$ rpki-client -vvf rpki.apnic.net/member_repository/A91B1E55/4C09862E78FA11EFA44FE586C4F9AE02/3XyND0ePm-ar9znAT1tb5NyfYfg.mft File: 3XyND0ePm-ar9znAT1tb5NyfYfg.mft (raw, json) Hash identifier: I5IdhvXaYRHL/zItw9lan7Giwo5mz5vlg6wVlrohcMM= Subject key identifier: 20:F0:C2:92:7B:FF:2E:C4:A3:C3:4A:D5:9B:6C:57:CC:9E:F3:9B:56 Authority key identifier: DD:7C:8D:0F:47:8F:9B:E6:AB:F7:39:C0:4F:5B:5B:E4:DC:9F:61:F8 Certificate issuer: /CN=A91B1E55/serialNumber=DD7C8D0F478F9BE6ABF739C04F5B5BE4DC9F61F8 Certificate serial: 0131 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3XyND0ePm-ar9znAT1tb5NyfYfg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B1E55/4C09862E78FA11EFA44FE586C4F9AE02/3XyND0ePm-ar9znAT1tb5NyfYfg.mft Manifest number: 0121 Signing time: Sun 05 Apr 2026 05:07:05 +0000 Manifest this update: Sun 05 Apr 2026 05:07:04 +0000 Manifest next update: Sun 12 Apr 2026 05:07:04 +0000 Files and hashes: 1: 3XyND0ePm-ar9znAT1tb5NyfYfg.crl (hash: zsUP+N0duxwIv3qg2jj8wX8m2h3un9NXB/bcBpi/FW0=) 2: EAF1E48478FA11EF9043060AC4F9AE02.roa (hash: 3r7oWvZZSCAzRuaEEZfRdRU+m7LuuIxoldkPQaUgKhQ=) 3: EA810E6278FA11EF9043060AC4F9AE02.roa (hash: cb0xCHL1dV5N7XyIruiC/PJxxp8M1xlcJSMtvdRnQog=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B1E55/4C09862E78FA11EFA44FE586C4F9AE02/3XyND0ePm-ar9znAT1tb5NyfYfg.crl rsync://rpki.apnic.net/member_repository/A91B1E55/4C09862E78FA11EFA44FE586C4F9AE02/3XyND0ePm-ar9znAT1tb5NyfYfg.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3XyND0ePm-ar9znAT1tb5NyfYfg.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 Apr 2026 05:07:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 305 (0x131) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B1E55, serialNumber=DD7C8D0F478F9BE6ABF739C04F5B5BE4DC9F61F8 Validity Not Before: Apr 5 05:07:04 2026 GMT Not After : Apr 12 05:07:04 2026 GMT Subject: CN=69d1edf9-b750 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:df:ad:01:0e:cd:3e:0c:60:da:7c:8a:10:6d: f2:9e:18:95:25:c0:5a:ee:6c:4d:0f:10:58:bf:e0: f0:35:f7:f5:ff:0e:37:36:39:8d:32:d0:bc:d1:86: 39:10:38:44:02:f5:bb:47:34:f6:e9:a6:77:11:69: 29:9c:68:0b:c0:e4:c4:bf:81:f7:5d:1e:5a:2e:64: 9f:7a:3c:0b:7e:16:1d:55:42:62:12:b5:cf:13:4d: a1:13:95:df:db:2f:b5:aa:06:bc:e8:13:97:d6:03: 41:a2:61:0e:7f:73:69:d6:7d:d2:59:5e:30:e6:21: 3b:98:be:be:1b:83:c1:d2:61:9c:a4:26:54:a5:1d: 6e:a7:76:56:15:99:67:b4:6a:62:91:39:c8:61:8a: e1:2d:c3:3f:bd:33:57:96:19:f5:56:b7:2d:d5:ea: 2e:62:1d:37:d2:67:3f:f8:6a:72:af:ba:7e:d9:49: 77:27:13:8d:f9:85:3d:be:2a:9c:4f:11:89:bd:3b: 26:5b:28:54:46:71:b7:ef:94:35:39:c3:eb:c1:93: 66:af:2a:85:9e:53:f8:04:cc:f2:7c:b3:09:13:e2: 52:84:51:64:9b:26:86:43:79:d6:4d:fa:d7:fb:c0: e2:04:00:ea:95:4b:3d:cf:8b:a5:bc:c9:36:29:5c: fd:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:F0:C2:92:7B:FF:2E:C4:A3:C3:4A:D5:9B:6C:57:CC:9E:F3:9B:56 X509v3 Authority Key Identifier: keyid:DD:7C:8D:0F:47:8F:9B:E6:AB:F7:39:C0:4F:5B:5B:E4:DC:9F:61:F8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B1E55/4C09862E78FA11EFA44FE586C4F9AE02/3XyND0ePm-ar9znAT1tb5NyfYfg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3XyND0ePm-ar9znAT1tb5NyfYfg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B1E55/4C09862E78FA11EFA44FE586C4F9AE02/3XyND0ePm-ar9znAT1tb5NyfYfg.