
$ rpki-client -vvf rpki.apnic.net/member_repository/A9146A72/05C891DA89ED11E386916EA55911EA32/I3BNWS9XUJ7c5aSte97tz3vbrOQ.mft
File: I3BNWS9XUJ7c5aSte97tz3vbrOQ.mft (raw, json)
Hash identifier: bjapcOwtVMuu2ubV06GgK8oSYsu8AFiMphe0JilppnU=
Subject key identifier: EB:B0:FA:07:F6:85:7F:20:95:46:62:76:8F:B0:91:E8:7E:9B:12:E9
Authority key identifier: 23:70:4D:59:2F:57:50:9E:DC:E5:A4:AD:7B:DE:ED:CF:7B:DB:AC:E4
Certificate issuer: /CN=A9146A72/serialNumber=23704D592F57509EDCE5A4AD7BDEEDCF7BDBACE4
Certificate serial: 2E6D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I3BNWS9XUJ7c5aSte97tz3vbrOQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9146A72/05C891DA89ED11E386916EA55911EA32/I3BNWS9XUJ7c5aSte97tz3vbrOQ.mft
Manifest number: 2E48
Signing time: Thu 16 Jul 2026 15:32:15 +0000
Manifest this update: Thu 16 Jul 2026 15:32:15 +0000
Manifest next update: Thu 23 Jul 2026 15:32:15 +0000
Files and hashes: 1: I3BNWS9XUJ7c5aSte97tz3vbrOQ.crl (hash: S6RhkKgc38YdnyMK+B+Kwz0qxb2C78LOT9NEq0EZHrg=)
2: F2AE85D6128E11F1BA652BAD3A3D8C67.roa (hash: N17i/Vo6qq4GynkhbHnkWbsIC9qgwD2VSBbjxJt5D3I=)
3: 3635C928CE3811EF878F6569C4F9AE02.roa (hash: /EIrPIM51/gSZuhZi7PXLaV6H0Mn6QzhbGDSyj34JEc=)
4: 0F6B8D969A6B11F08E49AE43C4F9AE02.roa (hash: VFEJ2pC2bmVwEIh9Ul33fbeRMTH5fCAYFl8iU/+lajY=)
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9146A72/05C891DA89ED11E386916EA55911EA32/I3BNWS9XUJ7c5aSte97tz3vbrOQ.crl
rsync://rpki.apnic.net/member_repository/A9146A72/05C891DA89ED11E386916EA55911EA32/I3BNWS9XUJ7c5aSte97tz3vbrOQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I3BNWS9XUJ7c5aSte97tz3vbrOQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 Jul 2026 15:32:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11885 (0x2e6d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9146A72, serialNumber=23704D592F57509EDCE5A4AD7BDEEDCF7BDBACE4
Validity
Not Before: Jul 16 15:32:15 2026 GMT
Not After : Jul 23 15:32:15 2026 GMT
Subject: CN=6a58f97f-cac9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:de:22:39:d6:82:bb:2a:68:fc:be:42:81:3a:
2b:77:0d:af:c9:de:68:d5:0f:30:f6:8a:fb:fc:65:
d5:3a:bb:fd:22:cd:ed:bd:11:bd:99:ea:03:8d:56:
9e:40:51:68:ea:3b:e4:5a:8b:5f:71:29:44:2f:2d:
6e:c4:7a:df:94:ba:2d:70:ab:15:3a:38:45:80:68:
1d:54:ef:3e:08:e3:28:6d:42:8c:b7:12:b7:d0:5d:
32:0a:3f:f2:c4:f5:5e:f2:4d:72:57:e0:d5:eb:69:
c7:ca:14:31:ad:ca:e0:1e:0f:66:74:8a:b7:62:c8:
9f:44:7f:8e:98:d6:61:55:30:bc:8e:a5:c2:0d:7d:
62:7b:13:3c:23:e8:3b:25:4d:8d:79:07:6a:c3:d4:
3d:f7:c7:52:c1:de:aa:25:e3:61:b1:89:5a:48:b9:
ce:a6:de:87:08:47:eb:94:df:d5:30:c2:95:b0:9f:
82:f5:fa:38:5f:75:76:e0:da:6e:dc:04:1b:a3:48:
d9:33:ee:55:8f:bf:6c:ae:59:20:f0:ca:1e:4d:f3:
65:86:92:d3:42:08:58:8f:c2:6d:30:b8:64:3e:8c:
fe:43:dd:6d:e2:89:bd:66:72:7b:0c:c2:b6:a5:3c:
bd:34:78:b7:11:5f:df:6f:49:53:a6:e5:94:5c:8b:
ad:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:B0:FA:07:F6:85:7F:20:95:46:62:76:8F:B0:91:E8:7E:9B:12:E9
