$ rpki-client -vvf rpki.apnic.net/member_repository/A91D2B9A/5EA3462AF12211F0AC5CDA7E4E6F56BC/iQJo_SXHeeNvu4cvYBPzBBX_ot0.mft File: iQJo_SXHeeNvu4cvYBPzBBX_ot0.mft (raw, json) Hash identifier: yKh2MxrH5eJQX4OMzss+DIVXJEfOxdJlFL66K+sRJdk= Subject key identifier: 31:90:F3:38:BC:9C:3A:BE:7E:DB:1F:E6:4F:E0:2E:20:E4:A5:E2:FA Authority key identifier: 89:02:68:FD:25:C7:79:E3:6F:BB:87:2F:60:13:F3:04:15:FF:A2:DD Certificate issuer: /CN=A91D2B9A/serialNumber=890268FD25C779E36FBB872F6013F30415FFA2DD Certificate serial: 3E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iQJo_SXHeeNvu4cvYBPzBBX_ot0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D2B9A/5EA3462AF12211F0AC5CDA7E4E6F56BC/iQJo_SXHeeNvu4cvYBPzBBX_ot0.mft Manifest number: 3A Signing time: Tue 21 Apr 2026 08:22:49 +0000 Manifest this update: Tue 21 Apr 2026 08:22:49 +0000 Manifest next update: Tue 28 Apr 2026 08:22:49 +0000 Files and hashes: 1: iQJo_SXHeeNvu4cvYBPzBBX_ot0.crl (hash: MfuI4KUbQd50GpHZJiJ2Kqf72orL6gPqSWeKIRj7hKM=) 2: 75431F44F12311F09E054F8D4F6F56BC.roa (hash: dSpl28NojgoPbGTH9IFDprulOgPwqOMWIzrfbBeiOaI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D2B9A/5EA3462AF12211F0AC5CDA7E4E6F56BC/iQJo_SXHeeNvu4cvYBPzBBX_ot0.crl rsync://rpki.apnic.net/member_repository/A91D2B9A/5EA3462AF12211F0AC5CDA7E4E6F56BC/iQJo_SXHeeNvu4cvYBPzBBX_ot0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iQJo_SXHeeNvu4cvYBPzBBX_ot0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 28 Apr 2026 08:22:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62 (0x3e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D2B9A, serialNumber=890268FD25C779E36FBB872F6013F30415FFA2DD Validity Not Before: Apr 21 08:22:49 2026 GMT Not After : Apr 28 08:22:49 2026 GMT Subject: CN=69e733d9-8a1a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:34:59:02:e7:cc:89:1b:ab:89:86:6c:8c:e0: 79:b0:f7:c3:d9:47:d2:6a:ef:cf:6d:2e:bd:40:4c: c1:19:ef:0b:90:bf:93:68:77:15:6a:1a:c3:d7:a3: c5:df:03:52:a9:67:5b:56:19:bf:61:cd:d1:8b:14: 0a:00:73:8c:3a:7f:c4:29:0a:09:73:00:68:cd:7e: b1:ed:e6:4e:17:53:33:36:8e:11:7f:cc:e1:03:7c: 9a:ff:4d:a0:6d:7e:5c:b3:0a:9f:ab:33:87:c0:eb: dd:fe:f7:70:67:c9:09:28:76:23:42:bb:2d:e7:12: b9:a6:17:9d:40:96:f8:8a:29:3b:33:7d:54:b2:94: 8a:09:68:88:51:d0:cf:70:f9:33:d1:32:fb:0c:e7: d8:3a:b1:b4:d1:f1:d3:98:ca:94:9e:f1:92:cb:bf: f1:cd:36:df:fd:ac:80:0b:20:96:c8:6c:99:02:64: 3c:88:d9:0e:99:3c:15:80:36:04:77:56:05:0b:ba: 01:67:f3:8a:28:d9:58:bb:07:03:ff:a0:f5:46:17: 0a:5f:4f:f7:b2:c4:8c:7b:8c:7a:e4:ba:0a:2b:32: 71:fa:39:72:8e:f3:c8:7d:ec:8b:ea:41:40:7f:ce: 8d:51:5b:ae:fd:d0:f1:fb:c6:1c:39:42:25:02:8b: 57:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:90:F3:38:BC:9C:3A:BE:7E:DB:1F:E6:4F:E0:2E:20:E4:A5:E2:FA X509v3 Authority Key Identifier: keyid:89:02:68:FD:25:C7:79:E3:6F:BB:87:2F:60:13:F3:04:15:FF:A2:DD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D2B9A/5EA3462AF12211F0AC5CDA7E4E6F56BC/iQJo_SXHeeNvu4cvYBPzBBX_ot0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iQJo_SXHeeNvu4cvYBPzBBX_ot0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D2B9A/5EA3462AF12211F0AC5CDA7E4E6F56BC/iQJo_SXHeeNvu4cvYBPzBBX_ot0.