$ rpki-client -vvf rpki.apnic.net/member_repository/A917286F/14272A8C53BD11F1B6592A56B9833773/h2Q49-A2DORsAHz91IHDH05WCHs.mft File: h2Q49-A2DORsAHz91IHDH05WCHs.mft (raw, json) Hash identifier: WTiehIB0NRbEyHx84+wIvYRNyXGDhauWTl/cDRtApQg= Subject key identifier: 08:2F:20:8C:19:21:62:1F:A9:82:D5:92:EB:85:01:44:D5:C2:B0:4A Authority key identifier: 87:64:38:F7:E0:36:0C:E4:6C:00:7C:FD:D4:81:C3:1F:4E:56:08:7B Certificate issuer: /CN=A917286F/serialNumber=876438F7E0360CE46C007CFDD481C31F4E56087B Certificate serial: 04 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h2Q49-A2DORsAHz91IHDH05WCHs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917286F/14272A8C53BD11F1B6592A56B9833773/h2Q49-A2DORsAHz91IHDH05WCHs.mft Manifest number: 03 Signing time: Tue 19 May 2026 20:35:54 +0000 Manifest this update: Tue 19 May 2026 20:35:53 +0000 Manifest next update: Tue 26 May 2026 20:35:53 +0000 Files and hashes: 1: h2Q49-A2DORsAHz91IHDH05WCHs.crl (hash: 40h/PAvs2U8JABmzh7SD7dN7y9SzIc6MBtlhVzWNpAQ=) 2: 5257F21E53C211F19F1FA923BC833773.roa (hash: CKg/cSeBRG6ufQaILezJ2kDTbCeuVdt5eddE5iZ+RX0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917286F/14272A8C53BD11F1B6592A56B9833773/h2Q49-A2DORsAHz91IHDH05WCHs.crl rsync://rpki.apnic.net/member_repository/A917286F/14272A8C53BD11F1B6592A56B9833773/h2Q49-A2DORsAHz91IHDH05WCHs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h2Q49-A2DORsAHz91IHDH05WCHs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 May 2026 20:35:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4 (0x4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917286F, serialNumber=876438F7E0360CE46C007CFDD481C31F4E56087B Validity Not Before: May 19 20:35:53 2026 GMT Not After : May 26 20:35:53 2026 GMT Subject: CN=6a0cc9aa-6730 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:d9:d1:e4:41:56:bb:2a:73:c5:0e:f7:9f:a8: 7b:55:08:0f:cb:61:f4:90:3a:26:c0:65:c0:d2:94: b4:7f:10:ce:2f:99:ed:be:b7:87:bc:d7:42:e3:7f: f3:11:8d:24:6e:c1:65:13:a9:2f:c8:f8:c2:12:c7: 5e:f0:99:bb:c6:63:03:28:9b:5a:88:65:58:ca:37: 44:6f:2f:45:97:3b:47:92:7a:e1:54:b3:cf:0a:e4: 1b:6a:42:92:91:65:f0:a6:cf:4b:69:23:23:8c:9c: f0:26:dc:74:80:e0:aa:0b:90:8c:e1:07:9a:13:54: 81:fd:c9:05:d3:59:de:ed:b2:d3:5f:d6:14:b8:9c: e3:fd:2e:f2:a1:11:67:ad:c1:de:2b:61:f6:08:d1: 25:57:b3:18:2d:ac:67:5e:1a:96:7d:b4:4e:45:32: 17:df:51:4a:00:1e:73:3e:6f:37:c6:ef:00:5b:07: 9e:0a:74:5d:e8:78:94:62:d3:af:c2:ba:97:69:b3: 3e:da:6e:a9:76:f1:5d:aa:69:01:37:03:79:37:56: 5b:9c:b5:aa:89:00:f9:cd:46:f4:53:c5:bf:bf:a3: c8:49:33:6a:92:04:39:9a:e8:c9:39:c4:e9:91:62: 46:3c:3a:7e:b4:9c:87:d9:7a:d2:27:dc:4f:30:b8: 61:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:2F:20:8C:19:21:62:1F:A9:82:D5:92:EB:85:01:44:D5:C2:B0:4A X509v3 Authority Key Identifier: keyid:87:64:38:F7:E0:36:0C:E4:6C:00:7C:FD:D4:81:C3:1F:4E:56:08:7B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917286F/14272A8C53BD11F1B6592A56B9833773/h2Q49-A2DORsAHz91IHDH05WCHs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h2Q49-A2DORsAHz91IHDH05WCHs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917286F/14272A8C53BD11F1B6592A56B9833773/h2Q49-A2DORsAHz91IHDH05WCHs.