$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFFCB/ED0F11F4420511F0BF7A8711C4F9AE02/IiQpRBa4RlcGVUtSy8VvRJvEbIk.mft File: IiQpRBa4RlcGVUtSy8VvRJvEbIk.mft (raw, json) Hash identifier: AFydKQsn0HOk84stQsLK8w7pHw9yrUFVg5g7/ust96o= Subject key identifier: 99:1F:2F:A4:AB:39:00:36:59:2D:B7:E4:99:B2:73:B6:F5:49:B8:49 Authority key identifier: 22:24:29:44:16:B8:46:57:06:55:4B:52:CB:C5:6F:44:9B:C4:6C:89 Certificate issuer: /CN=A91CFFCB/serialNumber=2224294416B8465706554B52CBC56F449BC46C89 Certificate serial: 8F Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IiQpRBa4RlcGVUtSy8VvRJvEbIk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CFFCB/ED0F11F4420511F0BF7A8711C4F9AE02/IiQpRBa4RlcGVUtSy8VvRJvEbIk.mft Manifest number: 8D Signing time: Tue 03 Mar 2026 07:08:39 +0000 Manifest this update: Tue 03 Mar 2026 07:08:39 +0000 Manifest next update: Tue 10 Mar 2026 07:08:39 +0000 Files and hashes: 1: IiQpRBa4RlcGVUtSy8VvRJvEbIk.crl (hash: zODiBU8FyTIgsuI8D3vm9WazRokUSwisp49X9KpPX/A=) 2: BAEA3A3C497B11F096DCA14EC4F9AE02.roa (hash: b+mY57M99SmP6KZ5ZfpHKrC3YrkcKIFwFC4SLOMsH9I=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CFFCB/ED0F11F4420511F0BF7A8711C4F9AE02/IiQpRBa4RlcGVUtSy8VvRJvEbIk.crl rsync://rpki.apnic.net/member_repository/A91CFFCB/ED0F11F4420511F0BF7A8711C4F9AE02/IiQpRBa4RlcGVUtSy8VvRJvEbIk.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IiQpRBa4RlcGVUtSy8VvRJvEbIk.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 10 Mar 2026 07:08:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 143 (0x8f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CFFCB, serialNumber=2224294416B8465706554B52CBC56F449BC46C89 Validity Not Before: Mar 3 07:08:39 2026 GMT Not After : Mar 10 07:08:39 2026 GMT Subject: CN=69a688f7-2369 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:0f:4c:1a:2e:3a:4f:8a:11:74:98:84:e7:bc: 89:8a:b4:a7:5e:90:48:d8:97:66:f5:2e:20:55:6f: e6:94:37:fb:88:22:99:4b:b0:94:a1:66:39:c9:ba: 7c:f1:f5:27:be:bc:4e:c4:06:9b:36:9d:86:ea:f4: cb:f4:c7:3c:92:15:83:3d:a9:6a:96:56:ab:f6:e8: 43:35:86:8c:92:46:b5:53:7e:c7:3c:56:8f:79:9e: 38:15:38:30:8b:ef:b9:89:98:6a:9a:0e:db:ef:9e: c1:ed:53:fe:02:22:0b:54:f1:3e:82:7a:57:1a:00: 42:13:98:be:1b:59:f6:d7:6b:93:70:63:4f:63:16: e3:f1:40:6e:d1:8b:a6:28:84:22:e0:9d:78:04:1e: 4f:21:27:07:6e:ac:98:96:8b:1c:89:53:bf:84:f7: be:e1:5b:aa:31:35:6c:07:38:d7:a5:b6:ae:83:9f: 91:97:51:db:8c:27:68:f3:cd:12:be:16:94:d9:68: b1:62:14:50:4a:a0:22:e8:68:c7:bc:6f:a4:fd:7b: 40:f0:58:29:c2:80:33:11:06:92:82:c3:3b:b2:fc: ae:e1:c9:db:f9:e7:83:a2:43:71:a6:5c:80:ba:1a: 84:e2:7b:e5:a1:40:c6:d0:60:3c:af:c8:8d:50:8c: 4b:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:1F:2F:A4:AB:39:00:36:59:2D:B7:E4:99:B2:73:B6:F5:49:B8:49 X509v3 Authority Key Identifier: keyid:22:24:29:44:16:B8:46:57:06:55:4B:52:CB:C5:6F:44:9B:C4:6C:89 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CFFCB/ED0F11F4420511F0BF7A8711C4F9AE02/IiQpRBa4RlcGVUtSy8VvRJvEbIk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IiQpRBa4RlcGVUtSy8VvRJvEbIk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFFCB/ED0F11F4420511F0BF7A8711C4F9AE02/IiQpRBa4RlcGVUtSy8VvRJvEbIk.