$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9706/DDDC3916114711F18BB454AF223D8C67/hfItkhU_IB1ZI6nyf5Yfx21xGbg.mft File: hfItkhU_IB1ZI6nyf5Yfx21xGbg.mft (raw, json) Hash identifier: rECy/opzlgIi4Cr+QUr2tfpw5PI8EaRVBx/D7TUNoaQ= Subject key identifier: 40:54:D0:EA:2E:21:19:DD:20:32:A7:6D:FA:1C:0C:2A:D3:04:C9:60 Authority key identifier: 85:F2:2D:92:15:3F:20:1D:59:23:A9:F2:7F:96:1F:C7:6D:71:19:B8 Certificate issuer: /CN=A91C9706/serialNumber=85F22D92153F201D5923A9F27F961FC76D7119B8 Certificate serial: 27 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hfItkhU_IB1ZI6nyf5Yfx21xGbg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C9706/DDDC3916114711F18BB454AF223D8C67/hfItkhU_IB1ZI6nyf5Yfx21xGbg.mft Manifest number: 23 Signing time: Tue 21 Apr 2026 08:39:59 +0000 Manifest this update: Tue 21 Apr 2026 08:39:58 +0000 Manifest next update: Tue 28 Apr 2026 08:39:58 +0000 Files and hashes: 1: hfItkhU_IB1ZI6nyf5Yfx21xGbg.crl (hash: QTp5QzAZluFDix6Zast7Mo9FyQeH9Vhg7kcWPe4yJpk=) 2: B735FEEA118411F1951E019C333D8C67.roa (hash: qdQyipYaThgccgmXAXR/iB4/lWGcn5evCaadYGd7lUg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C9706/DDDC3916114711F18BB454AF223D8C67/hfItkhU_IB1ZI6nyf5Yfx21xGbg.crl rsync://rpki.apnic.net/member_repository/A91C9706/DDDC3916114711F18BB454AF223D8C67/hfItkhU_IB1ZI6nyf5Yfx21xGbg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hfItkhU_IB1ZI6nyf5Yfx21xGbg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 28 Apr 2026 08:39:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39 (0x27) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C9706, serialNumber=85F22D92153F201D5923A9F27F961FC76D7119B8 Validity Not Before: Apr 21 08:39:58 2026 GMT Not After : Apr 28 08:39:58 2026 GMT Subject: CN=69e737de-9d40 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:30:54:4c:8b:2b:56:8d:3f:4a:31:45:68:ea: d4:7e:0f:f8:89:db:52:63:33:10:47:e3:d7:ac:59: 83:d5:fe:d8:12:1d:b6:31:49:45:53:12:a2:5a:c2: c8:c1:e1:5f:ed:04:a3:19:83:e5:6e:18:c8:34:fe: e8:cb:e6:f3:cf:ee:46:46:48:64:85:ba:a8:2b:32: d3:8f:7e:bd:80:d7:b6:e9:31:ad:11:3f:4f:11:85: 08:dc:12:2a:4e:66:44:13:b3:a5:c0:7e:e0:9c:c4: 2a:84:45:63:9a:fc:05:ed:3c:78:13:08:c8:c8:eb: c8:43:96:fe:d4:06:c8:73:ae:53:dc:7e:f7:01:03: bf:b9:a0:da:f5:d9:a7:5e:ab:4f:fe:20:ce:e0:e4: b8:20:e9:7e:fb:93:b9:7f:68:3a:26:17:5b:aa:7f: 2c:e9:9f:d2:ac:72:55:85:68:9d:88:30:23:f1:37: bf:9d:77:68:20:1e:2f:12:76:ec:f8:ea:83:f1:d0: 5b:50:3d:64:47:9b:c4:f4:27:28:71:60:e0:2e:77: 30:16:4f:7d:24:57:87:08:0a:a6:27:66:12:c1:40: c0:ca:40:85:d5:c4:ec:b2:eb:7f:9b:1b:2e:88:b7: 90:85:75:f0:db:52:d0:4b:ec:02:96:fa:1a:2d:de: 31:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:54:D0:EA:2E:21:19:DD:20:32:A7:6D:FA:1C:0C:2A:D3:04:C9:60 X509v3 Authority Key Identifier: keyid:85:F2:2D:92:15:3F:20:1D:59:23:A9:F2:7F:96:1F:C7:6D:71:19:B8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C9706/DDDC3916114711F18BB454AF223D8C67/hfItkhU_IB1ZI6nyf5Yfx21xGbg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hfItkhU_IB1ZI6nyf5Yfx21xGbg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9706/DDDC3916114711F18BB454AF223D8C67/hfItkhU_IB1ZI6nyf5Yfx21xGbg.