$ rpki-client -vvf rpki.apnic.net/member_repository/A91D8157/250838AE114211F19D37628F213D8C67/kdo6F2N80pLOpGcN0Tpy2G6qLZE.mft File: kdo6F2N80pLOpGcN0Tpy2G6qLZE.mft (raw, json) Hash identifier: pG1jwLv+uBf436+MD7Q6pBlEEQgrwrUiuebadsV5F3k= Subject key identifier: 09:77:FA:73:30:07:33:94:DF:58:58:35:1D:D3:D8:F9:42:6F:F9:83 Authority key identifier: 91:DA:3A:17:63:7C:D2:92:CE:A4:67:0D:D1:3A:72:D8:6E:AA:2D:91 Certificate issuer: /CN=A91D8157/serialNumber=91DA3A17637CD292CEA4670DD13A72D86EAA2D91 Certificate serial: 31 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/kdo6F2N80pLOpGcN0Tpy2G6qLZE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D8157/250838AE114211F19D37628F213D8C67/kdo6F2N80pLOpGcN0Tpy2G6qLZE.mft Manifest number: 29 Signing time: Tue 21 Apr 2026 08:39:46 +0000 Manifest this update: Tue 21 Apr 2026 08:39:46 +0000 Manifest next update: Tue 28 Apr 2026 08:39:46 +0000 Files and hashes: 1: kdo6F2N80pLOpGcN0Tpy2G6qLZE.crl (hash: /Dw0JpZGLmqrUT2UXAmtH9TvyJrzld+hv1D55zwvfCo=) 2: C2373EAC1D6011F1BE4C1B34263D8C67.roa (hash: 07klE73+JTtSptr8Nr9s1wMcP6sL8OycY1vW+oKqJmE=) 3: B1B9A1641D6011F1B057D12F263D8C67.roa (hash: t6D9tXAplx7/JIUvggusg1vjbe0cuS2nLDglz+Se1SQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D8157/250838AE114211F19D37628F213D8C67/kdo6F2N80pLOpGcN0Tpy2G6qLZE.crl rsync://rpki.apnic.net/member_repository/A91D8157/250838AE114211F19D37628F213D8C67/kdo6F2N80pLOpGcN0Tpy2G6qLZE.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/kdo6F2N80pLOpGcN0Tpy2G6qLZE.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 28 Apr 2026 08:39:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49 (0x31) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D8157, serialNumber=91DA3A17637CD292CEA4670DD13A72D86EAA2D91 Validity Not Before: Apr 21 08:39:46 2026 GMT Not After : Apr 28 08:39:46 2026 GMT Subject: CN=69e737d2-b90e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:28:4c:a1:1b:44:f4:1b:35:c6:ba:d1:93:e6: 05:4c:db:07:01:2b:00:b8:3d:e7:40:8d:62:b4:5e: b6:e2:d0:fe:c7:45:b6:c9:59:a5:e4:ca:3c:ab:4e: 75:6f:c4:4a:7b:c8:0b:41:21:af:1a:24:f5:4b:2e: a0:f0:5d:c0:17:01:65:c0:c8:e2:08:11:b9:16:ee: 18:5a:83:99:bd:33:3b:9f:fc:50:77:6d:44:90:4e: 66:dd:00:50:a3:a0:8c:14:ed:c2:8b:79:66:17:3b: 56:d8:46:81:a0:76:f1:e5:7f:39:3e:4d:9e:02:15: 7b:f5:68:60:02:8b:56:11:ab:1d:86:2a:16:1e:6f: fa:df:23:35:ca:1f:eb:a7:35:ba:03:6b:b9:ca:f6: 5f:89:1e:ec:d1:9c:90:df:2f:04:89:a6:07:7f:c0: 15:2e:42:ef:d4:86:1f:67:fc:4a:bf:14:96:e0:47: 5b:a8:4e:37:c0:3b:e8:3f:44:c5:68:70:2b:83:ad: 1b:b4:00:c4:e3:1a:4b:96:63:f3:60:33:56:c7:f7: 37:11:5f:2c:f8:92:ed:bd:5e:af:74:73:80:b7:a8: 96:86:fb:e7:43:f8:e9:25:8f:6b:b8:16:13:26:12: f6:62:a9:c1:b0:9c:4b:38:7c:d2:99:93:db:8d:7d: d3:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:77:FA:73:30:07:33:94:DF:58:58:35:1D:D3:D8:F9:42:6F:F9:83 X509v3 Authority Key Identifier: keyid:91:DA:3A:17:63:7C:D2:92:CE:A4:67:0D:D1:3A:72:D8:6E:AA:2D:91 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D8157/250838AE114211F19D37628F213D8C67/kdo6F2N80pLOpGcN0Tpy2G6qLZE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/kdo6F2N80pLOpGcN0Tpy2G6qLZE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D8157/250838AE114211F19D37628F213D8C67/kdo6F2N80pLOpGcN0Tpy2G6qLZE.