$ rpki-client -vvf rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft File: 3FejmXtffOj7ybTZiz1F1jMHcRg.mft (raw, json) Hash identifier: o1GRJivpsbffIhaOROcHyRrhnbtU/FviOQHv8YMwAY8= Subject key identifier: 02:3E:E0:F4:66:DB:5D:AA:D1:97:CA:B0:65:38:82:84:4D:6C:3D:36 Authority key identifier: DC:57:A3:99:7B:5F:7C:E8:FB:C9:B4:D9:8B:3D:45:D6:33:07:71:18 Certificate issuer: /CN=A917CABB/serialNumber=DC57A3997B5F7CE8FBC9B4D98B3D45D633077118 Certificate serial: 0CBE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FejmXtffOj7ybTZiz1F1jMHcRg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft Manifest number: 0CB4 Signing time: Sat 04 Apr 2026 18:19:11 +0000 Manifest this update: Sat 04 Apr 2026 18:19:10 +0000 Manifest next update: Sat 11 Apr 2026 18:19:10 +0000 Files and hashes: 1: 3FejmXtffOj7ybTZiz1F1jMHcRg.crl (hash: wMhYsiH5PQHmyeRPnefPOQsPg+dtiNQ3RQZdvd959rw=) 2: 17BA5658D1FA11EDA0A31C2FC4F9AE02.roa (hash: STCKrvlRsuBwgCCitF/41y1bZsQULp/xbRwSRQTsp2k=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.crl rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FejmXtffOj7ybTZiz1F1jMHcRg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 Apr 2026 18:19:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3262 (0xcbe) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917CABB, serialNumber=DC57A3997B5F7CE8FBC9B4D98B3D45D633077118 Validity Not Before: Apr 4 18:19:10 2026 GMT Not After : Apr 11 18:19:10 2026 GMT Subject: CN=69d1561f-281b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:8f:77:9d:b0:ad:e2:f6:bc:92:93:10:78:5f: be:5f:29:a1:b2:07:32:49:72:b7:ee:34:c9:af:0a: 68:0f:26:e6:b5:36:75:6b:56:38:b9:8f:8a:c8:de: ca:c3:6b:03:da:5d:22:97:c6:79:44:ff:4b:4c:b9: ba:2a:29:8a:3b:ca:26:d0:70:83:11:03:99:46:97: 82:7a:c1:25:ed:f9:d3:f5:14:fa:52:c3:8e:fb:a8: d8:b7:5d:0e:93:0c:2d:05:a7:87:b0:88:c1:98:29: ab:68:fc:eb:e6:07:c3:91:27:46:eb:c4:4f:fc:fe: da:0d:c8:c1:75:4f:36:21:d8:06:6e:0c:54:2a:39: 4c:80:5e:e5:fe:e9:e3:b4:cb:06:8b:1e:0e:5e:38: 19:02:2d:1a:b3:2d:af:5c:b0:f7:af:45:f5:0c:8c: 9a:56:c8:8d:c6:d0:7d:e4:d2:d5:67:f6:47:36:46: 3e:bc:a4:88:e5:3d:14:29:06:4e:1b:90:c0:3f:4f: 94:50:2d:32:9a:00:e2:c2:6a:27:46:9b:58:6c:bc: 9d:46:48:0f:b6:04:87:17:80:1e:c8:3d:d1:83:ea: 1f:f0:60:d6:1e:2d:88:1d:8d:e0:0e:d4:a7:0e:2e: 58:56:05:6e:16:21:e5:6f:4b:d6:ba:c1:4a:15:2a: 0d:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:3E:E0:F4:66:DB:5D:AA:D1:97:CA:B0:65:38:82:84:4D:6C:3D:36 X509v3 Authority Key Identifier: keyid:DC:57:A3:99:7B:5F:7C:E8:FB:C9:B4:D9:8B:3D:45:D6:33:07:71:18 