$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft File: XsGmrXajq_3B4TKesmN8AYZLSAg.mft (raw, json) Hash identifier: pVTTsAOaNHmYVsAm2yWsujJ0RxNrJTY92Qigvnm8Lic= Subject key identifier: 93:57:19:03:A4:1D:87:60:65:B5:4E:0D:A7:65:E1:B8:D2:10:3E:11 Authority key identifier: 5E:C1:A6:AD:76:A3:AB:FD:C1:E1:32:9E:B2:63:7C:01:86:4B:48:08 Certificate issuer: /CN=A91AB20B/serialNumber=5EC1A6AD76A3ABFDC1E1329EB2637C01864B4808 Certificate serial: 08A8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft Manifest number: 085B Signing time: Wed 22 Apr 2026 20:57:51 +0000 Manifest this update: Wed 22 Apr 2026 20:57:50 +0000 Manifest next update: Wed 29 Apr 2026 20:57:50 +0000 Files and hashes: 1: XsGmrXajq_3B4TKesmN8AYZLSAg.crl (hash: h5vKFD9xOT1lfkKS3hzsG2ePOswdvIZAqOGIbb5c5F8=) 2: B512A570109211ECA693D74EC4F9AE02.roa (hash: L7d1U3gGL3grFk1wnPeyJKdZ3FejFM4vvmLKY3IRi5A=) 3: 7CF84F084B9111EBBA09CA72C4F9AE02.roa (hash: 2mIyjIYN6IO7ZQ4FUwscfGnk78kTtsjolDojwIN0av0=) 4: 82BB885E4B9811EB85F74960C4F9AE02.roa (hash: +r+gvF4pkq6hFHbY+ZoaIiUoalmLLSMykW5BxcQDeFU=) 5: 46D6261876A511EB82E04A2FC4F9AE02.roa (hash: +cRs2PboXe8g3+V+AJzpQpdTweZR3TGc016yIhZSQMI=) 6: 046130D225FC11EC9D57EA7CC4F9AE02.roa (hash: ESImnuHKksdWJK2TDU4E1UVvcvoZ37KeHVw4wPPeVXE=) 7: E3AAE94243B511EB8DA3F473C4F9AE02.roa (hash: i7X6zewMmXOfmuZsHLNceM/lQghxWwQZ7AxU0vSWV0M=) 8: CF41132A1DE811EB9DE34963C4F9AE02.roa (hash: JkwlB4IFE4Dgm1EcLQn9CRo6PclYWkjqCYFJJbMHsj0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.crl rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 29 Apr 2026 20:57:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2216 (0x8a8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AB20B, serialNumber=5EC1A6AD76A3ABFDC1E1329EB2637C01864B4808 Validity Not Before: Apr 22 20:57:50 2026 GMT Not After : Apr 29 20:57:50 2026 GMT Subject: CN=69e9364e-6011 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:dd:c3:2f:34:7d:d5:eb:54:26:f8:85:bc:d6: d2:15:22:cf:b3:66:99:92:9b:5e:32:4c:47:ff:de: 69:82:61:3a:82:1a:02:ff:56:3c:a1:72:9b:87:b8: de:ed:f5:5b:b8:fc:86:18:1d:01:a5:81:c3:b8:b2: 7d:f7:a5:72:b7:db:ba:a9:0e:be:85:a1:12:cf:5d: b6:01:ec:32:3b:f3:75:45:93:76:df:83:9c:a4:c6: a3:62:e6:a3:2c:8b:48:05:aa:10:24:9c:95:34:a9: 8a:26:fe:90:89:dd:8d:e8:90:5d:97:05:b0:b2:03: f4:88:be:4a:11:06:c6:fa:3c:e6:bc:15:1e:88:6b: a8:28:ab:8c:5a:1c:f2:19:af:6d:34:9d:65:1b:ff: 11:d5:17:2a:53:ea:fb:90:af:77:ad:d1:39:c2:ac: b1:ba:4f:b2:34:a5:5a:6b:4a:1e:14:af:8c:51:a2: 6f:f3:d6:0c:00:11:ac:ce:e0:02:45:f6:81:1f:de: c2:58:88:ad:06:5d:69:03:a7:29:dc:04:da:33:ba: 92:32:91:ad:06:a3:9b:80:d9:8d:63:3b:84:51:68: 73:d5:42:4b:aa:e1:ed:fc:1d:52:b4:b6:28:e0:dc: 52:51:29:69:8a:4a:72:52:eb:0a:d5:0a:82:2e:59: 43:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:57:19:03:A4:1D:87:60:65:B5:4E:0D:A7:65:E1:B8:D2:10:3E:11 X509v3 Authority Key Identifier: keyid:5E:C1:A6:AD:76:A3:AB:FD:C1:E1:32:9E:B2:63:7C:01:86:4B:48:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8c:e0:bf:8a:73:67:dc:fc:e0:25:09:bf:c3:11:63:76:41:25: bf:af:30:46:75:d4:2f:5d:bf:24:56:12:d5:69:78:90:fd:76: 2b:9b:c5:0e:49:cc:c2:b6:b0:0b:a5:92:b1:9d:d6:77:24:84: ef:68:e6:b0:0e:74:9f:36:a7:73:5f:e9:c7:fa:ff:69:5b:73: 4a:4a:d0:7e:cf:11:f8:b2:ac:6b:16:d7:55:6b:5d:a1:8c:90: df:6a:5f:88:b3:e9:bf:67:3b:8a:b1:3b:b0:67:05:7b:8b:6b: 10:59:a6:39:67:40:18:e2:38:01:60:3c:05:31:e6:1e:1c:bb: 64:3a:bc:7e:41:62:b7:84:b3:b5:6f:70:95:57:d0:e0:65:7f: fa:4e:7f:bd:d7:b2:36:2a:5f:40:00:38:a8:7b:62:48:c9:dc: 1e:ec:29:b5:21:49:18:d0:af:bb:1a:21:2d:1c:df:a4:33:92: e3:dc:9a:ce:5c:79:cd:0d:0a:9f:5a:c0:72:ef:bb:b8:b3:ad: 76:37:fe:de:e2:3c:80:85:e9:92:a2:93:46:07:6d:db:bd:ba: 70:d9:b7:7c:be:ce:aa:1d:65:bf:9a:f4:fd:04:b2:9f:b7:34: 70:90:8a:a5:fd:17:0c:32:c0:c9:f7:62:a6:f5:05:ca:ea:94: c1:9b:69:69 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICCKgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUIyMEIxMTAvBgNVBAUTKDVFQzFBNkFENzZBM0FCRkRDMUUxMzI5RUIyNjM3QzAx ODY0QjQ4MDgwHhcNMjYwNDIyMjA1NzUwWhcNMjYwNDI5MjA1NzUwWjAYMRYwFAYD VQQDEw02OWU5MzY0ZS02MDExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxN3DLzR91etUJviFvNbSFSLPs2aZkpteMkxH/95pgmE6ghoC/1Y8oXKbh7je 7fVbuPyGGB0BpYHDuLJ996Vyt9u6qQ6+haESz122AewyO/N1RZN234OcpMajYuaj LItIBaoQJJyVNKmKJv6Qid2N6JBdlwWwsgP0iL5KEQbG+jzmvBUeiGuoKKuMWhzy Ga9tNJ1lG/8R1RcqU+r7kK93rdE5wqyxuk+yNKVaa0oeFK+MUaJv89YMABGszuAC RfaBH97CWIitBl1pA6cp3ATaM7qSMpGtBqObgNmNYzuEUWhz1UJLquHt/B1StLYo 4NxSUSlpikpyUusK1QqCLllD3wIDAQABo4ICczCCAm8wHQYDVR0OBBYEFJNXGQOk HYdgZbVODadl4bjSED4RMB8GA1UdIwQYMBaAFF7Bpq12o6v9weEynrJjfAGGS0gI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjIwQi9CQTcxQjY0ODEy MDMxMUVCQkFBMTk0MTRDNEY5QUUwMi9Yc0dtclhhanFfM0I0VEtlc21OOEFZWkxT QWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hzR21yWGFqcV8zQjRUS2VzbU44QVlaTFNBZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QjIwQi9CQTcxQjY0ODEyMDMxMUVCQkFBMTk0MTRDNEY5QUUwMi9Yc0dtclhhanFf M0I0VEtlc21OOEFZWkxTQWcubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAjOC/inNn3PzgJQm/wxFjdkElv68wRnXUL12/JFYS1Wl4kP12K5vFDknMwraw C6WSsZ3WdySE72jmsA50nzanc1/px/r/aVtzSkrQfs8R+LKsaxbXVWtdoYyQ32pf iLPpv2c7irE7sGcFe4trEFmmOWdAGOI4AWA8BTHmHhy7ZDq8fkFit4SztW9wlVfQ 4GV/+k5/vdeyNipfQAA4qHtiSMncHuwptSFJGNCvuxohLRzfpDOS49yazlx5zQ0K n1rAcu+7uLOtdjf+3uI8gIXpkqKTRgdt2726cNm3fL7Oqh1lv5r0/QSyn7c0cJCK pf0XDDLAyfdipvUFyuqUwZtpaQ== -----END CERTIFICATE-----Generated at Fri Apr 24 11:17:02 2026 by rpki-client