
$ rpki-client -vvf rpki.apnic.net/member_repository/A91964B3/2A5940F24BB311E9AB151C17C4F9AE02/RkhU-1CpkDxSU0GMWD0PMbhB1Zc.mft
File: RkhU-1CpkDxSU0GMWD0PMbhB1Zc.mft (raw, json)
Hash identifier: JJqQviOc2W8uTx9fNhIpYEzIT6f5rUm+rWXruZZI0F8=
Subject key identifier: 88:A7:8A:AA:A2:19:3C:4E:88:E6:59:89:B9:04:9C:00:77:3F:11:D3
Authority key identifier: 46:48:54:FB:50:A9:90:3C:52:53:41:8C:58:3D:0F:31:B8:41:D5:97
Certificate issuer: /CN=A91964B3/serialNumber=464854FB50A9903C5253418C583D0F31B841D597
Certificate serial: 110E
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RkhU-1CpkDxSU0GMWD0PMbhB1Zc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91964B3/2A5940F24BB311E9AB151C17C4F9AE02/RkhU-1CpkDxSU0GMWD0PMbhB1Zc.mft
Manifest number: 10F4
Signing time: Thu 16 Jul 2026 14:25:06 +0000
Manifest this update: Thu 16 Jul 2026 14:25:05 +0000
Manifest next update: Thu 23 Jul 2026 14:25:05 +0000
Files and hashes: 1: RkhU-1CpkDxSU0GMWD0PMbhB1Zc.crl (hash: uSsMHrMFzoxrE+eSgKkcH90H4FElDH+wLrKl5QBngKc=)
2: 1396434EC90A11EF8577744AC4F9AE02.roa (hash: dZjVpX0OHFb95lVF9Cf+7jCMCOq6ryMRIoLMcRSlevM=)
3: 23B68638C5DD11EABC58FD24C4F9AE02.roa (hash: FcrkIqa4XDgVdyeOamaFQqlLus8d1JT70DNswdpetnU=)
4: 5D563164AF3411EFB5B51A57C4F9AE02.roa (hash: QAfeG31AUJ9ysS7/jFhyhx6FaI+gxOiP1E4c7gwnNZ4=)
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91964B3/2A5940F24BB311E9AB151C17C4F9AE02/RkhU-1CpkDxSU0GMWD0PMbhB1Zc.crl
rsync://rpki.apnic.net/member_repository/A91964B3/2A5940F24BB311E9AB151C17C4F9AE02/RkhU-1CpkDxSU0GMWD0PMbhB1Zc.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RkhU-1CpkDxSU0GMWD0PMbhB1Zc.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 Jul 2026 14:25:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4366 (0x110e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91964B3, serialNumber=464854FB50A9903C5253418C583D0F31B841D597
Validity
Not Before: Jul 16 14:25:05 2026 GMT
Not After : Jul 23 14:25:05 2026 GMT
Subject: CN=6a58e9c2-186a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ca:f9:d4:0a:3c:4e:70:e9:f1:f0:f4:77:84:
46:71:c4:fd:3c:e1:f7:80:c3:55:23:27:47:e1:2c:
68:7d:d9:1a:72:4d:95:09:2b:46:31:e9:50:bf:4a:
fe:3b:7c:be:3b:fe:bd:f7:97:00:73:92:b5:88:25:
f0:3d:0e:7e:5f:4f:32:3e:3e:15:90:cb:5f:8f:9a:
1e:f6:e5:0a:c4:b8:19:7d:64:da:45:d4:49:65:93:
53:e2:18:33:45:25:44:4b:52:5c:da:f9:b7:d6:a6:
e5:2c:bf:7b:61:53:d1:fd:cc:42:2a:5e:4e:40:57:
2d:03:aa:28:d2:2c:31:81:b1:22:19:46:d0:95:50:
33:b6:65:a2:e6:8a:f3:21:1f:85:06:e7:d6:48:9c:
72:15:fd:ce:db:5a:9a:53:eb:dc:6b:bd:14:fd:1e:
1e:70:53:ab:cd:c4:ef:31:af:3d:46:8e:10:9e:30:
49:d5:b3:ea:3b:19:0a:6a:6a:2f:d8:42:5f:59:a3:
d1:e7:9c:a0:4b:ff:c9:1c:a8:b3:2c:4a:b6:26:60:
fd:0f:cb:f9:7d:9a:b0:be:32:2a:31:f6:a9:61:31:
2f:1e:8c:ff:f3:24:75:90:8a:0c:93:3e:d1:61:d8:
85:58:4a:32:11:8d:d9:c2:23:e7:5a:10:e1:a0:13:
64:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:A7:8A:AA:A2:19:3C:4E:88:E6:59:89:B9:04:9C:00:77:3F:11:D3
