
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4D3D/A70A8FEED8B911EBABC1F485C4F9AE02/aGr0G8M9rvgo-rSuSjoNWHutDT8.mft
File: aGr0G8M9rvgo-rSuSjoNWHutDT8.mft (raw, json)
Hash identifier: AD9LNfwNcoEb4amyyNWHLJ06uOifygPZQB86nfi9vTM=
Subject key identifier: E0:05:BF:7C:53:D7:99:7D:CD:76:5D:61:C9:09:ED:51:FC:B6:7E:0F
Authority key identifier: 68:6A:F4:1B:C3:3D:AE:F8:28:FA:B4:AE:4A:3A:0D:58:7B:AD:0D:3F
Certificate issuer: /CN=A91E4D3D/serialNumber=686AF41BC33DAEF828FAB4AE4A3A0D587BAD0D3F
Certificate serial: 067D
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/aGr0G8M9rvgo-rSuSjoNWHutDT8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E4D3D/A70A8FEED8B911EBABC1F485C4F9AE02/aGr0G8M9rvgo-rSuSjoNWHutDT8.mft
Manifest number: 0666
Signing time: Sat 04 Jul 2026 22:56:15 +0000
Manifest this update: Sat 04 Jul 2026 22:56:14 +0000
Manifest next update: Sat 11 Jul 2026 22:56:14 +0000
Files and hashes: 1: aGr0G8M9rvgo-rSuSjoNWHutDT8.crl (hash: XngPhDTdlEHd7NuoQwRmQQPyUaz/cnDFB3+Q5HErMG8=)
2: 63FEB4F8D97411EBB8CC3F40C4F9AE02.roa (hash: GBummmykHnsRNOp2UTZVHW61aelGglaz1bE3tCnWo5M=)
3: 40310456D8D211EB97FF5586C4F9AE02.roa (hash: ljhzAAAHOEbQtw8/O2WirKoWv6XtLYHxhjuJKY3iiZM=)
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E4D3D/A70A8FEED8B911EBABC1F485C4F9AE02/aGr0G8M9rvgo-rSuSjoNWHutDT8.crl
rsync://rpki.apnic.net/member_repository/A91E4D3D/A70A8FEED8B911EBABC1F485C4F9AE02/aGr0G8M9rvgo-rSuSjoNWHutDT8.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/aGr0G8M9rvgo-rSuSjoNWHutDT8.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 11 Jul 2026 22:56:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1661 (0x67d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E4D3D, serialNumber=686AF41BC33DAEF828FAB4AE4A3A0D587BAD0D3F
Validity
Not Before: Jul 4 22:56:14 2026 GMT
Not After : Jul 11 22:56:14 2026 GMT
Subject: CN=6a498f8e-0855
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f9:93:f7:4f:a9:e0:dc:68:74:30:36:e4:7e:
5c:94:21:31:db:dd:f3:61:68:b4:f2:2f:a6:39:b7:
31:3e:59:aa:49:51:4a:dc:93:d7:fd:c5:00:52:f3:
50:01:2b:13:60:f8:cf:f5:e3:ba:74:42:c3:f4:44:
cd:f0:e9:68:1d:1a:c0:c9:a1:92:84:26:f8:81:60:
4a:70:c6:a1:41:9c:4b:5d:01:b3:7a:83:6e:42:9c:
d6:03:f1:f1:d7:da:f0:54:ac:34:89:c5:1b:98:b2:
8c:b1:13:57:cf:99:f2:24:cb:35:b8:c1:99:98:f1:
0a:e5:e5:70:bc:ff:f5:ce:10:2d:28:1e:e6:97:aa:
7a:ee:f2:ca:c7:00:e3:7d:68:58:01:d1:c5:1b:c6:
fd:29:7f:d7:89:31:1f:6e:6d:06:96:de:bd:d2:6a:
c4:25:c5:f4:89:de:ad:4e:c9:9c:5b:40:4a:a0:b9:
10:ec:a9:41:21:a3:f9:28:d6:02:38:28:ce:62:9f:
57:a5:50:82:04:fe:2a:05:11:35:e2:fc:ed:4c:db:
b7:96:49:e9:b6:98:21:0e:95:46:0a:d7:ee:0a:95:
20:b3:3b:fc:1c:05:a4:b4:b4:08:45:ed:32:c2:ed:
87:5d:d3:eb:4c:3a:0a:78:d7:0e:a6:27:5e:ff:03:
48:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:05:BF:7C:53:D7:99:7D:CD:76:5D:61:C9:09:ED:51:FC:B6:7E:0F
X509v3 Authority Key Identifier:
keyid:68:6A:F4:1B:C3:3D:AE:F8:28:FA:B4:AE:4A:3A:0D:58:7B:AD:0D:3F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E4D3D/A70A8FEED8B911EBABC1F485C4F9AE02/aGr0G8M9rvgo-rSuSjoNWHutDT8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/aGr0G8M9rvgo-rSuSjoNWHutDT8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4D3D/A70A8FEED8B911EBABC1F485C4F9AE02/aGr0G8M9rvgo-rSuSjoNWHutDT8.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
11:bf:7f:fd:94:48:69:98:85:a8:a5:e9:5c:67:bd:05:67:c8:
d6:62:5f:47:fa:fc:19:42:96:66:90:ea:39:b7:da:9e:96:39:
bb:0b:45:98:ac:d8:fd:66:86:a9:d8:1e:04:5e:7f:d0:f0:50:
6b:b1:12:70:b5:d3:74:81:1a:d7:08:d4:40:72:cc:26:02:10:
6a:39:53:81:c7:a1:99:64:c9:a2:f3:5a:ea:2d:23:1c:54:14:
69:5c:56:33:b8:c8:e2:89:53:2f:8a:73:44:cc:b0:32:ae:3a:
0b:3f:3e:c0:61:17:d7:6e:eb:6f:31:ba:21:b3:17:4b:37:c8:
07:ca:c6:be:4f:97:1b:9e:c9:d8:89:2e:02:80:e0:7e:bd:6f:
b0:f0:b6:94:ef:ee:a9:42:77:9f:44:8a:c3:40:9b:95:da:e8:
9b:a7:09:ea:46:22:76:88:59:6a:ea:ed:70:85:3d:1c:6b:89:
dc:70:cc:7b:c5:eb:55:e1:07:23:46:a6:94:a8:c4:55:e0:e4:
50:5d:90:11:40:71:b7:ea:a7:0c:2a:49:7d:e9:d5:cd:6c:18:
e6:d1:f3:7f:3c:58:1e:c4:69:be:e1:f5:43:6b:d3:8e:58:11:
84:25:84:21:44:a7:ab:26:53:08:a4:86:a2:aa:1d:45:32:2b:
eb:2c:cd:a0
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICBn0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTREM0QxMTAvBgNVBAUTKDY4NkFGNDFCQzMzREFFRjgyOEZBQjRBRTRBM0EwRDU4
N0JBRDBEM0YwHhcNMjYwNzA0MjI1NjE0WhcNMjYwNzExMjI1NjE0WjAYMRYwFAYD
VQQDEw02YTQ5OGY4ZS0wODU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnvmT90+p4NxodDA25H5clCEx293zYWi08i+mObcxPlmqSVFK3JPX/cUAUvNQ
ASsTYPjP9eO6dELD9ETN8OloHRrAyaGShCb4gWBKcMahQZxLXQGzeoNuQpzWA/Hx
19rwVKw0icUbmLKMsRNXz5nyJMs1uMGZmPEK5eVwvP/1zhAtKB7ml6p67vLKxwDj
fWhYAdHFG8b9KX/XiTEfbm0Glt690mrEJcX0id6tTsmcW0BKoLkQ7KlBIaP5KNYC
OCjOYp9XpVCCBP4qBRE14vztTNu3lknptpghDpVGCtfuCpUgszv8HAWktLQIRe0y
wu2HXdPrTDoKeNcOpide/wNIwQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFOAFv3xT
15l9zXZdYckJ7VH8tn4PMB8GA1UdIwQYMBaAFGhq9BvDPa74KPq0rko6DVh7rQ0/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNEQzRC9BNzBBOEZFRUQ4
QjkxMUVCQUJDMUY0ODVDNEY5QUUwMi9hR3IwRzhNOXJ2Z28tclN1U2pvTldIdXRE
VDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2FHcjBHOE05cnZnby1yU3VTam9OV0h1dERUOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
NEQzRC9BNzBBOEZFRUQ4QjkxMUVCQUJDMUY0ODVDNEY5QUUwMi9hR3IwRzhNOXJ2
Z28tclN1U2pvTldIdXREVDgubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEAEb9//ZRIaZiFqKXpXGe9BWfI1mJfR/r8GUKWZpDqObfanpY5uwtFmKzY/WaG
qdgeBF5/0PBQa7EScLXTdIEa1wjUQHLMJgIQajlTgcehmWTJovNa6i0jHFQUaVxW
M7jI4olTL4pzRMywMq46Cz8+wGEX127rbzG6IbMXSzfIB8rGvk+XG57J2IkuAoDg
fr1vsPC2lO/uqUJ3n0SKw0Cbldrom6cJ6kYidohZaurtcIU9HGuJ3HDMe8XrVeEH
I0amlKjEVeDkUF2QEUBxt+qnDCpJfenVzWwY5tHzfzxYHsRpvuH1Q2vTjlgRhCWE
IUSnqyZTCKSGoqodRTIr6yzNoA==
-----END CERTIFICATE-----
Generated at Sun Jul 5 13:55:25 2026 by rpki-client