
$ rpki-client -vvf rpki.apnic.net/member_repository/A913B7B2/40665008416F11EAB5C7CA65C4F9AE02/CZJdtntKud9gBue9K8HY7cjMfhk.mft
File: CZJdtntKud9gBue9K8HY7cjMfhk.mft (raw, json)
Hash identifier: SLwDgxht9PqByvvYLmcddTQ8g1goLfQc4r5Z1Kt7pqE=
Subject key identifier: D2:15:99:15:14:64:18:B7:22:8F:CE:7E:AA:EC:C9:EC:02:23:D9:B6
Authority key identifier: 09:92:5D:B6:7B:4A:B9:DF:60:06:E7:BD:2B:C1:D8:ED:C8:CC:7E:19
Certificate issuer: /CN=A913B7B2/serialNumber=09925DB67B4AB9DF6006E7BD2BC1D8EDC8CC7E19
Certificate serial: 0C17
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CZJdtntKud9gBue9K8HY7cjMfhk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913B7B2/40665008416F11EAB5C7CA65C4F9AE02/CZJdtntKud9gBue9K8HY7cjMfhk.mft
Manifest number: 0BEA
Signing time: Sat 04 Jul 2026 19:01:45 +0000
Manifest this update: Sat 04 Jul 2026 19:01:45 +0000
Manifest next update: Sat 11 Jul 2026 19:01:45 +0000
Files and hashes: 1: CZJdtntKud9gBue9K8HY7cjMfhk.crl (hash: ccUlQewK5dDbJmgJvDJD+uib+t13wdwimu3BywPb5Bs=)
2: CB926A64E58711F0B2CA0EBF446F56BC.roa (hash: 8Zv5MMAKEdi89aa0T4smQVaAo99bnl+ZMZOEdaQmF7Y=)
3: C43C22501DEF11F1B60466D9163D8C67.roa (hash: xsIr4KFI9a9YHG0N66oMLWH8AurLcb1F9zQyd9fncF4=)
4: 6932258C2F1C11EDA3E29B09C4F9AE02.roa (hash: 53LWwpRVZrDTw/6Ogh5Ek7qxm98TR8hKYo+nI3Iokbw=)
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A913B7B2/40665008416F11EAB5C7CA65C4F9AE02/CZJdtntKud9gBue9K8HY7cjMfhk.crl
rsync://rpki.apnic.net/member_repository/A913B7B2/40665008416F11EAB5C7CA65C4F9AE02/CZJdtntKud9gBue9K8HY7cjMfhk.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CZJdtntKud9gBue9K8HY7cjMfhk.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 11 Jul 2026 19:01:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3095 (0xc17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913B7B2, serialNumber=09925DB67B4AB9DF6006E7BD2BC1D8EDC8CC7E19
Validity
Not Before: Jul 4 19:01:45 2026 GMT
Not After : Jul 11 19:01:45 2026 GMT
Subject: CN=6a495899-c2ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:01:bf:fa:7d:04:1f:e0:b0:34:f4:a6:b5:0b:
8f:e7:ed:04:05:e7:61:cf:9d:e1:18:bf:63:51:a0:
88:c9:7a:5b:6d:0c:91:f1:95:ce:ea:78:ed:90:6d:
fa:ce:63:bc:01:9d:51:41:ee:b4:6c:d9:d6:0f:b9:
d2:93:1a:0e:c6:be:f1:6c:b5:21:4f:23:13:13:e5:
1e:b4:01:7f:fb:6e:49:5d:14:c0:eb:43:cc:27:ff:
91:00:3d:10:b3:a4:06:9d:4e:1c:bb:51:46:8b:53:
c9:65:e1:36:db:20:16:a1:a2:fe:14:b1:13:04:7c:
9f:e4:57:01:28:48:78:b6:85:2f:50:cc:11:54:bc:
1b:f3:00:55:28:20:63:3d:11:f2:71:51:7a:77:f9:
30:75:2a:4c:ba:27:8f:92:f0:52:cb:e6:22:6e:51:
8e:04:e0:14:d5:c8:98:6f:e7:6a:47:4c:5e:28:da:
99:23:23:da:2d:d0:47:dc:00:b7:30:a2:c6:81:01:
c6:0f:c8:ee:41:e7:50:ce:47:7b:02:4e:7f:4f:04:
98:7f:8e:cb:bd:89:1b:45:36:0b:dd:c4:5a:7e:f3:
a9:92:7d:6c:9c:9c:01:5c:dc:3c:ca:aa:25:62:42:
aa:df:c1:e6:df:a1:48:ed:b2:6f:21:13:6b:40:97:
ce:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:15:99:15:14:64:18:B7:22:8F:CE:7E:AA:EC:C9:EC:02:23:D9:B6
