$ rpki-client -vvf rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.mft File: xOTw2gEK9YY3zFlihHHpmLckPFI.mft (raw, json) Hash identifier: i01QtOQakyaGJ6qnnFjDAQ2Ac+G6NibHCaD+mkbszFc= Subject key identifier: B3:6A:7D:04:76:E0:95:2C:DE:24:9D:4B:4D:1F:56:47:75:56:A2:EF Authority key identifier: C4:E4:F0:DA:01:0A:F5:86:37:CC:59:62:84:71:E9:98:B7:24:3C:52 Certificate issuer: /CN=A91D83D0/serialNumber=C4E4F0DA010AF58637CC59628471E998B7243C52 Certificate serial: 09AD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xOTw2gEK9YY3zFlihHHpmLckPFI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.mft Manifest number: 0989 Signing time: Sat 28 Mar 2026 19:57:07 +0000 Manifest this update: Sat 28 Mar 2026 19:57:07 +0000 Manifest next update: Sat 04 Apr 2026 19:57:07 +0000 Files and hashes: 1: xOTw2gEK9YY3zFlihHHpmLckPFI.crl (hash: GW1uK4ymwmOtgWWH73JUSZ2SpC6PxCApobiWCNYIb+E=) 2: F4E74AA8B99911EF9A0C3B63C4F9AE02.roa (hash: 2zUoeUBbqlr+As+3U7czFZSu1yVrxfhYyz+KlUKcy1I=) 3: 7B3252CC014911F1B56055C9516F56BC.roa (hash: tBzjsuG6Lc6RhWea8/zSFmhSrzHWoDXSIIHH2NKoQH4=) 4: 6A6E4770A10F11EF840C2548C4F9AE02.roa (hash: GEy9cKvJuaUG1j4vauBHAkcMaCqiS2PQAr8JoqS4dPU=) 5: 5353EA28781F11EEBA05B17FC4F9AE02.roa (hash: fci/hvXmKLLIr57hsH2EVZbFVv2YsBSJcHMJtovzSlo=) 6: 2BFE357EF06211F08763644E5C6F56BC.roa (hash: T7iFd2LrB33SLomhhE8G/jtsnMR7YugAZQJC0RPLigw=) 7: 863670328FD011EEB6FFC636C4F9AE02.roa (hash: WwltnaTPtmW0+YRs/lUQRQVdWPG/Y8JmtvUfshNHISo=) 8: 03706138786411EC8624EB12C4F9AE02.roa (hash: EGqbfoF9jJWPU0BnzC3V2PXkWe0y4Oy0kA3ja8zkkX8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.crl rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xOTw2gEK9YY3zFlihHHpmLckPFI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 04 Apr 2026 19:57:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2477 (0x9ad) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D83D0, serialNumber=C4E4F0DA010AF58637CC59628471E998B7243C52 Validity Not Before: Mar 28 19:57:07 2026 GMT Not After : Apr 4 19:57:07 2026 GMT Subject: CN=69c83293-97df Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:68:e5:ca:7b:49:97:1e:f4:fc:a6:a5:aa:85: f2:98:7d:30:2d:d3:cc:15:90:22:ec:99:c7:28:38: b6:41:12:f0:4a:97:63:b1:6b:bc:60:ef:be:83:53: 23:cb:76:9c:fa:76:aa:d8:ee:88:44:79:9a:1c:f9: ad:e8:ee:08:29:56:4b:85:67:d0:ca:80:f9:02:80: bd:61:3d:f9:86:67:55:8f:b1:3d:55:ca:76:cd:b6: 7c:ba:57:da:27:94:e2:f1:c2:b8:b5:a1:53:95:1f: df:4c:58:20:5e:94:ec:61:03:eb:73:7f:2b:d1:55: e4:7f:39:af:aa:4a:ac:8c:f0:24:96:c7:ab:83:f2: 51:33:98:6c:ab:12:b3:e9:80:1a:eb:ce:90:df:50: 64:da:83:4a:50:73:cf:d4:15:86:63:42:1f:22:d5: f0:1f:2c:a6:01:1e:7a:f1:34:c9:f2:ea:ec:25:e1: 6e:1f:68:1c:5e:c2:78:c0:76:75:22:b0:cf:48:2c: 3f:03:dd:10:f5:22:36:10:93:7a:1b:0e:c8:a5:a1: 37:ec:03:6b:5d:d4:09:15:bb:f6:3e:88:42:09:eb: 43:c9:8c:5d:1f:4c:e5:51:2c:e4:4c:2d:21:cb:a3: f4:ee:d7:47:dd:96:72:08:d4:7e:43:11:13:05:6d: e5:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:6A:7D:04:76:E0:95:2C:DE:24:9D:4B:4D:1F:56:47:75:56:A2:EF X509v3 Authority Key Identifier: keyid:C4:E4:F0:DA:01:0A:F5:86:37:CC:59:62:84:71:E9:98:B7:24:3C:52 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xOTw2gEK9YY3zFlihHHpmLckPFI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 68:87:2c:4f:f7:b2:fd:fc:50:c9:79:af:8e:06:f7:7b:c6:8e: 5c:4a:28:a2:1b:71:f7:9d:47:e6:d0:85:08:fd:1e:c6:eb:6e: 81:ae:fa:8e:26:2f:df:d4:79:34:ff:f2:ab:38:22:a3:14:a1: 84:37:f4:78:d7:e8:ac:b9:74:11:83:c8:ff:78:8e:da:7d:d0: bb:46:6e:3a:ff:4f:03:d0:80:86:c7:bf:fe:c4:81:54:31:34: 10:6c:9b:d4:30:9b:47:52:ae:5d:d7:1e:31:1d:df:26:bb:e5: 34:52:5e:42:83:ce:0a:61:40:49:db:32:c8:f6:16:6c:dc:28: 0b:f3:3f:33:17:08:fb:5c:6f:bf:bd:25:1e:65:25:ea:e6:6e: f5:cc:d1:64:4b:e2:b7:80:71:ce:cd:40:91:fc:cd:87:80:a4: 22:b8:47:0f:55:b0:ad:79:35:0d:30:5d:dc:4f:e9:82:a2:6b: 71:0e:60:ed:2b:7e:ed:38:ef:04:f3:59:09:4f:07:c7:f7:ec: dc:39:27:21:0d:9b:76:25:a4:3e:70:95:98:08:a3:2c:1d:0f: ac:5b:87:81:b4:7a:2e:9e:25:99:c4:d4:90:9b:e0:37:9c:0e: be:fa:96:80:bf:41:bf:73:c4:1a:9b:4b:5c:75:39:13:e8:8f: e3:01:3b:5a -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICCa0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDgzRDAxMTAvBgNVBAUTKEM0RTRGMERBMDEwQUY1ODYzN0NDNTk2Mjg0NzFFOTk4 QjcyNDNDNTIwHhcNMjYwMzI4MTk1NzA3WhcNMjYwNDA0MTk1NzA3WjAYMRYwFAYD VQQDEw02OWM4MzI5My05N2RmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx2jlyntJlx70/KalqoXymH0wLdPMFZAi7JnHKDi2QRLwSpdjsWu8YO++g1Mj y3ac+naq2O6IRHmaHPmt6O4IKVZLhWfQyoD5AoC9YT35hmdVj7E9Vcp2zbZ8ulfa J5Ti8cK4taFTlR/fTFggXpTsYQPrc38r0VXkfzmvqkqsjPAklserg/JRM5hsqxKz 6YAa686Q31Bk2oNKUHPP1BWGY0IfItXwHyymAR568TTJ8ursJeFuH2gcXsJ4wHZ1 IrDPSCw/A90Q9SI2EJN6Gw7IpaE37ANrXdQJFbv2PohCCetDyYxdH0zlUSzkTC0h y6P07tdH3ZZyCNR+QxETBW3ljwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFLNqfQR2 4JUs3iSdS00fVkd1VqLvMB8GA1UdIwQYMBaAFMTk8NoBCvWGN8xZYoRx6Zi3JDxS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEODNEMC8wQTE2MjA4QUFG QkMxMUVBQTk2MUNCODZDNEY5QUUwMi94T1R3MmdFSzlZWTN6RmxpaEhIcG1MY2tQ RkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hPVHcyZ0VLOVlZM3pGbGloSEhwbUxja1BGSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE ODNEMC8wQTE2MjA4QUFGQkMxMUVBQTk2MUNCODZDNEY5QUUwMi94T1R3MmdFSzlZ WTN6RmxpaEhIcG1MY2tQRkkubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAaIcsT/ey/fxQyXmvjgb3e8aOXEooohtx951H5tCFCP0exutuga76jiYv39R5 NP/yqzgioxShhDf0eNforLl0EYPI/3iO2n3Qu0ZuOv9PA9CAhse//sSBVDE0EGyb 1DCbR1KuXdceMR3fJrvlNFJeQoPOCmFASdsyyPYWbNwoC/M/MxcI+1xvv70lHmUl 6uZu9czRZEvit4Bxzs1AkfzNh4CkIrhHD1WwrXk1DTBd3E/pgqJrcQ5g7St+7Tjv BPNZCU8Hx/fs3DknIQ2bdiWkPnCVmAijLB0PrFuHgbR6Lp4lmcTUkJvgN5wOvvqW gL9Bv3PEGptLXHU5E+iP4wE7Wg== -----END CERTIFICATE-----Generated at Sun Mar 29 18:11:34 2026 by rpki-client