
$ rpki-client -vvf rpki.apnic.net/member_repository/A9156DB4/E84DB98A9D9A11ECBA928F45C4F9AE02/8tEm8UIIaibjxYSnCrPlJ7MDgYI.mft
File: 8tEm8UIIaibjxYSnCrPlJ7MDgYI.mft (raw, json)
Hash identifier: 3eqg38PEaH3Hn5WFFTIBPSOmCsag1kRVc0y7eC9yBXc=
Subject key identifier: F7:A8:88:D8:B5:1D:E4:4E:0E:D5:2C:92:88:1E:17:F9:BB:FE:4D:2C
Authority key identifier: F2:D1:26:F1:42:08:6A:26:E3:C5:84:A7:0A:B3:E5:27:B3:03:81:82
Certificate issuer: /CN=A9156DB4/serialNumber=F2D126F142086A26E3C584A70AB3E527B3038182
Certificate serial: 047E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8tEm8UIIaibjxYSnCrPlJ7MDgYI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9156DB4/E84DB98A9D9A11ECBA928F45C4F9AE02/8tEm8UIIaibjxYSnCrPlJ7MDgYI.mft
Manifest number: 046C
Signing time: Fri 17 Jul 2026 00:43:01 +0000
Manifest this update: Fri 17 Jul 2026 00:43:01 +0000
Manifest next update: Fri 24 Jul 2026 00:43:01 +0000
Files and hashes: 1: 8tEm8UIIaibjxYSnCrPlJ7MDgYI.crl (hash: sLORiMh1NcrH09wsKjcpob3ScedF8p4bN2sKXBC8iac=)
2: 688C6AC29D9D11EC958A216AC4F9AE02.roa (hash: wPvXbMRDdeZ16YQAsG5yxXC1oVke0Is094fp9Wnssro=)
3: 695DB5289D9D11EC958A216AC4F9AE02.roa (hash: X5PDT1MbgloBsVHEEErT26cO3WdhXztNkcjjEpdBJNM=)
4: 854ACCD2DFEA11ECB7DF0A2EC4F9AE02.roa (hash: 8IoFb/TuJGa8f+hLPDSGTarCT7mkVKZq9W7cRCzmXZc=)
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9156DB4/E84DB98A9D9A11ECBA928F45C4F9AE02/8tEm8UIIaibjxYSnCrPlJ7MDgYI.crl
rsync://rpki.apnic.net/member_repository/A9156DB4/E84DB98A9D9A11ECBA928F45C4F9AE02/8tEm8UIIaibjxYSnCrPlJ7MDgYI.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8tEm8UIIaibjxYSnCrPlJ7MDgYI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 24 Jul 2026 00:43:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1150 (0x47e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9156DB4, serialNumber=F2D126F142086A26E3C584A70AB3E527B3038182
Validity
Not Before: Jul 17 00:43:01 2026 GMT
Not After : Jul 24 00:43:01 2026 GMT
Subject: CN=6a597a95-aaef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b0:8f:41:92:09:cf:d0:da:6d:6f:78:0b:03:
5f:ea:45:64:7e:e8:00:e6:9b:e3:7f:e5:4c:5f:7a:
cf:36:e9:8a:a8:1c:91:24:9c:e4:17:b0:88:52:b3:
db:ff:0d:64:c1:0a:44:1f:6e:4c:1d:14:4b:0c:6a:
32:ca:50:b1:f9:ba:67:d2:69:11:71:86:13:d5:a1:
56:30:d4:ae:f6:b9:cf:de:7e:60:17:64:57:d2:55:
f8:81:72:a2:97:d6:06:c6:bf:f0:19:fd:b0:a6:b6:
7e:01:91:39:ba:93:36:f5:46:19:0e:9b:70:fa:8a:
22:db:76:07:ca:d5:34:69:59:00:b8:13:16:46:22:
81:60:b5:42:70:ab:ed:67:55:48:83:c4:34:9f:2d:
48:d1:33:6c:80:47:b8:52:21:3c:b3:41:ab:c8:08:
78:93:12:d4:c4:6a:20:c9:55:53:4b:dd:86:63:09:
54:21:e6:87:9e:13:c8:6b:a5:b4:b3:ca:7a:5a:08:
0c:12:46:eb:84:1b:ff:3a:6d:e3:03:0f:36:f3:ec:
c2:0d:45:6c:40:fc:8c:dc:a7:e0:04:a9:a2:8d:90:
87:36:7f:5b:1a:72:39:0c:db:21:25:76:f1:4d:63:
05:89:ce:38:e4:56:d6:dd:83:33:4f:16:a7:b2:81:
68:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:A8:88:D8:B5:1D:E4:4E:0E:D5:2C:92:88:1E:17:F9:BB:FE:4D:2C