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 68:95:38:d5:01:39:da:00:02:40:23:5e:95:af:a6:13:ce:8d: e5:12:23:fc:e8:98:6f:88:10:3d:1e:a4:d6:f2:8e:34:38:e8: 25:7d:a7:7c:89:03:9d:cf:fc:a6:b7:83:9a:7b:6b:a8:57:8a: 54:c1:3c:c2:eb:50:d0:46:8e:9b:bd:56:74:60:82:74:ed:e9: d6:fd:30:df:70:27:ee:c8:d6:c2:f1:25:77:68:78:d9:82:92: d9:a8:d0:49:a9:4d:67:af:6c:f3:60:4e:5f:a6:d8:78:61:51: 7f:e5:a3:ee:d8:4e:b6:28:7d:42:a8:0e:6f:03:6e:5a:95:a6: 64:d7:11:ee:96:1e:16:73:96:a5:92:1a:fb:da:c8:a3:91:a6: 7a:05:51:fe:1a:97:2b:29:1c:a4:0d:68:92:63:5c:fd:ad:ec: 6d:8c:5d:42:c3:86:c5:33:a1:d0:ae:8b:c8:15:26:e7:81:a1: 3f:5e:d6:dc:7e:17:0c:49:b2:32:e0:84:1b:a8:2d:fe:6b:24: 86:dd:d8:bc:0d:ee:38:1b:6c:ce:15:2a:85:45:78:53:61:df: 23:ef:ca:96:8a:a2:b4:60:4f:13:47:49:83:78:75:5a:2e:f8: 9b:3e:b1:ed:c0:50:26:7c:99:6c:eb:92:a7:84:01:5f:70:e3: 50:36:ab:4a -----BEGIN CERTIFICATE----- MIIFTjCCBDagAwIBAgIBMTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE ODE1NzExMC8GA1UEBRMoOTFEQTNBMTc2MzdDRDI5MkNFQTQ2NzBERDEzQTcyRDg2 RUFBMkQ5MTAeFw0yNjA0MjEwODM5NDZaFw0yNjA0MjgwODM5NDZaMBgxFjAUBgNV BAMTDTY5ZTczN2QyLWI5MGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCqKEyhG0T0GzXGutGT5gVM2wcBKwC4PedAjWK0Xrbi0P7HRbbJWaXkyjyrTnVv xEp7yAtBIa8aJPVLLqDwXcAXAWXAyOIIEbkW7hhag5m9Mzuf/FB3bUSQTmbdAFCj oIwU7cKLeWYXO1bYRoGgdvHlfzk+TZ4CFXv1aGACi1YRqx2GKhYeb/rfIzXKH+un NboDa7nK9l+JHuzRnJDfLwSJpgd/wBUuQu/Uhh9n/Eq/FJbgR1uoTjfAO+g/RMVo cCuDrRu0AMTjGkuWY/NgM1bH9zcRXyz4ku29Xq90c4C3qJaG++dD+Oklj2u4FhMm EvZiqcGwnEs4fNKZk9uNfdMlAgMBAAGjggJzMIICbzAdBgNVHQ4EFgQUCXf6czAH M5TfWFg1HdPY+UJv+YMwHwYDVR0jBBgwFoAUkdo6F2N80pLOpGcN0Tpy2G6qLZEw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ4MTU3LzI1MDgzOEFFMTE0 MjExRjE5RDM3NjI4RjIxM0Q4QzY3L2tkbzZGMk44MHBMT3BHY04wVHB5Mkc2cUxa RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjMyMkE1RjQxRDY2MTFFMkEzRjI3RjdDNzJG RDFGRjIva2RvNkYyTjgwcExPcEdjTjBUcHkyRzZxTFpFLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgZAGCCsGAQUFBwELBIGDMIGAMH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ4 MTU3LzI1MDgzOEFFMTE0MjExRjE5RDM3NjI4RjIxM0Q4QzY3L2tkbzZGMk44MHBM T3BHY04wVHB5Mkc2cUxaRS5tZnQwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQBolTjVATnaAAJAI16Vr6YTzo3lEiP86JhviBA9HqTW8o40OOglfad8iQOdz/ym t4Oae2uoV4pUwTzC61DQRo6bvVZ0YIJ07enW/TDfcCfuyNbC8SV3aHjZgpLZqNBJ qU1nr2zzYE5fpth4YVF/5aPu2E62KH1CqA5vA25alaZk1xHulh4Wc5alkhr72sij kaZ6BVH+GpcrKRykDWiSY1z9rextjF1Cw4bFM6HQrovIFSbngaE/XtbcfhcMSbIy 4IQbqC3+aySG3di8De44G2zOFSqFRXhTYd8j78qWiqK0YE8TR0mDeHVaLvibPrHt wFAmfJls65KnhAFfcONQNqtK -----END CERTIFICATE-----Generated at Wed Apr 22 00:09:16 2026 by rpki-client