
$ rpki-client -vvf rpki.apnic.net/member_repository/A9119333/065DA3BAB84411E5B5357B2FC4F9AE02/aZ5nQlZ75zKcw6eG3reFfiwkIPk.mft
File: aZ5nQlZ75zKcw6eG3reFfiwkIPk.mft (raw, json)
Hash identifier: REK6DO1QQv+Dk97VU+uZEybmDRtR7a9381fTmlUGdYg=
Subject key identifier: 23:2A:F2:C3:D6:9C:41:7D:31:B5:84:6A:18:63:6D:0F:6D:60:62:B3
Authority key identifier: 69:9E:67:42:56:7B:E7:32:9C:C3:A7:86:DE:B7:85:7E:2C:24:20:F9
Certificate issuer: /CN=A9119333/serialNumber=699E6742567BE7329CC3A786DEB7857E2C2420F9
Certificate serial: 239E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aZ5nQlZ75zKcw6eG3reFfiwkIPk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9119333/065DA3BAB84411E5B5357B2FC4F9AE02/aZ5nQlZ75zKcw6eG3reFfiwkIPk.mft
Manifest number: 2353
Signing time: Thu 16 Jul 2026 15:52:26 +0000
Manifest this update: Thu 16 Jul 2026 15:52:26 +0000
Manifest next update: Thu 23 Jul 2026 15:52:26 +0000
Files and hashes: 1: aZ5nQlZ75zKcw6eG3reFfiwkIPk.crl (hash: 0kElB/+78vxBE1qHqAkEv8iyyP95MrQ00k4+Pi/A8/A=)
2: 1AC9199AD3CB11EF84052053C4F9AE02.roa (hash: plwWFq4k0Hgx6vP8bTzqJt9GJIcOt71z9VOfufJhc6Q=)
3: DD73806ED3C811EF9D76942FC4F9AE02.roa (hash: EwnErXsu5NYk/vKrNa7Bl73VtntPwcy5vYXbhPAWFt0=)
4: 443C3AF2D3F611EFB03C5C14C4F9AE02.roa (hash: kvJG9W7BesVloRiSNTznQQ2Vu/TG695dXNyQ/qNO4G8=)
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9119333/065DA3BAB84411E5B5357B2FC4F9AE02/aZ5nQlZ75zKcw6eG3reFfiwkIPk.crl
rsync://rpki.apnic.net/member_repository/A9119333/065DA3BAB84411E5B5357B2FC4F9AE02/aZ5nQlZ75zKcw6eG3reFfiwkIPk.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aZ5nQlZ75zKcw6eG3reFfiwkIPk.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 Jul 2026 15:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9118 (0x239e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9119333, serialNumber=699E6742567BE7329CC3A786DEB7857E2C2420F9
Validity
Not Before: Jul 16 15:52:26 2026 GMT
Not After : Jul 23 15:52:26 2026 GMT
Subject: CN=6a58fe3a-5de3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ca:a9:eb:54:dd:b1:21:87:e8:d5:22:4e:ab:
d1:d1:a2:1c:e7:45:56:43:3d:b6:18:2b:4d:8a:bf:
22:fe:00:d0:0c:49:1a:a8:98:25:71:dd:dc:dc:ff:
cf:96:e1:b1:f8:b3:f3:1f:38:72:14:65:8a:d9:b1:
31:de:e2:8d:06:55:1b:df:f9:58:de:de:fd:2b:22:
d6:79:87:6c:67:a5:20:5c:8d:12:d2:a4:93:64:49:
a6:cd:52:e4:69:69:01:e2:fc:fd:1d:38:22:57:92:
bb:60:d1:7b:48:89:3d:2a:1b:d5:32:10:01:73:b9:
35:5e:05:7d:b3:2e:f6:ce:ea:7b:f7:16:c2:c0:7d:
9a:69:59:bb:71:de:47:e6:64:8e:75:bf:52:7d:c8:
59:d4:20:d4:aa:fc:47:9b:2b:54:42:2f:3c:15:80:
b2:c9:d0:2c:86:9e:6c:bf:25:c7:81:c3:17:26:75:
9d:ea:90:43:a3:85:37:3f:62:cc:f8:d1:14:e8:1b:
3a:bc:58:43:fa:c7:fc:5b:2f:05:44:38:28:4e:87:
a5:04:44:a9:9e:60:d0:75:cb:a5:d0:6a:65:70:81:
a2:93:f4:a7:96:d6:b6:cd:a6:14:03:18:52:1b:dd:
24:d8:f3:aa:6c:1b:e9:69:ce:dc:ba:4f:d7:56:9e:
90:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:2A:F2:C3:D6:9C:41:7D:31:B5:84:6A:18:63:6D:0F:6D:60:62:B3