X509v3 Authority Key Identifier:
keyid:23:70:4D:59:2F:57:50:9E:DC:E5:A4:AD:7B:DE:ED:CF:7B:DB:AC:E4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9146A72/05C891DA89ED11E386916EA55911EA32/I3BNWS9XUJ7c5aSte97tz3vbrOQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I3BNWS9XUJ7c5aSte97tz3vbrOQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9146A72/05C891DA89ED11E386916EA55911EA32/I3BNWS9XUJ7c5aSte97tz3vbrOQ.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
04:7d:06:be:97:0d:ab:52:3e:45:36:ff:65:02:05:21:da:8c:
ef:ba:1d:c7:89:3f:da:ab:24:ac:e6:f4:ff:c3:8f:9f:25:f0:
45:b9:74:9a:af:83:7a:ed:8f:41:19:01:45:cc:c0:59:f2:a1:
d7:97:be:11:4a:b2:7d:b6:d6:07:d9:b2:35:8e:5f:8f:85:41:
1e:33:59:e5:0c:cb:39:50:ff:1c:6f:59:3c:ba:ae:ef:a7:27:
39:2f:6b:2a:f8:a3:fe:e0:21:98:2f:ba:d3:a3:68:e4:32:0b:
60:e3:50:8f:74:18:24:ed:4b:75:e3:fe:e3:cf:8f:90:7c:d1:
ca:69:cd:49:1b:59:b7:53:ed:de:78:c5:c5:5f:af:29:df:f9:
84:a0:f9:76:ed:bc:74:6d:46:93:92:9b:56:4e:ec:e6:bb:e2:
40:6f:8b:b6:ff:72:ad:ec:78:70:bd:39:0c:e3:bd:cf:08:07:
49:a3:8e:7c:58:24:ec:17:58:73:4b:87:1f:cb:9d:51:4c:96:
96:9d:b7:1e:b0:a9:76:3e:64:a6:16:e8:61:d7:0f:52:59:35:
57:c9:1b:61:6e:bc:91:4d:f6:ea:a0:48:80:1f:6a:26:6c:3b:
3f:97:c0:4c:ab:8c:29:6c:e3:ca:69:27:76:6d:c5:38:52:77:
8e:e2:c5:23
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICLm0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDZBNzIxMTAvBgNVBAUTKDIzNzA0RDU5MkY1NzUwOUVEQ0U1QTRBRDdCREVFRENG
N0JEQkFDRTQwHhcNMjYwNzE2MTUzMjE1WhcNMjYwNzIzMTUzMjE1WjAYMRYwFAYD
VQQDEw02YTU4Zjk3Zi1jYWM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAod4iOdaCuypo/L5CgTordw2vyd5o1Q8w9or7/GXVOrv9Is3tvRG9meoDjVae
QFFo6jvkWotfcSlELy1uxHrflLotcKsVOjhFgGgdVO8+COMobUKMtxK30F0yCj/y
xPVe8k1yV+DV62nHyhQxrcrgHg9mdIq3YsifRH+OmNZhVTC8jqXCDX1iexM8I+g7
JU2NeQdqw9Q998dSwd6qJeNhsYlaSLnOpt6HCEfrlN/VMMKVsJ+C9fo4X3V24Npu
3AQbo0jZM+5Vj79srlkg8MoeTfNlhpLTQghYj8JtMLhkPoz+Q91t4om9ZnJ7DMK2
pTy9NHi3EV/fb0lTpuWUXIutsQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFOuw+gf2
hX8glUZido+wkeh+mxLpMB8GA1UdIwQYMBaAFCNwTVkvV1Ce3OWkrXve7c9726zk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NkE3Mi8wNUM4OTFEQTg5
RUQxMUUzODY5MTZFQTU1OTExRUEzMi9JM0JOV1M5WFVKN2M1YVN0ZTk3dHozdmJy
T1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0kzQk5XUzlYVUo3YzVhU3RlOTd0ejN2YnJPUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
NkE3Mi8wNUM4OTFEQTg5RUQxMUUzODY5MTZFQTU1OTExRUEzMi9JM0JOV1M5WFVK
N2M1YVN0ZTk3dHozdmJyT1EubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEABH0GvpcNq1I+RTb/ZQIFIdqM77odx4k/2qskrOb0/8OPnyXwRbl0mq+Deu2P
QRkBRczAWfKh15e+EUqyfbbWB9myNY5fj4VBHjNZ5QzLOVD/HG9ZPLqu76cnOS9r
Kvij/uAhmC+606No5DILYONQj3QYJO1LdeP+48+PkHzRymnNSRtZt1Pt3njFxV+v
Kd/5hKD5du28dG1Gk5KbVk7s5rviQG+Ltv9yrex4cL05DOO9zwgHSaOOfFgk7BdY
c0uHH8udUUyWlp23HrCpdj5kphboYdcPUlk1V8kbYW68kU326qBIgB9qJmw7P5fA
TKuMKWzjymkndm3FOFJ3juLFIw==
-----END CERTIFICATE-----
Generated at Sat Jul 18 08:51:32 2026 by rpki-client