$ rpki-client -vvf rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft File: KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft (raw, json) Hash identifier: G1WKWFAPTzqorqwjn9hcOWOMZdILe1VmxVYKnpXPc1U= Subject key identifier: 71:4C:BD:F6:0E:80:A3:80:E6:51:52:E4:00:28:8E:0F:3D:D3:6C:5B Authority key identifier: 28:E6:70:C2:E3:70:12:F0:5C:63:BB:56:6E:20:3C:51:DC:45:E2:B2 Certificate issuer: /CN=A91E868C/serialNumber=28E670C2E37012F05C63BB566E203C51DC45E2B2 Certificate serial: 0F63 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft Manifest number: 0EFF Signing time: Sat 04 Apr 2026 17:33:57 +0000 Manifest this update: Sat 04 Apr 2026 17:33:56 +0000 Manifest next update: Sat 11 Apr 2026 17:33:56 +0000 Files and hashes: 1: KOZwwuNwEvBcY7tWbiA8UdxF4rI.crl (hash: atvX498HzVe/BndvZhvtJJECEjs3mkJQSFyJatzCKws=) 2: 41A09C683D8211EEA0E4DD46C4F9AE02.roa (hash: yBAKdOeuYpOHwpfvu2EJBrKJc+IZbXKkxfMi4yfRU/Q=) 3: 5915642864AB11EEBFD54F2EC4F9AE02.roa (hash: rIqL842ksTXKO2fhExD42Yq0dnrl1cNwx4ESowKkH4A=) 4: 433917A83D8211EEA0E4DD46C4F9AE02.roa (hash: KOAlra/c7OfhaqRuBqqmBdCQXMOimlFzYXSJ4DGlkSM=) 5: DED77BB2FA2F11EF98728875C4F9AE02.roa (hash: g+9ZIN0bzKl4hPUjZROdg1CsqMAMZorZF/Wv0UBIawM=) 6: 10E905682CCE11F1BB1925E192833773.roa (hash: 6g6Ja4w+RYbHzuKLTfgElgeDFmZnmZ9tKzWcakJqqZs=) 7: 40BA3F5C3D8211EEA0E4DD46C4F9AE02.roa (hash: j5kN5uvsFGRLFFFzFP46xJ6l0wo2CCqq8dwowySMLUk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.crl rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 Apr 2026 17:33:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3939 (0xf63) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E868C, serialNumber=28E670C2E37012F05C63BB566E203C51DC45E2B2 Validity Not Before: Apr 4 17:33:56 2026 GMT Not After : Apr 11 17:33:56 2026 GMT Subject: CN=69d14b85-7841 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:5d:0b:4c:85:71:ff:37:7d:0b:6c:36:e5:95: 34:ed:65:98:88:a5:5d:fa:b2:37:95:a9:b0:b2:81: f4:ac:dc:42:57:c7:23:b8:94:42:63:76:09:33:1a: 65:37:35:5f:53:1b:b7:20:a4:c2:7d:07:b8:70:d2: dd:76:d5:68:18:1b:70:c9:1a:90:8a:4d:ce:cc:68: dd:4c:fe:ea:9e:55:47:35:6c:f9:e6:4b:13:2b:16: 43:1d:e8:29:9c:86:18:1f:ea:c0:c7:7f:67:6c:72: 35:98:46:16:76:49:f4:8e:bd:f6:04:b6:3e:87:ee: 6c:9c:d4:b6:4a:aa:cc:e8:98:03:3f:b3:75:f0:a8: 97:2a:0a:bd:44:b3:f1:9c:9d:c9:d3:f4:76:c1:3d: d3:4b:e3:e5:56:f8:dd:dc:df:87:ca:34:6d:b3:41: a8:a6:d4:5c:c1:60:17:7d:79:69:e4:b1:30:66:ed: a4:81:bc:18:53:db:93:d2:38:01:92:52:e2:cb:10: 26:85:2f:fd:e4:6a:cc:af:6b:e2:52:87:76:bd:72: 91:04:be:21:a7:e9:ae:c1:da:9b:e9:7b:c1:20:43: 84:e5:36:7c:18:bb:bf:30:ec:98:28:a4:59:cd:c6: 40:40:ad:e7:9f:93:23:03:4f:a0:35:e9:21:b0:28: 28:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:4C:BD:F6:0E:80:A3:80:E6:51:52:E4:00:28:8E:0F:3D:D3:6C:5B X509v3 Authority Key Identifier: keyid:28:E6:70:C2:E3:70:12:F0:5C:63:BB:56:6E:20:3C:51:DC:45:E2:B2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6c:fb:a4:38:be:ef:b9:4a:97:fc:59:a9:f9:62:11:a0:40:48: 47:97:b2:92:33:dd:00:60:9e:13:82:0c:02:21:6d:a8:2c:19: 11:bb:46:3f:ec:e5:fb:e2:27:e4:4d:ef:1c:d3:f1:4b:6d:1f: 20:06:61:a2:7c:56:60:2e:c8:f2:ab:82:b8:a8:ca:8f:c0:34: 5e:b6:3e:06:49:9f:3a:71:3a:23:fe:ae:08:49:d7:88:88:23: fc:e7:ac:65:7f:91:38:98:6a:f8:a3:2b:22:fc:02:d8:f3:db: d6:6c:c9:88:16:92:46:78:27:8f:35:0e:55:3c:a2:dc:ed:c7: 8d:ba:57:8e:1b:91:d5:22:2b:54:f4:c2:88:f6:ac:78:2b:99: f5:4d:91:8a:bb:ba:f8:61:de:2b:3f:62:a4:ea:37:72:e7:a4: de:51:28:1a:55:7c:5d:ed:56:43:63:ea:0f:af:a9:be:42:6d: e9:2b:1a:52:b3:7b:ab:dd:34:79:de:29:24:4e:0a:64:4b:ac: 64:ba:d9:22:45:3f:37:af:13:cc:59:c0:c9:03:08:14:5b:91: 1d:31:4c:88:29:44:92:87:0a:f3:62:1c:73:aa:3d:92:b6:f4: e9:a9:2b:5a:05:1b:f2:9d:e8:0e:4d:8b:f4:9a:f0:71:2b:2c: f9:7a:f5:61 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICD2MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTg2OEMxMTAvBgNVBAUTKDI4RTY3MEMyRTM3MDEyRjA1QzYzQkI1NjZFMjAzQzUx REM0NUUyQjIwHhcNMjYwNDA0MTczMzU2WhcNMjYwNDExMTczMzU2WjAYMRYwFAYD VQQDEw02OWQxNGI4NS03ODQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7V0LTIVx/zd9C2w25ZU07WWYiKVd+rI3lamwsoH0rNxCV8cjuJRCY3YJMxpl NzVfUxu3IKTCfQe4cNLddtVoGBtwyRqQik3OzGjdTP7qnlVHNWz55ksTKxZDHegp nIYYH+rAx39nbHI1mEYWdkn0jr32BLY+h+5snNS2SqrM6JgDP7N18KiXKgq9RLPx nJ3J0/R2wT3TS+PlVvjd3N+HyjRts0GoptRcwWAXfXlp5LEwZu2kgbwYU9uT0jgB klLiyxAmhS/95GrMr2viUod2vXKRBL4hp+muwdqb6XvBIEOE5TZ8GLu/MOyYKKRZ zcZAQK3nn5MjA0+gNekhsCgoGQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFHFMvfYO gKOA5lFS5AAojg8902xbMB8GA1UdIwQYMBaAFCjmcMLjcBLwXGO7Vm4gPFHcReKy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFODY4Qy8zRkI5MzM2OEE5 REIxMUU5ODQyODUyODZDNEY5QUUwMi9LT1p3d3VOd0V2QmNZN3RXYmlBOFVkeEY0 ckkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tPWnd3dU53RXZCY1k3dFdiaUE4VWR4RjRySS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF ODY4Qy8zRkI5MzM2OEE5REIxMUU5ODQyODUyODZDNEY5QUUwMi9LT1p3d3VOd0V2 QmNZN3RXYmlBOFVkeEY0ckkubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAbPukOL7vuUqX/Fmp+WIRoEBIR5eykjPdAGCeE4IMAiFtqCwZEbtGP+zl++In 5E3vHNPxS20fIAZhonxWYC7I8quCuKjKj8A0XrY+BkmfOnE6I/6uCEnXiIgj/Oes ZX+ROJhq+KMrIvwC2PPb1mzJiBaSRngnjzUOVTyi3O3HjbpXjhuR1SIrVPTCiPas eCuZ9U2Riru6+GHeKz9ipOo3cuek3lEoGlV8Xe1WQ2PqD6+pvkJt6SsaUrN7q900 ed4pJE4KZEusZLrZIkU/N68TzFnAyQMIFFuRHTFMiClEkocK82Icc6o9krb06akr WgUb8p3oDk2L9JrwcSss+Xr1YQ== -----END CERTIFICATE-----Generated at Sun Apr 5 19:59:35 2026 by rpki-client