$ rpki-client -vvf rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft File: NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft (raw, json) Hash identifier: Q/fwogqqZyZQcweKB63yVPdGrJLEzlO1Mya3pW/rqWU= Subject key identifier: 08:C9:B0:92:7A:CA:2F:29:66:A0:6B:E1:D2:4C:84:41:DE:5E:9E:6D Authority key identifier: 34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22 Certificate issuer: /CN=A90DC5BE/serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22 Certificate serial: 4B1C Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer Subject info access: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft Manifest number: 4A5F Signing time: Wed 29 Apr 2026 14:53:50 +0000 Manifest this update: Wed 29 Apr 2026 14:53:50 +0000 Manifest next update: Wed 06 May 2026 14:53:50 +0000 Files and hashes: 1: NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl (hash: iI/tnEH6eWOjVH4t/5w42517P+TwMkVC4eyG0ntlTRM=) 2: GHL5iLZXI3g3mSN-VU28xuSdFLA.cer (hash: m47+BAuEPyhZwLckC0gdvrJPZh1uimGWoBLYXZjyP3s=) 3: Erbl4Y99wQAc4IrxPdBNc8YOm5w.cer (hash: +S+jLZmqvsxjRO9HUtO3lUkaQPoZYi1woNnTGp4+JPA=) 4: CVjwl8rkKX3ycoLkGD468UJMj34.cer (hash: Rcb9yIZz7YIKD8PtnrnxPR64gvvH07YAhXdMB3XP/OA=) 5: NaP2H8Xf8ZLB2Qx0q4LHol1-Ftg.cer (hash: ZF1RlRehUcyZpIoR/bVaAFymoj2e9ILKyQaE+joIDZE=) 6: gf1WPMaGXeAtpqg_KgHxFhEdD_o.cer (hash: l5cZo0NCnOAN61PmPRwxJ+3G1YfnO8hR1ET4LiGF0Gg=) 7: yNpkCWcTSBB928ixg_VavykxJVY.cer (hash: gihqpRCjg2rI9ASnRe9SEx4bmJeI8d1jCVD9TrUB2P0=) 8: Tidv6UgTpdcIr4ZtYdYhNA_AUbI.cer (hash: a08n2HW5nibBBiTwza8V+WtqK6Yxby9U6HH3/Nqtoa4=) 9: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer (hash: Tj0DMc17GIlsrNOPo2Vrd8QYbq2oFDge8erwmAtJhmI=) 10: hH8uEuq1BqUBCZRCB7HXAmZ38Js.cer (hash: GZKUTMvEU2v6QtpY7LVbQt7xtQeoTFLXXWOJzks3wco=) 11: yMD7hwR0w-hMq4NZfEaoYsR_iII.cer (hash: 9PPfP/K0Uf+S7J39zhXXnRpHgv6uH4LNhJd4TezIBSI=) 12: 7sFGJFcUG4P9PfwliWp2Aj3oRzk.cer (hash: vKRegTYpP6Q4sKTEn3qYiflxyO8Q+1eOJ1tvz7oQ69o=) Validation: OK Signature path: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 06 May 2026 14:53:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19228 (0x4b1c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A90DC5BE, serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22 Validity Not Before: Apr 29 14:53:50 2026 GMT Not After : May 6 14:53:50 2026 GMT Subject: CN=69f21b7e-6cdd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:e9:32:37:c6:6f:90:83:34:ba:fa:1b:bd:8e: 35:7f:b9:a4:7f:f5:d1:56:6f:92:4c:87:f5:19:dd: 30:15:82:5f:8f:4a:f6:b0:79:2e:d5:2f:31:33:0f: 7c:87:5e:a5:f8:ce:fe:6e:52:9c:55:8f:b1:09:4d: 72:8a:e7:64:68:18:e6:52:7a:57:63:6a:cc:cb:16: 29:b5:1a:7d:e0:ba:db:2e:ea:1d:1e:69:d1:6c:bd: 0c:59:4d:25:88:d4:e3:ea:81:69:fa:fa:f1:b6:82: a8:b8:69:76:be:1b:37:75:b4:78:bd:ab:ef:ff:00: 3c:22:a9:6b:26:74:47:df:b3:8a:67:7a:20:c5:7d: 51:46:32:84:e9:e9:88:86:28:99:4a:e9:c8:6d:7b: 21:ac:1f:e4:df:d8:f5:0a:4d:8f:93:a4:c8:7d:ac: 5f:dc:4c:05:75:92:18:b2:19:83:eb:e1:9d:c0:73: cc:8b:32:17:76:3f:14:af:04:1b:be:b5:a7:3b:b2: d8:c9:c9:6b:91:50:45:46:bf:12:c9:6a:05:0b:d6: d5:f3:fe:de:8a:ce:4a:93:23:04:3f:31:36:83:b7: c9:52:57:41:e4:ae:c7:8a:6a:35:4e:31:54:ce:fe: 51:b3:ea:59:cd:90:1a:8e:76:6d:58:cc:b6:57:b4: 9c:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:C9:B0:92:7A:CA:2F:29:66:A0:6B:E1:D2:4C:84:41:DE:5E:9E:6D X509v3 Authority Key Identifier: keyid:34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7f:8b:b5:6a:0b:29:e7:0e:1c:76:fb:c1:e8:a8:17:a9:98:24: 89:3f:f0:70:00:87:66:bc:32:93:33:02:8c:e4:4d:c1:5f:22: a0:6d:3f:f6:a7:8d:a1:50:05:3a:a5:77:fe:4c:20:0c:3e:9c: ba:ff:31:b1:d0:ff:5b:fa:0b:34:4c:24:1e:2d:1d:9c:1b:61: 79:d0:27:db:0d:3b:d2:38:d7:54:49:fa:5a:c7:2a:ba:f7:0c: e6:a0:18:a6:fa:bf:29:f2:1d:91:87:3e:da:f8:0b:07:2c:f4: 44:5b:f3:d4:4a:62:1f:47:03:64:fd:8e:5a:be:b8:8d:94:db: aa:24:79:d8:c6:65:44:49:32:c9:54:ea:78:6c:0b:e3:72:71: 03:5c:f1:ea:1e:4d:71:eb:62:6b:20:7c:05:89:ff:1e:bd:59: d0:c1:84:0b:55:75:7e:87:df:17:f7:8b:d9:a0:49:00:cc:93: 69:ef:c9:8b:76:e6:04:23:24:99:df:f0:60:14:0f:d9:5d:c6: 7e:de:8d:45:cb:fc:0e:f0:a6:77:be:58:15:2a:9f:78:42:45: 3d:0d:00:42:a1:6c:e5:48:39:c4:47:ea:50:8c:72:2b:03:46: 4b:5f:17:03:55:5a:8c:7b:15:eb:40:a8:e7:78:3c:3c:54:11: e7:38:91:4e -----BEGIN CERTIFICATE----- MIIFKzCCBBOgAwIBAgICSxwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw REM1QkUxMTAvBgNVBAUTKDM0OEY5QjlCOTJBNzJDQ0ZEMzZGM0M3MEYzNTY3NTcz M0NDOEVBMjIwHhcNMjYwNDI5MTQ1MzUwWhcNMjYwNTA2MTQ1MzUwWjAYMRYwFAYD VQQDEw02OWYyMWI3ZS02Y2RkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy+kyN8ZvkIM0uvobvY41f7mkf/XRVm+STIf1Gd0wFYJfj0r2sHku1S8xMw98 h16l+M7+blKcVY+xCU1yiudkaBjmUnpXY2rMyxYptRp94LrbLuodHmnRbL0MWU0l iNTj6oFp+vrxtoKouGl2vhs3dbR4vavv/wA8IqlrJnRH37OKZ3ogxX1RRjKE6emI hiiZSunIbXshrB/k39j1Ck2Pk6TIfaxf3EwFdZIYshmD6+GdwHPMizIXdj8UrwQb vrWnO7LYyclrkVBFRr8SyWoFC9bV8/7eis5KkyMEPzE2g7fJUldB5K7Himo1TjFU zv5Rs+pZzZAajnZtWMy2V7ScqQIDAQABo4ICTzCCAkswHQYDVR0OBBYEFAjJsJJ6 yi8pZqBr4dJMhEHeXp5tMB8GA1UdIwQYMBaAFDSPm5uSpyzP0288cPNWdXM8yOoi MA4GA1UdDwEB/wQEAwIHgDBzBgNVHR8EbDBqMGigZqBkhmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjQxRkU2MTAxRDY2MTFFMkE2MkY4NzdDNzJG RDFGRjIvTkktYm01S25MTV9UYnp4dzgxWjFjenpJNmlJLmNybDB+BggrBgEFBQcB AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np dG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9OSS1ibTVLbkxN X1Rienh3ODFaMWN6ekk2aUkuY2VyMEoGA1UdIAEB/wRAMD4wPAYIKwYBBQUHDgIw MDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMubmV0L1JQS0kvQ1BTLnBk ZjB+BggrBgEFBQcBCwRyMHAwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5hcG5p Yy5uZXQvcmVwb3NpdG9yeS9CNDFGRTYxMDFENjYxMUUyQTYyRjg3N0M3MkZEMUZG Mi9OSS1ibTVLbkxNX1Rienh3ODFaMWN6ekk2aUkubWZ0MBUGCCsGAQUFBwEIAQH/ BAYwBKACBQAwIQYIKwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkq hkiG9w0BAQsFAAOCAQEAf4u1agsp5w4cdvvB6KgXqZgkiT/wcACHZrwykzMCjORN wV8ioG0/9qeNoVAFOqV3/kwgDD6cuv8xsdD/W/oLNEwkHi0dnBthedAn2w070jjX VEn6WscquvcM5qAYpvq/KfIdkYc+2vgLByz0RFvz1EpiH0cDZP2OWr64jZTbqiR5 2MZlREkyyVTqeGwL43JxA1zx6h5NcetiayB8BYn/Hr1Z0MGEC1V1foffF/eL2aBJ AMyTae/Ji3bmBCMkmd/wYBQP2V3Gft6NRcv8DvCmd75YFSqfeEJFPQ0AQqFs5Ug5 xEfqUIxyKwNGS18XA1VajHsV60Co53g8PFQR5ziRTg== -----END CERTIFICATE-----Generated at Wed Apr 29 19:21:12 2026 by rpki-client