$ rpki-client -vvf rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.mft File: bFpYn5JM6b7R_Yn1r_YwySdXRCA.mft (raw, json) Hash identifier: FcinElS/KnrTCByHQhJbj+btfUtr2QCSaAkrFt6+tGU= Subject key identifier: 37:B7:68:86:B6:C7:59:1A:1E:56:5E:E6:15:1D:95:52:48:0D:30:A3 Authority key identifier: 6C:5A:58:9F:92:4C:E9:BE:D1:FD:89:F5:AF:F6:30:C9:27:57:44:20 Certificate issuer: /CN=A91A546E/serialNumber=6C5A589F924CE9BED1FD89F5AFF630C927574420 Certificate serial: 09D0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bFpYn5JM6b7R_Yn1r_YwySdXRCA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.mft Manifest number: 0984 Signing time: Sun 22 Mar 2026 19:50:21 +0000 Manifest this update: Sun 22 Mar 2026 19:50:21 +0000 Manifest next update: Sun 29 Mar 2026 19:50:21 +0000 Files and hashes: 1: bFpYn5JM6b7R_Yn1r_YwySdXRCA.crl (hash: Q4ySjGsLmdsID/Ns1OIAi8osuo0fYT5cdR6gw9g7PVE=) 2: F2A462E66B6C11F0B453B656C4F9AE02.roa (hash: HMcEW/S22FGTvhiPakps8LsqQxXUXp8fWhqX+TVm2Vw=) 3: CCBF0CF6B55911EC9256FE19C4F9AE02.roa (hash: xihXskffyMmX6uPdr43LH17SKnUp1mNtBqH6MhLI3sk=) 4: 88252000B55C11ECA9565039C4F9AE02.roa (hash: vpFh2/2Ww8n4gYMHhWBePvd1Fheir2EOHQAoooMfRBo=) 5: 50805C5C6CF911F0A63D4C65C4F9AE02.roa (hash: 7GoPVvNzOxqz0b0bUBa7Sq4uOYDaYVX7ArTVXs9QZv4=) 6: CC3B5938B55911EC9256FE19C4F9AE02.roa (hash: lyIUpVCXgqLP2olWGXoY8duGQEhruwus1GboROWSH00=) 7: 1A8C65506B6E11F0AEECA858C4F9AE02.roa (hash: NpbVQQRWWoFXTrGdsKM32fOCA5zAVZsblj+8rYIeUc4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.crl rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bFpYn5JM6b7R_Yn1r_YwySdXRCA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Mar 2026 19:50:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2512 (0x9d0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A546E, serialNumber=6C5A589F924CE9BED1FD89F5AFF630C927574420 Validity Not Before: Mar 22 19:50:21 2026 GMT Not After : Mar 29 19:50:21 2026 GMT Subject: CN=69c047fd-03ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:87:de:79:8f:1b:0d:b9:ac:d1:65:07:91:74: 5a:c1:df:4c:a5:e4:29:46:13:94:7b:33:de:bb:c5: 34:cc:dc:6a:6d:ae:a8:e3:6d:36:83:0a:17:6c:a2: d6:b2:48:14:59:a7:25:83:f2:0f:0b:d6:74:96:52: 0c:d6:6e:a7:dc:3d:16:26:4d:30:25:b1:ef:b4:13: 84:fe:da:c4:c1:8a:92:52:3e:01:84:bb:bf:71:db: 3c:1c:2c:8f:02:2e:a4:23:01:ef:60:e1:72:05:c6: 7f:5e:2b:0d:7b:3a:e0:f5:fa:2d:e3:61:46:84:ee: 6b:ed:80:b6:24:92:4b:56:b1:bd:76:33:70:4f:0a: 1b:cf:01:d9:fa:cc:01:70:ef:6f:37:81:19:d5:eb: 46:f3:fe:29:bc:c8:4c:11:c7:fa:0a:34:1f:83:b8: 79:80:b3:d5:51:0b:6d:55:6e:f0:49:92:00:f4:8c: 47:59:50:9f:a7:bc:04:9a:49:0b:d9:41:31:57:7a: 85:c2:11:51:ca:69:fd:36:5d:91:06:ff:b6:90:35: 92:bf:b2:d1:fe:44:2a:c8:f6:d8:a2:49:fd:90:08: 74:35:24:33:43:5f:cb:da:1d:57:fb:8d:7d:e8:cd: 57:4d:af:c6:df:eb:c1:87:7d:ae:84:22:81:0a:40: 