$ rpki-client -vvf rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.mft File: TbA103TIQSzmgNnaCtvsBkKdiLg.mft (raw, json) Hash identifier: gOvrU/xa3BlotDiM89S8e80XdDeEltXsb5q+Ixn7Qao= Subject key identifier: FB:E6:1D:81:9B:C3:58:9A:19:F6:13:5D:51:E8:A0:9E:17:B8:0E:20 Authority key identifier: 4D:B0:35:D3:74:C8:41:2C:E6:80:D9:DA:0A:DB:EC:06:42:9D:88:B8 Certificate issuer: /CN=A917E678/serialNumber=4DB035D374C8412CE680D9DA0ADBEC06429D88B8 Certificate serial: 1A85 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TbA103TIQSzmgNnaCtvsBkKdiLg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.mft Manifest number: 1842 Signing time: Tue 10 Mar 2026 16:42:07 +0000 Manifest this update: Tue 10 Mar 2026 16:42:07 +0000 Manifest next update: Tue 17 Mar 2026 16:42:07 +0000 Files and hashes: 1: TbA103TIQSzmgNnaCtvsBkKdiLg.crl (hash: lXgaFH03NR7PVMUXlhQuLYwyZ02QBaH86C0ApSw3RMo=) 2: 11E8BC20FFE611F0A90394AA756F56BC.roa (hash: p9ksmtHHVSYaljBwVhsvsYUa9PkpSJENVH2dxyWdYsg=) 3: A865A1925B1611F083088661C4F9AE02.roa (hash: 2IUNVUDvVcfHXyE54Zp6qTjDmEVqUm9kf4i2mX6/zX4=) 4: 1F24033CDF7111EEB534147FC4F9AE02.roa (hash: 4OyLgz5MRwPAxGcF1j5OxwWLAe68/1HWOj58azhiKRQ=) 5: B62B9156280611ED8BEBC536C4F9AE02.roa (hash: cWhKsGGtwm24L2b24qEiOJQYknotmIIZJa7i5F5KPHg=) 6: 0D08636C75D611EB920B5162C4F9AE02.roa (hash: Br+Yh3Miw3+3u+15blKMFIN8mMQA+4yr6RfTrCX61aY=) 7: 70E478D0C06D11F0ABA91C6CC4F9AE02.roa (hash: mAI+w5MJltTPoLHCV1t34FNAjUXQLcbk8DhNQ3Alegw=) 8: 820BE5609CEE11EF9001717EC4F9AE02.roa (hash: JtaNsAVPLe7G1DcQvRskSfK/91+ur/u1SIY8DTdFa1o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.crl rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TbA103TIQSzmgNnaCtvsBkKdiLg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 17 Mar 2026 16:42:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6789 (0x1a85) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E678, serialNumber=4DB035D374C8412CE680D9DA0ADBEC06429D88B8 Validity Not Before: Mar 10 16:42:07 2026 GMT Not After : Mar 17 16:42:07 2026 GMT Subject: CN=69b049df-824b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:89:5b:af:b2:49:aa:8c:82:89:1a:b3:4e:25:81: e1:0f:36:64:d5:ef:32:a4:62:96:62:ff:35:12:ac: 9a:38:06:02:f7:67:35:94:92:6c:be:76:ac:0f:f5: 84:e4:93:b9:c8:1e:b1:4f:bf:cb:08:b7:43:a7:18: 9a:52:91:94:d3:72:2b:00:61:05:6e:1a:5a:30:75: 3c:0a:d0:60:e9:e9:78:59:07:18:c6:1c:93:9f:96: de:fe:d5:6b:b2:79:52:06:dc:14:e8:6e:87:3c:3c: c7:7e:97:20:e0:01:c9:65:b4:a7:01:ce:94:23:d8: ea:92:1c:9c:6a:d7:bf:a7:b9:72:15:22:88:15:4f: 77:80:fd:11:f1:4d:e9:4d:92:68:bc:69:dd:6c:b8: 95:87:68:c6:d3:97:92:e2:3c:f8:6e:53:cd:47:42: ed:93:44:2a:60:ae:00:02:55:47:20:8e:76:81:81: f7:75:74:83:cf:e8:f4:db:5c:85:1b:6d:77:06:08: 7d:af:cf:87:06:47:e0:58:c6:02:7c:a8:aa:7e:47: 6b:a0:ce:82:28:1e:e9:46:6c:3a:5f:d9:7b:a1:21: e0:e3:75:8f:c0:7e:84:57:7b:2a:0a:3d:76:9d:8a: