c4:ed:d5:2c:4c:d7:8f:df:e2:40:b2:ab:73:26:f5:49:63:9b: ae:39:eb:e2:2a:69:49:b2:1a:5e:6b:d9:b4:0e:ff:e4:03:2c: 74:a4:92:40:62:d2:0f:5a:c0:e2:c8:aa:91:00:45:a6:b8:62: 23:db:5c:52:3b:ae:45:e3:d4:46:6a:ac:1c:f6:82:4e:aa:6d: 69:ef:ef:86:69:ac:25:e4:a0:74:11:53:36:21:9e:63:96:81: db:74:6a:18:a8:d1:fb:54:63:2e:54:05:86:b0:dc:61:57:bb: 23:c7:04:69:58:11:3c:75:77:a8:f6:46:05:80:32:94:23:43: 1c:d4:e8:4a:65:24:4a:fe:12:ec:1e:f5:3e:04:65:8e:84:9c: 46:ed:83:07:76:cd:cc:0a:69:ec:ae:26:5e:7a:6a:ec:f4:95: fb:b3:0a:03 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICCqAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTVCQ0QxMTAvBgNVBAUTKDg1OUQxODRGNDFDMzQ4OThCNzI5OEM5OTEwNzVDQ0NG NTE2NzlBRjEwHhcNMjYwNDA0MTkyMTQzWhcNMjYwNDExMTkyMTQzWjAYMRYwFAYD VQQDEw02OWQxNjRjNy1kNTMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv71DZ4cM5+5ToMNF4uSd1kkIjuAL0GqJw5pw6h4Dg0QbSpzwVoHnzm8a/8O+ Tlwak4htGF8Va/YDjalHdr3XmD1mvFd6AG9x8NnSA9etc11is95aq2bodncrcGZ+ nImptJ1ynEpMPNgCKc3pTkpbvX+R+hrNLZ3Ohh1pgm/C84+JF5tv5F29WULLjX1/ D9kq7gccWpMf09x0r6a3bF48ZgVQthZnpMQq+DUGU9TMMZtPrZgbayGAdlNCP5jo ZtCNLj3WuEAo5rg5dCbCBn1JJM3njrfHLoR8whlLzoLdEv7PoBe+JYVDVaEAlLur ZV0kLDPqP6q3pzkJfgcTb1v4FQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFKDGm1y2 bRbh9iyZpyfTd9MOKJZOMB8GA1UdIwQYMBaAFIWdGE9Bw0iYtymMmRB1zM9RZ5rx MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNUJDRC82MUQwQzQ4NjdB M0ExMUVBQkY4QjU4MjZDNEY5QUUwMi9oWjBZVDBIRFNKaTNLWXlaRUhYTXoxRm5t dkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2haMFlUMEhEU0ppM0tZeVpFSFhNejFGbm12RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NUJDRC82MUQwQzQ4NjdBM0ExMUVBQkY4QjU4MjZDNEY5QUUwMi9oWjBZVDBIRFNK aTNLWXlaRUhYTXoxRm5tdkUubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAN4hS7RDYOTFF3w1MgBut3DQWKMZAw1vzEXJOfAfroz92pC8o5P1HQNLmEvpV B7nnhmFpdern90wlkLf9TVTOjlzDu6CYCNXxcSo1paI1CUvqU889ddNUj2F5xO3V LEzXj9/iQLKrcyb1SWObrjnr4ippSbIaXmvZtA7/5AMsdKSSQGLSD1rA4siqkQBF prhiI9tcUjuuRePURmqsHPaCTqptae/vhmmsJeSgdBFTNiGeY5aB23RqGKjR+1Rj LlQFhrDcYVe7I8cEaVgRPHV3qPZGBYAylCNDHNToSmUkSv4S7B71PgRljoScRu2D B3bNzApp7K4mXnpq7PSV+7MKAw== -----END CERTIFICATE-----Generated at Mon Apr 6 12:47:53 2026 by rpki-client