$ rpki-client -vvf rpki.apnic.net/member_repository/A91B25F2/EF90CD4E03B011EA85F02934C4F9AE02/tsh7tYco929vkKCd_WuqGtTnO8o.mft File: tsh7tYco929vkKCd_WuqGtTnO8o.mft (raw, json) Hash identifier: aUQUOdbCsWOunQhB2dopDrFMcXICZBvx1nMdN5Gj2E8= Subject key identifier: DC:8B:95:07:EA:B8:E5:88:9B:44:1D:C4:9E:DB:08:61:41:2E:A0:93 Authority key identifier: B6:C8:7B:B5:87:28:F7:6F:6F:90:A0:9D:FD:6B:AA:1A:D4:E7:3B:CA Certificate issuer: /CN=A91B25F2/serialNumber=B6C87BB58728F76F6F90A09DFD6BAA1AD4E73BCA Certificate serial: 0D49 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tsh7tYco929vkKCd_WuqGtTnO8o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B25F2/EF90CD4E03B011EA85F02934C4F9AE02/tsh7tYco929vkKCd_WuqGtTnO8o.mft Manifest number: 0D1E Signing time: Sat 04 Apr 2026 18:03:01 +0000 Manifest this update: Sat 04 Apr 2026 18:03:01 +0000 Manifest next update: Sat 11 Apr 2026 18:03:01 +0000 Files and hashes: 1: tsh7tYco929vkKCd_WuqGtTnO8o.crl (hash: GnUns5xLP4OtWlFHsIbySNUxWhAarFD4tJk/hxzdWuA=) 2: F824C588FF7A11F0B218EB915B6F56BC.roa (hash: vyzv0f1THJyglSIA32Cmr/3tLhp6nkKIDvP00vthIq0=) 3: 4F383CB6FF6B11F0AD4BC885576F56BC.roa (hash: wwbAK8oiejrRqztY01yoKfr0EpZtJpfxnGCsmORuPJk=) 4: 4C8BB01CF0A511F0AE903042706F56BC.roa (hash: O4BcOq2hKD3I3RD3vTsJAeBqf6AIzX76ZzjjaHK+ElU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B25F2/EF90CD4E03B011EA85F02934C4F9AE02/tsh7tYco929vkKCd_WuqGtTnO8o.crl rsync://rpki.apnic.net/member_repository/A91B25F2/EF90CD4E03B011EA85F02934C4F9AE02/tsh7tYco929vkKCd_WuqGtTnO8o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tsh7tYco929vkKCd_WuqGtTnO8o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 Apr 2026 18:03:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3401 (0xd49) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B25F2, serialNumber=B6C87BB58728F76F6F90A09DFD6BAA1AD4E73BCA Validity Not Before: Apr 4 18:03:01 2026 GMT Not After : Apr 11 18:03:01 2026 GMT Subject: CN=69d15255-2d61 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:40:2a:4b:9c:e0:1c:80:1a:48:89:35:73:9b: 31:56:60:dc:5d:6c:84:00:fe:9c:05:f5:49:03:c1: 8a:69:06:f9:c0:c8:a8:4b:19:0c:6a:0c:19:d6:05: c4:78:1a:4a:0f:41:4a:a5:38:56:b9:a5:9c:db:a2: 61:e7:e5:20:94:a9:2b:36:27:f0:4a:3f:cc:9f:e1: fa:70:d0:0b:7a:7a:49:83:7d:b9:81:bf:97:58:6e: 85:3e:c2:4d:80:ff:e6:98:36:8c:93:25:95:5e:1b: bd:cc:83:fd:8d:cc:3f:fd:e3:92:a4:bf:6d:13:a4: 3f:28:c1:8e:17:ab:65:c9:44:30:cf:5b:2e:3c:06: c2:11:64:af:1c:b2:ff:8f:7b:46:04:87:d2:ef:cf: d8:e3:c4:3a:2b:1f:b2:cf:72:23:9e:5c:ee:5c:2a: b8:0c:17:55:dd:a1:0e:99:b2:4f:ad:f4:c9:bd:b0: 2b:4e:66:b9:d5:7d:b7:28:5f:bd:a3:38:49:5c:a0: 66:ad:25:63:71:ae:96:19:2d:fe:46:75:15:f1:b1: 30:b4:26:bf:ff:b8:c9:3f:1c:02:8a:93:ef:72:30: f5:b1:dd:3a:12:47:19:e0:a6:13:a4:6b:30:f4:84: e6:1a:ea:57:2e:7a:e6:a3:39:5e:33:33:5c:c8:b8: 62:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:8B:95:07:EA:B8:E5:88:9B:44:1D:C4:9E:DB:08:61:41:2E:A0:93 X509v3 Authority Key Identifier: keyid:B6:C8:7B:B5:87:28:F7:6F:6F:90:A0:9D:FD:6B:AA:1A:D4:E7:3B:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B25F2/EF90CD4E03B011EA85F02934C4F9AE02/tsh7tYco929vkKCd_WuqGtTnO8o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tsh7tYco929vkKCd_WuqGtTnO8o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B25F2/EF90CD4E03B011EA85F02934C4F9AE02/tsh7tYco929vkKCd_WuqGtTnO8o.