$ rpki-client -vvf rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.mft File: OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.mft (raw, json) Hash identifier: h1GBZFjpwEgmzXN+LQk9YXDdke+zl4GJxPBuLrLo5Cg= Subject key identifier: 15:97:AB:4E:F7:29:2A:A2:79:86:EC:C5:48:29:FD:59:B4:7F:E8:A8 Authority key identifier: 39:C4:39:67:57:00:87:F5:83:E4:25:A9:FE:9B:69:B9:50:6A:59:BD Certificate issuer: /CN=A9157D67/serialNumber=39C43967570087F583E425A9FE9B69B9506A59BD Certificate serial: 0C31 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.mft Manifest number: 0A52 Signing time: Thu 12 Mar 2026 21:09:52 +0000 Manifest this update: Thu 12 Mar 2026 21:09:52 +0000 Manifest next update: Thu 19 Mar 2026 21:09:52 +0000 Files and hashes: 1: OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.crl (hash: Usdy3efuYb5nJwqRheRQGc8my+PAziUAZtNzbe0A4C0=) 2: AB96EF3852CD11ECAB209C5FC4F9AE02.roa (hash: J0sAShMAS7TBXIrBTuQVLuuil+RzIlr22j/AeepAcBs=) 3: 263DB02C4BB611EE9B959267C4F9AE02.roa (hash: w6yzFziDeBAoUWZ59xaLHwBZh42R2pzo/qzXpmN8kyk=) 4: 72C9BE36950211EFAC892C5EC4F9AE02.roa (hash: ye8jq88ep0wSruy1WtzE0bv/JRbtY6NOkRlK24kmsxo=) 5: 3CE7D21201A311F1A14FC5D2686F56BC.roa (hash: o8Efs0Zmsyf+yPslQE6u+yFKAm4P6NONEQAjk5sGm4c=) 6: 93EE047E4BB511EE9309AA4EC4F9AE02.roa (hash: TZoK6id0rUzh56KPEUCZAm7vzhoQKcumpCyH1Z185+Y=) 7: B8D1EFFECFF111F085D0CF76C4F9AE02.roa (hash: HUQUUIa3JTbhzjl+kzm7+2BBxPdE0gxUwosqJf+QgLY=) 8: 61EE2500936E11F091943583C4F9AE02.roa (hash: p0HrH91aCXJWz63yD54KXGi7hPT9MY4uEV8GzZUdLH4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.crl rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 19 Mar 2026 21:09:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3121 (0xc31) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157D67, serialNumber=39C43967570087F583E425A9FE9B69B9506A59BD Validity Not Before: Mar 12 21:09:52 2026 GMT Not After : Mar 19 21:09:52 2026 GMT Subject: CN=69b32ba0-98bc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:5e:fe:0d:a8:84:10:fc:bd:1e:d0:97:1c:fa: 7f:f8:4d:2e:e0:58:dd:ef:d2:74:5a:a1:9f:eb:71: f0:d6:53:20:6c:75:1d:74:cd:07:19:24:96:f0:21: fc:ba:6c:ae:b1:94:82:19:15:f6:4e:62:ed:1f:4e: 32:00:bd:cd:71:a7:bd:17:f8:c7:6c:e6:99:c7:6c: 66:0a:06:95:d1:9f:f6:df:f8:3e:08:55:fb:c5:35: e9:08:6b:74:e9:6a:e2:92:1a:40:d6:53:17:f6:42: 99:35:57:3d:96:30:30:73:c2:ec:60:b4:e7:c7:bb: dc:91:5a:83:41:4b:a8:cc:a3:87:f3:7c:ab:4f:a9: 4c:ad:6f:b5:29:91:ab:08:a6:3a:71:1d:16:92:57: bc:aa:d7:c8:11:fe:59:59:be:7d:5b:7b:d2:c9:80: 66:80:78:48:b9:da:76:ac:66:16:4c:40:bb:b8:aa: 54:82:65:83:72:90:60:37:36:03:2d:b0:f1:96:73: 1d:1f:fb:ec:44:f5:f1:ce:b1:0e:b0:96:13:1f:64: c7:26:22:b6:38:a0:d1:2a:16:3e:12:4c:6a:d4:43: 52:68:96:c1:1f:04:f3:56:f8:d7:d1:f7:e2:9e:82: 