
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.mft
File: zhFGgP9vTZvD8YgNYQ1q7urr8NQ.mft (raw, json)
Hash identifier: V7woTbD9Co0TEtrU3xEoxdLENuYCi/9QIdDvgPBhPHY=
Subject key identifier: 43:0E:54:75:B4:34:6F:C9:E3:DC:F7:A5:C0:6B:79:45:99:A0:44:89
Authority key identifier: CE:11:46:80:FF:6F:4D:9B:C3:F1:88:0D:61:0D:6A:EE:EA:EB:F0:D4
Certificate issuer: /CN=A91A4B1A/serialNumber=CE114680FF6F4D9BC3F1880D610D6AEEEAEBF0D4
Certificate serial: 1F0B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.mft
Manifest number: 1ED7
Signing time: Tue 30 Jun 2026 16:10:01 +0000
Manifest this update: Tue 30 Jun 2026 16:10:01 +0000
Manifest next update: Tue 07 Jul 2026 16:10:01 +0000
Files and hashes: 1: zhFGgP9vTZvD8YgNYQ1q7urr8NQ.crl (hash: 8Ydt3CjkULB+t2uOiUO76PJ7J6erKSX+/NC+W8uiAPs=)
2: 1DBC9D405DB411EEA017251AC4F9AE02.roa (hash: MORsfRo625k6Z6J+RgEowsAvarYUIEu/pPax0H0xX08=)
3: 4A6679EC14DF11EEAB46A86DC4F9AE02.roa (hash: ZF+S9Eq6dimNzHWGXtdSSL8R6tb42i721A8ipARJHDg=)
4: 4B52A44814DF11EEAB46A86DC4F9AE02.roa (hash: TptByVGgUQdWR0MavGH9OYmCsbH/nXydqU06KChwsXI=)
5: 4CE75372B9DE11EEBC5B0D21C4F9AE02.roa (hash: fuTljzKvBea7sJt2VNckungbhAnkDIYji3I6D462WJ8=)
6: 4999305414DF11EEAB46A86DC4F9AE02.roa (hash: SP9KLqagmi8apHAQ/A1PSM4jrXC2JUZTS6enHcX0VwU=)
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.crl
rsync://rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 07 Jul 2026 16:10:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7947 (0x1f0b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A4B1A, serialNumber=CE114680FF6F4D9BC3F1880D610D6AEEEAEBF0D4
Validity
Not Before: Jun 30 16:10:01 2026 GMT
Not After : Jul 7 16:10:01 2026 GMT
Subject: CN=6a43ea59-5fee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:e6:d5:1b:85:a6:e4:bc:16:38:11:e4:0e:3e:
3d:36:e3:fc:f1:1a:ce:bd:93:44:49:69:0f:15:1d:
b5:64:66:bf:b4:95:a9:89:c2:5b:a3:0f:c4:1c:cc:
c6:df:7d:3f:40:65:4b:11:bf:9f:29:b8:31:79:49:
0c:24:62:51:f5:31:2e:b7:20:e5:63:3e:60:61:43:
fb:ad:a9:31:51:eb:bc:53:d2:50:3a:59:79:ec:36:
36:1d:5b:68:fb:ab:ae:91:7e:c0:0c:71:e6:ac:0d:
99:43:fc:a7:f2:52:02:d5:41:cb:7f:30:9a:41:a1:
96:4f:97:28:b4:8d:cd:c1:a1:7c:bd:67:59:de:22:
b7:5c:9d:2e:fa:12:90:6c:66:1f:14:a9:7e:87:57:
dc:40:3d:b0:66:48:50:f0:fb:6b:c6:17:a8:a6:33:
12:03:25:e3:29:5c:d0:da:02:67:33:83:d5:24:de:
40:af:7d:d1:df:1c:46:4f:e8:95:e2:2d:34:83:9b:
ed:cd:ac:e0:70:42:c0:72:be:a9:12:c9:9e:65:2b:
04:f0:1f:51:ab:e0:8b:51:5d:20:10:b0:b8:02:72:
6a:30:bd:d5:39:b5:a5:22:5f:19:24:38:75:f5:f2:
72:a1:97:fd:ae:3a:64:07:de:97:28:74:ee:f2:af:
7d:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:0E:54:75:B4:34:6F:C9:E3:DC:F7:A5:C0:6B:79:45:99:A0:44:89
