
$ rpki-client -vvf rpki.apnic.net/member_repository/A9147B4B/E156A04CCF3811EF8484E92FC4F9AE02/yHfN8i0ltuM_xeSVvlXlnQqUmH4.mft
File: yHfN8i0ltuM_xeSVvlXlnQqUmH4.mft (raw, json)
Hash identifier: i0KaRacu2sNZeXq/Hjl7iqtL3kTdaXaP2vv67rwCLCY=
Subject key identifier: A1:FA:4D:4F:C3:6A:29:8B:93:BA:0A:5E:77:A0:B2:81:E6:F7:CC:88
Authority key identifier: C8:77:CD:F2:2D:25:B6:E3:3F:C5:E4:95:BE:55:E5:9D:0A:94:98:7E
Certificate issuer: /CN=A9147B4B/serialNumber=C877CDF22D25B6E33FC5E495BE55E59D0A94987E
Certificate serial: 0143
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yHfN8i0ltuM_xeSVvlXlnQqUmH4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9147B4B/E156A04CCF3811EF8484E92FC4F9AE02/yHfN8i0ltuM_xeSVvlXlnQqUmH4.mft
Manifest number: 0123
Signing time: Fri 17 Jul 2026 06:58:34 +0000
Manifest this update: Fri 17 Jul 2026 06:58:34 +0000
Manifest next update: Fri 24 Jul 2026 06:58:34 +0000
Files and hashes: 1: yHfN8i0ltuM_xeSVvlXlnQqUmH4.crl (hash: bzfvzbzYBR8omuI02A3yqfH5Xr8+25FJe9UFbyl2BIo=)
2: 7CC84384BCB711F0BD57E909C4F9AE02.roa (hash: yNjcbXSQe954tG4iPQoh2HGC3/zMHGuxKNsySG8+1DI=)
3: 7D3521CABCB711F08B02E909C4F9AE02.roa (hash: XFH0Q1KpeOYZLCrrHNLmbgTNMLaKVPfV4xztcVnCyR8=)
4: 7C5A543CBCB711F08806E909C4F9AE02.roa (hash: Otxavzn9wqai7bz3j2wOAOhJHM7zPHSQjLLYM4IbP1Q=)
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9147B4B/E156A04CCF3811EF8484E92FC4F9AE02/yHfN8i0ltuM_xeSVvlXlnQqUmH4.crl
rsync://rpki.apnic.net/member_repository/A9147B4B/E156A04CCF3811EF8484E92FC4F9AE02/yHfN8i0ltuM_xeSVvlXlnQqUmH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yHfN8i0ltuM_xeSVvlXlnQqUmH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 24 Jul 2026 06:58:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 323 (0x143)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9147B4B, serialNumber=C877CDF22D25B6E33FC5E495BE55E59D0A94987E
Validity
Not Before: Jul 17 06:58:34 2026 GMT
Not After : Jul 24 06:58:34 2026 GMT
Subject: CN=6a59d29a-9572
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e7:72:a2:ac:0a:dc:53:ad:de:53:0f:02:f3:
67:17:8a:d3:e2:1d:5e:57:ef:49:6b:cd:92:0e:54:
19:dd:5c:5e:1f:43:17:a9:ad:34:aa:44:08:c8:d4:
3d:a3:35:c4:7a:e2:00:5a:a7:07:f0:5a:e1:12:c8:
99:2c:09:b5:19:17:5c:dd:29:1d:80:ea:5e:9b:df:
65:5d:45:df:12:55:9c:df:18:28:3b:1b:40:0f:5e:
cd:8f:91:2e:7c:60:e7:93:89:b1:13:48:03:14:a2:
49:0e:77:8c:9e:ac:39:19:b1:72:02:97:b3:9f:c9:
96:ce:f3:92:ef:d4:5b:1b:9f:60:50:82:ff:29:73:
d0:08:f5:ae:7d:25:c9:e1:f1:21:49:94:18:1f:9a:
b6:89:16:e3:1d:9e:02:b8:4c:ae:01:67:f9:1e:5f:
65:32:8b:da:a5:06:fd:20:ea:05:e4:b2:7d:24:b3:
78:17:70:78:ec:67:b5:00:13:78:19:09:c1:53:ac:
d3:e2:c9:f1:83:19:3e:eb:37:2a:c8:82:96:2e:9b:
65:1c:16:bc:17:e6:56:e3:c3:2b:3e:1b:d5:00:33:
3b:f7:6e:2e:2d:71:b6:3f:25:2a:ca:60:2e:31:85:
c3:2f:c6:af:76:85:78:ae:c5:08:be:77:9b:b6:57:
7d:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:FA:4D:4F:C3:6A:29:8B:93:BA:0A:5E:77:A0:B2:81:E6:F7:CC:88
