$ rpki-client -vvf rpki.apnic.net/member_repository/A91BBD7E/1AED09C40A8A11EE93E1A770C4F9AE02/ZT8sa3lWu2FFCbjxXB8dwzmCGL0.mft File: ZT8sa3lWu2FFCbjxXB8dwzmCGL0.mft (raw, json) Hash identifier: 9Qy+wliL/602cmXm6kPNMf6JHLm8VVRq78L4rrJcx+w= Subject key identifier: 6B:C6:E0:58:CC:FB:7A:0C:22:F4:26:51:B9:AE:86:54:8D:3C:DA:39 Authority key identifier: 65:3F:2C:6B:79:56:BB:61:45:09:B8:F1:5C:1F:1D:C3:39:82:18:BD Certificate issuer: /CN=A91BBD7E/serialNumber=653F2C6B7956BB614509B8F15C1F1DC3398218BD Certificate serial: 0224 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZT8sa3lWu2FFCbjxXB8dwzmCGL0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BBD7E/1AED09C40A8A11EE93E1A770C4F9AE02/ZT8sa3lWu2FFCbjxXB8dwzmCGL0.mft Manifest number: 0217 Signing time: Sun 05 Apr 2026 02:29:30 +0000 Manifest this update: Sun 05 Apr 2026 02:29:29 +0000 Manifest next update: Sun 12 Apr 2026 02:29:29 +0000 Files and hashes: 1: ZT8sa3lWu2FFCbjxXB8dwzmCGL0.crl (hash: IL2uP5EaRNNeA++dtGY8RzUl8U3stlVcVFp5zUb6xzA=) 2: 534DAC6AC0B811F099CB7061C4F9AE02.roa (hash: 9I7e8jbUM0QMEQjirieUi3zNB4x8nXGmvPV9S7Ro3FA=) 3: 13208484C09311F0A7D8232BC4F9AE02.roa (hash: zlr6UQBMUyvgAlC88jG9jHU5lVu59fheFcyUu65KIAo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BBD7E/1AED09C40A8A11EE93E1A770C4F9AE02/ZT8sa3lWu2FFCbjxXB8dwzmCGL0.crl rsync://rpki.apnic.net/member_repository/A91BBD7E/1AED09C40A8A11EE93E1A770C4F9AE02/ZT8sa3lWu2FFCbjxXB8dwzmCGL0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZT8sa3lWu2FFCbjxXB8dwzmCGL0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 Apr 2026 02:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 548 (0x224) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BBD7E, serialNumber=653F2C6B7956BB614509B8F15C1F1DC3398218BD Validity Not Before: Apr 5 02:29:29 2026 GMT Not After : Apr 12 02:29:29 2026 GMT Subject: CN=69d1c90a-d7e5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:65:ef:61:a8:9b:d2:08:70:db:62:83:3a:01: 65:73:99:a2:dc:55:4a:14:4a:32:68:a2:49:d5:e7: f2:f4:ed:05:22:7a:20:37:95:72:ed:86:de:82:8f: 3b:99:82:5c:33:e3:1a:01:3e:c8:13:94:dc:aa:fa: 7d:60:0e:fb:44:0c:67:60:43:e5:b3:67:8e:05:67: 93:d1:12:67:40:85:76:22:64:89:9b:24:a7:80:fc: c5:4e:a7:73:a0:47:39:db:00:2f:49:bf:58:db:aa: 76:c0:d4:88:27:6c:13:c7:e3:b7:d4:8d:4a:24:d2: eb:01:d0:f5:af:6b:d0:f9:11:c6:59:62:45:5e:7b: 7c:0e:0a:b8:45:fd:36:4c:cc:9e:82:56:46:03:8a: a7:d9:e3:92:81:71:25:f7:49:d1:fe:88:13:c4:5e: 9f:21:32:e0:d1:f1:a5:b0:52:b1:f4:ab:06:76:eb: 46:9f:b9:73:a4:80:6f:ef:07:b3:cf:60:59:2a:8b: bf:17:3b:4f:8e:16:b9:12:06:fb:d5:97:31:df:64: 20:03:34:40:ec:26:d5:20:e8:d9:62:7a:aa:df:ac: 7a:94:65:3b:86:79:8a:d4:63:40:40:2c:c3:a8:ef: e8:79:bb:a9:aa:cd:4f:1d:88:ae:16:6b:dc:95:78: b7:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:C6:E0:58:CC:FB:7A:0C:22:F4:26:51:B9:AE:86:54:8D:3C:DA:39 X509v3 Authority Key Identifier: keyid:65:3F:2C:6B:79:56:BB:61:45:09:B8:F1:5C:1F:1D:C3:39:82:18:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BBD7E/1AED09C40A8A11EE93E1A770C4F9AE02/ZT8sa3lWu2FFCbjxXB8dwzmCGL0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZT8sa3lWu2FFCbjxXB8dwzmCGL0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BBD7E/1AED09C40A8A11EE93E1A770C4F9AE02/ZT8sa3lWu2FFCbjxXB8dwzmCGL0.