
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft
File: KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft (raw, json)
Hash identifier: 1W/9RxPONuCCvMaBNRAVvDBZ5ytW8dDPXL8OXE9Ouls=
Subject key identifier: 66:51:F6:1A:A1:E2:E4:E7:70:18:E2:DD:A2:7C:53:6A:3E:E4:C2:74
Authority key identifier: 28:E6:70:C2:E3:70:12:F0:5C:63:BB:56:6E:20:3C:51:DC:45:E2:B2
Certificate issuer: /CN=A91E868C/serialNumber=28E670C2E37012F05C63BB566E203C51DC45E2B2
Certificate serial: 0F98
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft
Manifest number: 0F33
Signing time: Tue 14 Jul 2026 17:43:36 +0000
Manifest this update: Tue 14 Jul 2026 17:43:36 +0000
Manifest next update: Tue 21 Jul 2026 17:43:36 +0000
Files and hashes: 1: KOZwwuNwEvBcY7tWbiA8UdxF4rI.crl (hash: RLkdaIPM8goSWgY/JkOWamPFMDxYZv36GzAonaEt0+4=)
2: DED77BB2FA2F11EF98728875C4F9AE02.roa (hash: g+9ZIN0bzKl4hPUjZROdg1CsqMAMZorZF/Wv0UBIawM=)
3: 10E905682CCE11F1BB1925E192833773.roa (hash: 6g6Ja4w+RYbHzuKLTfgElgeDFmZnmZ9tKzWcakJqqZs=)
4: 433917A83D8211EEA0E4DD46C4F9AE02.roa (hash: KOAlra/c7OfhaqRuBqqmBdCQXMOimlFzYXSJ4DGlkSM=)
5: 41A09C683D8211EEA0E4DD46C4F9AE02.roa (hash: yBAKdOeuYpOHwpfvu2EJBrKJc+IZbXKkxfMi4yfRU/Q=)
6: UekbYDpQxrYo0CAiaXiBXjiYX7Y.asa (hash: 35cN/LTsr4AjmNFcJwEXa21fvMZF8t50qcF2L+i5uRs=)
7: 40BA3F5C3D8211EEA0E4DD46C4F9AE02.roa (hash: j5kN5uvsFGRLFFFzFP46xJ6l0wo2CCqq8dwowySMLUk=)
8: 5915642864AB11EEBFD54F2EC4F9AE02.roa (hash: rIqL842ksTXKO2fhExD42Yq0dnrl1cNwx4ESowKkH4A=)
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.crl
rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 21 Jul 2026 17:43:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3992 (0xf98)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E868C, serialNumber=28E670C2E37012F05C63BB566E203C51DC45E2B2
Validity
Not Before: Jul 14 17:43:36 2026 GMT
Not After : Jul 21 17:43:36 2026 GMT
Subject: CN=6a567548-2cbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:22:8c:13:f8:7f:58:8a:f8:ab:8f:5d:6f:bf:
56:b4:dd:1a:b1:cf:ed:51:ce:ec:f6:b6:42:a0:8e:
06:7e:b7:23:59:2b:3b:9c:28:51:b2:d1:c9:39:e4:
c4:30:46:06:73:51:0c:b4:a3:ba:4d:4c:06:de:8c:
b8:89:a6:a3:20:48:fa:34:19:92:f2:45:3d:b2:b3:
3f:c0:21:fb:11:7e:99:1d:2a:c0:89:0e:bb:47:69:
c9:89:ba:3e:11:ea:38:31:47:73:3b:4d:7f:68:f4:
e8:73:0a:c4:f7:43:d7:60:81:c6:b3:96:9e:06:f4:
a9:13:2f:7d:f4:32:44:e8:e9:af:b1:9c:13:f9:55:
0a:14:e2:9a:2e:95:46:e0:78:60:cd:3e:7f:23:6e:
10:30:6f:83:da:08:32:da:9f:9f:4b:7b:21:51:e8:
96:0c:6d:c5:7b:3c:c5:82:d6:1b:7f:00:4c:d1:34:
f3:18:a8:ca:a5:b5:f9:84:91:c6:30:a7:ec:84:ec:
22:77:2b:c3:7c:2c:1b:d5:9a:25:4c:8b:d8:c0:99:
b3:49:15:c8:42:97:31:6e:b8:4e:7c:f6:61:22:cb:
fa:3a:33:30:5c:c1:4d:ab:b5:8e:58:7b:97:7f:7f:
61:40:6e:8c:18:59:1d:c3:61:97:c7:1d:53:3c:b5:
ad:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:51:F6:1A:A1:E2:E4:E7:70:18:E2:DD:A2:7C:53:6A:3E:E4:C2:74
X509v3 Authority Key Identifier:
keyid:28:E6:70:C2:E3:70:12:F0:5C:63:BB:56:6E:20:3C:51:DC:45:E2:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
95:f7:02:8a:07:76:27:53:82:53:c1:4f:07:ec:3b:04:0e:43:
62:98:1e:cb:b0:65:d1:e2:cb:a6:cd:e3:d9:88:43:1e:1f:52:
a1:7a:2c:3f:7d:aa:1e:5c:da:47:97:8a:0d:ec:9a:2d:2b:53:
68:14:55:e1:84:1c:53:37:ee:83:a1:d4:09:fb:3a:66:6b:c7:
09:1a:3b:2b:40:e2:e2:83:e9:3b:12:60:ff:16:2a:49:f5:25:
bd:25:86:dc:3b:ea:1f:a7:95:9d:48:14:6b:d9:c9:1d:e2:a0:
89:3f:c9:df:aa:0a:ca:73:26:31:4f:87:16:fb:d1:2f:3c:c6:
63:72:65:3a:58:fe:47:24:16:d1:af:0a:2f:a7:71:70:47:d0:
ed:4d:91:1f:9c:31:e9:26:5f:50:46:ef:81:4d:89:ba:33:55:
6a:e8:0a:18:ef:82:b0:26:9f:d7:b6:8a:b8:87:c0:76:35:38:
c3:03:0f:1c:95:6c:38:db:b5:e1:ed:2f:86:1d:73:5b:4e:f9:
33:26:28:dc:fa:78:d6:f1:ce:9b:f3:22:14:84:11:02:de:8c:
85:c1:2d:7d:e5:c5:12:e4:a1:ab:0f:52:76:cf:5f:c8:43:73:
7b:2b:29:88:93:87:01:ce:20:d6:9b:69:b1:0c:09:12:14:46:
68:8b:c3:95
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICD5gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTg2OEMxMTAvBgNVBAUTKDI4RTY3MEMyRTM3MDEyRjA1QzYzQkI1NjZFMjAzQzUx
REM0NUUyQjIwHhcNMjYwNzE0MTc0MzM2WhcNMjYwNzIxMTc0MzM2WjAYMRYwFAYD
VQQDEw02YTU2NzU0OC0yY2JiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApiKME/h/WIr4q49db79WtN0asc/tUc7s9rZCoI4GfrcjWSs7nChRstHJOeTE
MEYGc1EMtKO6TUwG3oy4iaajIEj6NBmS8kU9srM/wCH7EX6ZHSrAiQ67R2nJibo+
Eeo4MUdzO01/aPTocwrE90PXYIHGs5aeBvSpEy999DJE6OmvsZwT+VUKFOKaLpVG
4HhgzT5/I24QMG+D2ggy2p+fS3shUeiWDG3FezzFgtYbfwBM0TTzGKjKpbX5hJHG
MKfshOwidyvDfCwb1ZolTIvYwJmzSRXIQpcxbrhOfPZhIsv6OjMwXMFNq7WOWHuX
f39hQG6MGFkdw2GXxx1TPLWtWwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFGZR9hqh
4uTncBji3aJ8U2o+5MJ0MB8GA1UdIwQYMBaAFCjmcMLjcBLwXGO7Vm4gPFHcReKy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFODY4Qy8zRkI5MzM2OEE5
REIxMUU5ODQyODUyODZDNEY5QUUwMi9LT1p3d3VOd0V2QmNZN3RXYmlBOFVkeEY0
ckkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tPWnd3dU53RXZCY1k3dFdiaUE4VWR4RjRySS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
ODY4Qy8zRkI5MzM2OEE5REIxMUU5ODQyODUyODZDNEY5QUUwMi9LT1p3d3VOd0V2
QmNZN3RXYmlBOFVkeEY0ckkubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEAlfcCigd2J1OCU8FPB+w7BA5DYpgey7Bl0eLLps3j2YhDHh9SoXosP32qHlza
R5eKDeyaLStTaBRV4YQcUzfug6HUCfs6ZmvHCRo7K0Di4oPpOxJg/xYqSfUlvSWG
3DvqH6eVnUgUa9nJHeKgiT/J36oKynMmMU+HFvvRLzzGY3JlOlj+RyQW0a8KL6dx
cEfQ7U2RH5wx6SZfUEbvgU2JujNVaugKGO+CsCaf17aKuIfAdjU4wwMPHJVsONu1
4e0vhh1zW075MyYo3Pp41vHOm/MiFIQRAt6MhcEtfeXFEuShqw9Sds9fyENzeysp
iJOHAc4g1ptpsQwJEhRGaIvDlQ==
-----END CERTIFICATE-----
Generated at Wed Jul 15 04:53:14 2026 by rpki-client