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 16:25:85:19:e3:8e:69:0a:e1:c5:cd:21:fe:f8:09:8b:9a:40: 79:c3:2f:c8:0b:f2:da:58:99:9c:7d:7f:5f:6e:ba:50:89:1f: 42:91:a7:be:d0:b4:85:b9:a2:76:70:19:b1:00:88:80:29:77: 43:c4:03:04:9d:ac:c8:d1:e8:e4:03:af:01:7d:85:d3:ab:c6: d2:7b:6c:6c:b0:bd:2c:60:e7:37:ad:fc:c1:8f:1d:72:3f:50: fb:50:2e:2b:31:17:7b:17:b5:8e:16:d1:79:ef:44:92:91:30: ce:93:81:9b:6e:da:0e:cb:35:d3:45:63:13:27:02:dd:d9:55: 1f:38:b5:7d:ba:a6:54:98:2c:4e:c8:87:ee:e6:1c:15:ad:49: fb:42:e0:ec:61:a3:a5:6f:85:22:34:24:c1:04:95:a6:b0:6b: 59:2a:95:02:d2:64:45:f2:b1:3b:58:b7:1b:7f:0e:b5:84:ac: ed:69:ce:b4:36:49:af:f3:69:85:3d:6e:ac:8b:89:c7:dd:e0: d5:73:78:5b:4e:28:c1:69:7b:de:84:ac:dd:83:e6:3d:eb:dd: 03:63:4f:b4:d9:cc:42:e5:b4:30:78:b4:7e:d9:b3:4e:2f:77: 23:75:e0:d0:6f:ef:3b:62:6b:a8:42:74:f0:93:ba:4a:aa:e6: c4:f1:d2:26 -----BEGIN CERTIFICATE----- MIIFTjCCBDagAwIBAgIBPjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE MkI5QTExMC8GA1UEBRMoODkwMjY4RkQyNUM3NzlFMzZGQkI4NzJGNjAxM0YzMDQx NUZGQTJERDAeFw0yNjA0MjEwODIyNDlaFw0yNjA0MjgwODIyNDlaMBgxFjAUBgNV BAMTDTY5ZTczM2Q5LThhMWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDGNFkC58yJG6uJhmyM4Hmw98PZR9Jq789tLr1ATMEZ7wuQv5NodxVqGsPXo8Xf A1KpZ1tWGb9hzdGLFAoAc4w6f8QpCglzAGjNfrHt5k4XUzM2jhF/zOEDfJr/TaBt flyzCp+rM4fA693+93BnyQkodiNCuy3nErmmF51AlviKKTszfVSylIoJaIhR0M9w +TPRMvsM59g6sbTR8dOYypSe8ZLLv/HNNt/9rIALIJbIbJkCZDyI2Q6ZPBWANgR3 VgULugFn84oo2Vi7BwP/oPVGFwpfT/eyxIx7jHrkugorMnH6OXKO88h97IvqQUB/ zo1RW6790PH7xhw5QiUCi1cvAgMBAAGjggJzMIICbzAdBgNVHQ4EFgQUMZDzOLyc Or5+2x/mT+AuIOSl4vowHwYDVR0jBBgwFoAUiQJo/SXHeeNvu4cvYBPzBBX/ot0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQyQjlBLzVFQTM0NjJBRjEy MjExRjBBQzVDREE3RTRFNkY1NkJDL2lRSm9fU1hIZWVOdnU0Y3ZZQlB6QkJYX290 MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvaVFKb19TWEhlZU52dTRjdllCUHpCQlhfb3QwLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgZAGCCsGAQUFBwELBIGDMIGAMH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQy QjlBLzVFQTM0NjJBRjEyMjExRjBBQzVDREE3RTRFNkY1NkJDL2lRSm9fU1hIZWVO dnU0Y3ZZQlB6QkJYX290MC5tZnQwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQAWJYUZ445pCuHFzSH++AmLmkB5wy/IC/LaWJmcfX9fbrpQiR9Ckae+0LSFuaJ2 cBmxAIiAKXdDxAMEnazI0ejkA68BfYXTq8bSe2xssL0sYOc3rfzBjx1yP1D7UC4r MRd7F7WOFtF570SSkTDOk4GbbtoOyzXTRWMTJwLd2VUfOLV9uqZUmCxOyIfu5hwV rUn7QuDsYaOlb4UiNCTBBJWmsGtZKpUC0mRF8rE7WLcbfw61hKztac60Nkmv82mF PW6si4nH3eDVc3hbTijBaXvehKzdg+Y9690DY0+02cxC5bQweLR+2bNOL3cjdeDQ b+87YmuoQnTwk7pKqubE8dIm -----END CERTIFICATE-----Generated at Wed Apr 22 06:33:55 2026 by rpki-client