
$ rpki-client -vvf rpki.apnic.net/member_repository/A9197277/43A7E894B56011EE911C5D4FC4F9AE02/2DuT4x6TmTfYyxX-Ocpebo_q-ps.mft
File: 2DuT4x6TmTfYyxX-Ocpebo_q-ps.mft (raw, json)
Hash identifier: E00F+mXddnfjG1NviSkZS1hu8PV+ouVPYUgWO6spQYM=
Subject key identifier: 40:30:37:2F:B1:24:17:8F:1F:4F:3C:A6:2A:C3:C1:84:A1:BE:B1:68
Authority key identifier: D8:3B:93:E3:1E:93:99:37:D8:CB:15:FE:39:CA:5E:6E:8F:EA:FA:9B
Certificate issuer: /CN=A9197277/serialNumber=D83B93E31E939937D8CB15FE39CA5E6E8FEAFA9B
Certificate serial: 0203
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2DuT4x6TmTfYyxX-Ocpebo_q-ps.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9197277/43A7E894B56011EE911C5D4FC4F9AE02/2DuT4x6TmTfYyxX-Ocpebo_q-ps.mft
Manifest number: 01D9
Signing time: Fri 17 Jul 2026 04:35:41 +0000
Manifest this update: Fri 17 Jul 2026 04:35:41 +0000
Manifest next update: Fri 24 Jul 2026 04:35:41 +0000
Files and hashes: 1: 2DuT4x6TmTfYyxX-Ocpebo_q-ps.crl (hash: gx5BhK+/6GYtmeAYII+9wUVN3qDoZmvyJh50zpBILx8=)
2: 6F5F30B8B56111EE91C72951C4F9AE02.roa (hash: NKqxNV8ZTNMr3HZ7qohnaVPukBEy2IxhkEY74xhVUp4=)
3: 2DCC0688B57211EEBB68526DC4F9AE02.roa (hash: yJFPpL7wE2GdaICTMgXge87NbgvFqYn4RExlPALcImA=)
4: 2E31B8FCB57211EEBB68526DC4F9AE02.roa (hash: Olet7/jMKDbPX9itUim3LSNIHYA8fTbBo6f7YD0v+zg=)
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9197277/43A7E894B56011EE911C5D4FC4F9AE02/2DuT4x6TmTfYyxX-Ocpebo_q-ps.crl
rsync://rpki.apnic.net/member_repository/A9197277/43A7E894B56011EE911C5D4FC4F9AE02/2DuT4x6TmTfYyxX-Ocpebo_q-ps.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2DuT4x6TmTfYyxX-Ocpebo_q-ps.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 24 Jul 2026 04:35:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 515 (0x203)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9197277, serialNumber=D83B93E31E939937D8CB15FE39CA5E6E8FEAFA9B
Validity
Not Before: Jul 17 04:35:41 2026 GMT
Not After : Jul 24 04:35:41 2026 GMT
Subject: CN=6a59b11d-c182
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:1a:bb:db:1e:25:7e:5c:ea:83:f0:63:fe:5b:
c3:29:22:f4:14:44:34:17:10:5b:2c:75:86:2a:55:
5a:b5:fd:65:8e:d8:3a:1e:cc:b9:76:94:60:87:be:
5d:4c:6c:7e:5d:bb:52:c2:2b:13:12:8b:d8:c2:b6:
3e:44:8a:da:59:84:0d:40:3c:c6:3f:9c:f2:fc:f1:
ad:33:e4:35:c7:0d:ae:83:a2:30:22:99:f7:bd:1f:
bc:80:5c:5f:b7:1e:9c:af:b8:63:98:81:92:4c:a1:
fb:3a:36:ff:e4:92:29:a0:cd:b1:e9:a2:ba:70:ff:
1e:e1:2c:c5:c3:20:2d:85:98:e9:33:c4:86:70:ac:
b2:97:10:77:f1:45:74:c6:04:a4:ce:88:fe:ac:97:
14:c7:f7:f7:77:98:30:ee:b8:ac:b6:16:54:22:80:
a6:05:91:b3:e7:db:b9:a1:43:89:4b:1a:7d:11:37:
8c:c6:b0:79:57:1a:17:63:20:9f:0e:0e:b2:b3:96:
92:27:ff:aa:db:c3:3b:d8:a2:51:b3:f3:59:a2:a2:
f9:07:b1:3c:a9:bb:59:44:e6:29:45:37:1d:de:85:
e6:25:d2:da:bd:3b:90:84:d7:d6:ff:9b:b6:67:b6:
01:d7:69:8c:1b:db:5b:87:43:aa:ed:38:80:48:1d:
a9:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:30:37:2F:B1:24:17:8F:1F:4F:3C:A6:2A:C3:C1:84:A1:BE:B1:68
