
$ rpki-client -vvf rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.mft
File: TbA103TIQSzmgNnaCtvsBkKdiLg.mft (raw, json)
Hash identifier: CF1JbYuPlvzJ17VPN8Lpy0PQEMjgwDDqDtg/kr90ikU=
Subject key identifier: 4D:77:7E:47:CB:24:9C:C2:97:48:1F:39:32:BE:73:40:CC:C4:27:37
Authority key identifier: 4D:B0:35:D3:74:C8:41:2C:E6:80:D9:DA:0A:DB:EC:06:42:9D:88:B8
Certificate issuer: /CN=A917E678/serialNumber=4DB035D374C8412CE680D9DA0ADBEC06429D88B8
Certificate serial: 1AE7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TbA103TIQSzmgNnaCtvsBkKdiLg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.mft
Manifest number: 1892
Signing time: Tue 30 Jun 2026 17:02:46 +0000
Manifest this update: Tue 30 Jun 2026 17:02:45 +0000
Manifest next update: Tue 07 Jul 2026 17:02:45 +0000
Files and hashes: 1: TbA103TIQSzmgNnaCtvsBkKdiLg.crl (hash: xo/UnG/wqbU/2LK1kmuDWPkj23XmqXrO1mXkRnd+vng=)
2: D00F9A8643A511F1B04E115C93833773.roa (hash: QPdt4fsCL2XWpqN3V1Gtq0d4gMm1PZ100Z5/4Fr7hyA=)
3: B62B9156280611ED8BEBC536C4F9AE02.roa (hash: cWhKsGGtwm24L2b24qEiOJQYknotmIIZJa7i5F5KPHg=)
4: 0D08636C75D611EB920B5162C4F9AE02.roa (hash: Br+Yh3Miw3+3u+15blKMFIN8mMQA+4yr6RfTrCX61aY=)
5: 70E478D0C06D11F0ABA91C6CC4F9AE02.roa (hash: mAI+w5MJltTPoLHCV1t34FNAjUXQLcbk8DhNQ3Alegw=)
6: 1F24033CDF7111EEB534147FC4F9AE02.roa (hash: 4OyLgz5MRwPAxGcF1j5OxwWLAe68/1HWOj58azhiKRQ=)
7: 820BE5609CEE11EF9001717EC4F9AE02.roa (hash: JtaNsAVPLe7G1DcQvRskSfK/91+ur/u1SIY8DTdFa1o=)
8: A865A1925B1611F083088661C4F9AE02.roa (hash: 2IUNVUDvVcfHXyE54Zp6qTjDmEVqUm9kf4i2mX6/zX4=)
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.crl
rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TbA103TIQSzmgNnaCtvsBkKdiLg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 07 Jul 2026 17:02:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6887 (0x1ae7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917E678, serialNumber=4DB035D374C8412CE680D9DA0ADBEC06429D88B8
Validity
Not Before: Jun 30 17:02:45 2026 GMT
Not After : Jul 7 17:02:45 2026 GMT
Subject: CN=6a43f6b6-d99d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d1:a0:0b:98:80:bc:22:52:57:c1:0f:50:40:
7b:f1:cf:95:9c:dc:63:70:76:f4:c1:cf:7c:b1:e5:
18:ca:16:44:13:9e:76:c5:a1:b8:b8:7d:c4:95:b7:
62:51:61:a5:18:8d:27:b3:ab:df:83:d5:e3:98:d0:
7c:83:77:3c:82:ff:75:ab:1a:95:d5:5d:96:0d:2f:
9a:be:81:e2:96:0f:f5:45:8a:27:5f:6b:2e:ea:9e:
4a:8f:71:81:52:71:bd:66:38:dd:a1:21:95:73:72:
0d:ad:66:3e:bf:71:2f:61:76:f7:6b:f4:72:09:dd:
e9:0a:ae:f8:dc:ff:0b:da:20:67:3f:ca:1d:f1:65:
7f:27:fd:6c:82:06:51:44:d2:8f:17:e5:4d:91:2b:
6b:e4:54:c9:fc:28:4e:92:d8:b6:6c:58:8b:11:f7:
92:f0:20:e5:67:c5:58:94:40:25:0b:70:64:7f:b6:
ba:1b:57:a1:f6:ca:10:bf:8a:d6:bc:3f:9d:d8:a9:
ee:3a:26:fd:13:8c:7c:ef:97:98:50:56:88:ee:ba:
b3:34:58:a5:80:01:ab:49:a5:d0:d7:ac:11:19:94:
95:ab:e0:5b:44:f8:9b:32:0d:7c:81:4f:e2:fc:c8:
41:ca:79:27:fb:be:82:c3:a5:90:e5:37:b1:f6:1d:
a7:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:77:7E:47:CB:24:9C:C2:97:48:1F:39:32:BE:73:40:CC:C4:27:37
X509v3 Authority Key Identifier:
keyid:4D:B0:35:D3:74:C8:41:2C:E6:80:D9:DA:0A:DB:EC:06:42:9D:88:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TbA103TIQSzmgNnaCtvsBkKdiLg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
bf:f6:3b:a3:f1:88:db:60:46:0d:0d:45:e4:5b:3f:7a:2f:c5:
41:b9:c5:d1:25:39:40:4e:a8:d9:a8:4e:61:2a:7e:b5:99:41:
f1:16:8f:eb:a2:f4:ab:f2:f3:5f:eb:30:41:7f:4b:c2:bc:d8:
e8:9e:fa:d0:b0:68:eb:94:bf:f6:65:77:69:36:7c:0a:03:74:
0f:f7:28:28:82:c2:60:bd:01:33:7a:1e:6d:d2:43:bb:54:16:
2c:8f:a7:0f:5e:3d:24:40:ef:79:5b:40:bc:8f:96:2b:24:df:
f4:f1:fb:26:12:98:75:27:14:f9:19:61:af:12:34:bb:d4:01:
e2:26:dc:1f:c7:7a:9c:e0:84:0e:22:00:68:08:08:76:53:1f:
8c:80:27:11:9b:10:81:23:31:af:15:f3:93:63:58:82:27:8a:
d7:70:20:ac:fc:95:50:66:b0:59:6b:df:00:c8:16:43:e6:33:
57:1f:16:72:73:13:b4:5e:51:9a:ad:a0:b0:bb:ef:8c:86:fe:
b5:94:2e:1e:29:30:56:d8:81:25:c7:9f:8c:23:ae:40:90:80:
36:0e:74:d2:5b:b6:49:44:a6:dc:65:05:a4:80:2e:01:4c:c8:
40:6e:c0:8f:cb:36:6a:d7:3d:ad:e4:69:a9:39:67:fe:90:d5:
4f:bf:18:c2
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICGucwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0U2NzgxMTAvBgNVBAUTKDREQjAzNUQzNzRDODQxMkNFNjgwRDlEQTBBREJFQzA2
NDI5RDg4QjgwHhcNMjYwNjMwMTcwMjQ1WhcNMjYwNzA3MTcwMjQ1WjAYMRYwFAYD
VQQDEw02YTQzZjZiNi1kOTlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApdGgC5iAvCJSV8EPUEB78c+VnNxjcHb0wc98seUYyhZEE552xaG4uH3Elbdi
UWGlGI0ns6vfg9XjmNB8g3c8gv91qxqV1V2WDS+avoHilg/1RYonX2su6p5Kj3GB
UnG9ZjjdoSGVc3INrWY+v3EvYXb3a/RyCd3pCq743P8L2iBnP8od8WV/J/1sggZR
RNKPF+VNkStr5FTJ/ChOkti2bFiLEfeS8CDlZ8VYlEAlC3Bkf7a6G1eh9soQv4rW
vD+d2KnuOib9E4x875eYUFaI7rqzNFilgAGrSaXQ16wRGZSVq+BbRPibMg18gU/i
/MhBynkn+76Cw6WQ5Tex9h2nkQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFE13fkfL
JJzCl0gfOTK+c0DMxCc3MB8GA1UdIwQYMBaAFE2wNdN0yEEs5oDZ2grb7AZCnYi4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTY3OC83MjU4M0FGQTY5
NTcxMUU4QTQyQkU2ODBDNEY5QUUwMi9UYkExMDNUSVFTem1nTm5hQ3R2c0JrS2Rp
TGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RiQTEwM1RJUVN6bWdObmFDdHZzQmtLZGlMZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
RTY3OC83MjU4M0FGQTY5NTcxMUU4QTQyQkU2ODBDNEY5QUUwMi9UYkExMDNUSVFT
em1nTm5hQ3R2c0JrS2RpTGcubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEAv/Y7o/GI22BGDQ1F5Fs/ei/FQbnF0SU5QE6o2ahOYSp+tZlB8RaP66L0q/Lz
X+swQX9LwrzY6J760LBo65S/9mV3aTZ8CgN0D/coKILCYL0BM3oebdJDu1QWLI+n
D149JEDveVtAvI+WKyTf9PH7JhKYdScU+RlhrxI0u9QB4ibcH8d6nOCEDiIAaAgI
dlMfjIAnEZsQgSMxrxXzk2NYgieK13AgrPyVUGawWWvfAMgWQ+YzVx8WcnMTtF5R
mq2gsLvvjIb+tZQuHikwVtiBJcefjCOuQJCANg500lu2SUSm3GUFpIAuAUzIQG7A
j8s2atc9reRpqTln/pDVT78Ywg==
-----END CERTIFICATE-----
Generated at Wed Jul 1 05:58:31 2026 by rpki-client