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FejmXtffOj7ybTZiz1F1jMHcRg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4c:cf:03:ee:1e:49:cf:0c:73:bf:73:de:7b:e9:32:3e:e9:a6: 6f:ba:85:ab:6d:b1:be:5f:e8:c6:94:81:5f:b9:40:33:27:d2: 26:eb:62:b3:a4:f9:3d:1b:3b:6a:8a:af:99:e9:11:72:47:c6: 19:a4:e6:37:b1:3c:0c:c6:dc:85:25:90:a5:f1:7c:9a:c3:02: 63:82:24:d4:6d:bd:8d:39:4d:cb:69:43:d4:c4:6d:14:94:3d: b1:09:8f:fd:5c:f7:9f:30:ec:d9:a9:ba:de:ae:51:64:bd:b3: 09:f4:8d:e1:07:5e:2c:4a:1c:be:4a:5a:e9:ed:2d:2f:47:88: c1:fd:27:6b:49:e4:a7:91:14:11:1c:91:a7:7e:c7:09:50:53: 1c:85:0a:04:9e:4d:41:9b:77:4f:db:7c:9d:9a:92:92:f2:4b: b5:2b:54:f4:78:44:0f:ad:d4:99:22:eb:a7:57:66:d8:47:98: e6:3c:f6:e9:e9:1a:e2:d7:35:d5:70:dd:96:3d:e8:02:be:93: b9:82:cf:4b:f1:25:28:42:c8:6f:d4:87:5a:4c:75:14:c6:36: 74:e1:cb:b8:29:fa:90:26:a9:a1:39:40:b9:7c:e2:1e:e5:66: 5e:99:bd:50:c9:32:d8:1d:22:42:54:79:4e:d7:4e:79:61:d8: f4:54:a4:21 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICDL4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0NBQkIxMTAvBgNVBAUTKERDNTdBMzk5N0I1RjdDRThGQkM5QjREOThCM0Q0NUQ2 MzMwNzcxMTgwHhcNMjYwNDA0MTgxOTEwWhcNMjYwNDExMTgxOTEwWjAYMRYwFAYD VQQDEw02OWQxNTYxZi0yODFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvY93nbCt4va8kpMQeF++XymhsgcySXK37jTJrwpoDybmtTZ1a1Y4uY+KyN7K w2sD2l0il8Z5RP9LTLm6KimKO8om0HCDEQOZRpeCesEl7fnT9RT6UsOO+6jYt10O kwwtBaeHsIjBmCmraPzr5gfDkSdG68RP/P7aDcjBdU82IdgGbgxUKjlMgF7l/unj tMsGix4OXjgZAi0asy2vXLD3r0X1DIyaVsiNxtB95NLVZ/ZHNkY+vKSI5T0UKQZO G5DAP0+UUC0ymgDiwmonRptYbLydRkgPtgSHF4AeyD3Rg+of8GDWHi2IHY3gDtSn Di5YVgVuFiHlb0vWusFKFSoNWwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFAI+4PRm 212q0ZfKsGU4goRNbD02MB8GA1UdIwQYMBaAFNxXo5l7X3zo+8m02Ys9RdYzB3EY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3Q0FCQi8wNzY3NUYxRTBG NjkxMUVBQTlENTI2NTBDNEY5QUUwMi8zRmVqbVh0ZmZPajd5YlRaaXoxRjFqTUhj UmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNGZWptWHRmZk9qN3liVFppejFGMWpNSGNSZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 Q0FCQi8wNzY3NUYxRTBGNjkxMUVBQTlENTI2NTBDNEY5QUUwMi8zRmVqbVh0ZmZP ajd5YlRaaXoxRjFqTUhjUmcubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEATM8D7h5Jzwxzv3Pee+kyPummb7qFq22xvl/oxpSBX7lAMyfSJutis6T5PRs7 aoqvmekRckfGGaTmN7E8DMbchSWQpfF8msMCY4Ik1G29jTlNy2lD1MRtFJQ9sQmP /Vz3nzDs2am63q5RZL2zCfSN4QdeLEocvkpa6e0tL0eIwf0na0nkp5EUERyRp37H CVBTHIUKBJ5NQZt3T9t8nZqSkvJLtStU9HhED63UmSLrp1dm2EeY5jz26eka4tc1 1XDdlj3oAr6TuYLPS/ElKELIb9SHWkx1FMY2dOHLuCn6kCapoTlAuXziHuVmXpm9 UMky2B0iQlR5TtdOeWHY9FSkIQ== -----END CERTIFICATE-----Generated at Mon Apr 6 08:32:02 2026 by rpki-client