$ rpki-client -vvf rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/2h2yzTH0VPaVYdhmXck--BLzl7A.mft File: 2h2yzTH0VPaVYdhmXck--BLzl7A.mft (raw, json) Hash identifier: /wahxBZaoXtGWHRSKboPyRwFsqXsbTM6SEOqV8wT4JQ= Subject key identifier: 57:83:9F:4D:4C:35:D9:CB:85:4A:F1:45:2C:CF:95:3B:87:72:CD:38 Authority key identifier: DA:1D:B2:CD:31:F4:54:F6:95:61:D8:66:5D:C9:3E:F8:12:F3:97:B0 Certificate issuer: /CN=A919A7CA/serialNumber=DA1DB2CD31F454F69561D8665DC93EF812F397B0 Certificate serial: 01EA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2h2yzTH0VPaVYdhmXck--BLzl7A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/2h2yzTH0VPaVYdhmXck--BLzl7A.mft Manifest number: 01DD Signing time: Thu 21 May 2026 03:34:15 +0000 Manifest this update: Thu 21 May 2026 03:34:15 +0000 Manifest next update: Thu 28 May 2026 03:34:15 +0000 Files and hashes: 1: 2h2yzTH0VPaVYdhmXck--BLzl7A.crl (hash: aBvHq5+C2+4iyvZgmsI+oUdQAXHS793m72/UiShWxp0=) 2: 4317395081E611EE9EFE132BC4F9AE02.roa (hash: /6x7x4b9csD2TYsiLEKnpfZB3jGbE1YGP0AsFpZrdN4=) 3: 730B201A81E911EEAEFE7735C4F9AE02.roa (hash: hGkqzz2eI5dLw6JFvYyWs5D2WcjZP64M8Kf1cT/imEo=) 4: E71AB92A7F7D11EE8C183162C4F9AE02.roa (hash: hKdbTMFjBDS3XXfZuB0+hdt0c8qX6Q+dGMG1HACFMQ0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/2h2yzTH0VPaVYdhmXck--BLzl7A.crl rsync://rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/2h2yzTH0VPaVYdhmXck--BLzl7A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2h2yzTH0VPaVYdhmXck--BLzl7A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 May 2026 03:34:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 490 (0x1ea) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919A7CA, serialNumber=DA1DB2CD31F454F69561D8665DC93EF812F397B0 Validity Not Before: May 21 03:34:15 2026 GMT Not After : May 28 03:34:15 2026 GMT Subject: CN=6a0e7d37-c7ca Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:3c:fa:f0:e3:97:6c:15:76:35:42:a9:e4:45: fd:af:b2:d0:47:7a:6a:40:b9:9b:c1:88:70:3e:7c: 10:3e:3b:a0:15:18:35:b8:d1:08:9a:ba:6c:9a:f3: 3d:9d:3f:f2:5b:4d:22:c0:4c:16:d1:54:19:57:3c: 8f:38:c6:3c:b7:13:e7:42:00:a2:ef:0d:1f:d3:e5: 24:15:8d:90:0b:4d:44:53:db:a0:91:8d:77:ae:95: 0a:9b:82:d4:46:8b:56:ee:26:bd:1a:1f:4c:80:a5: 08:5f:82:9c:84:f5:8e:25:59:f2:82:8c:7a:f2:94: ef:5a:01:14:3e:1a:d0:e1:13:cb:00:32:16:aa:2f: a1:72:2e:3c:aa:d9:10:a9:32:27:f6:67:26:f7:0d: 16:c9:17:9c:66:1c:75:23:a7:ae:9b:c8:15:11:08: 2e:ad:d0:d9:94:a3:73:6a:46:d8:0f:20:0b:e1:a6: a4:a0:7c:04:b5:6e:5f:21:6f:bb:e8:c4:27:d2:22: c2:f5:11:9f:d7:a2:a5:3e:86:56:fb:9b:8f:4e:f7: b1:25:bf:4d:0c:16:a4:76:48:a1:5c:2a:84:b9:c1: 1b:7e:e1:c3:f2:fd:67:48:bc:ea:f8:be:24:4e:9d: 3b:87:d6:2c:7b:93:d4:c1:2c:31:7f:73:85:55:60: 45:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 57:83:9F:4D:4C:35:D9:CB:85:4A:F1:45:2C:CF:95:3B:87:72:CD:38 X509v3 Authority Key Identifier: keyid:DA:1D:B2:CD:31:F4:54:F6:95:61:D8:66:5D:C9:3E:F8:12:F3:97:B0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/2h2yzTH0VPaVYdhmXck--BLzl7A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2h2yzTH0VPaVYdhmXck--BLzl7A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/2h2yzTH0VPaVYdhmXck--BLzl7A.