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c9:a4:f8:ef:4a:6f:95:23:2b:ca:01:57:21:8e:04:af:dd:a6: da:ad:1d:79:8b:1d:3d:e8:cf:32:ed:85:69:0c:f3:75:03:b3: bf:8d:9b:02:85:b3:cf:e2:48:31:3a:4d:7d:99:12:22:1d:8f: 4e:05:49:0a:51:64:d6:d6:41:6b:72:1c:c3:16:ae:6d:fa:88: 67:db:4c:bb:43:01:f8:97:85:39:ec:7d:60:1d:7b:7f:d6:2e: 0b:5f:8d:5e:ab:d0:5e:66:3c:d8:42:e2:f4:ae:15:18:9b:8d: 54:67:f6:97:9b:96:17:88:0d:6f:6a:e4:9e:82:a5:ed:f7:d0: e9:89:d6:b8:2b:3e:60:ee:94:3d:a7:ff:14:e1:dc:51:c2:03: 08:c9:76:ff:4f:fb:81:b6:87:3e:32:1f:b3:cb:3f:89:5f:91: 62:c9:fd:3c:64:7e:6a:3b:56:b9:06:db:7e:eb:01:5e:ba:eb: 68:f3:9f:c2:a0:1b:91:a3:e5:f7:a1:54:0b:e7:89:c9:2c:e7: 68:f8:09:87:d1:23:4b:5b:2c:42:5c:29:ff:88:64:ce:ac:b5: 80:4f:c2:27:00:e7:7c:0f:9e:75:98:80:f6:2a:b4:ce:e1:46: 1f:60:99:a1:7e:dd:59:04:a5:66:79:b8:55:ee:26:ef:dd:ee: f3:e5:5a:1c -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICAiQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkJEN0UxMTAvBgNVBAUTKDY1M0YyQzZCNzk1NkJCNjE0NTA5QjhGMTVDMUYxREMz Mzk4MjE4QkQwHhcNMjYwNDA1MDIyOTI5WhcNMjYwNDEyMDIyOTI5WjAYMRYwFAYD VQQDEw02OWQxYzkwYS1kN2U1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0WXvYaib0ghw22KDOgFlc5mi3FVKFEoyaKJJ1efy9O0FInogN5Vy7Ybego87 mYJcM+MaAT7IE5Tcqvp9YA77RAxnYEPls2eOBWeT0RJnQIV2ImSJmySngPzFTqdz oEc52wAvSb9Y26p2wNSIJ2wTx+O31I1KJNLrAdD1r2vQ+RHGWWJFXnt8Dgq4Rf02 TMyeglZGA4qn2eOSgXEl90nR/ogTxF6fITLg0fGlsFKx9KsGdutGn7lzpIBv7wez z2BZKou/FztPjha5Egb71Zcx32QgAzRA7CbVIOjZYnqq36x6lGU7hnmK1GNAQCzD qO/oebupqs1PHYiuFmvclXi3uQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFGvG4FjM +3oMIvQmUbmuhlSNPNo5MB8GA1UdIwQYMBaAFGU/LGt5VrthRQm48VwfHcM5ghi9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQkQ3RS8xQUVEMDlDNDBB OEExMUVFOTNFMUE3NzBDNEY5QUUwMi9aVDhzYTNsV3UyRkZDYmp4WEI4ZHd6bUNH TDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1pUOHNhM2xXdTJGRkNianhYQjhkd3ptQ0dMMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC QkQ3RS8xQUVEMDlDNDBBOEExMUVFOTNFMUE3NzBDNEY5QUUwMi9aVDhzYTNsV3Uy RkZDYmp4WEI4ZHd6bUNHTDAubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAyaT470pvlSMrygFXIY4Er92m2q0deYsdPejPMu2FaQzzdQOzv42bAoWzz+JI MTpNfZkSIh2PTgVJClFk1tZBa3IcwxaubfqIZ9tMu0MB+JeFOex9YB17f9YuC1+N XqvQXmY82ELi9K4VGJuNVGf2l5uWF4gNb2rknoKl7ffQ6YnWuCs+YO6UPaf/FOHc UcIDCMl2/0/7gbaHPjIfs8s/iV+RYsn9PGR+ajtWuQbbfusBXrrraPOfwqAbkaPl 96FUC+eJySznaPgJh9EjS1ssQlwp/4hkzqy1gE/CJwDnfA+edZiA9iq0zuFGH2CZ oX7dWQSlZnm4Ve4m793u8+VaHA== -----END CERTIFICATE-----Generated at Sun Apr 5 19:42:54 2026 by rpki-client