X509v3 Authority Key Identifier:
keyid:CE:11:46:80:FF:6F:4D:9B:C3:F1:88:0D:61:0D:6A:EE:EA:EB:F0:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
b2:c9:7c:aa:52:cd:92:ce:aa:b3:25:cf:eb:cb:21:1e:16:07:
29:b9:95:a4:0f:0d:f7:1e:2e:24:dc:ed:40:6e:db:dd:3b:ff:
7c:ae:f4:29:90:8e:38:c8:bb:f8:0a:8a:e9:8e:41:4e:cd:e4:
54:ef:4c:f3:4c:af:23:fc:5e:8a:2a:be:e5:16:9a:32:fe:f1:
7f:f0:e7:17:60:98:a6:f3:60:9a:d8:fc:36:ed:37:3a:4d:0f:
ac:db:78:a6:7b:20:ee:96:d4:55:f1:8e:eb:03:41:e8:9f:b0:
58:17:7d:ee:c9:14:a5:5f:aa:69:5c:b8:a1:72:93:d4:b4:5f:
52:50:ae:0e:68:a5:5a:b0:10:9e:97:74:71:cc:18:40:20:59:
56:67:f4:d8:1b:c9:a5:72:9f:b4:b9:40:fb:b0:14:74:ca:cf:
87:c2:db:3a:94:b4:84:d4:15:db:4b:ab:41:6b:af:c0:96:f5:
ed:07:b6:bc:06:08:00:a9:3a:d7:5f:8b:00:95:bb:33:fc:4f:
9f:18:3c:0a:31:ab:4b:28:80:1c:56:9f:07:9d:6c:a3:d6:da:
d0:bd:1a:87:ce:3f:16:e4:ce:b3:4b:17:cf:0f:5e:3f:ba:79:
7e:ba:2d:b8:9c:22:b1:c6:bb:d8:28:bb:09:ad:99:c7:8c:92:
c2:1a:00:b9
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICHwswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTRCMUExMTAvBgNVBAUTKENFMTE0NjgwRkY2RjREOUJDM0YxODgwRDYxMEQ2QUVF
RUFFQkYwRDQwHhcNMjYwNjMwMTYxMDAxWhcNMjYwNzA3MTYxMDAxWjAYMRYwFAYD
VQQDEw02YTQzZWE1OS01ZmVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8ebVG4Wm5LwWOBHkDj49NuP88RrOvZNESWkPFR21ZGa/tJWpicJbow/EHMzG
330/QGVLEb+fKbgxeUkMJGJR9TEutyDlYz5gYUP7rakxUeu8U9JQOll57DY2HVto
+6uukX7ADHHmrA2ZQ/yn8lIC1UHLfzCaQaGWT5cotI3NwaF8vWdZ3iK3XJ0u+hKQ
bGYfFKl+h1fcQD2wZkhQ8PtrxheopjMSAyXjKVzQ2gJnM4PVJN5Ar33R3xxGT+iV
4i00g5vtzazgcELAcr6pEsmeZSsE8B9Rq+CLUV0gELC4AnJqML3VObWlIl8ZJDh1
9fJyoZf9rjpkB96XKHTu8q99JQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFEMOVHW0
NG/J49z3pcBreUWZoESJMB8GA1UdIwQYMBaAFM4RRoD/b02bw/GIDWENau7q6/DU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNEIxQS81REQ0OEFCNjg5
RjIxMUU2OUU1RjYzMzlDNEY5QUUwMi96aEZHZ1A5dlRadkQ4WWdOWVExcTd1cnI4
TlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3poRkdnUDl2VFp2RDhZZ05ZUTFxN3VycjhOUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
NEIxQS81REQ0OEFCNjg5RjIxMUU2OUU1RjYzMzlDNEY5QUUwMi96aEZHZ1A5dlRa
dkQ4WWdOWVExcTd1cnI4TlEubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEAssl8qlLNks6qsyXP68shHhYHKbmVpA8N9x4uJNztQG7b3Tv/fK70KZCOOMi7
+AqK6Y5BTs3kVO9M80yvI/xeiiq+5RaaMv7xf/DnF2CYpvNgmtj8Nu03Ok0PrNt4
pnsg7pbUVfGO6wNB6J+wWBd97skUpV+qaVy4oXKT1LRfUlCuDmilWrAQnpd0ccwY
QCBZVmf02BvJpXKftLlA+7AUdMrPh8LbOpS0hNQV20urQWuvwJb17Qe2vAYIAKk6
11+LAJW7M/xPnxg8CjGrSyiAHFafB51so9ba0L0ah84/FuTOs0sXzw9eP7p5frot
uJwisca72Ci7Ca2Zx4ySwhoAuQ==
-----END CERTIFICATE-----
Generated at Thu Jul 2 10:26:05 2026 by rpki-client