5a:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:B7:68:86:B6:C7:59:1A:1E:56:5E:E6:15:1D:95:52:48:0D:30:A3 X509v3 Authority Key Identifier: keyid:6C:5A:58:9F:92:4C:E9:BE:D1:FD:89:F5:AF:F6:30:C9:27:57:44:20 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bFpYn5JM6b7R_Yn1r_YwySdXRCA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1a:86:7a:ad:83:31:82:0f:9f:bb:fb:3e:fc:44:d8:38:93:a2: 02:be:c7:8a:63:47:93:62:39:22:8f:97:f9:e9:b7:99:76:aa: c4:04:c6:96:c0:29:9d:fb:4a:61:5b:42:76:0c:e2:ed:4a:1b: 8b:13:9e:95:99:82:e6:a4:f6:e8:b6:f1:34:40:16:25:fb:d5: 91:c6:48:79:15:36:b4:50:9d:9c:2c:d0:e9:c2:fa:e9:6f:c3: b5:87:92:7d:9d:d8:6f:0a:12:9c:e3:e0:6d:ae:b6:9c:dd:9e: 28:46:10:a7:45:cc:51:2d:f4:2d:d8:fe:f3:8e:42:ad:75:af: 20:65:16:31:c7:2f:01:c1:8e:fc:d0:17:0f:66:f5:b2:42:12: b7:bd:f8:2c:69:bd:33:3d:6a:24:d0:a8:93:54:1c:fd:8c:4f: 6b:80:e4:13:a8:84:c1:89:bd:5c:a9:60:06:40:bd:ea:3e:f6: a6:e2:75:20:7b:55:44:c8:fc:28:02:46:0f:db:0d:74:11:e3: ec:8f:02:b3:e9:29:14:89:64:79:9e:82:6b:65:a6:d7:05:d2: a3:05:c1:00:84:34:2b:7d:6c:f0:01:60:6b:42:37:07:72:b1: 09:f7:ef:11:93:01:d6:8a:00:20:7a:83:a4:36:f9:e0:a5:2c: d5:6b:20:45 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICCdAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU0NkUxMTAvBgNVBAUTKDZDNUE1ODlGOTI0Q0U5QkVEMUZEODlGNUFGRjYzMEM5 Mjc1NzQ0MjAwHhcNMjYwMzIyMTk1MDIxWhcNMjYwMzI5MTk1MDIxWjAYMRYwFAYD VQQDEw02OWMwNDdmZC0wM2ZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsofeeY8bDbms0WUHkXRawd9MpeQpRhOUezPeu8U0zNxqba6o4202gwoXbKLW skgUWaclg/IPC9Z0llIM1m6n3D0WJk0wJbHvtBOE/trEwYqSUj4BhLu/cds8HCyP Ai6kIwHvYOFyBcZ/XisNezrg9fot42FGhO5r7YC2JJJLVrG9djNwTwobzwHZ+swB cO9vN4EZ1etG8/4pvMhMEcf6CjQfg7h5gLPVUQttVW7wSZIA9IxHWVCfp7wEmkkL 2UExV3qFwhFRymn9Nl2RBv+2kDWSv7LR/kQqyPbYokn9kAh0NSQzQ1/L2h1X+419 6M1XTa/G3+vBh32uhCKBCkBaGQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFDe3aIa2 x1kaHlZe5hUdlVJIDTCjMB8GA1UdIwQYMBaAFGxaWJ+STOm+0f2J9a/2MMknV0Qg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTQ2RS8wQ0Q0MURBOEI3 NkExMUVBODE0RjUwODRDNEY5QUUwMi9iRnBZbjVKTTZiN1JfWW4xcl9Zd3lTZFhS Q0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2JGcFluNUpNNmI3Ul9ZbjFyX1l3eVNkWFJDQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NTQ2RS8wQ0Q0MURBOEI3NkExMUVBODE0RjUwODRDNEY5QUUwMi9iRnBZbjVKTTZi N1JfWW4xcl9Zd3lTZFhSQ0EubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAGoZ6rYMxgg+fu/s+/ETYOJOiAr7HimNHk2I5Io+X+em3mXaqxATGlsApnftK YVtCdgzi7UobixOelZmC5qT26LbxNEAWJfvVkcZIeRU2tFCdnCzQ6cL66W/DtYeS fZ3YbwoSnOPgba62nN2eKEYQp0XMUS30Ldj+845CrXWvIGUWMccvAcGO/NAXD2b1 skISt734LGm9Mz1qJNCok1Qc/YxPa4DkE6iEwYm9XKlgBkC96j72puJ1IHtVRMj8 KAJGD9sNdBHj7I8Cs+kpFIlkeZ6Ca2Wm1wXSowXBAIQ0K31s8AFga0I3B3KxCffv EZMB1ooAIHqDpDb54KUs1WsgRQ== -----END CERTIFICATE-----Generated at Mon Mar 23 00:27:08 2026 by rpki-client