$ rpki-client -vvf rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft File: NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft (raw, json) Hash identifier: D21rRU0y4TYqLakWpo+eidnZCNboLVecrNlOh8YGxJY= Subject key identifier: 98:95:4D:D8:67:2C:2F:47:4E:96:17:0D:FD:D9:A3:24:BC:03:F4:D8 Authority key identifier: 35:7A:17:9C:DD:0A:F9:A3:FB:03:E1:77:D6:A4:3F:B8:A5:77:54:E0 Certificate issuer: /CN=A9166AFF/serialNumber=357A179CDD0AF9A3FB03E177D6A43FB8A57754E0 Certificate serial: 01B4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NXoXnN0K-aP7A-F31qQ_uKV3VOA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft Manifest number: 01A5 Signing time: Thu 21 May 2026 04:19:27 +0000 Manifest this update: Thu 21 May 2026 04:19:26 +0000 Manifest next update: Thu 28 May 2026 04:19:26 +0000 Files and hashes: 1: NXoXnN0K-aP7A-F31qQ_uKV3VOA.crl (hash: Ne2IsRnO+2JeII6rZZDeOSGYts/niWa+Qa9hrLGI54I=) 2: 8109B4CA9DF211F0B1ED220FC4F9AE02.roa (hash: 3F15rH6YOfm7yUgvAU7B83xmF5fOsfIgjewKISbkfSo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.crl rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NXoXnN0K-aP7A-F31qQ_uKV3VOA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 May 2026 04:19:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 436 (0x1b4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9166AFF, serialNumber=357A179CDD0AF9A3FB03E177D6A43FB8A57754E0 Validity Not Before: May 21 04:19:26 2026 GMT Not After : May 28 04:19:26 2026 GMT Subject: CN=6a0e87cf-14f8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:b1:80:71:86:18:6d:e1:85:68:18:17:06:44: 47:b1:9c:91:57:4a:bc:e9:e2:41:0a:37:b1:23:b1: d7:57:21:70:71:bd:24:02:52:bc:7c:8a:4b:8d:e0: b3:89:9c:12:c9:97:4a:3b:54:40:83:b1:85:76:b8: 09:5c:d2:09:c9:38:23:12:0f:2c:60:8b:f5:42:09: 6e:f3:a4:72:8d:33:f3:44:9f:dd:fa:39:36:bf:9c: 10:93:d1:5e:71:e5:c2:d6:c9:d8:5c:2a:2e:e7:53: cc:ea:f1:83:e5:db:c1:1a:23:bd:ed:48:3e:67:c5: d0:65:8c:d5:36:62:ee:85:e3:3e:5b:cf:7f:90:b2: 03:ea:c7:73:d7:28:02:b8:3e:9f:e0:bd:08:15:eb: 7a:66:e9:8f:d7:4a:b4:e4:ca:41:8e:4f:20:6e:54: dc:c3:2b:11:01:c5:37:b4:77:db:fe:07:4d:3e:5f: b5:b6:31:48:b9:2c:f1:db:53:d4:b3:a4:df:e0:6a: 55:ff:6e:bc:a1:c9:a4:93:1d:e0:8f:36:17:f7:6e: ac:2d:52:97:df:60:2d:78:68:2c:fb:3c:37:7a:e0: bc:79:80:5d:0f:bb:15:38:64:61:91:60:72:e0:0a: fc:11:46:c0:10:17:50:1b:f6:d0:db:2e:f4:04:53: 73:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:95:4D:D8:67:2C:2F:47:4E:96:17:0D:FD:D9:A3:24:BC:03:F4:D8 X509v3 Authority Key Identifier: keyid:35:7A:17:9C:DD:0A:F9:A3:FB:03:E1:77:D6:A4:3F:B8:A5:77:54:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NXoXnN0K-aP7A-F31qQ_uKV3VOA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 95:55:bd:0e:34:ea:13:67:52:0c:ff:86:6e:43:7e:a2:2f:46: 79:e2:cd:2e:ff:67:61:10:db:3b:a0:9c:1f:f6:fb:b5:de:95: 35:60:ff:26:44:22:7b:9f:82:17:f1:ed:71:f8:ee:b0:d2:d5: 00:c7:51:fe:81:27:bd:2e:21:ea:e6:c7:ff:4b:ef:fd:1f:ed: 9c:a2:d7:56:ff:af:f8:b7:64:9f:c4:88:ac:18:fc:ba:f8:e8: 17:3c:9d:0a:55:83:09:cb:0d:04:26:71:2a:71:84:08:cc:1a: 63:b3:7c:1a:59:d5:35:26:c4:25:b0:aa:0f:7a:ad:af:ab:41: 88:18:93:92:f6:81:f8:00:54:5a:3b:44:8a:59:74:f2:6c:90: 24:1b:39:35:d9:42:c4:68:42:3c:35:36:1f:08:73:f0:7c:98: 8e:2a:0d:c5:50:28:78:de:19:a6:11:b5:cf:fb:04:3d:0e:8e: da:6c:c6:45:66:02:42:4a:01:d7:17:24:23:97:1a:68:df:b8: 4e:7e:61:a5:dc:30:20:d9:24:7c:83:1d:51:1e:1d:73:97:d0: 42:a1:89:45:02:95:60:d4:11:f2:d7:ae:2a:19:13:2e:93:c9: 2f:6e:c9:9f:07:f0:11:20:15:d8:c3:56:5d:98:97:24:15:e4: 52:6e:30:d2 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICAbQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjZBRkYxMTAvBgNVBAUTKDM1N0ExNzlDREQwQUY5QTNGQjAzRTE3N0Q2QTQzRkI4 QTU3NzU0RTAwHhcNMjYwNTIxMDQxOTI2WhcNMjYwNTI4MDQxOTI2WjAYMRYwFAYD VQQDEw02YTBlODdjZi0xNGY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2bGAcYYYbeGFaBgXBkRHsZyRV0q86eJBCjexI7HXVyFwcb0kAlK8fIpLjeCz iZwSyZdKO1RAg7GFdrgJXNIJyTgjEg8sYIv1Qglu86RyjTPzRJ/d+jk2v5wQk9Fe ceXC1snYXCou51PM6vGD5dvBGiO97Ug+Z8XQZYzVNmLuheM+W89/kLID6sdz1ygC uD6f4L0IFet6ZumP10q05MpBjk8gblTcwysRAcU3tHfb/gdNPl+1tjFIuSzx21PU s6Tf4GpV/268ocmkkx3gjzYX926sLVKX32AteGgs+zw3euC8eYBdD7sVOGRhkWBy 4Ar8EUbAEBdQG/bQ2y70BFNzCwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFJiVTdhn LC9HTpYXDf3ZoyS8A/TYMB8GA1UdIwQYMBaAFDV6F5zdCvmj+wPhd9akP7ild1Tg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NkFGRi80MENEMUI1NEU1 MDIxMUVFOUFCRjc2NTVDNEY5QUUwMi9OWG9Ybk4wSy1hUDdBLUYzMXFRX3VLVjNW T0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05Yb1huTjBLLWFQN0EtRjMxcVFfdUtWM1ZPQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 NkFGRi80MENEMUI1NEU1MDIxMUVFOUFCRjc2NTVDNEY5QUUwMi9OWG9Ybk4wSy1h UDdBLUYzMXFRX3VLVjNWT0EubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAlVW9DjTqE2dSDP+GbkN+oi9GeeLNLv9nYRDbO6CcH/b7td6VNWD/JkQie5+C F/HtcfjusNLVAMdR/oEnvS4h6ubH/0vv/R/tnKLXVv+v+Ldkn8SIrBj8uvjoFzyd ClWDCcsNBCZxKnGECMwaY7N8GlnVNSbEJbCqD3qtr6tBiBiTkvaB+ABUWjtEill0 8myQJBs5NdlCxGhCPDU2Hwhz8HyYjioNxVAoeN4ZphG1z/sEPQ6O2mzGRWYCQkoB 1xckI5caaN+4Tn5hpdwwINkkfIMdUR4dc5fQQqGJRQKVYNQR8teuKhkTLpPJL27J nwfwESAV2MNWXZiXJBXkUm4w0g== -----END CERTIFICATE-----Generated at Thu May 21 09:38:14 2026 by rpki-client