X509v3 Authority Key Identifier:
keyid:F2:D1:26:F1:42:08:6A:26:E3:C5:84:A7:0A:B3:E5:27:B3:03:81:82
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9156DB4/E84DB98A9D9A11ECBA928F45C4F9AE02/8tEm8UIIaibjxYSnCrPlJ7MDgYI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8tEm8UIIaibjxYSnCrPlJ7MDgYI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9156DB4/E84DB98A9D9A11ECBA928F45C4F9AE02/8tEm8UIIaibjxYSnCrPlJ7MDgYI.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
9e:1d:c5:36:93:fe:4e:54:b0:39:6e:e1:06:a9:43:36:47:4c:
b8:b5:7e:47:0e:45:fb:66:6d:88:2b:e4:c8:1a:e3:00:69:05:
c4:97:f9:a8:11:fa:0e:0a:11:11:93:90:96:cb:53:53:e8:21:
b1:1b:1c:8a:91:87:a8:80:8f:54:5f:de:bf:27:11:0e:23:0f:
fe:32:9e:06:ff:85:e7:b4:8a:3e:30:b9:96:a4:ac:c0:91:51:
15:fb:0e:a2:2b:a1:22:ac:df:a5:a6:d3:d3:a0:07:67:39:74:
56:6c:66:c6:fb:a7:bc:92:b3:9a:65:9c:34:38:0f:d2:00:22:
63:b4:16:12:9f:18:b9:cf:38:cf:df:fd:b1:7a:ae:3a:49:a0:
92:bd:88:cf:91:c6:2e:33:e0:90:4e:8e:0c:14:c3:8c:e4:cf:
3c:9a:be:79:83:bf:38:a7:62:58:af:86:f0:28:14:18:0f:d8:
5b:4c:a1:5f:76:7d:7e:d6:48:23:72:20:c4:84:eb:82:c9:61:
5e:83:3c:9a:b0:0e:0f:51:5d:72:04:39:60:b5:e9:98:db:45:
a9:d1:4d:af:aa:cc:77:24:69:de:7b:d8:2b:2a:62:d8:2b:ab:
87:ec:e4:4b:6a:de:bf:2e:5e:e8:ff:44:f9:f3:31:0a:c9:f3:
5d:c6:ac:12
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICBH4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTZEQjQxMTAvBgNVBAUTKEYyRDEyNkYxNDIwODZBMjZFM0M1ODRBNzBBQjNFNTI3
QjMwMzgxODIwHhcNMjYwNzE3MDA0MzAxWhcNMjYwNzI0MDA0MzAxWjAYMRYwFAYD
VQQDEw02YTU5N2E5NS1hYWVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnLCPQZIJz9DabW94CwNf6kVkfugA5pvjf+VMX3rPNumKqByRJJzkF7CIUrPb
/w1kwQpEH25MHRRLDGoyylCx+bpn0mkRcYYT1aFWMNSu9rnP3n5gF2RX0lX4gXKi
l9YGxr/wGf2wprZ+AZE5upM29UYZDptw+ooi23YHytU0aVkAuBMWRiKBYLVCcKvt
Z1VIg8Q0ny1I0TNsgEe4UiE8s0GryAh4kxLUxGogyVVTS92GYwlUIeaHnhPIa6W0
s8p6WggMEkbrhBv/Om3jAw828+zCDUVsQPyM3KfgBKmijZCHNn9bGnI5DNshJXbx
TWMFic445FbW3YMzTxansoFoowIDAQABo4ICczCCAm8wHQYDVR0OBBYEFPeoiNi1
HeRODtUskogeF/m7/k0sMB8GA1UdIwQYMBaAFPLRJvFCCGom48WEpwqz5SezA4GC
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NkRCNC9FODREQjk4QTlE
OUExMUVDQkE5MjhGNDVDNEY5QUUwMi84dEVtOFVJSWFpYmp4WVNuQ3JQbEo3TURn
WUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzh0RW04VUlJYWlianhZU25DclBsSjdNRGdZSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
NkRCNC9FODREQjk4QTlEOUExMUVDQkE5MjhGNDVDNEY5QUUwMi84dEVtOFVJSWFp
Ymp4WVNuQ3JQbEo3TURnWUkubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEAnh3FNpP+TlSwOW7hBqlDNkdMuLV+Rw5F+2ZtiCvkyBrjAGkFxJf5qBH6DgoR
EZOQlstTU+ghsRscipGHqICPVF/evycRDiMP/jKeBv+F57SKPjC5lqSswJFRFfsO
oiuhIqzfpabT06AHZzl0VmxmxvunvJKzmmWcNDgP0gAiY7QWEp8Yuc84z9/9sXqu
Okmgkr2Iz5HGLjPgkE6ODBTDjOTPPJq+eYO/OKdiWK+G8CgUGA/YW0yhX3Z9ftZI
I3IgxITrgslhXoM8mrAOD1FdcgQ5YLXpmNtFqdFNr6rMdyRp3nvYKypi2Curh+zk
S2revy5e6P9E+fMxCsnzXcasEg==
-----END CERTIFICATE-----
Generated at Sat Jul 18 09:26:43 2026 by rpki-client