
$ rpki-client -vvf rpki.apnic.net/member_repository/A91982EF/FC650B72B71D11EF8982C40CC4F9AE02/hxl_1UbcMVIxEd2TkLG6Pz1wJlY.mft
File: hxl_1UbcMVIxEd2TkLG6Pz1wJlY.mft (raw, json)
Hash identifier: 1EP8M6Eef1f+IxRr/4/BRJ68+4ZX7e19iEayncwEdtA=
Subject key identifier: 1D:5E:F6:39:A8:B3:8A:8B:38:70:BA:1B:FE:FB:5D:4D:EB:F0:88:F2
Authority key identifier: 87:19:7F:D5:46:DC:31:52:31:11:DD:93:90:B1:BA:3F:3D:70:26:56
Certificate issuer: /CN=A91982EF/serialNumber=87197FD546DC31523111DD9390B1BA3F3D702656
Certificate serial: 0155
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hxl_1UbcMVIxEd2TkLG6Pz1wJlY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91982EF/FC650B72B71D11EF8982C40CC4F9AE02/hxl_1UbcMVIxEd2TkLG6Pz1wJlY.mft
Manifest number: 0134
Signing time: Sun 05 Jul 2026 06:23:27 +0000
Manifest this update: Sun 05 Jul 2026 06:23:27 +0000
Manifest next update: Sun 12 Jul 2026 06:23:27 +0000
Files and hashes: 1: hxl_1UbcMVIxEd2TkLG6Pz1wJlY.crl (hash: 3P+GJ56NcIMDP4dHXsTeVhU6r6itv+H4bMKgIouh5wQ=)
2: 1A3A1E2C287D11F18C83C945A7833773.roa (hash: Ga/vGf3pYAE0aZeA1OVe1QY6DoiwmNjQ7QadAkBsWIc=)
3: F33309A2B72011EFB3A5D772C4F9AE02.roa (hash: HYHec9orOca+00gsDqMx8Gss9C7gqHvPJgzKMMmNDKk=)
4: 3A8C7518B72111EFA9A92F26C4F9AE02.roa (hash: wy1fO8emrrb11LIF29YjzsQF2VR/akidMRTHMxAcTfI=)
5: 98AEAB84B72111EF8A087D30C4F9AE02.roa (hash: j2Hz+mynGpqLJnmZlqehevWYxoqbcW99ZISJiOfwTiY=)
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91982EF/FC650B72B71D11EF8982C40CC4F9AE02/hxl_1UbcMVIxEd2TkLG6Pz1wJlY.crl
rsync://rpki.apnic.net/member_repository/A91982EF/FC650B72B71D11EF8982C40CC4F9AE02/hxl_1UbcMVIxEd2TkLG6Pz1wJlY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hxl_1UbcMVIxEd2TkLG6Pz1wJlY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 12 Jul 2026 06:23:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 341 (0x155)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91982EF, serialNumber=87197FD546DC31523111DD9390B1BA3F3D702656
Validity
Not Before: Jul 5 06:23:27 2026 GMT
Not After : Jul 12 06:23:27 2026 GMT
Subject: CN=6a49f85f-43e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:58:9e:d1:d4:97:66:ab:f6:6b:eb:54:13:ce:
22:55:65:de:bf:dd:ff:6e:4e:04:2a:03:34:e4:8b:
61:d7:2c:49:f1:d7:6b:90:65:ae:4b:09:10:c4:ca:
c7:46:a4:64:c4:7a:22:86:e9:45:f1:65:f8:4b:84:
3d:42:e1:0f:a7:c6:0b:ce:fc:85:2c:9b:94:c4:ac:
ea:73:30:f1:70:bb:74:ac:e5:34:19:3d:ce:9b:ef:
62:84:52:4d:01:0d:a8:39:4f:56:f8:3d:44:bc:ab:
71:0b:0a:37:68:fa:30:55:ca:02:19:83:e2:58:69:
b1:88:da:b0:e6:aa:e6:61:38:3c:f1:fa:eb:41:74:
c3:22:ef:ac:f9:b7:d0:02:b7:c3:f6:e1:67:47:a9:
16:cf:c6:09:35:37:77:dd:fe:11:d0:1a:93:5d:29:
57:1e:76:4e:92:62:3e:12:82:5b:c3:af:bf:25:b6:
61:50:19:2c:90:aa:79:b4:37:eb:6b:e6:60:00:25:
5f:74:63:e7:14:e5:b1:78:8b:3b:75:58:74:23:5d:
18:22:62:94:56:4d:e5:93:af:f3:84:86:61:10:d6:
2c:0a:ca:08:e0:10:c8:e5:11:bb:11:7b:a1:df:d6:
f8:6e:7e:61:7e:70:5f:ae:52:5e:7a:22:e1:8d:2f:
c3:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:5E:F6:39:A8:B3:8A:8B:38:70:BA:1B:FE:FB:5D:4D:EB:F0:88:F2
X509v3 Authority Key Identifier:
keyid:87:19:7F:D5:46:DC:31:52:31:11:DD:93:90:B1:BA:3F:3D:70:26:56
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91982EF/FC650B72B71D11EF8982C40CC4F9AE02/hxl_1UbcMVIxEd2TkLG6Pz1wJlY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hxl_1UbcMVIxEd2TkLG6Pz1wJlY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91982EF/FC650B72B71D11EF8982C40CC4F9AE02/hxl_1UbcMVIxEd2TkLG6Pz1wJlY.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
91:1a:54:18:5f:c9:8f:72:d1:07:f3:cb:0f:91:b0:54:f1:80:
fc:2e:97:3b:78:65:35:c6:89:66:2a:2d:46:dd:b5:22:23:6c:
f2:11:31:da:b9:68:a6:91:e1:8c:2e:81:f8:d9:ad:57:3e:65:
17:4e:3e:b3:d5:cf:78:4a:11:c9:fd:79:a5:be:a6:32:3a:9c:
8d:79:0e:9b:7f:ff:0f:8c:c2:b3:e4:af:d1:38:28:d4:97:c0:
2d:3f:4f:73:7e:a1:91:51:14:eb:aa:ff:67:88:11:33:b7:b8:
ee:c8:b3:7d:1d:f9:a9:a7:7d:b0:7d:85:7f:a7:15:49:0c:fd:
fe:c0:4a:8c:43:bb:b1:a8:45:08:17:f1:94:10:f1:6c:07:70:
fd:2d:79:59:98:97:e7:f9:a0:c9:2d:14:bd:4f:04:65:b5:5c:
35:e2:d3:ba:5d:1a:28:2a:ac:b1:48:29:8c:c2:4b:97:14:1c:
dc:8a:e1:6f:cc:75:cd:21:c8:3c:2d:db:7c:75:4e:ff:c5:5f:
5f:d7:54:5e:97:df:1a:e0:b6:c1:5f:d3:0b:81:62:75:1f:0d:
4e:17:24:c5:7e:d0:e6:74:11:52:92:e0:9f:d6:2d:b6:66:29:
ac:22:29:64:c5:15:57:bd:99:a9:c6:60:15:de:83:4a:0d:3a:
b6:e9:ae:d0
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICAVUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTgyRUYxMTAvBgNVBAUTKDg3MTk3RkQ1NDZEQzMxNTIzMTExREQ5MzkwQjFCQTNG
M0Q3MDI2NTYwHhcNMjYwNzA1MDYyMzI3WhcNMjYwNzEyMDYyMzI3WjAYMRYwFAYD
VQQDEw02YTQ5Zjg1Zi00M2U4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAylie0dSXZqv2a+tUE84iVWXev93/bk4EKgM05Ith1yxJ8ddrkGWuSwkQxMrH
RqRkxHoihulF8WX4S4Q9QuEPp8YLzvyFLJuUxKzqczDxcLt0rOU0GT3Om+9ihFJN
AQ2oOU9W+D1EvKtxCwo3aPowVcoCGYPiWGmxiNqw5qrmYTg88frrQXTDIu+s+bfQ
ArfD9uFnR6kWz8YJNTd33f4R0BqTXSlXHnZOkmI+EoJbw6+/JbZhUBkskKp5tDfr
a+ZgACVfdGPnFOWxeIs7dVh0I10YImKUVk3lk6/zhIZhENYsCsoI4BDI5RG7EXuh
39b4bn5hfnBfrlJeeiLhjS/D4QIDAQABo4ICczCCAm8wHQYDVR0OBBYEFB1e9jmo
s4qLOHC6G/77XU3r8IjyMB8GA1UdIwQYMBaAFIcZf9VG3DFSMRHdk5Cxuj89cCZW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5ODJFRi9GQzY1MEI3MkI3
MUQxMUVGODk4MkM0MENDNEY5QUUwMi9oeGxfMVViY01WSXhFZDJUa0xHNlB6MXdK
bFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h4bF8xVWJjTVZJeEVkMlRrTEc2UHoxd0psWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
ODJFRi9GQzY1MEI3MkI3MUQxMUVGODk4MkM0MENDNEY5QUUwMi9oeGxfMVViY01W
SXhFZDJUa0xHNlB6MXdKbFkubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEAkRpUGF/Jj3LRB/PLD5GwVPGA/C6XO3hlNcaJZiotRt21IiNs8hEx2rloppHh
jC6B+NmtVz5lF04+s9XPeEoRyf15pb6mMjqcjXkOm3//D4zCs+Sv0Tgo1JfALT9P
c36hkVEU66r/Z4gRM7e47sizfR35qad9sH2Ff6cVSQz9/sBKjEO7sahFCBfxlBDx
bAdw/S15WZiX5/mgyS0UvU8EZbVcNeLTul0aKCqssUgpjMJLlxQc3Irhb8x1zSHI
PC3bfHVO/8VfX9dUXpffGuC2wV/TC4FidR8NThckxX7Q5nQRUpLgn9YttmYprCIp
ZMUVV72ZqcZgFd6DSg06tumu0A==
-----END CERTIFICATE-----
Generated at Mon Jul 6 21:09:58 2026 by rpki-client