
$ rpki-client -vvf rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.mft
File: TbA103TIQSzmgNnaCtvsBkKdiLg.mft (raw, json)
Hash identifier: pt49KvzYQBfYHpk92+oiL8nXqAEy0PXl058ramMl56Y=
Subject key identifier: EA:DD:72:F7:8F:01:D1:02:CF:05:DB:2D:41:1A:07:E4:3B:36:C5:47
Authority key identifier: 4D:B0:35:D3:74:C8:41:2C:E6:80:D9:DA:0A:DB:EC:06:42:9D:88:B8
Certificate issuer: /CN=A917E678/serialNumber=4DB035D374C8412CE680D9DA0ADBEC06429D88B8
Certificate serial: 1AE9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TbA103TIQSzmgNnaCtvsBkKdiLg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.mft
Manifest number: 1894
Signing time: Sat 04 Jul 2026 16:49:44 +0000
Manifest this update: Sat 04 Jul 2026 16:49:43 +0000
Manifest next update: Sat 11 Jul 2026 16:49:43 +0000
Files and hashes: 1: TbA103TIQSzmgNnaCtvsBkKdiLg.crl (hash: dMHGH+HVKV2u7n+a92O4pazNoHkmGrf90AhNnCCc6pI=)
2: 70E478D0C06D11F0ABA91C6CC4F9AE02.roa (hash: mAI+w5MJltTPoLHCV1t34FNAjUXQLcbk8DhNQ3Alegw=)
3: 820BE5609CEE11EF9001717EC4F9AE02.roa (hash: JtaNsAVPLe7G1DcQvRskSfK/91+ur/u1SIY8DTdFa1o=)
4: D00F9A8643A511F1B04E115C93833773.roa (hash: QPdt4fsCL2XWpqN3V1Gtq0d4gMm1PZ100Z5/4Fr7hyA=)
5: A865A1925B1611F083088661C4F9AE02.roa (hash: 2IUNVUDvVcfHXyE54Zp6qTjDmEVqUm9kf4i2mX6/zX4=)
6: B62B9156280611ED8BEBC536C4F9AE02.roa (hash: cWhKsGGtwm24L2b24qEiOJQYknotmIIZJa7i5F5KPHg=)
7: 0D08636C75D611EB920B5162C4F9AE02.roa (hash: Br+Yh3Miw3+3u+15blKMFIN8mMQA+4yr6RfTrCX61aY=)
8: 1F24033CDF7111EEB534147FC4F9AE02.roa (hash: 4OyLgz5MRwPAxGcF1j5OxwWLAe68/1HWOj58azhiKRQ=)
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.crl
rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TbA103TIQSzmgNnaCtvsBkKdiLg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 11 Jul 2026 16:49:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6889 (0x1ae9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917E678, serialNumber=4DB035D374C8412CE680D9DA0ADBEC06429D88B8
Validity
Not Before: Jul 4 16:49:43 2026 GMT
Not After : Jul 11 16:49:43 2026 GMT
Subject: CN=6a4939a8-441d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:38:6a:3d:f7:80:e5:cb:3e:f2:a0:11:4a:f2:
c4:13:64:33:0d:24:3f:28:b9:9d:4f:67:2a:02:c6:
69:c4:09:92:ab:bf:a5:7a:db:c4:25:1e:d3:28:4a:
c2:3d:8c:0e:59:b9:1a:09:4b:93:74:f6:ca:c4:c4:
98:9e:f0:54:61:4f:d8:c5:42:5e:cc:01:78:57:b6:
71:db:53:6b:da:b9:44:bb:eb:9c:43:b2:5a:ca:92:
7f:30:c6:a2:e7:dd:f4:70:b7:d5:75:9b:f9:53:5b:
53:ad:b7:62:31:cc:7f:0e:43:e5:59:33:9f:f6:36:
db:b3:f2:49:c2:3b:df:a7:92:6f:a1:a3:89:67:2c:
27:0e:e2:64:7c:23:de:7f:74:71:e4:11:a0:df:81:
02:7c:a8:e4:93:33:59:ef:f9:aa:86:60:37:a4:aa:
46:34:ec:36:1c:31:13:c3:1e:e7:49:a6:20:88:d3:
b8:70:c7:5f:3c:04:88:3e:0d:9a:7a:06:b6:c2:14:
e7:e5:92:a5:a2:b4:5d:f9:69:51:d5:2d:2e:08:2f:
be:e0:07:08:5e:6e:b7:be:12:c1:9b:60:a0:32:ba:
bc:75:ae:32:30:ad:78:06:26:ec:1d:9c:83:d6:8d:
0e:7f:5a:5c:8e:14:0c:a2:53:62:1c:45:68:ea:da:
46:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:DD:72:F7:8F:01:D1:02:CF:05:DB:2D:41:1A:07:E4:3B:36:C5:47
X509v3 Authority Key Identifier:
keyid:4D:B0:35:D3:74:C8:41:2C:E6:80:D9:DA:0A:DB:EC:06:42:9D:88:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TbA103TIQSzmgNnaCtvsBkKdiLg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
a9:f3:f8:1d:ad:8e:03:d3:13:9c:ac:07:75:a5:9b:61:bd:af:
b0:69:d2:24:85:80:d0:f7:9d:fd:e4:e8:e8:a5:13:f2:4c:62:
6c:db:78:74:d7:92:6e:8c:5c:09:0e:44:89:cd:49:c7:d2:69:
25:5f:dd:7f:43:f0:3d:78:00:19:b1:df:34:72:42:f6:d6:e6:
eb:a3:00:41:e3:c5:03:0b:6a:bc:5e:6f:48:19:69:33:31:33:
34:d5:77:e0:e7:d9:f9:f6:a5:9b:2d:2d:a2:4c:10:4c:ff:ab:
be:ca:b7:f0:9a:24:13:fb:f7:ac:97:8c:c5:e3:ae:10:1d:c3:
e9:04:64:c3:a9:fd:6c:4e:70:5c:69:89:c7:e2:69:4c:02:e3:
2e:74:76:e9:61:98:5e:3c:fb:44:1a:f4:f0:4c:a5:e3:43:a2:
89:58:25:57:5a:24:f3:c6:91:85:2e:4e:97:58:2b:97:ad:a2:
2c:29:66:34:49:2f:bd:32:f7:3c:0e:4d:ce:3e:18:8d:16:d5:
2b:a3:ba:9b:1f:e2:5d:11:5a:bf:1d:af:e9:5e:be:7c:87:e9:
e8:73:bf:e0:e2:ad:7d:6e:6e:05:ad:58:2a:bb:1f:36:c2:d6:
89:d6:dd:e4:71:34:e5:10:fe:05:28:27:e5:70:6e:93:4e:19:
95:33:30:ee
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICGukwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0U2NzgxMTAvBgNVBAUTKDREQjAzNUQzNzRDODQxMkNFNjgwRDlEQTBBREJFQzA2
NDI5RDg4QjgwHhcNMjYwNzA0MTY0OTQzWhcNMjYwNzExMTY0OTQzWjAYMRYwFAYD
VQQDEw02YTQ5MzlhOC00NDFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwjhqPfeA5cs+8qARSvLEE2QzDSQ/KLmdT2cqAsZpxAmSq7+letvEJR7TKErC
PYwOWbkaCUuTdPbKxMSYnvBUYU/YxUJezAF4V7Zx21Nr2rlEu+ucQ7JaypJ/MMai
5930cLfVdZv5U1tTrbdiMcx/DkPlWTOf9jbbs/JJwjvfp5JvoaOJZywnDuJkfCPe
f3Rx5BGg34ECfKjkkzNZ7/mqhmA3pKpGNOw2HDETwx7nSaYgiNO4cMdfPASIPg2a
ega2whTn5ZKlorRd+WlR1S0uCC++4AcIXm63vhLBm2CgMrq8da4yMK14BibsHZyD
1o0Of1pcjhQMolNiHEVo6tpGdwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFOrdcveP
AdECzwXbLUEaB+Q7NsVHMB8GA1UdIwQYMBaAFE2wNdN0yEEs5oDZ2grb7AZCnYi4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTY3OC83MjU4M0FGQTY5
NTcxMUU4QTQyQkU2ODBDNEY5QUUwMi9UYkExMDNUSVFTem1nTm5hQ3R2c0JrS2Rp
TGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RiQTEwM1RJUVN6bWdObmFDdHZzQmtLZGlMZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
RTY3OC83MjU4M0FGQTY5NTcxMUU4QTQyQkU2ODBDNEY5QUUwMi9UYkExMDNUSVFT
em1nTm5hQ3R2c0JrS2RpTGcubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEAqfP4Ha2OA9MTnKwHdaWbYb2vsGnSJIWA0Ped/eTo6KUT8kxibNt4dNeSboxc
CQ5Eic1Jx9JpJV/df0PwPXgAGbHfNHJC9tbm66MAQePFAwtqvF5vSBlpMzEzNNV3
4OfZ+falmy0tokwQTP+rvsq38JokE/v3rJeMxeOuEB3D6QRkw6n9bE5wXGmJx+Jp
TALjLnR26WGYXjz7RBr08Eyl40OiiVglV1ok88aRhS5Ol1grl62iLClmNEkvvTL3
PA5Nzj4YjRbVK6O6mx/iXRFavx2v6V6+fIfp6HO/4OKtfW5uBa1YKrsfNsLWidbd
5HE05RD+BSgn5XBuk04ZlTMw7g==
-----END CERTIFICATE-----
Generated at Mon Jul 6 15:42:52 2026 by rpki-client