$ rpki-client -vvf rpki.apnic.net/member_repository/A9161F3E/339EDE6810E411F0B75B8166C4F9AE02/nOkX3Drgxboud8t3WjrZnGhcQGs.mft File: nOkX3Drgxboud8t3WjrZnGhcQGs.mft (raw, json) Hash identifier: f8U3JvnlGNJikL4/u2YYa45kO0h4ALOTLLDzSZDwCZo= Subject key identifier: E8:89:59:F9:AD:80:94:85:E5:53:B7:37:15:56:1C:C5:4E:16:04:D6 Authority key identifier: 9C:E9:17:DC:3A:E0:C5:BA:2E:77:CB:77:5A:3A:D9:9C:68:5C:40:6B Certificate issuer: /CN=A9161F3E/serialNumber=9CE917DC3AE0C5BA2E77CB775A3AD99C685C406B Certificate serial: DB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nOkX3Drgxboud8t3WjrZnGhcQGs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9161F3E/339EDE6810E411F0B75B8166C4F9AE02/nOkX3Drgxboud8t3WjrZnGhcQGs.mft Manifest number: D5 Signing time: Thu 21 May 2026 06:47:59 +0000 Manifest this update: Thu 21 May 2026 06:47:58 +0000 Manifest next update: Thu 28 May 2026 06:47:58 +0000 Files and hashes: 1: nOkX3Drgxboud8t3WjrZnGhcQGs.crl (hash: PLhqGYZFgTVagpxXyodBYRRnU7FXwfMS/WrBUkqQ8NM=) 2: 49DEAEDC12A711F099020A73C4F9AE02.roa (hash: 73STUG9MRsTj+UMDTuA4X0z5fGUTYqhKS5W5S7xFgxs=) 3: 4A3C802012A711F099020A73C4F9AE02.roa (hash: iEuV0+5znqF8f5T5Ps6WIUoKRiKa2jw2dHDVVLuYtWU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9161F3E/339EDE6810E411F0B75B8166C4F9AE02/nOkX3Drgxboud8t3WjrZnGhcQGs.crl rsync://rpki.apnic.net/member_repository/A9161F3E/339EDE6810E411F0B75B8166C4F9AE02/nOkX3Drgxboud8t3WjrZnGhcQGs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nOkX3Drgxboud8t3WjrZnGhcQGs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 May 2026 06:47:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 219 (0xdb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9161F3E, serialNumber=9CE917DC3AE0C5BA2E77CB775A3AD99C685C406B Validity Not Before: May 21 06:47:58 2026 GMT Not After : May 28 06:47:58 2026 GMT Subject: CN=6a0eaa9e-d823 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:ce:f0:1e:bf:cc:c5:47:55:ec:e7:ab:34:e6: 1b:d8:08:bd:40:b7:68:08:4a:16:24:4a:e4:4c:da: 1d:d2:1b:48:36:08:01:74:fa:43:ac:a1:c7:02:63: 7e:bc:65:44:cb:00:60:d8:fb:aa:25:d1:a4:87:90: ee:53:3a:09:b4:d9:ca:06:c5:c2:0e:45:a3:d8:e9: 92:99:dd:33:c2:97:2b:4b:6a:f9:2a:c7:9f:9a:4d: 70:6a:a9:5b:a7:9f:a0:3f:7d:e1:e6:2a:ea:17:21: 8c:75:2c:a0:4b:99:28:fc:6a:8d:59:de:b8:c0:f8: 98:31:99:a0:66:ed:54:19:00:2a:77:1f:7b:6a:ca: 45:da:7f:26:c6:57:86:92:9b:63:3d:48:8c:5f:7c: 9a:3a:14:10:4a:c0:fb:54:ef:68:82:53:8a:1d:db: b2:45:12:6f:d7:fd:0e:b7:4a:db:c9:47:c3:ec:3e: 1f:a6:8e:36:c5:5c:eb:f5:4b:86:d1:35:91:b9:48: 84:d2:ab:23:fe:db:aa:97:71:24:36:29:e5:e7:74: 2f:72:6a:64:ef:c5:0b:9e:39:33:de:e2:96:1d:0e: 82:7d:11:f2:d2:4a:7c:f1:91:9e:ce:20:39:a2:71: a2:1f:17:ea:60:bd:fb:08:85:68:f4:66:a4:db:e1: d3:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:89:59:F9:AD:80:94:85:E5:53:B7:37:15:56:1C:C5:4E:16:04:D6 X509v3 Authority Key Identifier: keyid:9C:E9:17:DC:3A:E0:C5:BA:2E:77:CB:77:5A:3A:D9:9C:68:5C:40:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9161F3E/339EDE6810E411F0B75B8166C4F9AE02/nOkX3Drgxboud8t3WjrZnGhcQGs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nOkX3Drgxboud8t3WjrZnGhcQGs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9161F3E/339EDE6810E411F0B75B8166C4F9AE02/nOkX3Drgxboud8t3WjrZnGhcQGs.