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 61:7b:0c:ba:95:6d:61:8a:7c:de:47:f7:a8:18:bb:59:e6:9d: d3:c7:8a:25:33:45:f3:d6:e2:0c:eb:c9:ff:01:ac:b1:52:01: 71:2b:1d:8c:60:d3:30:10:e8:08:a7:7e:ab:e7:6a:36:ea:cb: 12:c2:78:c1:3b:c2:07:0b:f8:1f:88:9a:47:8b:c0:f9:d4:50: 16:50:7b:22:6b:4e:6d:a3:e5:1e:32:78:a6:df:f7:cc:b6:14: 9f:6b:ef:35:42:d4:23:c3:05:a5:67:b0:6e:a0:ff:1d:aa:55: 37:0d:6f:2d:1d:09:44:8e:16:d5:e7:43:25:42:4a:b4:3a:c9: f2:83:cf:c1:cb:e3:8b:47:4d:24:fc:51:40:06:d7:c5:ac:41: 5d:57:a9:f3:07:6b:31:03:5a:8a:ba:e2:19:09:2d:fe:5e:27: ff:81:d9:9e:80:3d:46:e1:72:e6:77:52:73:f9:24:56:14:22: a6:2d:e0:74:dd:76:a2:c3:34:8d:95:56:63:f4:c3:fa:25:37: 9e:b7:06:73:1c:ef:01:c8:a1:69:9e:63:95:f4:a2:b9:d9:49: 80:5c:73:b4:9b:c2:18:7e:e4:5b:5a:96:86:07:d3:01:c1:6c: 83:5f:57:f3:f2:98:42:00:7a:68:3c:1f:13:ca:95:45:58:d9: 62:8b:1e:a3 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICDUkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjI1RjIxMTAvBgNVBAUTKEI2Qzg3QkI1ODcyOEY3NkY2RjkwQTA5REZENkJBQTFB RDRFNzNCQ0EwHhcNMjYwNDA0MTgwMzAxWhcNMjYwNDExMTgwMzAxWjAYMRYwFAYD VQQDEw02OWQxNTI1NS0yZDYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1UAqS5zgHIAaSIk1c5sxVmDcXWyEAP6cBfVJA8GKaQb5wMioSxkMagwZ1gXE eBpKD0FKpThWuaWc26Jh5+UglKkrNifwSj/Mn+H6cNALenpJg325gb+XWG6FPsJN gP/mmDaMkyWVXhu9zIP9jcw//eOSpL9tE6Q/KMGOF6tlyUQwz1suPAbCEWSvHLL/ j3tGBIfS78/Y48Q6Kx+yz3IjnlzuXCq4DBdV3aEOmbJPrfTJvbArTma51X23KF+9 ozhJXKBmrSVjca6WGS3+RnUV8bEwtCa//7jJPxwCipPvcjD1sd06EkcZ4KYTpGsw 9ITmGupXLnrmozleMzNcyLhiEwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFNyLlQfq uOWIm0QdxJ7bCGFBLqCTMB8GA1UdIwQYMBaAFLbIe7WHKPdvb5Cgnf1rqhrU5zvK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMjVGMi9FRjkwQ0Q0RTAz QjAxMUVBODVGMDI5MzRDNEY5QUUwMi90c2g3dFljbzkyOXZrS0NkX1d1cUd0VG5P OG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3RzaDd0WWNvOTI5dmtLQ2RfV3VxR3RUbk84by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC MjVGMi9FRjkwQ0Q0RTAzQjAxMUVBODVGMDI5MzRDNEY5QUUwMi90c2g3dFljbzky OXZrS0NkX1d1cUd0VG5POG8ubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAYXsMupVtYYp83kf3qBi7Wead08eKJTNF89biDOvJ/wGssVIBcSsdjGDTMBDo CKd+q+dqNurLEsJ4wTvCBwv4H4iaR4vA+dRQFlB7ImtObaPlHjJ4pt/3zLYUn2vv NULUI8MFpWewbqD/HapVNw1vLR0JRI4W1edDJUJKtDrJ8oPPwcvji0dNJPxRQAbX xaxBXVep8wdrMQNairriGQkt/l4n/4HZnoA9RuFy5ndSc/kkVhQipi3gdN12osM0 jZVWY/TD+iU3nrcGcxzvAcihaZ5jlfSiudlJgFxztJvCGH7kW1qWhgfTAcFsg19X 8/KYQgB6aDwfE8qVRVjZYoseow== -----END CERTIFICATE-----Generated at Mon Apr 6 13:59:54 2026 by rpki-client