a5:79:f5:a9:d7:f6:ee:94:2e:97:4a:c1:66:01:fd: 49:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:E6:1D:81:9B:C3:58:9A:19:F6:13:5D:51:E8:A0:9E:17:B8:0E:20 X509v3 Authority Key Identifier: keyid:4D:B0:35:D3:74:C8:41:2C:E6:80:D9:DA:0A:DB:EC:06:42:9D:88:B8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TbA103TIQSzmgNnaCtvsBkKdiLg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 86:3b:ff:de:04:4d:67:dc:7c:9b:c2:4a:55:f9:4e:f2:d3:a3: 6d:88:23:b3:49:b8:0f:e7:6c:33:b9:4f:48:04:0f:5c:1a:fa: 02:22:de:1b:d9:b6:00:18:65:ab:02:3e:86:0e:3a:2e:c4:bb: 73:5c:b7:09:cf:33:67:77:90:b9:6b:4e:f2:62:81:ba:ad:09: 35:b4:45:a1:b9:89:05:29:6a:01:78:01:ee:b5:fb:48:68:ff: df:9a:36:b4:32:78:4b:09:ca:87:43:3e:52:67:aa:fe:37:ef: ff:67:12:de:80:8a:b4:b0:c5:08:ef:55:dc:63:76:d5:da:4f: 8f:ca:2f:9f:0d:aa:93:40:d7:4c:50:43:78:1d:85:d8:3e:47: 62:e6:58:e8:52:b1:88:bb:3f:b5:ce:d9:af:f7:70:ef:78:0c: b1:a5:34:4c:de:34:69:32:36:e1:0e:25:17:ba:a0:52:2b:09: 02:be:22:3c:69:de:c0:15:f4:3d:51:8e:2d:f8:dd:7f:f1:81: 56:63:c7:92:8e:3e:a9:a0:86:a3:5b:57:5b:64:e4:06:88:1f: 81:32:7b:c8:4e:15:4d:89:94:94:3a:0f:8f:98:6d:af:f6:3d: d5:4b:67:5d:f2:9a:be:14:8a:3e:6e:e0:ef:70:09:e4:f5:ea: 2c:4d:e9:fb -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICGoUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0U2NzgxMTAvBgNVBAUTKDREQjAzNUQzNzRDODQxMkNFNjgwRDlEQTBBREJFQzA2 NDI5RDg4QjgwHhcNMjYwMzEwMTY0MjA3WhcNMjYwMzE3MTY0MjA3WjAYMRYwFAYD VQQDEw02OWIwNDlkZi04MjRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAiVuvskmqjIKJGrNOJYHhDzZk1e8ypGKWYv81EqyaOAYC92c1lJJsvnasD/WE 5JO5yB6xT7/LCLdDpxiaUpGU03IrAGEFbhpaMHU8CtBg6el4WQcYxhyTn5be/tVr snlSBtwU6G6HPDzHfpcg4AHJZbSnAc6UI9jqkhycate/p7lyFSKIFU93gP0R8U3p TZJovGndbLiVh2jG05eS4jz4blPNR0Ltk0QqYK4AAlVHII52gYH3dXSDz+j021yF G213Bgh9r8+HBkfgWMYCfKiqfkdroM6CKB7pRmw6X9l7oSHg43WPwH6EV3sqCj12 nYqlefWp1/bulC6XSsFmAf1JawIDAQABo4ICczCCAm8wHQYDVR0OBBYEFPvmHYGb w1iaGfYTXVHooJ4XuA4gMB8GA1UdIwQYMBaAFE2wNdN0yEEs5oDZ2grb7AZCnYi4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTY3OC83MjU4M0FGQTY5 NTcxMUU4QTQyQkU2ODBDNEY5QUUwMi9UYkExMDNUSVFTem1nTm5hQ3R2c0JrS2Rp TGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1RiQTEwM1RJUVN6bWdObmFDdHZzQmtLZGlMZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RTY3OC83MjU4M0FGQTY5NTcxMUU4QTQyQkU2ODBDNEY5QUUwMi9UYkExMDNUSVFT em1nTm5hQ3R2c0JrS2RpTGcubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAhjv/3gRNZ9x8m8JKVflO8tOjbYgjs0m4D+dsM7lPSAQPXBr6AiLeG9m2ABhl qwI+hg46LsS7c1y3Cc8zZ3eQuWtO8mKBuq0JNbRFobmJBSlqAXgB7rX7SGj/35o2 tDJ4SwnKh0M+Umeq/jfv/2cS3oCKtLDFCO9V3GN21dpPj8ovnw2qk0DXTFBDeB2F 2D5HYuZY6FKxiLs/tc7Zr/dw73gMsaU0TN40aTI24Q4lF7qgUisJAr4iPGnewBX0 PVGOLfjdf/GBVmPHko4+qaCGo1tXW2TkBogfgTJ7yE4VTYmUlDoPj5htr/Y91Utn XfKavhSKPm7g73AJ5PXqLE3p+w== -----END CERTIFICATE-----Generated at Tue Mar 10 20:52:19 2026 by rpki-client