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 60:d7:95:43:76:e7:2d:be:a9:fb:2f:da:66:f2:2c:50:b5:24: 94:74:5b:05:a6:85:84:69:16:3a:13:6a:45:7e:59:db:c1:84: 5c:e4:95:c5:46:de:dc:3d:b2:99:ba:d2:39:51:ed:21:f6:a0: 37:df:c8:12:dd:71:c2:6e:9a:2e:1a:77:33:d6:84:11:dd:a4: 9c:76:c6:7f:b5:d0:84:f3:5d:01:9f:6c:fe:67:5b:46:bf:78: 10:c0:5d:ac:8b:5c:e6:aa:62:5e:f0:c5:c6:06:97:fa:dc:d6: 5e:e8:4d:dd:6d:1b:ee:21:37:5b:8f:29:7f:78:04:2a:fb:36: 7d:07:d7:d5:a9:5a:ce:0b:b1:b5:87:8a:fa:e1:4d:32:62:de: d5:05:98:8f:a5:5b:7a:a3:7f:dc:28:03:73:2e:33:6e:e5:d9: 10:9d:78:95:4e:02:b4:4d:f3:2e:65:82:56:ac:a8:7f:3b:db: ba:bf:38:a7:24:f0:95:ce:95:2d:31:7f:05:fc:67:f8:1e:e5: 9d:42:d7:c1:95:c1:c1:1e:f4:6f:a7:c3:26:05:58:48:d7:7e: 12:bc:82:be:93:60:5e:24:c0:c9:ae:2c:5c:a8:85:1e:6b:97: 79:02:28:a5:6f:9a:54:e2:88:c1:58:cf:e7:d0:19:a4:15:12: 2e:28:3a:d1 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICANswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjFGM0UxMTAvBgNVBAUTKDlDRTkxN0RDM0FFMEM1QkEyRTc3Q0I3NzVBM0FEOTlD Njg1QzQwNkIwHhcNMjYwNTIxMDY0NzU4WhcNMjYwNTI4MDY0NzU4WjAYMRYwFAYD VQQDEw02YTBlYWE5ZS1kODIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt87wHr/MxUdV7OerNOYb2Ai9QLdoCEoWJErkTNod0htINggBdPpDrKHHAmN+ vGVEywBg2PuqJdGkh5DuUzoJtNnKBsXCDkWj2OmSmd0zwpcrS2r5Ksefmk1waqlb p5+gP33h5irqFyGMdSygS5ko/GqNWd64wPiYMZmgZu1UGQAqdx97aspF2n8mxleG kptjPUiMX3yaOhQQSsD7VO9oglOKHduyRRJv1/0Ot0rbyUfD7D4fpo42xVzr9UuG 0TWRuUiE0qsj/tuql3EkNinl53Qvcmpk78ULnjkz3uKWHQ6CfRHy0kp88ZGeziA5 onGiHxfqYL37CIVo9Gak2+HTqwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFOiJWfmt gJSF5VO3NxVWHMVOFgTWMB8GA1UdIwQYMBaAFJzpF9w64MW6LnfLd1o62ZxoXEBr MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MUYzRS8zMzlFREU2ODEw RTQxMUYwQjc1QjgxNjZDNEY5QUUwMi9uT2tYM0RyZ3hib3VkOHQzV2pyWm5HaGNR R3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL25Pa1gzRHJneGJvdWQ4dDNXanJabkdoY1FHcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 MUYzRS8zMzlFREU2ODEwRTQxMUYwQjc1QjgxNjZDNEY5QUUwMi9uT2tYM0RyZ3hi b3VkOHQzV2pyWm5HaGNRR3MubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAYNeVQ3bnLb6p+y/aZvIsULUklHRbBaaFhGkWOhNqRX5Z28GEXOSVxUbe3D2y mbrSOVHtIfagN9/IEt1xwm6aLhp3M9aEEd2knHbGf7XQhPNdAZ9s/mdbRr94EMBd rItc5qpiXvDFxgaX+tzWXuhN3W0b7iE3W48pf3gEKvs2fQfX1alazguxtYeK+uFN MmLe1QWYj6VbeqN/3CgDcy4zbuXZEJ14lU4CtE3zLmWCVqyofzvbur84pyTwlc6V LTF/Bfxn+B7lnULXwZXBwR70b6fDJgVYSNd+EryCvpNgXiTAya4sXKiFHmuXeQIo pW+aVOKIwVjP59AZpBUSLig60Q== -----END CERTIFICATE-----Generated at Thu May 21 12:58:24 2026 by rpki-client