
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB2E2/411C63B0895911F0BA65345DC4F9AE02/3dzECt5nfyP4p5ukFo729r7wZcc.mft
File: 3dzECt5nfyP4p5ukFo729r7wZcc.mft (raw, json)
Hash identifier: ZJyQleaODBoBOBU6C9Do+2Q0A6gWMaZFo1VLAuqolo8=
Subject key identifier: 1C:4A:23:80:A6:B9:1A:B1:92:FB:FA:9B:21:05:44:5B:F1:F4:90:36
Authority key identifier: DD:DC:C4:0A:DE:67:7F:23:F8:A7:9B:A4:16:8E:F6:F6:BE:F0:65:C7
Certificate issuer: /CN=A91CB2E2/serialNumber=DDDCC40ADE677F23F8A79BA4168EF6F6BEF065C7
Certificate serial: 9F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3dzECt5nfyP4p5ukFo729r7wZcc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CB2E2/411C63B0895911F0BA65345DC4F9AE02/3dzECt5nfyP4p5ukFo729r7wZcc.mft
Manifest number: 9C
Signing time: Fri 03 Jul 2026 08:09:55 +0000
Manifest this update: Fri 03 Jul 2026 08:09:55 +0000
Manifest next update: Fri 10 Jul 2026 08:09:55 +0000
Files and hashes: 1: 3dzECt5nfyP4p5ukFo729r7wZcc.crl (hash: qZX2YawXx9GX5FmM8muN5bZ1qlynsD/FcNu4IypQVVo=)
2: 240EF95E896311F0B911053BC4F9AE02.roa (hash: bgfPYSTEsSkfhGSuxOoFNVtQR8SOazKoHfsSU4GrHl0=)
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91CB2E2/411C63B0895911F0BA65345DC4F9AE02/3dzECt5nfyP4p5ukFo729r7wZcc.crl
rsync://rpki.apnic.net/member_repository/A91CB2E2/411C63B0895911F0BA65345DC4F9AE02/3dzECt5nfyP4p5ukFo729r7wZcc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3dzECt5nfyP4p5ukFo729r7wZcc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 10 Jul 2026 08:09:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 159 (0x9f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CB2E2, serialNumber=DDDCC40ADE677F23F8A79BA4168EF6F6BEF065C7
Validity
Not Before: Jul 3 08:09:55 2026 GMT
Not After : Jul 10 08:09:55 2026 GMT
Subject: CN=6a476e53-89d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:a8:25:4f:eb:4b:1d:87:77:c4:bb:8d:29:3c:
a9:66:eb:b3:e6:7f:6f:3c:fa:dd:e0:e2:62:e8:a0:
0d:7c:d5:2e:06:fb:53:b1:98:de:d8:ea:75:12:6e:
f3:38:38:a5:19:42:6a:4b:6e:ea:87:ea:f7:72:1b:
fa:af:1d:40:80:6c:a4:6c:41:dd:e5:4b:77:2c:57:
a2:4d:63:74:4d:05:cf:bc:d7:1e:cd:02:4e:a9:6a:
c5:b1:3f:14:f6:c9:4d:c7:8a:dc:13:62:2e:fe:49:
4c:35:3b:c4:54:58:0a:76:20:1a:c9:ec:ce:37:a1:
46:de:8a:b1:c9:b7:0e:a0:29:3f:18:32:2f:11:89:
87:6c:5e:b7:84:fd:be:43:f9:b9:bc:ed:69:72:82:
c7:82:03:1a:bc:0a:71:87:8d:d5:dc:28:9a:0e:2d:
10:12:7e:fa:91:d9:fa:b9:6a:1e:c7:f4:ca:1e:4b:
f9:95:02:0e:81:39:ac:6b:c8:17:77:47:46:df:40:
a3:43:fb:5c:b3:28:4e:3d:0f:67:b7:b0:f7:c0:b1:
3d:fd:cb:51:a2:c9:1b:19:a7:6b:88:82:c8:ed:18:
9d:82:72:ea:0d:47:0d:10:24:ff:db:b3:b9:c0:2b:
35:a0:87:f3:be:10:57:19:d1:80:8b:32:d4:79:3d:
6f:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:4A:23:80:A6:B9:1A:B1:92:FB:FA:9B:21:05:44:5B:F1:F4:90:36
X509v3 Authority Key Identifier:
keyid:DD:DC:C4:0A:DE:67:7F:23:F8:A7:9B:A4:16:8E:F6:F6:BE:F0:65:C7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CB2E2/411C63B0895911F0BA65345DC4F9AE02/3dzECt5nfyP4p5ukFo729r7wZcc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3dzECt5nfyP4p5ukFo729r7wZcc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB2E2/411C63B0895911F0BA65345DC4F9AE02/3dzECt5nfyP4p5ukFo729r7wZcc.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
a9:0a:b9:d4:25:35:1d:52:3b:23:af:ff:c9:33:d5:4c:59:e1:
f7:40:f7:9a:e8:a2:4a:da:be:67:79:e9:ed:72:73:26:89:d9:
2c:e6:d9:85:69:9c:91:46:dc:1f:0e:94:6d:9b:b0:78:e9:42:
48:55:4b:9a:23:1c:fd:f1:5d:2e:9a:84:7c:7c:6a:7c:ae:f4:
e9:f2:fa:c3:bb:d0:04:28:b0:23:0f:96:79:0a:ec:ad:cd:00:
88:a5:da:c2:45:76:6a:30:47:0f:05:b3:7d:56:a1:a7:d8:2a:
58:0d:4d:4b:ba:4f:0e:11:66:22:e5:d6:fb:fa:7e:96:f2:c4:
1f:52:3e:98:6b:3e:2a:28:28:76:5b:12:2c:ce:09:0f:4d:9a:
48:87:e0:07:2a:45:60:1b:8d:cd:f5:d9:a1:96:3a:77:37:fd:
6a:4b:dc:e3:13:2c:ad:92:3e:05:5a:02:96:36:23:42:22:90:
a1:c2:be:24:19:f5:4b:9e:08:21:d2:00:1c:cb:63:fc:fc:5d:
07:67:26:60:e3:4f:a6:65:d4:b7:53:8e:53:2e:15:59:84:53:
34:86:5b:45:28:67:a6:db:1c:f7:38:57:c2:91:22:b2:64:89:
57:55:a7:75:26:38:cc:78:7c:2c:df:dc:58:98:5b:51:08:ec:
48:74:4b:5a
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICAJ8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0IyRTIxMTAvBgNVBAUTKERERENDNDBBREU2NzdGMjNGOEE3OUJBNDE2OEVGNkY2
QkVGMDY1QzcwHhcNMjYwNzAzMDgwOTU1WhcNMjYwNzEwMDgwOTU1WjAYMRYwFAYD
VQQDEw02YTQ3NmU1My04OWQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAo6glT+tLHYd3xLuNKTypZuuz5n9vPPrd4OJi6KANfNUuBvtTsZje2Op1Em7z
ODilGUJqS27qh+r3chv6rx1AgGykbEHd5Ut3LFeiTWN0TQXPvNcezQJOqWrFsT8U
9slNx4rcE2Iu/klMNTvEVFgKdiAayezON6FG3oqxybcOoCk/GDIvEYmHbF63hP2+
Q/m5vO1pcoLHggMavApxh43V3CiaDi0QEn76kdn6uWoex/TKHkv5lQIOgTmsa8gX
d0dG30CjQ/tcsyhOPQ9nt7D3wLE9/ctRoskbGadriILI7RidgnLqDUcNECT/27O5
wCs1oIfzvhBXGdGAizLUeT1vHwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFBxKI4Cm
uRqxkvv6myEFRFvx9JA2MB8GA1UdIwQYMBaAFN3cxAreZ38j+KebpBaO9va+8GXH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQjJFMi80MTFDNjNCMDg5
NTkxMUYwQkE2NTM0NURDNEY5QUUwMi8zZHpFQ3Q1bmZ5UDRwNXVrRm83MjlyN3da
Y2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNkekVDdDVuZnlQNHA1dWtGbzcyOXI3d1pjYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
QjJFMi80MTFDNjNCMDg5NTkxMUYwQkE2NTM0NURDNEY5QUUwMi8zZHpFQ3Q1bmZ5
UDRwNXVrRm83MjlyN3daY2MubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEAqQq51CU1HVI7I6//yTPVTFnh90D3muiiStq+Z3np7XJzJonZLObZhWmckUbc
Hw6UbZuweOlCSFVLmiMc/fFdLpqEfHxqfK706fL6w7vQBCiwIw+WeQrsrc0AiKXa
wkV2ajBHDwWzfVahp9gqWA1NS7pPDhFmIuXW+/p+lvLEH1I+mGs+KigodlsSLM4J
D02aSIfgBypFYBuNzfXZoZY6dzf9akvc4xMsrZI+BVoCljYjQiKQocK+JBn1S54I
IdIAHMtj/PxdB2cmYONPpmXUt1OOUy4VWYRTNIZbRShnptsc9zhXwpEismSJV1Wn
dSY4zHh8LN/cWJhbUQjsSHRLWg==
-----END CERTIFICATE-----
Generated at Sun Jul 5 08:38:47 2026 by rpki-client