
$ rpki-client -vvf rpki.apnic.net/member_repository/A917AAAD/E3B2B644F7C111EA8275CB66C4F9AE02/1hfUcQSCx_d1dSBX3IaCJZsxnHg.mft
File: 1hfUcQSCx_d1dSBX3IaCJZsxnHg.mft (raw, json)
Hash identifier: rKiYzLLmKRtFr07DaNNic7p45K1TW7PiqGjeVm1bRMA=
Subject key identifier: 33:69:8A:B0:8E:9F:43:F9:5F:E4:E1:3F:71:3B:A7:D7:A4:2F:54:46
Authority key identifier: D6:17:D4:71:04:82:C7:F7:75:75:20:57:DC:86:82:25:9B:31:9C:78
Certificate issuer: /CN=A917AAAD/serialNumber=D617D4710482C7F775752057DC8682259B319C78
Certificate serial: 08A9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1hfUcQSCx_d1dSBX3IaCJZsxnHg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917AAAD/E3B2B644F7C111EA8275CB66C4F9AE02/1hfUcQSCx_d1dSBX3IaCJZsxnHg.mft
Manifest number: 0895
Signing time: Tue 30 Jun 2026 21:17:37 +0000
Manifest this update: Tue 30 Jun 2026 21:17:37 +0000
Manifest next update: Tue 07 Jul 2026 21:17:37 +0000
Files and hashes: 1: 1hfUcQSCx_d1dSBX3IaCJZsxnHg.crl (hash: CpzL8PmOKwiEhCadYRoVOY0YSAu6FAGXciw2RNbCVPk=)
2: CB42F018F7C311EA8A722484C4F9AE02.roa (hash: IxYVxX1BoFCHdIOrjAwAEmnCO+dNiZSE2wEYWsIxYD4=)
3: CAB0B6B2F7C311EA8A722484C4F9AE02.roa (hash: /xCNBqLNz0L8cDqpYEQMnHLgfzVahak+S8dk9Uan5oM=)
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917AAAD/E3B2B644F7C111EA8275CB66C4F9AE02/1hfUcQSCx_d1dSBX3IaCJZsxnHg.crl
rsync://rpki.apnic.net/member_repository/A917AAAD/E3B2B644F7C111EA8275CB66C4F9AE02/1hfUcQSCx_d1dSBX3IaCJZsxnHg.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1hfUcQSCx_d1dSBX3IaCJZsxnHg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 07 Jul 2026 21:17:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2217 (0x8a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917AAAD, serialNumber=D617D4710482C7F775752057DC8682259B319C78
Validity
Not Before: Jun 30 21:17:37 2026 GMT
Not After : Jul 7 21:17:37 2026 GMT
Subject: CN=6a443271-0bbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f6:7a:8e:6c:ea:97:65:93:ff:df:77:e8:02:
9e:ec:95:1d:4e:8e:7e:8d:ab:8a:09:a3:0b:db:90:
b8:75:ec:2b:aa:2c:e4:1e:df:17:5c:11:ea:b7:ff:
5a:37:6f:da:47:df:ca:1a:53:bd:56:11:54:f7:54:
27:0e:51:9c:b3:9f:51:7d:e8:cb:90:a5:b1:dc:22:
cf:bc:bb:b7:54:8a:c8:8e:1b:c7:15:d0:8a:6e:9e:
fe:fd:5d:16:22:63:4f:b4:07:eb:7d:80:28:e2:74:
71:c8:c3:26:a0:24:89:ce:c5:6b:7f:68:d5:80:8f:
d2:99:2e:10:44:ad:4a:c2:86:03:f7:61:85:c8:0f:
b5:0c:9e:ef:27:ca:ac:15:17:00:6b:2d:9f:d6:c2:
e0:d1:02:af:ce:77:df:1d:41:b4:f4:cb:63:63:10:
c0:a6:1d:bc:06:cc:c5:a7:98:42:51:e7:89:ff:aa:
6b:4d:3f:0e:03:dd:97:1b:09:b2:7d:ee:64:59:2e:
a7:ed:ca:d2:2f:9d:2c:79:90:06:3a:4b:16:1d:d5:
a7:f4:22:bf:47:dc:c8:05:2a:9f:8b:32:ff:98:4c:
4e:75:bc:c3:e6:56:27:c1:ab:7d:9e:5b:22:47:db:
94:86:40:de:dc:c7:ec:a1:3a:db:2c:88:4d:b8:6a:
a3:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:69:8A:B0:8E:9F:43:F9:5F:E4:E1:3F:71:3B:A7:D7:A4:2F:54:46
X509v3 Authority Key Identifier:
keyid:D6:17:D4:71:04:82:C7:F7:75:75:20:57:DC:86:82:25:9B:31:9C:78
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917AAAD/E3B2B644F7C111EA8275CB66C4F9AE02/1hfUcQSCx_d1dSBX3IaCJZsxnHg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1hfUcQSCx_d1dSBX3IaCJZsxnHg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917AAAD/E3B2B644F7C111EA8275CB66C4F9AE02/1hfUcQSCx_d1dSBX3IaCJZsxnHg.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
42:ff:e6:4e:66:5b:e8:98:4a:c9:fc:45:f4:2a:16:26:d9:c4:
ab:1c:0c:2f:80:95:8c:c3:e4:92:4f:0d:68:ba:6e:6c:ec:8c:
cb:5d:93:7b:27:58:92:b2:42:65:56:52:86:c2:86:01:c5:f0:
01:b1:47:66:13:df:b3:81:70:93:8e:18:e1:35:a0:27:88:e3:
06:42:3a:6c:35:f0:bd:d9:bb:3a:07:e9:bc:b0:af:01:99:a5:
70:11:5d:52:9b:8b:73:f7:37:08:bb:8a:25:ca:a2:91:27:39:
41:2b:a3:23:14:e8:79:7b:eb:ac:7b:63:2f:24:b7:e4:f2:98:
58:cc:d1:54:9a:dd:b7:5f:bb:c4:e0:14:83:34:16:08:c8:bf:
ea:84:68:9e:06:79:6d:8c:59:10:bb:7f:6b:b5:62:c0:1c:7c:
9c:ba:32:fe:d9:1f:97:7c:5c:2f:95:75:f8:7f:0b:e2:9b:4d:
ee:51:45:0f:1c:03:60:51:4a:92:9f:c4:29:98:9a:ce:d1:5c:
8b:01:d9:44:ad:8f:74:b1:fd:35:15:db:61:70:00:2d:7d:be:
ee:58:55:94:c6:86:4d:27:3f:df:82:f2:f6:37:f9:ba:d7:93:
f6:a0:24:a3:9a:51:07:9b:b3:54:7f:11:6f:e0:2e:6a:b8:52:
14:5c:da:2e
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICCKkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0FBQUQxMTAvBgNVBAUTKEQ2MTdENDcxMDQ4MkM3Rjc3NTc1MjA1N0RDODY4MjI1
OUIzMTlDNzgwHhcNMjYwNjMwMjExNzM3WhcNMjYwNzA3MjExNzM3WjAYMRYwFAYD
VQQDEw02YTQ0MzI3MS0wYmJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtPZ6jmzql2WT/9936AKe7JUdTo5+jauKCaML25C4dewrqizkHt8XXBHqt/9a
N2/aR9/KGlO9VhFU91QnDlGcs59RfejLkKWx3CLPvLu3VIrIjhvHFdCKbp7+/V0W
ImNPtAfrfYAo4nRxyMMmoCSJzsVrf2jVgI/SmS4QRK1KwoYD92GFyA+1DJ7vJ8qs
FRcAay2f1sLg0QKvznffHUG09MtjYxDAph28BszFp5hCUeeJ/6prTT8OA92XGwmy
fe5kWS6n7crSL50seZAGOksWHdWn9CK/R9zIBSqfizL/mExOdbzD5lYnwat9nlsi
R9uUhkDe3MfsoTrbLIhNuGqjJwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFDNpirCO
n0P5X+ThP3E7p9ekL1RGMB8GA1UdIwQYMBaAFNYX1HEEgsf3dXUgV9yGgiWbMZx4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QUFBRC9FM0IyQjY0NEY3
QzExMUVBODI3NUNCNjZDNEY5QUUwMi8xaGZVY1FTQ3hfZDFkU0JYM0lhQ0pac3hu
SGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFoZlVjUVNDeF9kMWRTQlgzSWFDSlpzeG5IZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
QUFBRC9FM0IyQjY0NEY3QzExMUVBODI3NUNCNjZDNEY5QUUwMi8xaGZVY1FTQ3hf
ZDFkU0JYM0lhQ0pac3huSGcubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEAQv/mTmZb6JhKyfxF9CoWJtnEqxwML4CVjMPkkk8NaLpubOyMy12TeydYkrJC
ZVZShsKGAcXwAbFHZhPfs4Fwk44Y4TWgJ4jjBkI6bDXwvdm7OgfpvLCvAZmlcBFd
UpuLc/c3CLuKJcqikSc5QSujIxToeXvrrHtjLyS35PKYWMzRVJrdt1+7xOAUgzQW
CMi/6oRongZ5bYxZELt/a7ViwBx8nLoy/tkfl3xcL5V1+H8L4ptN7lFFDxwDYFFK
kp/EKZiaztFciwHZRK2PdLH9NRXbYXAALX2+7lhVlMaGTSc/34Ly9jf5uteT9qAk
o5pRB5uzVH8Rb+AuarhSFFzaLg==
-----END CERTIFICATE-----
Generated at Wed Jul 1 06:30:05 2026 by rpki-client