$ rpki-client -vvf rpki.apnic.net/member_repository/A91B1E55/4C09862E78FA11EFA44FE586C4F9AE02/3XyND0ePm-ar9znAT1tb5NyfYfg.mft File: 3XyND0ePm-ar9znAT1tb5NyfYfg.mft (raw, json) Hash identifier: pF2gsBLuHzwXXeUIvvdeKN4G19nYP72iFNRibrEpTGw= Subject key identifier: 49:20:34:DF:99:43:41:4F:AC:6E:43:FB:CF:2C:F7:4F:80:70:09:BD Authority key identifier: DD:7C:8D:0F:47:8F:9B:E6:AB:F7:39:C0:4F:5B:5B:E4:DC:9F:61:F8 Certificate issuer: /CN=A91B1E55/serialNumber=DD7C8D0F478F9BE6ABF739C04F5B5BE4DC9F61F8 Certificate serial: 014E Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3XyND0ePm-ar9znAT1tb5NyfYfg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B1E55/4C09862E78FA11EFA44FE586C4F9AE02/3XyND0ePm-ar9znAT1tb5NyfYfg.mft Manifest number: 013E Signing time: Mon 01 Jun 2026 06:07:11 +0000 Manifest this update: Mon 01 Jun 2026 06:07:11 +0000 Manifest next update: Mon 08 Jun 2026 06:07:11 +0000 Files and hashes: 1: 3XyND0ePm-ar9znAT1tb5NyfYfg.crl (hash: XvaQ8UNKQNiC9D8+IdCxfDkC+u6DLj3L1nTHOTztFzs=) 2: EA810E6278FA11EF9043060AC4F9AE02.roa (hash: cb0xCHL1dV5N7XyIruiC/PJxxp8M1xlcJSMtvdRnQog=) 3: EAF1E48478FA11EF9043060AC4F9AE02.roa (hash: 3r7oWvZZSCAzRuaEEZfRdRU+m7LuuIxoldkPQaUgKhQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B1E55/4C09862E78FA11EFA44FE586C4F9AE02/3XyND0ePm-ar9znAT1tb5NyfYfg.crl rsync://rpki.apnic.net/member_repository/A91B1E55/4C09862E78FA11EFA44FE586C4F9AE02/3XyND0ePm-ar9znAT1tb5NyfYfg.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3XyND0ePm-ar9znAT1tb5NyfYfg.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Jun 2026 06:07:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 334 (0x14e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B1E55, serialNumber=DD7C8D0F478F9BE6ABF739C04F5B5BE4DC9F61F8 Validity Not Before: Jun 1 06:07:11 2026 GMT Not After : Jun 8 06:07:11 2026 GMT Subject: CN=6a1d218f-1af6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:cf:98:09:ca:e7:11:8e:9d:21:db:32:cf:5c: c0:8d:a1:3a:5f:89:c1:46:67:22:80:f5:3a:22:f5: 15:80:90:c5:51:bf:e3:99:ad:14:a1:d8:9b:b9:e3: a1:86:f6:e2:a3:6b:f3:c5:23:17:c6:4b:e2:97:58: 21:d7:a0:b4:a3:05:c8:97:9d:2e:03:d4:7c:29:5f: 1a:0d:25:4a:4b:d5:30:be:c6:d5:62:7a:12:65:18: fe:83:bf:67:26:98:7b:71:f2:bb:c8:e7:fb:2f:a8: 33:82:ec:20:13:96:fd:bb:f1:cb:eb:92:38:11:3a: a2:4e:d9:38:fe:74:f7:d2:b5:1a:b4:dc:63:1a:75: 39:ff:93:fb:f6:19:4f:dd:23:ab:e2:b8:de:94:c7: 21:13:70:1f:2f:b2:94:e2:72:23:8b:a0:9b:f9:2e: d4:65:51:0c:9e:5d:18:f6:f7:0e:83:57:b1:fc:1d: 20:5b:0a:5c:a6:21:d4:d0:01:d5:5e:24:05:81:c1: 79:66:f2:40:c2:54:ad:cf:c2:a5:4f:42:09:b7:d4: 23:c9:13:61:c9:61:83:12:dc:c6:93:f7:3b:fc:6b: 17:cc:4b:4a:c6:cd:44:3b:4a:dc:75:b1:51:79:84: c7:5e:b8:28:dd:65:30:2c:55:fe:bd:5e:d9:ce:17: a9:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:20:34:DF:99:43:41:4F:AC:6E:43:FB:CF:2C:F7:4F:80:70:09:BD X509v3 Authority Key Identifier: keyid:DD:7C:8D:0F:47:8F:9B:E6:AB:F7:39:C0:4F:5B:5B:E4:DC:9F:61:F8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B1E55/4C09862E78FA11EFA44FE586C4F9AE02/3XyND0ePm-ar9znAT1tb5NyfYfg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3XyND0ePm-ar9znAT1tb5NyfYfg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B1E55/4C09862E78FA11EFA44FE586C4F9AE02/3XyND0ePm-ar9znAT1tb5NyfYfg.