$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7B89/41BE4F44D9A011F093130E0768D3641D/XnhkKwPMN-Jv1BXn12G-SEc2xWY.mft File: XnhkKwPMN-Jv1BXn12G-SEc2xWY.mft (raw, json) Hash identifier: vQernRHuPeGiFDFNjVmPXYvJ2HRtbm3UCsQ77UH4HgI= Subject key identifier: 73:A1:32:79:06:A0:42:5C:52:30:F1:DD:0D:47:2A:9C:F1:A4:7E:7C Authority key identifier: 5E:78:64:2B:03:CC:37:E2:6F:D4:15:E7:D7:61:BE:48:47:36:C5:66 Certificate issuer: /CN=A91E7B89/serialNumber=5E78642B03CC37E26FD415E7D761BE484736C566 Certificate serial: 3C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XnhkKwPMN-Jv1BXn12G-SEc2xWY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E7B89/41BE4F44D9A011F093130E0768D3641D/XnhkKwPMN-Jv1BXn12G-SEc2xWY.mft Manifest number: 38 Signing time: Sun 29 Mar 2026 08:12:45 +0000 Manifest this update: Sun 29 Mar 2026 08:12:44 +0000 Manifest next update: Sun 05 Apr 2026 08:12:44 +0000 Files and hashes: 1: XnhkKwPMN-Jv1BXn12G-SEc2xWY.crl (hash: mPG49KipqRDILKbWKEr5N5SU4LnZHsZYtj7aq8C78+U=) 2: 72480DC0D9A111F0989DD75268D3641D.roa (hash: /m7dePdPhCd+iFe1dsv0pa92EOKO9ZVeLTSq8mVj9oY=) 3: 1BD6E18E1D1A11F1B8E79D60103D8C67.roa (hash: FWUBzi+iodYXnW4vMdTTKwC/KG79KdBqlOoiZl/TPEw=) 4: 1C61CBFA1D1A11F1B8E79D60103D8C67.roa (hash: wYka0Jo+ri8cUtmDcLdxLnFG7gW5TQTaHwdh/jeTkn4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E7B89/41BE4F44D9A011F093130E0768D3641D/XnhkKwPMN-Jv1BXn12G-SEc2xWY.crl rsync://rpki.apnic.net/member_repository/A91E7B89/41BE4F44D9A011F093130E0768D3641D/XnhkKwPMN-Jv1BXn12G-SEc2xWY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XnhkKwPMN-Jv1BXn12G-SEc2xWY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 05 Apr 2026 08:12:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60 (0x3c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E7B89, serialNumber=5E78642B03CC37E26FD415E7D761BE484736C566 Validity Not Before: Mar 29 08:12:44 2026 GMT Not After : Apr 5 08:12:44 2026 GMT Subject: CN=69c8defc-1e82 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f9:20:31:07:b9:57:f7:f3:ad:be:43:ec:00:6a: 7b:50:11:e0:ce:43:7f:67:f0:b4:20:2d:80:e8:7c: 25:8f:7e:bc:7b:97:fd:d4:c4:91:ae:83:81:d7:44: a9:17:19:f2:2b:62:9e:4d:0d:58:84:9d:19:e8:e6: 2e:fe:25:ca:5b:8e:67:5b:9b:27:92:8a:f0:53:a6: 9c:0c:2b:7f:97:fd:b1:1a:89:20:b6:9d:9f:b1:71: 08:24:29:61:57:d8:5e:48:f4:20:ed:3f:7a:10:a7: 3c:3f:19:63:7d:e0:ce:65:c0:3d:04:ae:9f:26:39: 70:f2:e9:ce:88:e2:6d:88:fc:e0:cb:39:40:25:08: 6b:b3:18:26:96:f7:8d:ff:14:74:a6:dc:24:ae:51: cc:4d:40:6b:96:79:32:46:c9:92:ff:6f:99:81:63: 7d:9c:22:e4:b3:8a:09:40:90:4b:48:23:e3:46:b6: e3:c1:7b:30:02:d6:14:21:71:3f:00:1c:77:c9:37: 37:6f:39:be:fa:a4:ff:73:8f:b8:11:90:8f:e0:13: b2:f1:0d:1d:f3:1d:1d:db:24:64:e4:dd:2f:70:e5: 1e:d8:5a:52:00:37:76:1c:18:d0:98:7d:0a:60:9d: 13:ff:ae:bf:1a:e1:85:19:af:e6:20:dd:f1:b0:e6: 16:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:A1:32:79:06:A0:42:5C:52:30:F1:DD:0D:47:2A:9C:F1:A4:7E:7C X509v3 Authority Key Identifier: keyid:5E:78:64:2B:03:CC:37:E2:6F:D4:15:E7:D7:61:BE:48:47:36:C5:66 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E7B89/41BE4F44D9A011F093130E0768D3641D/XnhkKwPMN-Jv1BXn12G-SEc2xWY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XnhkKwPMN-Jv1BXn12G-SEc2xWY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7B89/41BE4F44D9A011F093130E0768D3641D/XnhkKwPMN-Jv1BXn12G-SEc2xWY.