7c:bc:9a:50:9b:70:54:83:2d:3d:e9:03:53:ef:bf: e3:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:97:AB:4E:F7:29:2A:A2:79:86:EC:C5:48:29:FD:59:B4:7F:E8:A8 X509v3 Authority Key Identifier: keyid:39:C4:39:67:57:00:87:F5:83:E4:25:A9:FE:9B:69:B9:50:6A:59:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a4:3f:10:da:72:a2:5c:24:76:62:2c:1c:c9:1a:10:34:d7:f9: 66:e0:47:6e:b3:f6:97:34:3e:e4:03:c0:39:dd:d9:d4:13:54: ea:cd:76:67:64:75:64:2b:65:0f:83:ad:c5:06:8c:68:97:3a: d6:77:5c:2a:e3:8f:18:cc:24:3d:e6:0f:34:f2:f4:47:b0:81: a9:b0:fa:17:67:2f:6a:5a:f9:83:8c:dc:a6:a4:b3:a7:75:f8: e0:c0:ba:25:d5:64:17:93:ab:3d:11:e0:45:05:93:78:df:79: b0:d7:75:8d:dc:22:53:4a:4a:44:23:5b:af:b7:7e:3b:13:9b: 3a:f5:51:3f:63:5e:46:7c:bb:08:08:95:25:f7:a4:da:58:52: f8:63:06:07:7f:ab:e2:0a:5d:e6:f7:54:43:aa:2b:fa:4c:9f: 1a:4b:b4:b8:78:ae:69:b4:7f:4c:09:cb:dc:dc:ff:b3:53:48: d0:1b:2e:b8:bf:1e:78:f7:40:e9:db:17:fa:1e:90:a4:76:6e: 40:ef:df:ad:6e:aa:40:98:cb:39:fa:11:57:a8:ab:2f:82:b2: e5:14:50:40:61:c1:25:3a:d6:4f:38:b0:78:be:5a:e0:62:5f: c1:01:b3:c8:71:e3:02:24:36:ed:a2:3e:8b:41:98:c5:0c:1e: 80:42:97:92 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICDDEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdENjcxMTAvBgNVBAUTKDM5QzQzOTY3NTcwMDg3RjU4M0U0MjVBOUZFOUI2OUI5 NTA2QTU5QkQwHhcNMjYwMzEyMjEwOTUyWhcNMjYwMzE5MjEwOTUyWjAYMRYwFAYD VQQDEw02OWIzMmJhMC05OGJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAil7+DaiEEPy9HtCXHPp/+E0u4Fjd79J0WqGf63Hw1lMgbHUddM0HGSSW8CH8 umyusZSCGRX2TmLtH04yAL3Ncae9F/jHbOaZx2xmCgaV0Z/23/g+CFX7xTXpCGt0 6WrikhpA1lMX9kKZNVc9ljAwc8LsYLTnx7vckVqDQUuozKOH83yrT6lMrW+1KZGr CKY6cR0Wkle8qtfIEf5ZWb59W3vSyYBmgHhIudp2rGYWTEC7uKpUgmWDcpBgNzYD LbDxlnMdH/vsRPXxzrEOsJYTH2THJiK2OKDRKhY+Ekxq1ENSaJbBHwTzVvjX0ffi noJ8vJpQm3BUgy096QNT77/jZQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFBWXq073 KSqieYbsxUgp/Vm0f+ioMB8GA1UdIwQYMBaAFDnEOWdXAIf1g+Qlqf6bablQalm9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0Q2Ny82OUU2QzE2QTQ0 MkExMUVCOTU5OUFEMzhDNEY5QUUwMi9PY1E1WjFjQWhfV0Q1Q1dwX3B0cHVWQnFX YjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09jUTVaMWNBaF9XRDVDV3BfcHRwdVZCcVdiMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 N0Q2Ny82OUU2QzE2QTQ0MkExMUVCOTU5OUFEMzhDNEY5QUUwMi9PY1E1WjFjQWhf V0Q1Q1dwX3B0cHVWQnFXYjAubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEApD8Q2nKiXCR2YiwcyRoQNNf5ZuBHbrP2lzQ+5APAOd3Z1BNU6s12Z2R1ZCtl D4OtxQaMaJc61ndcKuOPGMwkPeYPNPL0R7CBqbD6F2cvalr5g4zcpqSzp3X44MC6 JdVkF5OrPRHgRQWTeN95sNd1jdwiU0pKRCNbr7d+OxObOvVRP2NeRny7CAiVJfek 2lhS+GMGB3+r4gpd5vdUQ6or+kyfGku0uHiuabR/TAnL3Nz/s1NI0BsuuL8eePdA 6dsX+h6QpHZuQO/frW6qQJjLOfoRV6irL4Ky5RRQQGHBJTrWTziweL5a4GJfwQGz yHHjAiQ27aI+i0GYxQwegEKXkg== -----END CERTIFICATE-----Generated at Fri Mar 13 09:56:23 2026 by rpki-client