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bb:be:fe:0d:cf:c7:e7:a2:e6:fc:01:47:6e:85:f3:48:b2:25: 16:46:f4:68:00:08:75:60:85:92:09:70:fc:f0:f9:4e:b5:2f: 32:97:cb:b9:b6:b0:0b:bf:a0:a3:d5:83:ce:bf:5a:f6:25:ac: f1:43:6e:a3:32:77:34:44:c0:84:b6:43:a4:fd:d1:a0:17:4b: 9a:7b:b6:a8:cd:7e:d8:fc:78:a2:6a:fc:88:00:52:36:23:9d: 02:e2:5a:df:4a:14:a8:0d:75:53:e9:a0:66:fe:0c:b4:21:c0: 5c:22:a6:49:31:50:21:72:c3:d3:d4:d3:5f:12:bc:b8:0e:2f: 1c:54:c6:40:f4:1a:7b:1f:54:fd:b9:0f:9d:e8:d2:21:a3:8f: 44:40:11:8c:9d:58:63:84:1b:a2:6d:65:e9:ae:73:c2:3a:2c: 3b:92:46:db:97:ca:bd:5a:0c:54:b2:0d:26:a3:83:17:88:00: 69:f6:1e:b3:e5:ad:42:43:fb:3c:e1:09:e3:a4:c4:28:2d:7f: d3:eb:64:fe:8a:9e:a8:6f:1f:19:b8:40:fe:62:0d:55:e6:3c: a7:18:69:3e:9c:b1:76:5e:4d:00:88:5a:b7:34:b2:e9:ab:ba: b9:ec:01:a6:03:c8:86:3b:9e:b5:fe:4a:4f:14:b9:b8:41:c8: e1:b6:80:96 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICAI8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0ZGQ0IxMTAvBgNVBAUTKDIyMjQyOTQ0MTZCODQ2NTcwNjU1NEI1MkNCQzU2RjQ0 OUJDNDZDODkwHhcNMjYwMzAzMDcwODM5WhcNMjYwMzEwMDcwODM5WjAYMRYwFAYD VQQDEw02OWE2ODhmNy0yMzY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxQ9MGi46T4oRdJiE57yJirSnXpBI2Jdm9S4gVW/mlDf7iCKZS7CUoWY5ybp8 8fUnvrxOxAabNp2G6vTL9Mc8khWDPalqllar9uhDNYaMkka1U37HPFaPeZ44FTgw i++5iZhqmg7b757B7VP+AiILVPE+gnpXGgBCE5i+G1n212uTcGNPYxbj8UBu0Yum KIQi4J14BB5PIScHbqyYlosciVO/hPe+4VuqMTVsBzjXpbaug5+Rl1HbjCdo880S vhaU2WixYhRQSqAi6GjHvG+k/XtA8FgpwoAzEQaSgsM7svyu4cnb+eeDokNxplyA uhqE4nvloUDG0GA8r8iNUIxLzwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFJkfL6Sr OQA2WS235Jmyc7b1SbhJMB8GA1UdIwQYMBaAFCIkKUQWuEZXBlVLUsvFb0SbxGyJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkZDQi9FRDBGMTFGNDQy MDUxMUYwQkY3QTg3MTFDNEY5QUUwMi9JaVFwUkJhNFJsY0dWVXRTeThWdlJKdkVi SWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0lpUXBSQmE0UmxjR1ZVdFN5OFZ2Ukp2RWJJay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RkZDQi9FRDBGMTFGNDQyMDUxMUYwQkY3QTg3MTFDNEY5QUUwMi9JaVFwUkJhNFJs Y0dWVXRTeThWdlJKdkViSWsubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAu77+Dc/H56Lm/AFHboXzSLIlFkb0aAAIdWCFkglw/PD5TrUvMpfLubawC7+g o9WDzr9a9iWs8UNuozJ3NETAhLZDpP3RoBdLmnu2qM1+2Px4omr8iABSNiOdAuJa 30oUqA11U+mgZv4MtCHAXCKmSTFQIXLD09TTXxK8uA4vHFTGQPQaex9U/bkPnejS IaOPREARjJ1YY4Qbom1l6a5zwjosO5JG25fKvVoMVLINJqODF4gAafYes+WtQkP7 POEJ46TEKC1/0+tk/oqeqG8fGbhA/mINVeY8pxhpPpyxdl5NAIhatzSy6au6uewB pgPIhjuetf5KTxS5uEHI4baAlg== -----END CERTIFICATE-----Generated at Wed Mar 4 08:36:19 2026 by rpki-client