
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B1E55/4C09862E78FA11EFA44FE586C4F9AE02/3XyND0ePm-ar9znAT1tb5NyfYfg.mft
File: 3XyND0ePm-ar9znAT1tb5NyfYfg.mft (raw, json)
Hash identifier: bddzQ0mVN2P8T6HE2q6L8tjE5hIYOqHFTwpWpn/k+YA=
Subject key identifier: 44:1D:71:7A:F9:31:DB:27:9E:E8:08:CD:33:72:F2:2D:4A:58:9E:35
Authority key identifier: DD:7C:8D:0F:47:8F:9B:E6:AB:F7:39:C0:4F:5B:5B:E4:DC:9F:61:F8
Certificate issuer: /CN=A91B1E55/serialNumber=DD7C8D0F478F9BE6ABF739C04F5B5BE4DC9F61F8
Certificate serial: 0164
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3XyND0ePm-ar9znAT1tb5NyfYfg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B1E55/4C09862E78FA11EFA44FE586C4F9AE02/3XyND0ePm-ar9znAT1tb5NyfYfg.mft
Manifest number: 0154
Signing time: Fri 17 Jul 2026 06:11:52 +0000
Manifest this update: Fri 17 Jul 2026 06:11:52 +0000
Manifest next update: Fri 24 Jul 2026 06:11:52 +0000
Files and hashes: 1: 3XyND0ePm-ar9znAT1tb5NyfYfg.crl (hash: Yelxzr2ilIKw9xPNM+uqCYb3ZSeGKVrs2S9sG2y2aSw=)
2: EAF1E48478FA11EF9043060AC4F9AE02.roa (hash: 3r7oWvZZSCAzRuaEEZfRdRU+m7LuuIxoldkPQaUgKhQ=)
3: EA810E6278FA11EF9043060AC4F9AE02.roa (hash: cb0xCHL1dV5N7XyIruiC/PJxxp8M1xlcJSMtvdRnQog=)
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91B1E55/4C09862E78FA11EFA44FE586C4F9AE02/3XyND0ePm-ar9znAT1tb5NyfYfg.crl
rsync://rpki.apnic.net/member_repository/A91B1E55/4C09862E78FA11EFA44FE586C4F9AE02/3XyND0ePm-ar9znAT1tb5NyfYfg.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3XyND0ePm-ar9znAT1tb5NyfYfg.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 24 Jul 2026 06:11:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 356 (0x164)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B1E55, serialNumber=DD7C8D0F478F9BE6ABF739C04F5B5BE4DC9F61F8
Validity
Not Before: Jul 17 06:11:52 2026 GMT
Not After : Jul 24 06:11:52 2026 GMT
Subject: CN=6a59c7a8-1ce8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:36:2a:09:54:4c:bc:38:f1:de:03:36:aa:43:
ab:1a:38:1d:d8:51:5b:03:fb:39:08:28:c1:2c:34:
c6:35:74:64:f5:c4:8d:31:f9:e6:2d:d3:87:70:66:
26:67:e5:7a:ab:8b:80:35:ca:6c:d1:1e:ee:8e:06:
e2:90:b1:01:ba:58:1b:98:c2:ab:5a:c0:3f:b8:a6:
89:93:3d:c9:55:49:d0:b7:75:87:19:c2:2b:47:9c:
3f:13:3f:be:bc:ce:d6:cb:d9:93:e5:e3:f7:ff:c8:
1d:d0:a9:ae:6e:ec:0c:32:13:0b:a6:b9:1f:4e:ac:
96:f0:1e:7e:ef:d0:64:14:d5:0f:b4:a2:c5:3c:19:
69:d5:e2:dd:08:55:23:00:62:b8:66:64:92:8d:5d:
52:6a:11:32:5a:52:04:ac:eb:2c:f4:2a:e9:2d:37:
0f:9f:1c:69:0f:18:d8:bc:60:ad:36:cd:39:6c:fe:
d3:88:21:71:c8:89:df:25:e5:6e:e1:bb:ed:d9:84:
b2:84:2b:11:44:dd:d5:ab:b9:96:5d:04:76:4d:b6:
f2:b2:88:d1:ee:9f:99:cb:f3:90:91:55:be:7f:14:
41:7e:1c:b5:f5:a2:2b:26:d1:79:f6:5d:ed:25:f5:
bd:ca:c9:b2:84:c5:d4:59:96:8c:8b:dc:f3:86:1b:
81:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:1D:71:7A:F9:31:DB:27:9E:E8:08:CD:33:72:F2:2D:4A:58:9E:35
X509v3 Authority Key Identifier:
keyid:DD:7C:8D:0F:47:8F:9B:E6:AB:F7:39:C0:4F:5B:5B:E4:DC:9F:61:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B1E55/4C09862E78FA11EFA44FE586C4F9AE02/3XyND0ePm-ar9znAT1tb5NyfYfg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3XyND0ePm-ar9znAT1tb5NyfYfg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B1E55/4C09862E78FA11EFA44FE586C4F9AE02/3XyND0ePm-ar9znAT1tb5NyfYfg.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
9a:9a:68:d1:56:03:ce:ff:f3:0e:6f:62:3a:97:58:df:48:24:
d0:da:2e:b9:58:9f:59:1f:6b:bb:8b:05:66:2b:41:be:7d:b0:
a1:16:55:11:37:4b:38:ae:fc:ba:06:fe:dc:d7:62:8d:ba:e9:
7e:31:ea:a3:0f:fa:02:25:37:22:e3:c8:29:dc:e6:5e:a2:59:
dc:cf:3b:00:63:3d:28:e4:74:d8:a9:cc:9a:cd:9d:ee:33:2d:
12:eb:be:32:36:52:fa:aa:39:2c:23:d4:09:96:84:57:53:60:
50:ee:7c:b2:30:a1:25:c3:30:a7:c2:21:5e:81:69:d6:af:84:
42:f3:84:d9:2a:db:51:ee:76:5b:18:11:93:07:4b:57:aa:f1:
5a:29:9f:fb:c3:f1:ae:35:41:22:2b:44:fa:89:0c:51:af:bb:
9c:d7:36:73:b6:a7:85:86:77:4a:93:d0:c8:59:fc:b2:9a:54:
31:68:52:02:15:f4:73:10:3e:1b:82:83:b9:43:81:20:d4:8b:
06:a9:be:8e:c1:ee:40:69:e7:b2:aa:67:23:c0:30:b6:21:62:
40:73:69:65:3b:15:17:df:a0:c6:ff:3d:55:ff:98:23:2b:03:
05:cd:ee:00:56:f4:c6:92:cf:20:5c:f7:9c:c7:ed:f5:f6:ad:
d0:f7:0c:4f
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICAWQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjFFNTUxMTAvBgNVBAUTKEREN0M4RDBGNDc4RjlCRTZBQkY3MzlDMDRGNUI1QkU0
REM5RjYxRjgwHhcNMjYwNzE3MDYxMTUyWhcNMjYwNzI0MDYxMTUyWjAYMRYwFAYD
VQQDEw02YTU5YzdhOC0xY2U4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAozYqCVRMvDjx3gM2qkOrGjgd2FFbA/s5CCjBLDTGNXRk9cSNMfnmLdOHcGYm
Z+V6q4uANcps0R7ujgbikLEBulgbmMKrWsA/uKaJkz3JVUnQt3WHGcIrR5w/Ez++
vM7Wy9mT5eP3/8gd0KmubuwMMhMLprkfTqyW8B5+79BkFNUPtKLFPBlp1eLdCFUj
AGK4ZmSSjV1SahEyWlIErOss9CrpLTcPnxxpDxjYvGCtNs05bP7TiCFxyInfJeVu
4bvt2YSyhCsRRN3Vq7mWXQR2TbbysojR7p+Zy/OQkVW+fxRBfhy19aIrJtF59l3t
JfW9ysmyhMXUWZaMi9zzhhuB1QIDAQABo4ICczCCAm8wHQYDVR0OBBYEFEQdcXr5
MdsnnugIzTNy8i1KWJ41MB8GA1UdIwQYMBaAFN18jQ9Hj5vmq/c5wE9bW+Tcn2H4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMUU1NS80QzA5ODYyRTc4
RkExMUVGQTQ0RkU1ODZDNEY5QUUwMi8zWHlORDBlUG0tYXI5em5BVDF0YjVOeWZZ
ZmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLzNYeU5EMGVQbS1hcjl6bkFUMXRiNU55ZllmZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
MUU1NS80QzA5ODYyRTc4RkExMUVGQTQ0RkU1ODZDNEY5QUUwMi8zWHlORDBlUG0t
YXI5em5BVDF0YjVOeWZZZmcubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEAmppo0VYDzv/zDm9iOpdY30gk0NouuVifWR9ru4sFZitBvn2woRZVETdLOK78
ugb+3NdijbrpfjHqow/6AiU3IuPIKdzmXqJZ3M87AGM9KOR02KnMms2d7jMtEuu+
MjZS+qo5LCPUCZaEV1NgUO58sjChJcMwp8IhXoFp1q+EQvOE2SrbUe52WxgRkwdL
V6rxWimf+8PxrjVBIitE+okMUa+7nNc2c7anhYZ3SpPQyFn8sppUMWhSAhX0cxA+
G4KDuUOBINSLBqm+jsHuQGnnsqpnI8AwtiFiQHNpZTsVF9+gxv89Vf+YIysDBc3u
AFb0xpLPIFz3nMft9fat0PcMTw==
-----END CERTIFICATE-----
Generated at Sat Jul 18 03:29:36 2026 by rpki-client