X509v3 Authority Key Identifier:
keyid:69:9E:67:42:56:7B:E7:32:9C:C3:A7:86:DE:B7:85:7E:2C:24:20:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9119333/065DA3BAB84411E5B5357B2FC4F9AE02/aZ5nQlZ75zKcw6eG3reFfiwkIPk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aZ5nQlZ75zKcw6eG3reFfiwkIPk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9119333/065DA3BAB84411E5B5357B2FC4F9AE02/aZ5nQlZ75zKcw6eG3reFfiwkIPk.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
57:fe:6c:cb:8b:6c:ee:e5:42:04:56:e2:c6:10:7b:e5:f6:80:
c4:2f:79:1c:e6:59:8e:ed:5d:88:de:ad:c3:7f:21:21:db:29:
f2:7f:05:07:7f:ea:61:e3:89:dd:d5:db:21:c8:de:68:a9:9e:
03:c0:26:9f:e9:fc:84:b9:7b:f1:0b:37:54:d4:a1:ae:16:b2:
51:3a:ba:79:aa:22:1e:9a:5a:71:11:f8:e8:5d:6e:6c:2d:c6:
97:32:79:b5:16:f2:b9:7e:04:42:6e:0a:f1:30:d1:91:da:90:
16:96:3d:89:f3:71:d0:1e:0e:64:76:0b:a1:2d:03:1e:ef:9b:
7a:45:13:a7:22:b7:03:da:84:fa:5b:96:14:2a:9b:54:2e:ae:
91:12:75:8a:35:45:cd:df:07:84:23:fb:4d:e1:56:32:66:73:
ce:e1:7a:01:ab:5e:2f:f8:c1:24:45:de:f0:e6:30:3e:0a:64:
85:3d:5c:80:19:87:5e:d6:1c:7d:aa:dd:9e:c6:dc:1d:e2:c4:
cf:75:9a:32:6d:56:db:68:a3:ae:f1:6e:17:a0:c7:8f:86:08:
0b:8e:65:3a:ef:5f:d7:08:b6:ef:15:7c:ef:27:a3:06:f4:d8:
82:a4:7b:7f:d5:1c:d9:35:6f:1c:f9:b8:e7:f9:4d:a7:3d:81:
c3:7f:ab:ca
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICI54wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTkzMzMxMTAvBgNVBAUTKDY5OUU2NzQyNTY3QkU3MzI5Q0MzQTc4NkRFQjc4NTdF
MkMyNDIwRjkwHhcNMjYwNzE2MTU1MjI2WhcNMjYwNzIzMTU1MjI2WjAYMRYwFAYD
VQQDEw02YTU4ZmUzYS01ZGUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuMqp61TdsSGH6NUiTqvR0aIc50VWQz22GCtNir8i/gDQDEkaqJglcd3c3P/P
luGx+LPzHzhyFGWK2bEx3uKNBlUb3/lY3t79KyLWeYdsZ6UgXI0S0qSTZEmmzVLk
aWkB4vz9HTgiV5K7YNF7SIk9KhvVMhABc7k1XgV9sy72zup79xbCwH2aaVm7cd5H
5mSOdb9SfchZ1CDUqvxHmytUQi88FYCyydAshp5svyXHgcMXJnWd6pBDo4U3P2LM
+NEU6Bs6vFhD+sf8Wy8FRDgoToelBESpnmDQdcul0GplcIGik/Snlta2zaYUAxhS
G90k2POqbBvpac7cuk/XVp6QtwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFCMq8sPW
nEF9MbWEahhjbQ9tYGKzMB8GA1UdIwQYMBaAFGmeZ0JWe+cynMOnht63hX4sJCD5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOTMzMy8wNjVEQTNCQUI4
NDQxMUU1QjUzNTdCMkZDNEY5QUUwMi9hWjVuUWxaNzV6S2N3NmVHM3JlRmZpd2tJ
UGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FaNW5RbFo3NXpLY3c2ZUczcmVGZml3a0lQay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
OTMzMy8wNjVEQTNCQUI4NDQxMUU1QjUzNTdCMkZDNEY5QUUwMi9hWjVuUWxaNzV6
S2N3NmVHM3JlRmZpd2tJUGsubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEAV/5sy4ts7uVCBFbixhB75faAxC95HOZZju1diN6tw38hIdsp8n8FB3/qYeOJ
3dXbIcjeaKmeA8Amn+n8hLl78Qs3VNShrhayUTq6eaoiHppacRH46F1ubC3GlzJ5
tRbyuX4EQm4K8TDRkdqQFpY9ifNx0B4OZHYLoS0DHu+bekUTpyK3A9qE+luWFCqb
VC6ukRJ1ijVFzd8HhCP7TeFWMmZzzuF6AateL/jBJEXe8OYwPgpkhT1cgBmHXtYc
fardnsbcHeLEz3WaMm1W22ijrvFuF6DHj4YIC45lOu9f1wi27xV87yejBvTYgqR7
f9Uc2TVvHPm45/lNpz2Bw3+ryg==
-----END CERTIFICATE-----
Generated at Sat Jul 18 08:12:14 2026 by rpki-client