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ad:48:3a:9e:6a:fa:cd:57:3c:07:c7:be:52:67:b2:9b:d2:a7: f5:88:79:22:43:41:3d:a2:33:c3:22:50:42:3c:3f:6d:ce:3f: 87:17:59:c7:9a:3a:2a:9d:7f:14:a2:70:29:16:38:c9:cd:3a: 5c:87:fd:dc:c3:b4:ec:96:b6:39:e3:3d:ca:cb:79:9d:5e:30: 0f:18:b6:b7:71:f2:b4:a1:e9:df:ba:2b:93:d4:35:cc:99:14: d4:a0:a6:22:1b:3a:f6:92:98:6f:7c:f0:27:e9:2a:de:1c:20: 5c:fb:fb:e0:14:92:ee:ba:c4:e0:cb:fd:6d:d8:42:82:50:f2: 05:65:14:6d:01:71:9d:5b:73:b7:1c:38:6b:90:1a:04:09:a8: 1f:b2:12:a0:89:64:3b:f4:1b:40:3d:05:46:03:08:7f:2e:6f: f9:c6:47:d0:3b:aa:dd:a3:bd:7b:1a:ac:5a:f1:2c:97:fe:85: b0:1e:5a:46:91:e6:8e:ae:90:38:62:8b:59:86:fa:d1:4f:ce: d3:dc:40:e5:07:66:89:ab:83:9f:5a:df:30:d9:34:84:0a:82: 5b:fe:bf:38:78:a1:1f:45:48:94:03:f1:fe:80:ce:71:6b:bd: b2:bf:fb:61:bb:c7:11:5b:bd:29:e0:3a:e3:c0:27:2f:71:77: 9c:62:39:39 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICAU4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjFFNTUxMTAvBgNVBAUTKEREN0M4RDBGNDc4RjlCRTZBQkY3MzlDMDRGNUI1QkU0 REM5RjYxRjgwHhcNMjYwNjAxMDYwNzExWhcNMjYwNjA4MDYwNzExWjAYMRYwFAYD VQQDEw02YTFkMjE4Zi0xYWY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsM+YCcrnEY6dIdsyz1zAjaE6X4nBRmcigPU6IvUVgJDFUb/jma0UodibueOh hvbio2vzxSMXxkvil1gh16C0owXIl50uA9R8KV8aDSVKS9UwvsbVYnoSZRj+g79n Jph7cfK7yOf7L6gzguwgE5b9u/HL65I4ETqiTtk4/nT30rUatNxjGnU5/5P79hlP 3SOr4rjelMchE3AfL7KU4nIji6Cb+S7UZVEMnl0Y9vcOg1ex/B0gWwpcpiHU0AHV XiQFgcF5ZvJAwlStz8KlT0IJt9QjyRNhyWGDEtzGk/c7/GsXzEtKxs1EO0rcdbFR eYTHXrgo3WUwLFX+vV7ZzhepRwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFEkgNN+Z Q0FPrG5D+88s90+AcAm9MB8GA1UdIwQYMBaAFN18jQ9Hj5vmq/c5wE9bW+Tcn2H4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMUU1NS80QzA5ODYyRTc4 RkExMUVGQTQ0RkU1ODZDNEY5QUUwMi8zWHlORDBlUG0tYXI5em5BVDF0YjVOeWZZ ZmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzNYeU5EMGVQbS1hcjl6bkFUMXRiNU55ZllmZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC MUU1NS80QzA5ODYyRTc4RkExMUVGQTQ0RkU1ODZDNEY5QUUwMi8zWHlORDBlUG0t YXI5em5BVDF0YjVOeWZZZmcubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEArUg6nmr6zVc8B8e+Umeym9Kn9Yh5IkNBPaIzwyJQQjw/bc4/hxdZx5o6Kp1/ FKJwKRY4yc06XIf93MO07Ja2OeM9yst5nV4wDxi2t3HytKHp37ork9Q1zJkU1KCm Ihs69pKYb3zwJ+kq3hwgXPv74BSS7rrE4Mv9bdhCglDyBWUUbQFxnVtztxw4a5Aa BAmoH7ISoIlkO/QbQD0FRgMIfy5v+cZH0Duq3aO9exqsWvEsl/6FsB5aRpHmjq6Q OGKLWYb60U/O09xA5QdmiauDn1rfMNk0hAqCW/6/OHihH0VIlAPx/oDOcWu9sr/7 YbvHEVu9KeA648AnL3F3nGI5OQ== -----END CERTIFICATE-----Generated at Tue Jun 2 21:20:08 2026 by rpki-client