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 63:58:95:89:1e:e9:bd:f1:17:ad:d4:18:dc:ee:51:32:77:81: 6c:90:4c:23:15:a7:9c:e4:ca:eb:1a:1e:32:4c:2b:f2:af:c7: 37:4a:0c:95:a4:12:8d:34:e7:11:0d:1d:33:ac:2b:7d:70:e9: 0c:00:60:e6:50:59:3d:86:0d:76:9d:ce:ae:9e:d5:23:42:aa: 89:af:55:61:cf:db:b2:9c:27:f3:9c:95:4e:71:c6:39:4c:bc: fd:60:54:26:cf:49:53:a4:58:a9:49:7b:35:10:0f:1d:b6:6e: ea:ea:d9:f5:15:1f:f6:32:fd:df:b2:3a:a2:1e:27:09:0a:e3: 92:7c:09:48:8f:f7:56:dc:27:d5:19:42:ed:5f:e1:aa:f6:33: d5:31:14:68:ac:f5:ea:16:86:69:63:bb:01:9c:bd:61:a6:1b: ac:79:e5:c5:1a:cb:b7:4a:f4:05:42:da:14:3f:dc:97:81:e8: 10:04:c3:02:34:79:d5:77:2b:e0:50:0a:7c:c3:cc:ec:23:4b: 51:24:fe:b0:77:2a:0c:df:a5:31:bd:da:4c:93:01:64:cb:ac: 6f:c1:e1:7d:52:54:66:c1:f0:07:12:9a:41:45:d7:72:0d:3b: 0d:01:f4:8b:47:64:56:35:9a:1b:c5:c3:78:8c:74:40:a0:13: 6e:4f:7b:73 -----BEGIN CERTIFICATE----- MIIFTjCCBDagAwIBAgIBPDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF N0I4OTExMC8GA1UEBRMoNUU3ODY0MkIwM0NDMzdFMjZGRDQxNUU3RDc2MUJFNDg0 NzM2QzU2NjAeFw0yNjAzMjkwODEyNDRaFw0yNjA0MDUwODEyNDRaMBgxFjAUBgNV BAMTDTY5YzhkZWZjLTFlODIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQD5IDEHuVf3862+Q+wAantQEeDOQ39n8LQgLYDofCWPfrx7l/3UxJGug4HXRKkX GfIrYp5NDViEnRno5i7+JcpbjmdbmyeSivBTppwMK3+X/bEaiSC2nZ+xcQgkKWFX 2F5I9CDtP3oQpzw/GWN94M5lwD0Erp8mOXDy6c6I4m2I/ODLOUAlCGuzGCaW943/ FHSm3CSuUcxNQGuWeTJGyZL/b5mBY32cIuSziglAkEtII+NGtuPBezAC1hQhcT8A HHfJNzdvOb76pP9zj7gRkI/gE7LxDR3zHR3bJGTk3S9w5R7YWlIAN3YcGNCYfQpg nRP/rr8a4YUZr+Yg3fGw5hYZAgMBAAGjggJzMIICbzAdBgNVHQ4EFgQUc6EyeQag QlxSMPHdDUcqnPGkfnwwHwYDVR0jBBgwFoAUXnhkKwPMN+Jv1BXn12G+SEc2xWYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU3Qjg5LzQxQkU0RjQ0RDlB MDExRjA5MzEzMEUwNzY4RDM2NDFEL1huaGtLd1BNTi1KdjFCWG4xMkctU0VjMnhX WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvWG5oa0t3UE1OLUp2MUJYbjEyRy1TRWMyeFdZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgZAGCCsGAQUFBwELBIGDMIGAMH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU3 Qjg5LzQxQkU0RjQ0RDlBMDExRjA5MzEzMEUwNzY4RDM2NDFEL1huaGtLd1BNTi1K djFCWG4xMkctU0VjMnhXWS5tZnQwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQBjWJWJHum98Ret1Bjc7lEyd4FskEwjFaec5MrrGh4yTCvyr8c3SgyVpBKNNOcR DR0zrCt9cOkMAGDmUFk9hg12nc6untUjQqqJr1Vhz9uynCfznJVOccY5TLz9YFQm z0lTpFipSXs1EA8dtm7q6tn1FR/2Mv3fsjqiHicJCuOSfAlIj/dW3CfVGULtX+Gq 9jPVMRRorPXqFoZpY7sBnL1hphuseeXFGsu3SvQFQtoUP9yXgegQBMMCNHnVdyvg UAp8w8zsI0tRJP6wdyoM36UxvdpMkwFky6xvweF9UlRmwfAHEppBRddyDTsNAfSL R2RWNZobxcN4jHRAoBNuT3tz -----END CERTIFICATE-----Generated at Mon Mar 30 15:35:07 2026 by rpki-client