$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft File: XsGmrXajq_3B4TKesmN8AYZLSAg.mft (raw, json) Hash identifier: a8aBl52GOGUk20IK79FQ1X1O8LtcsZ1eaHS37ntH+i4= Subject key identifier: E1:EF:2B:86:77:1E:68:EA:6F:8C:A1:96:9F:BA:90:76:AA:FC:23:E9 Authority key identifier: 5E:C1:A6:AD:76:A3:AB:FD:C1:E1:32:9E:B2:63:7C:01:86:4B:48:08 Certificate issuer: /CN=A91AB20B/serialNumber=5EC1A6AD76A3ABFDC1E1329EB2637C01864B4808 Certificate serial: 088B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft Manifest number: 0840 Signing time: Fri 06 Mar 2026 20:46:36 +0000 Manifest this update: Fri 06 Mar 2026 20:46:36 +0000 Manifest next update: Fri 13 Mar 2026 20:46:36 +0000 Files and hashes: 1: XsGmrXajq_3B4TKesmN8AYZLSAg.crl (hash: J/GVhWIF/IQqKw04E7WB82Kwix18WFLsZfe7f00kyZ4=) 2: 46D6261876A511EB82E04A2FC4F9AE02.roa (hash: +cRs2PboXe8g3+V+AJzpQpdTweZR3TGc016yIhZSQMI=) 3: CF41132A1DE811EB9DE34963C4F9AE02.roa (hash: JkwlB4IFE4Dgm1EcLQn9CRo6PclYWkjqCYFJJbMHsj0=) 4: B512A570109211ECA693D74EC4F9AE02.roa (hash: L7d1U3gGL3grFk1wnPeyJKdZ3FejFM4vvmLKY3IRi5A=) 5: 046130D225FC11EC9D57EA7CC4F9AE02.roa (hash: UIybbxoCW5pqiUQysTpCJfdM2qHakezaqpeN9Wl7FOI=) 6: 7CF84F084B9111EBBA09CA72C4F9AE02.roa (hash: 2mIyjIYN6IO7ZQ4FUwscfGnk78kTtsjolDojwIN0av0=) 7: E3AAE94243B511EB8DA3F473C4F9AE02.roa (hash: i7X6zewMmXOfmuZsHLNceM/lQghxWwQZ7AxU0vSWV0M=) 8: 82BB885E4B9811EB85F74960C4F9AE02.roa (hash: +r+gvF4pkq6hFHbY+ZoaIiUoalmLLSMykW5BxcQDeFU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.crl rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 13 Mar 2026 20:46:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2187 (0x88b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AB20B, serialNumber=5EC1A6AD76A3ABFDC1E1329EB2637C01864B4808 Validity Not Before: Mar 6 20:46:36 2026 GMT Not After : Mar 13 20:46:36 2026 GMT Subject: CN=69ab3d2c-d238 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:c4:47:5a:f0:b5:19:8a:74:5a:eb:f6:89:89: 75:3a:d6:1c:00:b0:7e:a7:8a:37:4a:71:78:3d:ae: 5b:51:8e:75:96:cf:f3:c3:c4:13:64:39:fd:19:54: a2:31:af:ce:30:33:17:c2:5a:9f:a0:ba:9d:5e:cc: 84:21:cd:79:cb:09:fd:f3:e5:4f:75:15:52:3e:ba: 99:ee:ff:58:7e:cb:50:0d:85:38:5c:ce:30:72:0a: 20:97:ed:09:4f:bf:b3:0a:13:b8:58:67:6e:72:1b: 16:49:9a:93:32:d6:8b:c2:e3:ba:e9:2c:e4:ae:e7: 02:19:9d:94:6b:0a:5a:78:b6:cd:85:48:ea:d5:be: 75:95:7a:12:47:63:09:ff:8e:d4:63:4c:3d:17:bb: e4:d5:c2:83:72:50:7a:be:6f:71:c7:90:89:4d:b6: 94:fd:88:d9:90:7d:e8:f7:c2:25:c4:37:71:e2:68: fb:4d:f4:69:c7:14:7b:a6:bb:46:3e:cd:9b:42:f0: c3:b6:28:73:b8:6b:8a:fb:97:fc:ab:f4:88:15:0f: 23:55:14:4a:c7:c4:3d:bd:6b:1b:f0:1e:12:c0:5e: 66:fa:aa:f3:11:0b:2b:80:bb:55:0e:6f:bf:f0:34: bd:88:59:38:ad:a2:01:13:37:3a:aa:90:8b:65:de: c2:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:EF:2B:86:77:1E:68:EA:6F:8C:A1:96:9F:BA:90:76:AA:FC:23:E9 X509v3 Authority Key Identifier: keyid:5E:C1:A6:AD:76:A3:AB:FD:C1:E1:32:9E:B2:63:7C:01:86:4B:48:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 26:d7:ce:3b:5a:43:1c:51:18:ff:c0:7a:3a:89:6c:b5:5f:27: f3:c7:6c:3f:90:7e:03:41:4b:1d:24:e5:b0:6e:d7:93:1d:9e: 6d:ae:70:67:19:51:2b:97:ad:bb:a4:fa:1f:ae:e0:72:b3:6e: 70:d0:90:58:5a:3e:52:eb:d3:c3:c9:5a:47:04:1c:94:49:7f: f0:56:50:12:1c:88:19:16:6f:1d:f0:28:5e:96:88:54:f3:de: 71:43:6f:94:4b:5a:f9:71:62:4a:d5:74:b2:db:e4:a5:7d:c7: 7d:54:c2:51:01:13:23:cd:1e:c6:d8:ed:71:a3:ed:2f:55:e2: 2d:d7:54:9c:4c:5f:b9:a2:24:fb:41:7c:0c:54:f1:fc:31:31: 66:3d:16:35:5f:56:f3:10:d1:d1:bb:57:7d:1b:8e:75:46:be: b3:4c:c2:da:19:98:69:5a:79:b5:03:a7:3a:b0:25:4a:70:51: fa:ed:f6:e1:58:2d:43:bf:28:c6:f2:25:67:34:5a:d5:9b:2e: 3f:85:9c:ef:0d:7a:57:39:c3:72:54:9f:58:33:f2:5b:36:bc: fd:21:dd:09:fe:8d:4d:19:d7:6d:42:20:9c:b7:27:ea:bf:35: ee:1a:d9:c1:b2:ec:bf:0e:3f:8f:7f:6a:7c:3a:87:77:d6:a8: 78:b0:35:e5 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICCIswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUIyMEIxMTAvBgNVBAUTKDVFQzFBNkFENzZBM0FCRkRDMUUxMzI5RUIyNjM3QzAx ODY0QjQ4MDgwHhcNMjYwMzA2MjA0NjM2WhcNMjYwMzEzMjA0NjM2WjAYMRYwFAYD VQQDEw02OWFiM2QyYy1kMjM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6MRHWvC1GYp0Wuv2iYl1OtYcALB+p4o3SnF4Pa5bUY51ls/zw8QTZDn9GVSi Ma/OMDMXwlqfoLqdXsyEIc15ywn98+VPdRVSPrqZ7v9YfstQDYU4XM4wcgogl+0J T7+zChO4WGduchsWSZqTMtaLwuO66SzkrucCGZ2UawpaeLbNhUjq1b51lXoSR2MJ /47UY0w9F7vk1cKDclB6vm9xx5CJTbaU/YjZkH3o98IlxDdx4mj7TfRpxxR7prtG Ps2bQvDDtihzuGuK+5f8q/SIFQ8jVRRKx8Q9vWsb8B4SwF5m+qrzEQsrgLtVDm+/ 8DS9iFk4raIBEzc6qpCLZd7CaQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFOHvK4Z3 Hmjqb4yhlp+6kHaq/CPpMB8GA1UdIwQYMBaAFF7Bpq12o6v9weEynrJjfAGGS0gI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjIwQi9CQTcxQjY0ODEy MDMxMUVCQkFBMTk0MTRDNEY5QUUwMi9Yc0dtclhhanFfM0I0VEtlc21OOEFZWkxT QWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hzR21yWGFqcV8zQjRUS2VzbU44QVlaTFNBZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QjIwQi9CQTcxQjY0ODEyMDMxMUVCQkFBMTk0MTRDNEY5QUUwMi9Yc0dtclhhanFf M0I0VEtlc21OOEFZWkxTQWcubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAJtfOO1pDHFEY/8B6OolstV8n88dsP5B+A0FLHSTlsG7Xkx2eba5wZxlRK5et u6T6H67gcrNucNCQWFo+UuvTw8laRwQclEl/8FZQEhyIGRZvHfAoXpaIVPPecUNv lEta+XFiStV0stvkpX3HfVTCUQETI80extjtcaPtL1XiLddUnExfuaIk+0F8DFTx /DExZj0WNV9W8xDR0btXfRuOdUa+s0zC2hmYaVp5tQOnOrAlSnBR+u324VgtQ78o xvIlZzRa1ZsuP4Wc7w16VznDclSfWDPyWza8/SHdCf6NTRnXbUIgnLcn6r817hrZ wbLsvw4/j39qfDqHd9aoeLA15Q== -----END CERTIFICATE-----Generated at Sun Mar 8 08:24:19 2026 by rpki-client