X509v3 Authority Key Identifier:
keyid:C8:77:CD:F2:2D:25:B6:E3:3F:C5:E4:95:BE:55:E5:9D:0A:94:98:7E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9147B4B/E156A04CCF3811EF8484E92FC4F9AE02/yHfN8i0ltuM_xeSVvlXlnQqUmH4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yHfN8i0ltuM_xeSVvlXlnQqUmH4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9147B4B/E156A04CCF3811EF8484E92FC4F9AE02/yHfN8i0ltuM_xeSVvlXlnQqUmH4.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
19:61:50:1f:e0:4c:2b:46:1e:aa:f1:51:09:43:6e:24:ed:d5:
1d:1b:da:26:98:fa:19:d4:2d:d5:26:3b:41:26:dc:40:38:c4:
c5:ff:c2:3f:b0:23:07:ec:ee:06:bf:db:94:b0:ce:91:0f:b7:
6f:ad:2b:8c:20:4d:34:f1:89:e9:87:c8:d4:29:4b:8f:5e:f1:
dd:56:59:8e:1e:75:6f:23:64:1f:9c:02:9b:63:f4:18:42:ed:
17:71:85:e3:5f:12:ff:ec:1c:1f:68:ec:4d:07:03:98:5c:4b:
13:f4:14:98:ad:05:ec:40:1c:8a:b5:b9:4e:ce:5c:c2:6e:6c:
4f:8c:2f:2a:f4:28:71:51:33:be:7b:00:f6:25:8a:d0:98:20:
93:9e:2b:ad:31:80:49:4c:25:7e:6f:32:1e:ee:24:58:f7:2f:
ac:39:74:75:32:ba:0a:37:e4:12:8c:38:47:20:da:b2:97:d1:
14:e8:6a:1d:04:d7:b1:70:21:9b:11:89:bf:2a:d3:0d:c2:ef:
bd:29:06:52:35:8b:8f:25:3e:91:88:ad:bd:0a:3b:3a:34:04:
31:58:31:b6:6b:ec:aa:ff:c6:a3:7b:58:48:56:a5:d0:14:e9:
4d:43:29:00:4a:47:ae:39:b6:9d:98:4c:86:90:e6:7a:4d:05:
9c:34:94:cf
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICAUMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDdCNEIxMTAvBgNVBAUTKEM4NzdDREYyMkQyNUI2RTMzRkM1RTQ5NUJFNTVFNTlE
MEE5NDk4N0UwHhcNMjYwNzE3MDY1ODM0WhcNMjYwNzI0MDY1ODM0WjAYMRYwFAYD
VQQDEw02YTU5ZDI5YS05NTcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvudyoqwK3FOt3lMPAvNnF4rT4h1eV+9Ja82SDlQZ3VxeH0MXqa00qkQIyNQ9
ozXEeuIAWqcH8FrhEsiZLAm1GRdc3SkdgOpem99lXUXfElWc3xgoOxtAD17Nj5Eu
fGDnk4mxE0gDFKJJDneMnqw5GbFyApezn8mWzvOS79RbG59gUIL/KXPQCPWufSXJ
4fEhSZQYH5q2iRbjHZ4CuEyuAWf5Hl9lMovapQb9IOoF5LJ9JLN4F3B47Ge1ABN4
GQnBU6zT4snxgxk+6zcqyIKWLptlHBa8F+ZW48MrPhvVADM7924uLXG2PyUqymAu
MYXDL8avdoV4rsUIvnebtld9XwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFKH6TU/D
aimLk7oKXnegsoHm98yIMB8GA1UdIwQYMBaAFMh3zfItJbbjP8Xklb5V5Z0KlJh+
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0N0I0Qi9FMTU2QTA0Q0NG
MzgxMUVGODQ4NEU5MkZDNEY5QUUwMi95SGZOOGkwbHR1TV94ZVNWdmxYbG5RcVVt
SDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3lIZk44aTBsdHVNX3hlU1Z2bFhsblFxVW1INC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
N0I0Qi9FMTU2QTA0Q0NGMzgxMUVGODQ4NEU5MkZDNEY5QUUwMi95SGZOOGkwbHR1
TV94ZVNWdmxYbG5RcVVtSDQubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEAGWFQH+BMK0YeqvFRCUNuJO3VHRvaJpj6GdQt1SY7QSbcQDjExf/CP7AjB+zu
Br/blLDOkQ+3b60rjCBNNPGJ6YfI1ClLj17x3VZZjh51byNkH5wCm2P0GELtF3GF
418S/+wcH2jsTQcDmFxLE/QUmK0F7EAcirW5Ts5cwm5sT4wvKvQocVEzvnsA9iWK
0Jggk54rrTGASUwlfm8yHu4kWPcvrDl0dTK6CjfkEow4RyDaspfRFOhqHQTXsXAh
mxGJvyrTDcLvvSkGUjWLjyU+kYitvQo7OjQEMVgxtmvsqv/Go3tYSFal0BTpTUMp
AEpHrjm2nZhMhpDmek0FnDSUzw==
-----END CERTIFICATE-----
Generated at Sat Jul 18 01:50:56 2026 by rpki-client