X509v3 Authority Key Identifier:
keyid:09:92:5D:B6:7B:4A:B9:DF:60:06:E7:BD:2B:C1:D8:ED:C8:CC:7E:19
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913B7B2/40665008416F11EAB5C7CA65C4F9AE02/CZJdtntKud9gBue9K8HY7cjMfhk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CZJdtntKud9gBue9K8HY7cjMfhk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913B7B2/40665008416F11EAB5C7CA65C4F9AE02/CZJdtntKud9gBue9K8HY7cjMfhk.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
7f:cd:28:ed:06:90:a6:66:c8:0a:47:c4:2a:4a:5c:1a:3d:e9:
3d:78:6d:73:85:cb:64:0b:fc:92:17:c0:0f:46:d6:a6:8e:7b:
23:cb:ef:d9:07:49:9b:f2:c6:90:70:29:73:13:ba:76:86:58:
41:14:e8:a3:44:a0:ce:09:e9:ae:48:34:6b:7b:9c:ed:c5:10:
f1:e8:f0:ee:0b:dc:56:07:96:77:e0:9f:9d:ac:0d:af:24:07:
1a:6a:3e:9c:83:1d:77:f9:41:51:4f:55:53:9f:69:1e:cc:1e:
cc:74:f0:d3:2c:49:97:d2:ff:92:9d:58:fc:ae:7e:06:c1:e2:
44:db:99:a7:8e:9f:0e:52:66:c7:e1:ef:5f:9b:15:d3:c1:e4:
71:c9:b2:b4:09:a0:e7:2c:2c:64:44:f8:d8:bc:9d:d5:b4:ab:
c9:ba:e6:9f:ab:fd:11:87:26:59:61:48:e8:b4:bd:c1:31:71:
0b:4f:b0:aa:93:8d:52:09:49:f8:c7:5b:e7:34:c0:3d:f2:d3:
0d:74:4c:37:52:17:e4:a3:75:58:03:ab:c5:00:67:10:e3:ee:
6e:5e:ea:85:e8:59:a1:9b:db:c8:fb:d2:ce:3d:5e:f1:cc:40:
39:89:ab:10:6d:2a:c7:85:2c:51:40:5d:31:9e:6d:1b:e5:2d:
13:e6:3a:5b
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICDBcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0I3QjIxMTAvBgNVBAUTKDA5OTI1REI2N0I0QUI5REY2MDA2RTdCRDJCQzFEOEVE
QzhDQzdFMTkwHhcNMjYwNzA0MTkwMTQ1WhcNMjYwNzExMTkwMTQ1WjAYMRYwFAYD
VQQDEw02YTQ5NTg5OS1jMmVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArwG/+n0EH+CwNPSmtQuP5+0EBedhz53hGL9jUaCIyXpbbQyR8ZXO6njtkG36
zmO8AZ1RQe60bNnWD7nSkxoOxr7xbLUhTyMTE+UetAF/+25JXRTA60PMJ/+RAD0Q
s6QGnU4cu1FGi1PJZeE22yAWoaL+FLETBHyf5FcBKEh4toUvUMwRVLwb8wBVKCBj
PRHycVF6d/kwdSpMuiePkvBSy+YiblGOBOAU1ciYb+dqR0xeKNqZIyPaLdBH3AC3
MKLGgQHGD8juQedQzkd7Ak5/TwSYf47LvYkbRTYL3cRafvOpkn1snJwBXNw8yqol
YkKq38Hm36FI7bJvIRNrQJfOWwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFNIVmRUU
ZBi3Io/OfqrsyewCI9m2MB8GA1UdIwQYMBaAFAmSXbZ7SrnfYAbnvSvB2O3IzH4Z
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQjdCMi80MDY2NTAwODQx
NkYxMUVBQjVDN0NBNjVDNEY5QUUwMi9DWkpkdG50S3VkOWdCdWU5SzhIWTdjak1m
aGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NaSmR0bnRLdWQ5Z0J1ZTlLOEhZN2NqTWZoay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
QjdCMi80MDY2NTAwODQxNkYxMUVBQjVDN0NBNjVDNEY5QUUwMi9DWkpkdG50S3Vk
OWdCdWU5SzhIWTdjak1maGsubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEAf80o7QaQpmbICkfEKkpcGj3pPXhtc4XLZAv8khfAD0bWpo57I8vv2QdJm/LG
kHApcxO6doZYQRToo0Sgzgnprkg0a3uc7cUQ8ejw7gvcVgeWd+CfnawNryQHGmo+
nIMdd/lBUU9VU59pHswezHTw0yxJl9L/kp1Y/K5+BsHiRNuZp46fDlJmx+HvX5sV
08HkccmytAmg5ywsZET42Lyd1bSrybrmn6v9EYcmWWFI6LS9wTFxC0+wqpONUglJ
+Mdb5zTAPfLTDXRMN1IX5KN1WAOrxQBnEOPubl7qhehZoZvbyPvSzj1e8cxAOYmr
EG0qx4UsUUBdMZ5tG+UtE+Y6Ww==
-----END CERTIFICATE-----
Generated at Sun Jul 5 11:16:38 2026 by rpki-client