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9a:4c:87:2c:e6:fd:7e:f9:99:f7:94:e3:03:5d:ec:bf:dd:2e: 66:03:cd:94:5d:8d:1c:3f:9a:33:4d:f7:f1:4d:da:bb:10:2a: c4:c9:ed:da:66:6d:6b:fe:ab:e8:ed:5f:74:b5:6b:d1:47:3c: 7c:ad:90:a0:59:52:4e:ee:b1:9b:3f:d0:dc:fb:02:05:99:51: 62:23:77:ad:c3:da:1d:60:15:4e:40:7e:aa:99:20:69:a3:cd: 26:5e:d2:3a:98:fe:d8:cd:3a:06:03:d1:b8:15:a5:e0:c5:58: 82:8b:90:8a:00:d2:5d:4a:57:df:2c:fd:2e:92:62:d3:ec:53: 0b:0a:a6:df:09:10:53:2c:f9:1c:32:24:2f:24:57:f4:ae:cf: 99:9b:ef:69:a8:bc:6c:44:7c:4b:12:97:5d:5a:ac:db:3b:fb: e4:88:67:04:c9:4f:a7:56:24:2f:90:a4:be:ce:e7:73:85:27: aa:c7:f2:63:0a:36:99:52:bb:d7:f0:96:fd:0e:ba:f1:c7:7d: af:aa:27:02:88:2f:56:c3:c7:eb:d8:1e:97:f5:72:76:ba:5b: 3a:b4:08:3c:6b:d9:30:cf:0a:4f:f3:12:4d:7e:40:9c:6f:3d: 08:88:e3:09:66:b5:1f:d6:11:b4:7d:fe:cc:a1:ea:70:6c:b1: 46:0c:ed:54 -----BEGIN CERTIFICATE----- MIIFTjCCBDagAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 Mjg2RjExMC8GA1UEBRMoODc2NDM4RjdFMDM2MENFNDZDMDA3Q0ZERDQ4MUMzMUY0 RTU2MDg3QjAeFw0yNjA1MTkyMDM1NTNaFw0yNjA1MjYyMDM1NTNaMBgxFjAUBgNV BAMTDTZhMGNjOWFhLTY3MzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCu2dHkQVa7KnPFDvefqHtVCA/LYfSQOibAZcDSlLR/EM4vme2+t4e810Ljf/MR jSRuwWUTqS/I+MISx17wmbvGYwMom1qIZVjKN0RvL0WXO0eSeuFUs88K5BtqQpKR ZfCmz0tpIyOMnPAm3HSA4KoLkIzhB5oTVIH9yQXTWd7tstNf1hS4nOP9LvKhEWet wd4rYfYI0SVXsxgtrGdeGpZ9tE5FMhffUUoAHnM+bzfG7wBbB54KdF3oeJRi06/C updpsz7abql28V2qaQE3A3k3VluctaqJAPnNRvRTxb+/o8hJM2qSBDma6Mk5xOmR YkY8On60nIfZetIn3E8wuGHpAgMBAAGjggJzMIICbzAdBgNVHQ4EFgQUCC8gjBkh Yh+pgtWS64UBRNXCsEowHwYDVR0jBBgwFoAUh2Q49+A2DORsAHz91IHDH05WCHsw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcyODZGLzE0MjcyQThDNTNC RDExRjFCNjU5MkE1NkI5ODMzNzczL2gyUTQ5LUEyRE9Sc0FIejkxSUhESDA1V0NI cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvaDJRNDktQTJET1JzQUh6OTFJSERIMDVXQ0hzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgZAGCCsGAQUFBwELBIGDMIGAMH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcy ODZGLzE0MjcyQThDNTNCRDExRjFCNjU5MkE1NkI5ODMzNzczL2gyUTQ5LUEyRE9S c0FIejkxSUhESDA1V0NIcy5tZnQwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQCaTIcs5v1++Zn3lOMDXey/3S5mA82UXY0cP5ozTffxTdq7ECrEye3aZm1r/qvo 7V90tWvRRzx8rZCgWVJO7rGbP9Dc+wIFmVFiI3etw9odYBVOQH6qmSBpo80mXtI6 mP7YzToGA9G4FaXgxViCi5CKANJdSlffLP0ukmLT7FMLCqbfCRBTLPkcMiQvJFf0 rs+Zm+9pqLxsRHxLEpddWqzbO/vkiGcEyU+nViQvkKS+zudzhSeqx/JjCjaZUrvX 8Jb9Drrxx32vqicCiC9Ww8fr2B6X9XJ2uls6tAg8a9kwzwpP8xJNfkCcbz0IiOMJ ZrUf1hG0ff7MoepwbLFGDO1U -----END CERTIFICATE-----Generated at Thu May 21 09:39:30 2026 by rpki-client