$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.mft File: RITQfaaNUwUM3PaxPAwFReZFfOU.mft (raw, json) Hash identifier: t66mcpj2ccs10VueHWq6QlFM60aRszX5Uk5bc+GJBM4= Subject key identifier: 01:8B:7F:C8:DC:94:1E:44:D4:29:BD:1A:1B:75:0B:AB:19:6B:3A:37 Authority key identifier: 44:84:D0:7D:A6:8D:53:05:0C:DC:F6:B1:3C:0C:05:45:E6:45:7C:E5 Certificate issuer: /CN=A91B5CEA/serialNumber=4484D07DA68D53050CDCF6B13C0C0545E6457CE5 Certificate serial: 028D Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/RITQfaaNUwUM3PaxPAwFReZFfOU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.mft Manifest number: 0287 Signing time: Tue 21 Apr 2026 01:36:59 +0000 Manifest this update: Tue 21 Apr 2026 01:36:58 +0000 Manifest next update: Tue 28 Apr 2026 01:36:58 +0000 Files and hashes: 1: RITQfaaNUwUM3PaxPAwFReZFfOU.crl (hash: iyrxjl1QVOGywC6DyMd8nPtuuOxMwA7hpOP2RalspwA=) 2: B3795CBC64F211ED9AEC046FC4F9AE02.roa (hash: WcWgzJGh0m7kjX3X0vlH0++NcJ8zb8A6kxhRMuoMb8k=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.crl rsync://rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/RITQfaaNUwUM3PaxPAwFReZFfOU.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 28 Apr 2026 01:36:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 653 (0x28d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B5CEA, serialNumber=4484D07DA68D53050CDCF6B13C0C0545E6457CE5 Validity Not Before: Apr 21 01:36:58 2026 GMT Not After : Apr 28 01:36:58 2026 GMT Subject: CN=69e6d4bb-1545 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:95:18:e2:fe:d5:8b:6a:da:b6:a4:fa:76:59: 60:06:62:c1:2d:e6:6b:88:57:78:56:29:01:83:88: 68:67:5b:78:37:79:8e:1c:f4:04:8c:bb:85:6e:38: 68:6b:37:a8:b2:16:0e:e2:12:4d:f6:ef:8b:96:a7: 07:d8:85:52:6c:6b:14:91:78:6f:16:b7:fc:92:3a: 42:32:5e:ca:92:6f:df:a2:0b:0e:9c:42:15:32:0e: 9b:bd:85:5d:b1:3f:d7:41:85:6d:6e:75:f6:1d:67: 9e:a1:64:a8:24:ec:01:a2:5d:9d:20:30:63:54:42: 8d:00:8d:96:94:47:78:9f:50:6b:68:1b:b2:39:d5: 15:c8:d8:5b:f7:11:b6:0b:9b:29:30:8d:85:c0:5c: 61:5f:bb:60:92:87:b3:fa:29:3c:a1:3c:b0:62:1a: 65:bd:b5:68:10:cb:7b:20:77:45:ad:33:b6:8d:e9: ff:99:7e:c0:d3:ca:71:f1:d8:84:f6:00:0a:cb:f7: 8b:d2:87:a0:f0:fa:d1:e0:5c:0c:4f:86:b2:8c:5d: 9e:cf:18:7e:fa:bb:29:3b:f1:3b:dd:15:43:03:57: 5c:de:46:2a:6d:ad:d0:95:bf:86:8e:c3:e6:c8:05: 65:df:12:62:1c:9d:00:85:63:5a:2b:59:d7:14:1b: 5e:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:8B:7F:C8:DC:94:1E:44:D4:29:BD:1A:1B:75:0B:AB:19:6B:3A:37 X509v3 Authority Key Identifier: keyid:44:84:D0:7D:A6:8D:53:05:0C:DC:F6:B1:3C:0C:05:45:E6:45:7C:E5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/RITQfaaNUwUM3PaxPAwFReZFfOU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 42:a9:c0:5d:15:52:a9:e9:a9:eb:5a:f1:ca:e6:70:60:af:dc: 0e:c9:11:66:59:d9:bc:85:a3:32:43:00:36:98:fc:c5:d1:7e: bc:ae:9e:b6:7b:ac:f6:e6:51:88:69:c1:c3:89:12:40:1f:6c: 00:19:89:57:9e:30:13:29:47:36:98:c8:a4:06:86:75:e8:fc: 17:66:c4:16:7d:12:d5:50:3f:30:10:a1:20:fb:3e:1f:3e:06: 1b:69:43:16:13:7d:58:c2:18:d7:11:50:1c:ec:ba:f4:9b:2e: 76:9e:4b:0e:2b:20:55:9d:cc:b8:77:4b:a2:d3:ab:96:31:1f: a1:3a:69:42:92:c4:9e:7d:45:3c:e6:5b:cc:2c:75:80:a0:03: 51:5f:b7:fa:1f:7f:1e:a2:3f:55:6b:4c:ca:42:06:15:18:ad: 0e:5f:b9:c6:09:6b:26:79:fa:0b:e8:05:95:7b:48:3d:f4:be: f6:44:df:98:9d:aa:4f:68:e3:98:0c:e1:09:62:69:ce:42:a4: 91:bc:b1:57:c8:d1:c8:c7:f9:5b:5f:a1:45:c1:f7:e3:d4:c6: dc:40:e3:de:63:89:47:11:76:79:f0:30:11:7a:60:0c:74:5d: 01:3f:49:16:27:79:75:44:d3:df:80:71:13:18:01:80:2b:c5: f9:b2:30:5a -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICAo0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjVDRUExMTAvBgNVBAUTKDQ0ODREMDdEQTY4RDUzMDUwQ0RDRjZCMTNDMEMwNTQ1 RTY0NTdDRTUwHhcNMjYwNDIxMDEzNjU4WhcNMjYwNDI4MDEzNjU4WjAYMRYwFAYD VQQDEw02OWU2ZDRiYi0xNTQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxpUY4v7Vi2ratqT6dllgBmLBLeZriFd4VikBg4hoZ1t4N3mOHPQEjLuFbjho azeoshYO4hJN9u+LlqcH2IVSbGsUkXhvFrf8kjpCMl7Kkm/fogsOnEIVMg6bvYVd sT/XQYVtbnX2HWeeoWSoJOwBol2dIDBjVEKNAI2WlEd4n1BraBuyOdUVyNhb9xG2 C5spMI2FwFxhX7tgkoez+ik8oTywYhplvbVoEMt7IHdFrTO2jen/mX7A08px8diE 9gAKy/eL0oeg8PrR4FwMT4ayjF2ezxh++rspO/E73RVDA1dc3kYqba3Qlb+GjsPm yAVl3xJiHJ0AhWNaK1nXFBtecwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFAGLf8jc lB5E1Cm9Ght1C6sZazo3MB8GA1UdIwQYMBaAFESE0H2mjVMFDNz2sTwMBUXmRXzl MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUNFQS8xRjYzQTU2ODY0 RUUxMUVEQTRBMzQ1MTNDNEY5QUUwMi9SSVRRZmFhTlV3VU0zUGF4UEF3RlJlWkZm T1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL1JJVFFmYWFOVXdVTTNQYXhQQXdGUmVaRmZPVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NUNFQS8xRjYzQTU2ODY0RUUxMUVEQTRBMzQ1MTNDNEY5QUUwMi9SSVRRZmFhTlV3 VU0zUGF4UEF3RlJlWkZmT1UubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAQqnAXRVSqemp61rxyuZwYK/cDskRZlnZvIWjMkMANpj8xdF+vK6etnus9uZR iGnBw4kSQB9sABmJV54wEylHNpjIpAaGdej8F2bEFn0S1VA/MBChIPs+Hz4GG2lD FhN9WMIY1xFQHOy69Jsudp5LDisgVZ3MuHdLotOrljEfoTppQpLEnn1FPOZbzCx1 gKADUV+3+h9/HqI/VWtMykIGFRitDl+5xglrJnn6C+gFlXtIPfS+9kTfmJ2qT2jj mAzhCWJpzkKkkbyxV8jRyMf5W1+hRcH349TG3EDj3mOJRxF2efAwEXpgDHRdAT9J Fid5dUTT34BxExgBgCvF+bIwWg== -----END CERTIFICATE-----Generated at Wed Apr 22 00:08:40 2026 by rpki-client