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 18:d3:9a:23:dd:e4:af:ac:1f:00:d3:ae:4b:08:af:e7:88:27: 9d:c5:fd:2c:63:56:77:94:5c:de:b4:d0:39:e2:d7:78:f2:cf: 0c:d4:85:c9:6d:81:9c:2f:40:66:1b:63:03:76:6d:b3:f2:ae: 3a:e8:1a:1f:ec:ac:08:3e:a9:7e:7b:11:c2:72:a7:ec:b3:e7: e8:23:d5:89:2e:a6:6c:d8:68:58:0f:bb:d4:99:5d:fe:59:e1: b2:80:08:cc:77:3d:42:e8:b6:5d:5a:b3:d5:be:ed:ab:07:95: 2f:7b:41:0f:6a:e6:2b:a2:a5:1e:4b:e8:ce:b7:d9:10:d7:23: 83:01:d9:f4:78:a5:5a:21:09:81:d4:98:e8:37:2c:51:ee:d4: a8:f0:2f:c3:cb:b6:20:1e:0f:de:03:74:92:95:8e:9a:cf:b1: 53:31:de:76:cc:48:48:fb:15:c1:5d:9a:03:cb:e8:4c:e6:9c: 45:90:84:d9:1d:3e:15:aa:48:21:68:b4:48:75:ca:7f:97:02: df:05:34:df:68:ee:54:be:15:e1:4a:27:cd:03:2e:23:8e:c8: 9e:ae:a4:6b:ab:39:80:a5:17:08:8a:2f:5f:f6:21:f9:17:71: ab:5a:83:20:b7:2b:69:dd:be:bf:64:2c:eb:f0:52:d8:b1:e1: c6:ce:13:24 -----BEGIN CERTIFICATE----- MIIFTjCCBDagAwIBAgIBJzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD OTcwNjExMC8GA1UEBRMoODVGMjJEOTIxNTNGMjAxRDU5MjNBOUYyN0Y5NjFGQzc2 RDcxMTlCODAeFw0yNjA0MjEwODM5NThaFw0yNjA0MjgwODM5NThaMBgxFjAUBgNV BAMTDTY5ZTczN2RlLTlkNDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCeMFRMiytWjT9KMUVo6tR+D/iJ21JjMxBH49esWYPV/tgSHbYxSUVTEqJawsjB 4V/tBKMZg+VuGMg0/ujL5vPP7kZGSGSFuqgrMtOPfr2A17bpMa0RP08RhQjcEipO ZkQTs6XAfuCcxCqERWOa/AXtPHgTCMjI68hDlv7UBshzrlPcfvcBA7+5oNr12ade q0/+IM7g5Lgg6X77k7l/aDomF1uqfyzpn9KsclWFaJ2IMCPxN7+dd2ggHi8Sduz4 6oPx0FtQPWRHm8T0JyhxYOAudzAWT30kV4cICqYnZhLBQMDKQIXVxOyy63+bGy6I t5CFdfDbUtBL7AKW+hot3jH/AgMBAAGjggJzMIICbzAdBgNVHQ4EFgQUQFTQ6i4h Gd0gMqdt+hwMKtMEyWAwHwYDVR0jBBgwFoAUhfItkhU/IB1ZI6nyf5Yfx21xGbgw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM5NzA2L0REREMzOTE2MTE0 NzExRjE4QkI0NTRBRjIyM0Q4QzY3L2hmSXRraFVfSUIxWkk2bnlmNVlmeDIxeEdi Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvaGZJdGtoVV9JQjFaSTZueWY1WWZ4MjF4R2JnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgZAGCCsGAQUFBwELBIGDMIGAMH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM5 NzA2L0REREMzOTE2MTE0NzExRjE4QkI0NTRBRjIyM0Q4QzY3L2hmSXRraFVfSUIx Wkk2bnlmNVlmeDIxeEdiZy5tZnQwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQAY05oj3eSvrB8A065LCK/niCedxf0sY1Z3lFzetNA54td48s8M1IXJbYGcL0Bm G2MDdm2z8q466Bof7KwIPql+exHCcqfss+foI9WJLqZs2GhYD7vUmV3+WeGygAjM dz1C6LZdWrPVvu2rB5Uve0EPauYroqUeS+jOt9kQ1yODAdn0eKVaIQmB1JjoNyxR 7tSo8C/Dy7YgHg/eA3SSlY6az7FTMd52zEhI+xXBXZoDy+hM5pxFkITZHT4Vqkgh aLRIdcp/lwLfBTTfaO5UvhXhSifNAy4jjsierqRrqzmApRcIii9f9iH5F3GrWoMg tytp3b6/ZCzr8FLYseHGzhMk -----END CERTIFICATE-----Generated at Wed Apr 22 04:32:46 2026 by rpki-client