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0c:19:a3:f1:49:71:48:15:9a:88:39:6a:3f:d3:fd:42:06:7b: 23:b0:4e:c6:96:c9:62:5e:97:0b:a9:b5:a3:25:22:e4:0b:c1: 7e:66:69:92:ab:76:01:9d:bf:15:be:cb:92:cc:44:24:aa:7c: 28:ad:4f:b8:69:38:b6:de:20:21:b6:38:b0:ea:1c:4d:0f:44: 19:d1:8b:e7:64:9e:89:30:b8:3d:54:2f:14:01:74:f1:78:5a: 25:77:03:4e:11:c5:5d:27:70:ba:ae:62:70:6a:52:7d:1d:46: 0d:e6:3f:1e:d6:03:c4:2d:51:53:95:d9:89:ab:7e:cf:67:4f: 8d:bc:e7:03:ab:ce:f9:a4:24:75:88:c6:3b:64:28:89:47:1a: 00:96:25:8a:cc:1f:31:75:da:61:ce:bd:47:82:c7:1d:88:19: 6a:1f:7b:00:25:a1:0f:88:c4:d4:19:6c:c8:e9:d9:21:fb:92: cc:7f:e1:e2:d1:20:ef:40:55:b1:40:e6:0e:6e:55:9f:b1:27: ac:34:bf:f5:8f:de:42:91:d2:26:31:35:17:ec:4d:f8:39:bf: da:20:b2:1d:20:75:6e:00:e4:ba:00:70:46:ba:ef:a8:bb:a2: 06:45:0b:5d:c1:f3:17:d4:b0:23:21:04:c8:a2:cf:1f:d7:c5: c7:71:d8:f7 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICATEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjFFNTUxMTAvBgNVBAUTKEREN0M4RDBGNDc4RjlCRTZBQkY3MzlDMDRGNUI1QkU0 REM5RjYxRjgwHhcNMjYwNDA1MDUwNzA0WhcNMjYwNDEyMDUwNzA0WjAYMRYwFAYD VQQDEw02OWQxZWRmOS1iNzUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArN+tAQ7NPgxg2nyKEG3ynhiVJcBa7mxNDxBYv+DwNff1/w43NjmNMtC80YY5 EDhEAvW7RzT26aZ3EWkpnGgLwOTEv4H3XR5aLmSfejwLfhYdVUJiErXPE02hE5Xf 2y+1qga86BOX1gNBomEOf3Np1n3SWV4w5iE7mL6+G4PB0mGcpCZUpR1up3ZWFZln tGpikTnIYYrhLcM/vTNXlhn1Vrct1eouYh030mc/+Gpyr7p+2Ul3JxON+YU9viqc TxGJvTsmWyhURnG375Q1OcPrwZNmryqFnlP4BMzyfLMJE+JShFFkmyaGQ3nWTfrX +8DiBADqlUs9z4ulvMk2KVz9IwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFCDwwpJ7 /y7Eo8NK1ZtsV8ye85tWMB8GA1UdIwQYMBaAFN18jQ9Hj5vmq/c5wE9bW+Tcn2H4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMUU1NS80QzA5ODYyRTc4 RkExMUVGQTQ0RkU1ODZDNEY5QUUwMi8zWHlORDBlUG0tYXI5em5BVDF0YjVOeWZZ ZmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzNYeU5EMGVQbS1hcjl6bkFUMXRiNU55ZllmZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC MUU1NS80QzA5ODYyRTc4RkExMUVGQTQ0RkU1ODZDNEY5QUUwMi8zWHlORDBlUG0t YXI5em5BVDF0YjVOeWZZZmcubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEADBmj8UlxSBWaiDlqP9P9QgZ7I7BOxpbJYl6XC6m1oyUi5AvBfmZpkqt2AZ2/ Fb7LksxEJKp8KK1PuGk4tt4gIbY4sOocTQ9EGdGL52SeiTC4PVQvFAF08XhaJXcD ThHFXSdwuq5icGpSfR1GDeY/HtYDxC1RU5XZiat+z2dPjbznA6vO+aQkdYjGO2Qo iUcaAJYliswfMXXaYc69R4LHHYgZah97ACWhD4jE1BlsyOnZIfuSzH/h4tEg70BV sUDmDm5Vn7EnrDS/9Y/eQpHSJjE1F+xN+Dm/2iCyHSB1bgDkugBwRrrvqLuiBkUL XcHzF9SwIyEEyKLPH9fFx3HY9w== -----END CERTIFICATE-----Generated at Mon Apr 6 13:58:27 2026 by rpki-client