$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft File: He4XpqM4DuSI7ztuISW4eOZAckg.mft (raw, json) Hash identifier: fFQgsYxE2dbw3Z4Ly3NOjbeuKUyRWkvo/zYnKBZw204= Subject key identifier: BC:44:D4:7E:2F:12:86:52:FB:76:8D:CA:77:88:1B:E1:B3:AD:B8:80 Authority key identifier: 1D:EE:17:A6:A3:38:0E:E4:88:EF:3B:6E:21:25:B8:78:E6:40:72:48 Certificate issuer: /CN=A91E8D22/serialNumber=1DEE17A6A3380EE488EF3B6E2125B878E6407248 Certificate serial: 0220 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He4XpqM4DuSI7ztuISW4eOZAckg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft Manifest number: 0219 Signing time: Sun 05 Apr 2026 02:24:21 +0000 Manifest this update: Sun 05 Apr 2026 02:24:20 +0000 Manifest next update: Sun 12 Apr 2026 02:24:20 +0000 Files and hashes: 1: He4XpqM4DuSI7ztuISW4eOZAckg.crl (hash: XPjYBAnlmUXNQFfm+3lar/p5b1SWF5vlMxUQ39HeaDs=) 2: 805A2E74660311EF90397033C4F9AE02.roa (hash: Ykeor4N3ZYktqSK8h8Jvl4N7MDTvjXzy1VXLxOwBc0I=) 3: 8405155C69EB11EF933A993CC4F9AE02.roa (hash: YKEugdm9rsY01M6dP0ApaIk6is8Gv0r2VHVKzoTHctg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.crl rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He4XpqM4DuSI7ztuISW4eOZAckg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 Apr 2026 02:24:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 544 (0x220) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E8D22, serialNumber=1DEE17A6A3380EE488EF3B6E2125B878E6407248 Validity Not Before: Apr 5 02:24:20 2026 GMT Not After : Apr 12 02:24:20 2026 GMT Subject: CN=69d1c7d5-ec46 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:22:4f:6f:ab:80:b7:2b:57:cc:c4:a9:83:00: 4e:f2:b8:7b:2e:39:43:8b:f6:f5:71:74:54:69:5d: 62:76:e9:8d:bf:27:bb:fa:8c:e5:6a:dd:75:d2:2d: 07:68:9f:b9:8e:f8:f1:7a:60:58:84:03:57:53:1d: e7:cf:3e:a7:95:f5:16:b8:7c:99:ae:38:4c:7c:a6: e0:a7:e6:0e:ad:55:8a:c7:d2:77:26:2b:9a:fc:19: 8f:eb:7a:b9:55:b6:72:12:8b:7f:07:b9:da:f7:fd: 20:4e:29:7c:ef:45:70:83:2e:e9:87:ea:f0:26:91: 86:56:a1:6e:87:c5:a3:74:c8:0a:98:91:2c:1b:9a: 9e:cc:cd:b0:4e:33:48:72:c9:ac:72:ad:b7:d1:b3: 1b:42:4d:ce:f7:2e:d2:00:f8:74:98:f7:ae:2c:1d: 6a:ef:85:cc:c3:5b:fa:77:85:0b:c3:e9:2f:ce:01: f6:3b:43:b7:2e:a2:70:ad:88:4a:80:27:d3:b3:99: e8:88:92:15:bd:db:1b:89:07:4c:a6:d7:ec:1b:63: 56:1d:03:90:07:fb:e8:5e:ce:15:9b:b2:82:fb:9a: ba:a3:d2:af:18:c2:92:6a:b1:6d:8a:09:25:45:e9: 34:40:94:ff:17:52:84:da:01:e6:95:ef:66:24:8d: 53:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:44:D4:7E:2F:12:86:52:FB:76:8D:CA:77:88:1B:E1:B3:AD:B8:80 X509v3 Authority Key Identifier: keyid:1D:EE:17:A6:A3:38:0E:E4:88:EF:3B:6E:21:25:B8:78:E6:40:72:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He4XpqM4DuSI7ztuISW4eOZAckg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2c:e8:4f:ae:68:b9:23:1b:a1:71:fe:eb:b3:8d:f4:22:71:f4: 90:39:34:39:25:6f:13:43:2a:54:5a:24:fc:78:a9:45:00:ca: 8a:4f:bd:74:de:24:e1:17:6f:9a:3e:03:c3:7d:97:68:d7:8c: 37:63:4e:8e:23:37:46:47:b7:85:1c:53:97:25:5d:0a:65:b4: fb:e4:5d:b5:68:96:3e:25:b9:f5:fe:35:00:42:19:4e:3d:1b: b9:50:82:93:72:13:75:3f:7b:15:e1:08:fe:a5:0d:97:83:47: fe:3b:1c:2f:e7:4c:2b:75:24:5d:28:19:b0:92:bc:ef:d2:14: 09:9a:29:36:5d:04:73:9a:36:37:1f:b6:3d:e5:62:90:95:81: ba:6e:81:de:81:0c:0f:49:c5:a7:fc:21:e6:b0:b9:a5:5d:05: c3:59:1f:3e:78:7e:47:e3:fe:99:7f:99:46:bd:3d:cf:65:d2: 8c:79:51:fe:ce:61:45:9b:19:ec:1a:02:80:71:25:a3:c0:35: f0:7e:ca:0b:a9:a1:1b:96:49:2d:72:4b:fe:fa:12:3d:5b:58: a3:00:52:39:78:eb:e1:d5:b6:c3:e2:3f:89:c3:fe:5f:0c:aa: b6:69:ac:ed:bc:b5:61:88:77:99:e8:41:58:ad:2a:db:7e:dd: cc:fb:41:2a -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICAiAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RThEMjIxMTAvBgNVBAUTKDFERUUxN0E2QTMzODBFRTQ4OEVGM0I2RTIxMjVCODc4 RTY0MDcyNDgwHhcNMjYwNDA1MDIyNDIwWhcNMjYwNDEyMDIyNDIwWjAYMRYwFAYD VQQDEw02OWQxYzdkNS1lYzQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAriJPb6uAtytXzMSpgwBO8rh7LjlDi/b1cXRUaV1idumNvye7+ozlat110i0H aJ+5jvjxemBYhANXUx3nzz6nlfUWuHyZrjhMfKbgp+YOrVWKx9J3Jiua/BmP63q5 VbZyEot/B7na9/0gTil870Vwgy7ph+rwJpGGVqFuh8WjdMgKmJEsG5qezM2wTjNI csmscq230bMbQk3O9y7SAPh0mPeuLB1q74XMw1v6d4ULw+kvzgH2O0O3LqJwrYhK gCfTs5noiJIVvdsbiQdMptfsG2NWHQOQB/voXs4Vm7KC+5q6o9KvGMKSarFtigkl Rek0QJT/F1KE2gHmle9mJI1TdQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFLxE1H4v EoZS+3aNyneIG+GzrbiAMB8GA1UdIwQYMBaAFB3uF6ajOA7kiO87biEluHjmQHJI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEQyMi8zRjdENjhBOEZE RTUxMUVEODc4NDE3NzBDNEY5QUUwMi9IZTRYcHFNNER1U0k3enR1SVNXNGVPWkFj a2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hlNFhwcU00RHVTSTd6dHVJU1c0ZU9aQWNrZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF OEQyMi8zRjdENjhBOEZERTUxMUVEODc4NDE3NzBDNEY5QUUwMi9IZTRYcHFNNER1 U0k3enR1SVNXNGVPWkFja2cubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEALOhPrmi5Ixuhcf7rs430InH0kDk0OSVvE0MqVFok/HipRQDKik+9dN4k4Rdv mj4Dw32XaNeMN2NOjiM3Rke3hRxTlyVdCmW0++RdtWiWPiW59f41AEIZTj0buVCC k3ITdT97FeEI/qUNl4NH/jscL+dMK3UkXSgZsJK879IUCZopNl0Ec5o2Nx+2PeVi kJWBum6B3oEMD0nFp/wh5rC5pV0Fw1kfPnh+R+P+mX+ZRr09z2XSjHlR/s5hRZsZ 7BoCgHElo8A18H7KC6mhG5ZJLXJL/voSPVtYowBSOXjr4dW2w+I/icP+Xwyqtmms 7by1YYh3mehBWK0q237dzPtBKg== -----END CERTIFICATE-----Generated at Sun Apr 5 22:24:50 2026 by rpki-client