$ rpki-client -vvf rpki.apnic.net/member_repository/A91E2454/D4C30B421D8711E2A19822E008B02CD2/q2JivH0C7BrUi3HamLc9IqNi2vA.mft File: q2JivH0C7BrUi3HamLc9IqNi2vA.mft (raw, json) Hash identifier: gbTNrIh1D4IHh45eFvvH20BoKSEARbb8+kIgl+liINs= Subject key identifier: 61:FF:F7:86:93:46:8D:E7:B1:7E:D1:DD:70:A4:5F:C4:FF:61:99:9F Authority key identifier: AB:62:62:BC:7D:02:EC:1A:D4:8B:71:DA:98:B7:3D:22:A3:62:DA:F0 Certificate issuer: /CN=A91E2454/serialNumber=AB6262BC7D02EC1AD48B71DA98B73D22A362DAF0 Certificate serial: 36C8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/q2JivH0C7BrUi3HamLc9IqNi2vA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E2454/D4C30B421D8711E2A19822E008B02CD2/q2JivH0C7BrUi3HamLc9IqNi2vA.mft Manifest number: 35DA Signing time: Mon 20 Apr 2026 14:28:57 +0000 Manifest this update: Mon 20 Apr 2026 14:28:57 +0000 Manifest next update: Mon 27 Apr 2026 14:28:57 +0000 Files and hashes: 1: q2JivH0C7BrUi3HamLc9IqNi2vA.crl (hash: 4NSKMfVQ9aTWwgFOQuDWMu5WYw8MqCqLU7mMwhikPPE=) 2: 9C193BAC08C511EDBC862E48C4F9AE02.roa (hash: SJVE7ZBsoRSsliTmJf9TKg9PsayamV5jFN7WqlX3xvc=) 3: 8207CCA0906C11EC86E8B711C4F9AE02.roa (hash: HGBUZghw2mrH37viSTYGdL7UxbtP3kpsrCzGnWhLnVU=) 4: D4B25B928C6B11F09545B981C4F9AE02.roa (hash: Vuo+8i5V4Znap+Qs1dOcHdE1nAFejMLQYP5EDIvQcjU=) 5: 7B938024B0CD11E58B55FC73C4F9AE02.roa (hash: /QQiHNO+P4zS7clMch+1xG2dmlltL/7vNQJGue0Q24E=) 6: 4C9925F2A4C911E782854F50C4F9AE02.roa (hash: NUP0co51SrQ7MBIOUbm3rcePgeq0Qam5xEhiKSlEwl4=) 7: 78123422B0CD11E58B55FC73C4F9AE02.roa (hash: w/xkPDWtvjzhfQW3Zf8fDbO/CqBdGqSzN3GtrP1PUo8=) 8: F1F087928C6B11F0B1A50E82C4F9AE02.roa (hash: kuzwCvIHtKelM7oshMzAb2U462l4e0HmxA10PXja6PA=) 9: 4BF67550A4C911E782854F50C4F9AE02.roa (hash: f3qU6tlwehhcmw+j9t9F4SExzXSKSjEABu7b7Oi3kuk=) 10: 7F4D30ACB0CD11E58B55FC73C4F9AE02.roa (hash: N79DDK5pn6TCAon8GJdsX02x5/pCsRg1kmXulJOa3DU=) 11: 4D5247EEA4C911E782854F50C4F9AE02.roa (hash: rEfB0wTEVedizbjd1aa4stNP7Lpi5g6RaGy1a4umZiM=) 12: 7D920C1AB0CD11E58B55FC73C4F9AE02.roa (hash: knSiwSZTuJB5L8civuaUh8rAh8cmbNdU18vutdd1ebk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E2454/D4C30B421D8711E2A19822E008B02CD2/q2JivH0C7BrUi3HamLc9IqNi2vA.crl rsync://rpki.apnic.net/member_repository/A91E2454/D4C30B421D8711E2A19822E008B02CD2/q2JivH0C7BrUi3HamLc9IqNi2vA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/q2JivH0C7BrUi3HamLc9IqNi2vA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Apr 2026 14:28:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14024 (0x36c8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E2454, serialNumber=AB6262BC7D02EC1AD48B71DA98B73D22A362DAF0 Validity Not Before: Apr 20 14:28:57 2026 GMT Not After : Apr 27 14:28:57 2026 GMT Subject: CN=69e63829-3e47 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:37:97:72:c3:38:5e:9f:6c:b8:9b:f5:12:db: 54:fb:19:4a:65:75:d4:89:10:47:38:33:30:38:0d: f6:b0:90:5a:6e:2e:34:f5:a3:6b:ba:17:70:27:31: 80:15:82:78:82:fe:ee:26:cd:d2:39:4c:1a:45:10: b2:02:e3:8e:8c:40:1e:ce:84:3a:04:28:11:0d:46: 5c:99:f5:47:f0:53:9c:19:8b:03:91:1f:05:0a:83: 30:dc:67:f8:68:df:08:3a:fd:80:72:2d:a7:15:c9: 1d:36:79:1f:2d:de:41:7a:98:18:b6:6d:d8:bb:80: b5:ba:ab:51:46:ff:e0:74:bd:e9:a0:5f:1b:36:13: f9:69:82:d8:bb:d5:1d:8e:49:44:87:4f:6c:7f:04: 37:8a:83:0e:83:ea:c0:ce:98:c6:7b:d2:61:08:da: d4:11:63:e7:c6:30:be:c0:cb:a3:dc:3f:51:38:14: a6:c0:b6:41:0b:ea:fc:e7:b1:cd:10:36:ea:4f:cf: 92:46:7c:ce:bc:d4:2d:5a:ef:5e:0d:ae:11:51:a3: e6:5e:2d:38:e4:d9:5f:e1:95:d8:be:02:83:70:0c: ee:48:cd:4e:a8:38:05:7e:5f:d2:0b:b2:88:6c:5d: 32:5b:af:b2:5d:d4:80:10:33:6f:07:3b:af:83:8f: db:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:FF:F7:86:93:46:8D:E7:B1:7E:D1:DD:70:A4:5F:C4:FF:61:99:9F X509v3 Authority Key Identifier: keyid:AB:62:62:BC:7D:02:EC:1A:D4:8B:71:DA:98:B7:3D:22:A3:62:DA:F0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E2454/D4C30B421D8711E2A19822E008B02CD2/q2JivH0C7BrUi3HamLc9IqNi2vA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/q2JivH0C7BrUi3HamLc9IqNi2vA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E2454/D4C30B421D8711E2A19822E008B02CD2/q2JivH0C7BrUi3HamLc9IqNi2vA.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 60:7a:c8:44:87:4c:fd:c8:ed:de:1e:7a:b4:58:91:d5:b6:78: 95:c8:6c:40:72:30:d6:2f:ce:34:e2:b5:cd:d8:1c:48:6c:4f: 70:7e:2c:e8:59:88:d1:97:19:22:46:fa:61:03:08:1a:22:5d: b0:7f:63:7b:5c:64:91:fd:62:14:21:64:0e:8a:09:a7:f1:b7: 1e:fe:75:6d:b8:10:fd:92:d1:42:92:8b:0c:24:17:4e:e9:fd: e0:5b:91:fc:1b:a0:2c:46:19:6b:2c:2c:ce:1f:1e:44:d9:fa: 32:04:1d:ff:89:91:08:4c:c6:de:f8:51:55:89:54:38:6a:12: f0:d5:26:6e:5c:49:11:a2:ed:09:51:d3:8d:ae:ad:94:aa:51: dc:51:fe:77:7e:29:a2:44:3f:d2:b7:ef:bc:55:44:5b:c3:f0: e3:a3:df:7b:9d:eb:89:88:76:63:20:f5:86:a5:7a:1f:5c:48: 14:42:f7:3f:49:58:0d:59:f4:3d:14:26:aa:e9:3f:84:16:bc: 12:45:c6:13:f0:95:77:a4:8c:9e:30:23:b0:f2:c2:2a:63:4e: 02:61:23:1c:88:dd:ed:34:e5:8c:92:ad:32:08:66:ef:78:ca: 19:6a:73:2a:3e:30:05:d9:95:ea:d8:c7:d2:44:f4:35:28:ee: c5:81:bb:df -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICNsgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTI0NTQxMTAvBgNVBAUTKEFCNjI2MkJDN0QwMkVDMUFENDhCNzFEQTk4QjczRDIy QTM2MkRBRjAwHhcNMjYwNDIwMTQyODU3WhcNMjYwNDI3MTQyODU3WjAYMRYwFAYD VQQDEw02OWU2MzgyOS0zZTQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxzeXcsM4Xp9suJv1EttU+xlKZXXUiRBHODMwOA32sJBabi409aNruhdwJzGA FYJ4gv7uJs3SOUwaRRCyAuOOjEAezoQ6BCgRDUZcmfVH8FOcGYsDkR8FCoMw3Gf4 aN8IOv2Aci2nFckdNnkfLd5BepgYtm3Yu4C1uqtRRv/gdL3poF8bNhP5aYLYu9Ud jklEh09sfwQ3ioMOg+rAzpjGe9JhCNrUEWPnxjC+wMuj3D9ROBSmwLZBC+r857HN EDbqT8+SRnzOvNQtWu9eDa4RUaPmXi045Nlf4ZXYvgKDcAzuSM1OqDgFfl/SC7KI bF0yW6+yXdSAEDNvBzuvg4/bLQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFGH/94aT Ro3nsX7R3XCkX8T/YZmfMB8GA1UdIwQYMBaAFKtiYrx9Auwa1Itx2pi3PSKjYtrw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMjQ1NC9ENEMzMEI0MjFE ODcxMUUyQTE5ODIyRTAwOEIwMkNEMi9xMkppdkgwQzdCclVpM0hhbUxjOUlxTmky dkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3EySml2SDBDN0JyVWkzSGFtTGM5SXFOaTJ2QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MjQ1NC9ENEMzMEI0MjFEODcxMUUyQTE5ODIyRTAwOEIwMkNEMi9xMkppdkgwQzdC clVpM0hhbUxjOUlxTmkydkEubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAYHrIRIdM/cjt3h56tFiR1bZ4lchsQHIw1i/ONOK1zdgcSGxPcH4s6FmI0ZcZ Ikb6YQMIGiJdsH9je1xkkf1iFCFkDooJp/G3Hv51bbgQ/ZLRQpKLDCQXTun94FuR /BugLEYZaywszh8eRNn6MgQd/4mRCEzG3vhRVYlUOGoS8NUmblxJEaLtCVHTja6t lKpR3FH+d34pokQ/0rfvvFVEW8Pw46Pfe53riYh2YyD1hqV6H1xIFEL3P0lYDVn0 PRQmquk/hBa8EkXGE/CVd6SMnjAjsPLCKmNOAmEjHIjd7TTljJKtMghm73jKGWpz Kj4wBdmV6tjH0kT0NSjuxYG73w== -----END CERTIFICATE-----Generated at Wed Apr 22 11:43:28 2026 by rpki-client