
$ rpki-client -vvf rpki.apnic.net/member_repository/A91758EC/6BF86B84663011F0B9DC4E64C4F9AE02/2Ce2hD639rnw7V8v9yNEpSwEtJ8.mft
File: 2Ce2hD639rnw7V8v9yNEpSwEtJ8.mft (raw, json)
Hash identifier: Yd2geMFf7hyPntbIsddHJLrnRfPV4h/VsBn5ckAwAe4=
Subject key identifier: 7F:1D:1F:54:A7:4F:4E:D1:D5:C6:72:82:3D:46:9A:F0:58:1C:1C:62
Authority key identifier: D8:27:B6:84:3E:B7:F6:B9:F0:ED:5F:2F:F7:23:44:A5:2C:04:B4:9F
Certificate issuer: /CN=A91758EC/serialNumber=D827B6843EB7F6B9F0ED5F2FF72344A52C04B49F
Certificate serial: D1
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2Ce2hD639rnw7V8v9yNEpSwEtJ8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91758EC/6BF86B84663011F0B9DC4E64C4F9AE02/2Ce2hD639rnw7V8v9yNEpSwEtJ8.mft
Manifest number: C5
Signing time: Fri 17 Jul 2026 08:14:35 +0000
Manifest this update: Fri 17 Jul 2026 08:14:34 +0000
Manifest next update: Fri 24 Jul 2026 08:14:34 +0000
Files and hashes: 1: 2Ce2hD639rnw7V8v9yNEpSwEtJ8.crl (hash: TK0J83szyqMzZqOCklP5BTfSNs9rSyrN9H+QJ0Q1d68=)
2: 1B34EF06FC1C11F0AA0D3BE4396F56BC.roa (hash: iqYV9/xnKXVfiZZcxAVxMjO3LAkmh0lLnZhQciHJSJg=)
3: 1AC14F60FC1C11F0AA0D3BE4396F56BC.roa (hash: aYDnHlZZ14KegbsrCL1Glj9EDgxGx2Y0U5BoskwOni4=)
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91758EC/6BF86B84663011F0B9DC4E64C4F9AE02/2Ce2hD639rnw7V8v9yNEpSwEtJ8.crl
rsync://rpki.apnic.net/member_repository/A91758EC/6BF86B84663011F0B9DC4E64C4F9AE02/2Ce2hD639rnw7V8v9yNEpSwEtJ8.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2Ce2hD639rnw7V8v9yNEpSwEtJ8.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 24 Jul 2026 08:14:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 209 (0xd1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91758EC, serialNumber=D827B6843EB7F6B9F0ED5F2FF72344A52C04B49F
Validity
Not Before: Jul 17 08:14:34 2026 GMT
Not After : Jul 24 08:14:34 2026 GMT
Subject: CN=6a59e46a-bfba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:4f:b4:19:81:63:29:0d:9d:71:05:e2:ce:43:
69:10:2d:7f:57:f9:3f:f3:e8:08:f3:2a:02:9a:98:
7b:24:41:eb:06:e6:28:a8:46:ef:67:4b:9b:17:93:
71:d9:17:8a:84:2a:5f:e3:e9:6a:3d:34:21:33:96:
e4:8b:ea:c4:a7:66:a7:2a:f7:a5:bb:58:79:0f:15:
fb:99:ba:86:51:bc:2a:d7:ec:ae:b9:3f:97:4e:03:
02:e6:cf:20:da:c4:d5:df:55:7b:b0:be:aa:b4:fc:
0d:8f:25:4f:fb:b6:9e:bd:0f:66:90:74:ca:07:fe:
47:e0:b8:e6:f1:14:7e:77:85:ed:f7:6f:32:7b:ad:
6f:0e:59:0d:8d:9e:1f:64:f5:ab:ef:08:40:84:e8:
dd:7c:1f:73:87:30:38:07:3c:73:0f:b5:67:9b:d5:
b7:69:74:5f:b1:4c:a7:b0:82:15:1e:c4:32:1a:13:
a0:6a:c2:91:c5:a0:21:1c:a0:44:13:e9:dc:f3:7f:
c3:2a:39:e0:2c:29:d0:c4:36:4e:21:d1:4d:54:b5:
d3:b8:f4:7c:16:f6:1f:2b:29:9a:7e:be:2c:5d:0f:
8e:fe:e4:47:8f:9b:d9:9b:92:36:57:59:db:32:8d:
48:39:f7:63:3d:7e:6a:3f:5d:f1:b2:6e:25:3f:84:
89:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:1D:1F:54:A7:4F:4E:D1:D5:C6:72:82:3D:46:9A:F0:58:1C:1C:62
X509v3 Authority Key Identifier:
keyid:D8:27:B6:84:3E:B7:F6:B9:F0:ED:5F:2F:F7:23:44:A5:2C:04:B4:9F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91758EC/6BF86B84663011F0B9DC4E64C4F9AE02/2Ce2hD639rnw7V8v9yNEpSwEtJ8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2Ce2hD639rnw7V8v9yNEpSwEtJ8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91758EC/6BF86B84663011F0B9DC4E64C4F9AE02/2Ce2hD639rnw7V8v9yNEpSwEtJ8.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
5f:70:72:4c:01:45:06:24:46:78:45:4b:b5:61:53:24:ce:f2:
a8:a0:a0:90:e5:42:56:57:98:35:f9:38:c7:d8:73:ec:a2:f4:
0f:f5:e7:d2:fd:d9:30:a5:8c:75:70:28:31:15:ac:a7:6a:e2:
a1:48:da:5c:0f:63:e5:fe:ab:af:8c:7f:54:8a:bb:d5:15:aa:
5c:7f:ca:3d:74:c5:05:c1:2f:82:39:e8:82:8b:26:e0:cf:7e:
aa:fb:e2:b3:21:db:87:c1:b3:eb:93:d5:67:09:6d:dc:c8:39:
b5:71:e3:a7:55:fd:8a:d3:56:d9:72:94:d0:f2:5f:16:aa:1e:
94:e5:41:31:0a:f3:a2:65:cc:ee:fc:ab:19:6d:de:49:cf:f0:
2a:ff:f1:e4:ef:f8:94:af:7c:e6:9e:c7:ed:5c:94:67:cd:16:
ba:a0:89:ee:26:13:a8:33:d6:0f:6c:41:d1:99:08:df:78:f6:
bd:3a:c7:cf:08:dc:ff:16:4c:0b:17:6a:72:a8:35:4b:b1:39:
10:6f:01:8d:50:67:9e:46:ed:a9:f9:05:ff:d3:27:fb:4f:33:
d6:69:06:ad:9f:0a:9c:7e:a0:0e:39:ca:50:6c:77:57:75:b7:
d3:06:f1:b0:89:45:d1:cb:dc:9d:c9:8a:92:27:52:18:3f:98:
5e:fb:ea:66
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICANEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzU4RUMxMTAvBgNVBAUTKEQ4MjdCNjg0M0VCN0Y2QjlGMEVENUYyRkY3MjM0NEE1
MkMwNEI0OUYwHhcNMjYwNzE3MDgxNDM0WhcNMjYwNzI0MDgxNDM0WjAYMRYwFAYD
VQQDEw02YTU5ZTQ2YS1iZmJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1U+0GYFjKQ2dcQXizkNpEC1/V/k/8+gI8yoCmph7JEHrBuYoqEbvZ0ubF5Nx
2ReKhCpf4+lqPTQhM5bki+rEp2anKvelu1h5DxX7mbqGUbwq1+yuuT+XTgMC5s8g
2sTV31V7sL6qtPwNjyVP+7aevQ9mkHTKB/5H4Ljm8RR+d4Xt928ye61vDlkNjZ4f
ZPWr7whAhOjdfB9zhzA4BzxzD7Vnm9W3aXRfsUynsIIVHsQyGhOgasKRxaAhHKBE
E+nc83/DKjngLCnQxDZOIdFNVLXTuPR8FvYfKymafr4sXQ+O/uRHj5vZm5I2V1nb
Mo1IOfdjPX5qP13xsm4lP4SJ9QIDAQABo4ICczCCAm8wHQYDVR0OBBYEFH8dH1Sn
T07R1cZygj1GmvBYHBxiMB8GA1UdIwQYMBaAFNgntoQ+t/a58O1fL/cjRKUsBLSf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NThFQy82QkY4NkI4NDY2
MzAxMUYwQjlEQzRFNjRDNEY5QUUwMi8yQ2UyaEQ2Mzlybnc3Vjh2OXlORXBTd0V0
SjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLzJDZTJoRDYzOXJudzdWOHY5eU5FcFN3RXRKOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
NThFQy82QkY4NkI4NDY2MzAxMUYwQjlEQzRFNjRDNEY5QUUwMi8yQ2UyaEQ2Mzly
bnc3Vjh2OXlORXBTd0V0SjgubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEAX3ByTAFFBiRGeEVLtWFTJM7yqKCgkOVCVleYNfk4x9hz7KL0D/Xn0v3ZMKWM
dXAoMRWsp2rioUjaXA9j5f6rr4x/VIq71RWqXH/KPXTFBcEvgjnogosm4M9+qvvi
syHbh8Gz65PVZwlt3Mg5tXHjp1X9itNW2XKU0PJfFqoelOVBMQrzomXM7vyrGW3e
Sc/wKv/x5O/4lK985p7H7VyUZ80WuqCJ7iYTqDPWD2xB0ZkI33j2vTrHzwjc/xZM
Cxdqcqg1S7E5EG8BjVBnnkbtqfkF/9Mn+08z1mkGrZ8KnH6gDjnKUGx3V3W30wbx
sIlF0cvcncmKkidSGD+YXvvqZg==
-----END CERTIFICATE-----
Generated at Sat Jul 18 03:29:51 2026 by rpki-client