X509v3 Authority Key Identifier:
keyid:46:48:54:FB:50:A9:90:3C:52:53:41:8C:58:3D:0F:31:B8:41:D5:97
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91964B3/2A5940F24BB311E9AB151C17C4F9AE02/RkhU-1CpkDxSU0GMWD0PMbhB1Zc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RkhU-1CpkDxSU0GMWD0PMbhB1Zc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91964B3/2A5940F24BB311E9AB151C17C4F9AE02/RkhU-1CpkDxSU0GMWD0PMbhB1Zc.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
42:8c:78:d3:40:39:5e:8b:d5:d5:8b:ec:77:a0:f1:13:77:59:
be:c2:62:f1:95:e5:00:42:f6:00:4b:cb:97:50:b5:c1:83:c7:
de:cc:6d:d1:84:6d:33:d8:21:42:f1:8f:13:8e:00:ed:a3:12:
6e:02:e2:a5:05:0b:d3:fd:5b:81:18:0b:f3:1c:a6:eb:c5:52:
3c:8c:86:9a:04:48:3d:3a:6e:55:d3:27:19:f0:3b:b9:54:3b:
02:7f:b0:61:0e:c1:dd:9c:7a:29:be:c8:ec:b4:cb:2f:13:8e:
33:f7:8c:93:c5:7b:d5:2a:36:fc:fc:4e:18:7e:ae:79:da:6a:
ea:e3:90:71:a1:8d:f7:ab:65:f0:fd:f7:0c:2f:06:e4:e3:0e:
98:8b:80:05:91:58:f4:9d:70:8a:7a:ab:d9:ce:69:9e:d5:58:
62:b5:60:bf:dd:48:fb:c6:61:d3:23:b0:70:bf:71:89:c2:7e:
7a:49:bb:ec:1d:e1:12:63:d8:7e:cc:ac:fa:ac:72:6f:2c:37:
8e:5f:91:db:44:18:8d:92:bd:ac:19:ab:e3:cf:42:59:d0:ce:
d3:cd:55:f3:5c:bb:45:a2:1c:b1:87:6e:fb:95:f1:bf:53:1f:
87:27:63:a2:3b:46:6a:03:57:76:59:4d:4f:3a:12:90:b1:e7:
19:a7:99:7b
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICEQ4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTY0QjMxMTAvBgNVBAUTKDQ2NDg1NEZCNTBBOTkwM0M1MjUzNDE4QzU4M0QwRjMx
Qjg0MUQ1OTcwHhcNMjYwNzE2MTQyNTA1WhcNMjYwNzIzMTQyNTA1WjAYMRYwFAYD
VQQDEw02YTU4ZTljMi0xODZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAlsr51Ao8TnDp8fD0d4RGccT9POH3gMNVIydH4Sxofdkack2VCStGMelQv0r+
O3y+O/6995cAc5K1iCXwPQ5+X08yPj4VkMtfj5oe9uUKxLgZfWTaRdRJZZNT4hgz
RSVES1Jc2vm31qblLL97YVPR/cxCKl5OQFctA6oo0iwxgbEiGUbQlVAztmWi5orz
IR+FBufWSJxyFf3O21qaU+vca70U/R4ecFOrzcTvMa89Ro4QnjBJ1bPqOxkKamov
2EJfWaPR55ygS//JHKizLEq2JmD9D8v5fZqwvjIqMfapYTEvHoz/8yR1kIoMkz7R
YdiFWEoyEY3ZwiPnWhDhoBNk9QIDAQABo4ICczCCAm8wHQYDVR0OBBYEFIiniqqi
GTxOiOZZibkEnAB3PxHTMB8GA1UdIwQYMBaAFEZIVPtQqZA8UlNBjFg9DzG4QdWX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NjRCMy8yQTU5NDBGMjRC
QjMxMUU5QUIxNTFDMTdDNEY5QUUwMi9Sa2hVLTFDcGtEeFNVMEdNV0QwUE1iaEIx
WmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1JraFUtMUNwa0R4U1UwR01XRDBQTWJoQjFaYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
NjRCMy8yQTU5NDBGMjRCQjMxMUU5QUIxNTFDMTdDNEY5QUUwMi9Sa2hVLTFDcGtE
eFNVMEdNV0QwUE1iaEIxWmMubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEAQox400A5XovV1Yvsd6DxE3dZvsJi8ZXlAEL2AEvLl1C1wYPH3sxt0YRtM9gh
QvGPE44A7aMSbgLipQUL0/1bgRgL8xym68VSPIyGmgRIPTpuVdMnGfA7uVQ7An+w
YQ7B3Zx6Kb7I7LTLLxOOM/eMk8V71So2/PxOGH6uedpq6uOQcaGN96tl8P33DC8G
5OMOmIuABZFY9J1winqr2c5pntVYYrVgv91I+8Zh0yOwcL9xicJ+ekm77B3hEmPY
fsys+qxybyw3jl+R20QYjZK9rBmr489CWdDO081V81y7RaIcsYdu+5Xxv1Mfhydj
ojtGagNXdllNTzoSkLHnGaeZew==
-----END CERTIFICATE-----
Generated at Sat Jul 18 03:29:57 2026 by rpki-client