$ rpki-client -vvf rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft File: KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft (raw, json) Hash identifier: HfSyzKb11du0WZ9AguDXTXw8R6HKeOCAsnJhgDGs41Y= Subject key identifier: 89:E6:00:34:C7:19:1C:63:33:F8:9D:6D:E4:60:6C:25:B4:C8:C3:12 Authority key identifier: 28:E6:70:C2:E3:70:12:F0:5C:63:BB:56:6E:20:3C:51:DC:45:E2:B2 Certificate issuer: /CN=A91E868C/serialNumber=28E670C2E37012F05C63BB566E203C51DC45E2B2 Certificate serial: 0F7A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft Manifest number: 0F16 Signing time: Wed 20 May 2026 17:40:54 +0000 Manifest this update: Wed 20 May 2026 17:40:54 +0000 Manifest next update: Wed 27 May 2026 17:40:54 +0000 Files and hashes: 1: KOZwwuNwEvBcY7tWbiA8UdxF4rI.crl (hash: DUDxg4PGOqIEwUHxFyPFJ+l4pRDZz+ZmTK5rgFOfirA=) 2: 10E905682CCE11F1BB1925E192833773.roa (hash: 6g6Ja4w+RYbHzuKLTfgElgeDFmZnmZ9tKzWcakJqqZs=) 3: DED77BB2FA2F11EF98728875C4F9AE02.roa (hash: g+9ZIN0bzKl4hPUjZROdg1CsqMAMZorZF/Wv0UBIawM=) 4: 5915642864AB11EEBFD54F2EC4F9AE02.roa (hash: rIqL842ksTXKO2fhExD42Yq0dnrl1cNwx4ESowKkH4A=) 5: 433917A83D8211EEA0E4DD46C4F9AE02.roa (hash: KOAlra/c7OfhaqRuBqqmBdCQXMOimlFzYXSJ4DGlkSM=) 6: 40BA3F5C3D8211EEA0E4DD46C4F9AE02.roa (hash: j5kN5uvsFGRLFFFzFP46xJ6l0wo2CCqq8dwowySMLUk=) 7: 41A09C683D8211EEA0E4DD46C4F9AE02.roa (hash: yBAKdOeuYpOHwpfvu2EJBrKJc+IZbXKkxfMi4yfRU/Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.crl rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 May 2026 17:40:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3962 (0xf7a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E868C, serialNumber=28E670C2E37012F05C63BB566E203C51DC45E2B2 Validity Not Before: May 20 17:40:54 2026 GMT Not After : May 27 17:40:54 2026 GMT Subject: CN=6a0df226-b6fd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:7e:74:56:6f:01:92:a6:ac:14:7c:49:40:ce: 94:d9:ab:90:db:d4:27:30:03:97:80:8c:d9:c9:b2: c1:74:29:28:43:e4:b8:17:a0:d0:e7:c0:30:d3:28: e9:ef:85:cf:46:31:99:7d:36:90:6c:82:47:a3:43: 79:53:a8:eb:09:95:a5:a8:b8:20:17:3c:a9:14:14: 5e:40:ec:2c:4e:e8:f6:6c:06:cb:4a:3f:f1:1c:4e: 67:15:7e:93:19:9d:37:b2:69:46:e1:5c:68:94:63: ea:de:e1:82:0f:11:c4:73:0e:62:66:e5:50:49:24: 3c:2d:38:00:1b:23:3d:93:22:01:ec:41:18:04:36: ed:47:b0:0d:b8:80:34:ac:ba:62:8e:b7:a2:ea:e4: f3:8b:b5:40:d7:41:0c:8e:11:81:7f:8a:73:62:86: 59:54:d0:34:4f:c8:47:75:94:ed:35:ca:d2:9b:e0: f3:20:33:59:c2:06:94:77:05:32:bf:ff:52:6f:fd: 11:22:cd:9a:6c:c0:f9:1a:27:51:3c:d7:3a:53:aa: f6:72:df:cd:18:53:32:b5:1e:0a:9e:fc:2d:74:8e: 24:5a:d4:82:a1:8e:d9:6a:b6:d2:a9:17:91:62:03: 83:10:7f:a5:4a:fe:a1:f3:e9:69:bf:41:47:da:77: 05:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:E6:00:34:C7:19:1C:63:33:F8:9D:6D:E4:60:6C:25:B4:C8:C3:12 X509v3 Authority Key Identifier: keyid:28:E6:70:C2:E3:70:12:F0:5C:63:BB:56:6E:20:3C:51:DC:45:E2:B2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a4:9e:62:78:ab:a5:e0:e8:29:9a:5f:d3:dd:ec:0a:ad:e4:d5: ae:75:43:5c:d3:9a:bb:86:40:0e:d8:41:b8:27:5e:9e:02:7f: 57:42:2f:7a:ba:22:14:7a:b2:fd:26:34:74:34:6c:1f:c6:c5: a4:45:7a:31:24:5a:21:22:d0:6b:be:3c:02:98:3c:e6:fe:69: 1c:ac:49:bf:37:ab:c9:fc:26:8e:48:d3:7d:3d:51:53:ba:f7: e5:33:6d:1f:d5:76:73:98:1d:45:f1:63:32:4e:5c:93:8f:74: 9c:8b:aa:dd:1b:48:8c:71:93:d0:7d:ed:08:cb:3f:d2:40:57: 5b:c5:3b:ef:d3:da:d0:e9:bc:86:1c:ae:03:62:9c:19:59:1d: 18:8a:1f:68:15:ed:ed:a9:d5:91:26:f5:a3:45:25:45:ab:39: b0:a0:72:1b:2a:86:53:cb:19:c4:8f:03:c3:46:5c:b4:81:aa: 27:4e:60:c8:28:07:3c:bd:75:25:2e:ca:f1:0d:99:25:bd:05: 7b:18:46:1a:29:c7:f7:a4:09:7f:87:6f:4d:fd:f7:d6:f6:2e: 00:f2:d2:05:87:5c:4a:3c:01:99:ad:db:47:06:bd:a3:a6:49: 50:0a:88:b6:77:79:d6:0b:7b:61:48:41:42:7b:a4:7e:c6:72: e6:72:b2:04 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICD3owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTg2OEMxMTAvBgNVBAUTKDI4RTY3MEMyRTM3MDEyRjA1QzYzQkI1NjZFMjAzQzUx REM0NUUyQjIwHhcNMjYwNTIwMTc0MDU0WhcNMjYwNTI3MTc0MDU0WjAYMRYwFAYD VQQDEw02YTBkZjIyNi1iNmZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoH50Vm8BkqasFHxJQM6U2auQ29QnMAOXgIzZybLBdCkoQ+S4F6DQ58Aw0yjp 74XPRjGZfTaQbIJHo0N5U6jrCZWlqLggFzypFBReQOwsTuj2bAbLSj/xHE5nFX6T GZ03smlG4VxolGPq3uGCDxHEcw5iZuVQSSQ8LTgAGyM9kyIB7EEYBDbtR7ANuIA0 rLpijrei6uTzi7VA10EMjhGBf4pzYoZZVNA0T8hHdZTtNcrSm+DzIDNZwgaUdwUy v/9Sb/0RIs2abMD5GidRPNc6U6r2ct/NGFMytR4KnvwtdI4kWtSCoY7ZarbSqReR YgODEH+lSv6h8+lpv0FH2ncFqwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFInmADTH GRxjM/idbeRgbCW0yMMSMB8GA1UdIwQYMBaAFCjmcMLjcBLwXGO7Vm4gPFHcReKy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFODY4Qy8zRkI5MzM2OEE5 REIxMUU5ODQyODUyODZDNEY5QUUwMi9LT1p3d3VOd0V2QmNZN3RXYmlBOFVkeEY0 ckkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tPWnd3dU53RXZCY1k3dFdiaUE4VWR4RjRySS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF ODY4Qy8zRkI5MzM2OEE5REIxMUU5ODQyODUyODZDNEY5QUUwMi9LT1p3d3VOd0V2 QmNZN3RXYmlBOFVkeEY0ckkubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEApJ5ieKul4Ogpml/T3ewKreTVrnVDXNOau4ZADthBuCdengJ/V0IveroiFHqy /SY0dDRsH8bFpEV6MSRaISLQa748Apg85v5pHKxJvzeryfwmjkjTfT1RU7r35TNt H9V2c5gdRfFjMk5ck490nIuq3RtIjHGT0H3tCMs/0kBXW8U779Pa0Om8hhyuA2Kc GVkdGIofaBXt7anVkSb1o0UlRas5sKByGyqGU8sZxI8Dw0ZctIGqJ05gyCgHPL11 JS7K8Q2ZJb0FexhGGinH96QJf4dvTf331vYuAPLSBYdcSjwBma3bRwa9o6ZJUAqI tnd51gt7YUhBQnukfsZy5nKyBA== -----END CERTIFICATE-----Generated at Thu May 21 12:58:26 2026 by rpki-client