
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C064C/683C9D98672D11EE9C809F12C4F9AE02/r8MXR2fk6vxN7g9JJaHGXNxZ-io.mft
File: r8MXR2fk6vxN7g9JJaHGXNxZ-io.mft (raw, json)
Hash identifier: xYfCMaJg/ixrK22CuGPVRDfHOXU/aEGa7uEHnnYsfxs=
Subject key identifier: 40:10:87:A6:F6:4B:D7:0D:57:BA:B6:34:8C:21:2A:73:E5:DD:1D:EE
Authority key identifier: AF:C3:17:47:67:E4:EA:FC:4D:EE:0F:49:25:A1:C6:5C:DC:59:FA:2A
Certificate issuer: /CN=A91C064C/serialNumber=AFC3174767E4EAFC4DEE0F4925A1C65CDC59FA2A
Certificate serial: 020D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r8MXR2fk6vxN7g9JJaHGXNxZ-io.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C064C/683C9D98672D11EE9C809F12C4F9AE02/r8MXR2fk6vxN7g9JJaHGXNxZ-io.mft
Manifest number: 0203
Signing time: Tue 07 Jul 2026 04:00:19 +0000
Manifest this update: Tue 07 Jul 2026 04:00:19 +0000
Manifest next update: Tue 14 Jul 2026 04:00:19 +0000
Files and hashes: 1: r8MXR2fk6vxN7g9JJaHGXNxZ-io.crl (hash: 0csPkynDL26XnjbAGB+K/EujH1TkmcWUjDZJ7LUZCoA=)
2: 583FA34E672E11EEB31AC02CC4F9AE02.roa (hash: hUBkgyOeFfHyusrHl5Ul+wkZZtAL0ghWlOjjJyvQSKc=)
3: 810B798472CC11EEA1A5574DC4F9AE02.roa (hash: WjgNxbDbrb74XmE1Jk0QE3DXYeIptytiMEIutAQrgFI=)
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91C064C/683C9D98672D11EE9C809F12C4F9AE02/r8MXR2fk6vxN7g9JJaHGXNxZ-io.crl
rsync://rpki.apnic.net/member_repository/A91C064C/683C9D98672D11EE9C809F12C4F9AE02/r8MXR2fk6vxN7g9JJaHGXNxZ-io.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r8MXR2fk6vxN7g9JJaHGXNxZ-io.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 14 Jul 2026 04:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 525 (0x20d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C064C, serialNumber=AFC3174767E4EAFC4DEE0F4925A1C65CDC59FA2A
Validity
Not Before: Jul 7 04:00:19 2026 GMT
Not After : Jul 14 04:00:19 2026 GMT
Subject: CN=6a4c79d3-7a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f9:d4:26:c3:d9:e7:ea:a0:4f:f9:6e:09:6d:
ab:07:b5:70:63:a6:10:f6:17:bc:6f:92:e7:6c:e4:
22:43:22:1a:df:fe:91:0f:90:77:05:60:1f:0d:ab:
7b:1a:24:1e:34:1d:d3:04:c4:0e:30:5f:20:19:6b:
d0:c1:52:51:a9:55:d5:ea:9f:58:52:b6:9d:f8:56:
66:fb:96:55:ff:87:0c:9d:b6:26:4d:ad:7a:51:ff:
25:cd:b7:f8:e1:e6:86:63:b5:72:b6:62:69:71:41:
9c:e6:7a:7b:f0:b9:7b:98:db:3e:c4:f2:6d:84:79:
26:f8:b3:f4:9e:12:1c:6f:54:6e:49:fb:1b:f8:ed:
5d:1c:34:e2:09:c6:6f:0e:58:a4:e4:29:6a:86:e1:
a6:81:2d:b7:79:3f:59:e6:18:32:01:ef:a6:ab:e8:
5d:0c:08:67:95:e0:58:c3:d7:45:24:5d:92:cf:12:
12:eb:cd:7b:78:8f:0c:93:04:91:ef:07:1b:a0:ce:
17:ba:9d:68:7e:64:bf:58:72:95:3b:5c:3d:d3:6c:
4e:b6:b9:b5:8b:66:40:ec:43:d8:bb:f7:20:a2:d3:
88:41:78:0c:16:b3:2b:77:c3:a6:4c:63:f8:a7:00:
d6:29:95:86:d8:6c:8b:d6:08:40:0b:a0:f6:f7:58:
9b:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:10:87:A6:F6:4B:D7:0D:57:BA:B6:34:8C:21:2A:73:E5:DD:1D:EE
X509v3 Authority Key Identifier:
keyid:AF:C3:17:47:67:E4:EA:FC:4D:EE:0F:49:25:A1:C6:5C:DC:59:FA:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C064C/683C9D98672D11EE9C809F12C4F9AE02/r8MXR2fk6vxN7g9JJaHGXNxZ-io.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r8MXR2fk6vxN7g9JJaHGXNxZ-io.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C064C/683C9D98672D11EE9C809F12C4F9AE02/r8MXR2fk6vxN7g9JJaHGXNxZ-io.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
d4:b9:a5:62:47:14:44:63:2e:02:2d:3e:e3:d2:f1:5c:ce:40:
57:40:4a:b5:49:1b:ab:37:28:30:22:7e:d3:4c:2b:c3:ca:be:
3d:cc:da:a3:5b:d5:5a:c5:d1:f1:11:c1:9d:16:b6:df:67:49:
8e:36:48:25:97:ec:e4:bc:2e:d0:c7:2a:d5:7a:42:03:bc:5a:
c7:50:1f:8c:ed:38:6b:7f:9a:5a:10:85:be:df:93:0e:24:bc:
ea:99:54:ce:25:f5:8f:d8:57:42:35:96:e6:b0:eb:e6:33:7b:
2c:b4:47:84:c4:45:ea:6a:1c:86:5e:a0:ae:43:60:ba:1d:97:
12:db:5f:95:de:41:c3:67:88:22:32:c9:69:de:11:ce:18:90:
ea:57:12:8c:1d:e7:0d:a5:13:20:f2:69:2b:76:23:72:3c:2f:
5c:f8:fa:20:9e:e9:10:c8:4c:d7:e9:81:69:d7:79:04:a2:8f:
90:50:d8:5f:a6:fd:87:53:2b:b1:eb:30:2b:ee:5f:99:2b:d1:
92:a1:6a:b3:68:5a:e2:5b:11:b4:a4:e8:fb:40:47:74:d0:4c:
28:71:0c:6f:a4:c8:a4:d7:87:7c:f3:dc:fc:ef:a9:41:ad:e3:
b0:97:15:e0:47:72:d1:aa:dc:72:fd:c5:90:59:a8:71:58:52:
8d:45:0e:10
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICAg0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzA2NEMxMTAvBgNVBAUTKEFGQzMxNzQ3NjdFNEVBRkM0REVFMEY0OTI1QTFDNjVD
REM1OUZBMkEwHhcNMjYwNzA3MDQwMDE5WhcNMjYwNzE0MDQwMDE5WjAYMRYwFAYD
VQQDEw02YTRjNzlkMy03YTgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr/nUJsPZ5+qgT/luCW2rB7VwY6YQ9he8b5LnbOQiQyIa3/6RD5B3BWAfDat7
GiQeNB3TBMQOMF8gGWvQwVJRqVXV6p9YUrad+FZm+5ZV/4cMnbYmTa16Uf8lzbf4
4eaGY7VytmJpcUGc5np78Ll7mNs+xPJthHkm+LP0nhIcb1RuSfsb+O1dHDTiCcZv
Dlik5ClqhuGmgS23eT9Z5hgyAe+mq+hdDAhnleBYw9dFJF2SzxIS6817eI8MkwSR
7wcboM4Xup1ofmS/WHKVO1w902xOtrm1i2ZA7EPYu/cgotOIQXgMFrMrd8OmTGP4
pwDWKZWG2GyL1ghAC6D291ibvQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFEAQh6b2
S9cNV7q2NIwhKnPl3R3uMB8GA1UdIwQYMBaAFK/DF0dn5Or8Te4PSSWhxlzcWfoq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMDY0Qy82ODNDOUQ5ODY3
MkQxMUVFOUM4MDlGMTJDNEY5QUUwMi9yOE1YUjJmazZ2eE43ZzlKSmFIR1hOeFot
aW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3I4TVhSMmZrNnZ4TjdnOUpKYUhHWE54Wi1pby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
MDY0Qy82ODNDOUQ5ODY3MkQxMUVFOUM4MDlGMTJDNEY5QUUwMi9yOE1YUjJmazZ2
eE43ZzlKSmFIR1hOeFotaW8ubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEA1LmlYkcURGMuAi0+49LxXM5AV0BKtUkbqzcoMCJ+00wrw8q+Pczao1vVWsXR
8RHBnRa232dJjjZIJZfs5Lwu0Mcq1XpCA7xax1AfjO04a3+aWhCFvt+TDiS86plU
ziX1j9hXQjWW5rDr5jN7LLRHhMRF6mochl6grkNguh2XEttfld5Bw2eIIjLJad4R
zhiQ6lcSjB3nDaUTIPJpK3YjcjwvXPj6IJ7pEMhM1+mBadd5BKKPkFDYX6b9h1Mr
seswK+5fmSvRkqFqs2ha4lsRtKTo+0BHdNBMKHEMb6TIpNeHfPPc/O+pQa3jsJcV
4Edy0arccv3FkFmocVhSjUUOEA==
-----END CERTIFICATE-----
Generated at Wed Jul 8 18:31:32 2026 by rpki-client