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 44:5b:ea:32:e1:f1:cc:ea:3d:0b:bc:b1:59:27:9b:96:38:0d: 7a:cd:86:ab:00:bf:ed:ef:55:0d:86:f8:3a:43:96:01:5a:62: 18:ef:56:92:8b:1d:7f:01:3c:f8:fd:52:7c:39:50:1c:6b:c7: 05:4d:57:5a:dc:e2:f0:f6:e8:bc:2e:09:ee:4e:ae:b4:c2:0a: 58:92:08:d9:af:0e:8a:1e:9f:c2:c6:4c:07:24:da:ba:aa:19: 1b:12:3f:ee:62:93:f1:ad:4b:48:06:40:7f:59:54:65:e3:fd: 2e:0c:fd:47:b3:34:81:8b:24:12:ab:7e:eb:09:20:5e:6a:f6: 7e:d6:40:44:c2:37:e4:fc:8b:90:7f:7a:fd:29:80:8c:73:04: 61:90:da:df:4a:cb:4c:59:87:bc:c8:c2:8d:c4:d7:4d:83:81: af:ab:ff:55:13:b0:61:a0:47:24:fc:f4:4d:32:a8:2b:c7:2a: fb:df:22:41:f1:8f:e2:cb:8c:56:39:7b:c4:de:69:49:c6:2c: 6f:2c:e8:c9:91:c9:9f:b2:0d:72:f3:e1:89:03:98:82:a9:a8: f8:88:b6:9b:22:a8:3f:98:13:64:c5:aa:8a:7e:43:dd:af:25: 1a:55:8e:f5:40:94:25:60:f6:01:4d:b8:55:93:5a:c2:f3:28: 17:3c:bf:67 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICAeowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUE3Q0ExMTAvBgNVBAUTKERBMURCMkNEMzFGNDU0RjY5NTYxRDg2NjVEQzkzRUY4 MTJGMzk3QjAwHhcNMjYwNTIxMDMzNDE1WhcNMjYwNTI4MDMzNDE1WjAYMRYwFAYD VQQDEw02YTBlN2QzNy1jN2NhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAjjz68OOXbBV2NUKp5EX9r7LQR3pqQLmbwYhwPnwQPjugFRg1uNEImrpsmvM9 nT/yW00iwEwW0VQZVzyPOMY8txPnQgCi7w0f0+UkFY2QC01EU9ugkY13rpUKm4LU RotW7ia9Gh9MgKUIX4KchPWOJVnygox68pTvWgEUPhrQ4RPLADIWqi+hci48qtkQ qTIn9mcm9w0WyRecZhx1I6eum8gVEQgurdDZlKNzakbYDyAL4aakoHwEtW5fIW+7 6MQn0iLC9RGf16KlPoZW+5uPTvexJb9NDBakdkihXCqEucEbfuHD8v1nSLzq+L4k Tp07h9Yse5PUwSwxf3OFVWBFmwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFFeDn01M NdnLhUrxRSzPlTuHcs04MB8GA1UdIwQYMBaAFNodss0x9FT2lWHYZl3JPvgS85ew MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QTdDQS80Q0Y3RjE1ODdF QjcxMUVFOTYyM0U5MUFDNEY5QUUwMi8yaDJ5elRIMFZQYVZZZGhtWGNrLS1CTHps N0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJoMnl6VEgwVlBhVllkaG1YY2stLUJMemw3QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 QTdDQS80Q0Y3RjE1ODdFQjcxMUVFOTYyM0U5MUFDNEY5QUUwMi8yaDJ5elRIMFZQ YVZZZGhtWGNrLS1CTHpsN0EubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEARFvqMuHxzOo9C7yxWSebljgNes2GqwC/7e9VDYb4OkOWAVpiGO9WkosdfwE8 +P1SfDlQHGvHBU1XWtzi8PbovC4J7k6utMIKWJII2a8Oih6fwsZMByTauqoZGxI/ 7mKT8a1LSAZAf1lUZeP9Lgz9R7M0gYskEqt+6wkgXmr2ftZARMI35PyLkH96/SmA jHMEYZDa30rLTFmHvMjCjcTXTYOBr6v/VROwYaBHJPz0TTKoK8cq+98iQfGP4suM Vjl7xN5pScYsbyzoyZHJn7INcvPhiQOYgqmo+Ii2myKoP5gTZMWqin5D3a8lGlWO 9UCUJWD2AU24VZNawvMoFzy/Zw== -----END CERTIFICATE-----Generated at Thu May 21 10:20:21 2026 by rpki-client