X509v3 Authority Key Identifier:
keyid:D8:3B:93:E3:1E:93:99:37:D8:CB:15:FE:39:CA:5E:6E:8F:EA:FA:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9197277/43A7E894B56011EE911C5D4FC4F9AE02/2DuT4x6TmTfYyxX-Ocpebo_q-ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2DuT4x6TmTfYyxX-Ocpebo_q-ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9197277/43A7E894B56011EE911C5D4FC4F9AE02/2DuT4x6TmTfYyxX-Ocpebo_q-ps.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
c4:1b:1e:58:9e:5f:26:4a:6d:09:97:a9:30:f3:e2:0a:b8:c1:
4e:bc:33:34:8d:f9:48:bd:ae:15:61:60:3d:a5:bd:a5:a2:3f:
48:78:a4:3c:34:99:db:d4:44:6f:52:45:36:a4:91:2b:9f:c2:
9d:84:d4:5b:61:2b:37:cc:be:de:d7:b9:cd:7a:28:e4:7d:30:
7b:43:2d:f1:1b:23:3a:c5:3d:84:ec:14:b0:8e:d4:67:32:7a:
b1:9a:54:cd:ed:da:dc:2c:6e:10:40:37:63:d0:34:1c:42:5d:
00:76:f7:06:91:bd:b9:c4:3b:8b:09:35:ec:1a:c9:09:81:9c:
92:e3:0c:5b:1f:22:8d:c8:25:4c:8b:cf:84:0a:2b:09:89:f2:
81:20:ef:91:63:04:2b:be:d4:51:fd:45:8c:9e:cf:ac:24:4a:
d2:98:57:73:46:b0:72:aa:0f:a2:d8:83:e1:1b:e4:07:10:2c:
6e:2e:43:4e:61:db:d5:1c:d0:c0:f7:28:f4:65:dc:d5:22:4b:
e0:95:3b:44:0a:5e:e6:66:ae:52:54:b9:2e:29:13:87:67:c5:
a7:6f:58:b6:db:16:f8:f9:40:7b:77:37:85:e9:94:2e:1a:b1:
81:cd:7e:6b:4a:06:33:fd:6e:78:b7:3b:c1:55:71:33:75:5d:
f0:28:f6:9c
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICAgMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTcyNzcxMTAvBgNVBAUTKEQ4M0I5M0UzMUU5Mzk5MzdEOENCMTVGRTM5Q0E1RTZF
OEZFQUZBOUIwHhcNMjYwNzE3MDQzNTQxWhcNMjYwNzI0MDQzNTQxWjAYMRYwFAYD
VQQDEw02YTU5YjExZC1jMTgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqBq72x4lflzqg/Bj/lvDKSL0FEQ0FxBbLHWGKlVatf1ljtg6Hsy5dpRgh75d
TGx+XbtSwisTEovYwrY+RIraWYQNQDzGP5zy/PGtM+Q1xw2ug6IwIpn3vR+8gFxf
tx6cr7hjmIGSTKH7Ojb/5JIpoM2x6aK6cP8e4SzFwyAthZjpM8SGcKyylxB38UV0
xgSkzoj+rJcUx/f3d5gw7risthZUIoCmBZGz59u5oUOJSxp9ETeMxrB5VxoXYyCf
Dg6ys5aSJ/+q28M72KJRs/NZoqL5B7E8qbtZROYpRTcd3oXmJdLavTuQhNfW/5u2
Z7YB12mMG9tbh0Oq7TiASB2pvQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFEAwNy+x
JBePH088pirDwYShvrFoMB8GA1UdIwQYMBaAFNg7k+Mek5k32MsV/jnKXm6P6vqb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NzI3Ny80M0E3RTg5NEI1
NjAxMUVFOTExQzVENEZDNEY5QUUwMi8yRHVUNHg2VG1UZll5eFgtT2NwZWJvX3Et
cHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLzJEdVQ0eDZUbVRmWXl4WC1PY3BlYm9fcS1wcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
NzI3Ny80M0E3RTg5NEI1NjAxMUVFOTExQzVENEZDNEY5QUUwMi8yRHVUNHg2VG1U
Zll5eFgtT2NwZWJvX3EtcHMubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEAxBseWJ5fJkptCZepMPPiCrjBTrwzNI35SL2uFWFgPaW9paI/SHikPDSZ29RE
b1JFNqSRK5/CnYTUW2ErN8y+3te5zXoo5H0we0Mt8RsjOsU9hOwUsI7UZzJ6sZpU
ze3a3CxuEEA3Y9A0HEJdAHb3BpG9ucQ7iwk17BrJCYGckuMMWx8ijcglTIvPhAor
CYnygSDvkWMEK77UUf1FjJ7PrCRK0phXc0awcqoPotiD4RvkBxAsbi5DTmHb1RzQ
wPco9GXc1SJL4JU7RApe5mauUlS5LikTh2fFp29YttsW+PlAe3c3hemULhqxgc1+
a0oGM/1ueLc7wVVxM3Vd8Cj2nA==
-----END CERTIFICATE-----
Generated at Sat Jul 18 03:29:58 2026 by rpki-client