
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F0721/C9127B3EADC811ED9216220EC4F9AE02/BNhIIeE7gDAzVMS-NDMdURHyvKY.mft
File: BNhIIeE7gDAzVMS-NDMdURHyvKY.mft (raw, json)
Hash identifier: rpSvfBZ/nROJBbfcsdBpxIdonWTgeGaPE8j9RaMOWHA=
Subject key identifier: 17:D2:67:2E:B0:50:2D:D6:FA:D1:A2:03:C0:52:34:E8:9A:70:B2:96
Authority key identifier: 04:D8:48:21:E1:3B:80:30:33:54:C4:BE:34:33:1D:51:11:F2:BC:A6
Certificate issuer: /CN=A91F0721/serialNumber=04D84821E13B80303354C4BE34331D5111F2BCA6
Certificate serial: 028D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BNhIIeE7gDAzVMS-NDMdURHyvKY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F0721/C9127B3EADC811ED9216220EC4F9AE02/BNhIIeE7gDAzVMS-NDMdURHyvKY.mft
Manifest number: 027B
Signing time: Sun 05 Jul 2026 02:27:09 +0000
Manifest this update: Sun 05 Jul 2026 02:27:08 +0000
Manifest next update: Sun 12 Jul 2026 02:27:08 +0000
Files and hashes: 1: BNhIIeE7gDAzVMS-NDMdURHyvKY.crl (hash: WSyMK/YzKGINaAyQ8GaBgT/J9189S5f7rPb1oLMgRD8=)
2: 7659B89AADCC11ED84051211C4F9AE02.roa (hash: eJa3zEY0Ga68FBEmFuzcrfb78XN2VTH6jOriLW6rBuc=)
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91F0721/C9127B3EADC811ED9216220EC4F9AE02/BNhIIeE7gDAzVMS-NDMdURHyvKY.crl
rsync://rpki.apnic.net/member_repository/A91F0721/C9127B3EADC811ED9216220EC4F9AE02/BNhIIeE7gDAzVMS-NDMdURHyvKY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BNhIIeE7gDAzVMS-NDMdURHyvKY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 12 Jul 2026 02:27:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 653 (0x28d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F0721, serialNumber=04D84821E13B80303354C4BE34331D5111F2BCA6
Validity
Not Before: Jul 5 02:27:08 2026 GMT
Not After : Jul 12 02:27:08 2026 GMT
Subject: CN=6a49c0fc-82e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:d7:73:4d:4d:87:6e:ae:70:f4:92:3c:b2:a4:
b3:68:d4:4c:42:79:44:7c:07:a0:41:90:5e:14:8f:
6e:8f:c2:bb:f5:f9:11:d4:7c:d1:32:bc:9e:eb:e8:
86:c4:ba:10:58:78:12:5a:3e:cb:30:7a:c3:3b:d4:
d6:a7:04:16:0a:03:af:64:5b:ad:22:69:8b:5f:01:
be:1e:62:a7:bb:b9:33:fc:e6:ef:92:26:85:cf:98:
10:d1:86:1a:0e:97:b2:4b:71:d1:6c:02:3f:d3:e1:
d2:62:f4:d4:9c:ef:77:12:9b:fc:df:7b:17:93:10:
c8:a5:6b:d7:74:f2:dc:3b:d3:73:d5:ef:45:68:ab:
5b:4a:65:a6:2d:c9:2d:25:fb:d8:86:9e:9e:89:68:
02:8d:23:f1:de:f3:bd:5b:23:83:c7:8a:7b:75:42:
c5:10:2f:43:fb:d2:cb:cb:af:1d:04:f0:c4:fc:d2:
db:22:57:af:20:a4:46:7d:25:16:08:2b:4c:d0:28:
2b:ed:81:49:59:c0:6f:af:a9:52:6d:8a:45:c8:0f:
b9:31:c2:28:b0:3f:39:a8:13:af:05:ca:34:9c:22:
be:b0:f7:f7:6c:00:14:2f:47:d1:21:02:af:d5:fc:
8e:c4:58:8b:c7:09:00:4a:b1:e7:83:db:d2:51:c2:
2e:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:D2:67:2E:B0:50:2D:D6:FA:D1:A2:03:C0:52:34:E8:9A:70:B2:96
X509v3 Authority Key Identifier:
keyid:04:D8:48:21:E1:3B:80:30:33:54:C4:BE:34:33:1D:51:11:F2:BC:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F0721/C9127B3EADC811ED9216220EC4F9AE02/BNhIIeE7gDAzVMS-NDMdURHyvKY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BNhIIeE7gDAzVMS-NDMdURHyvKY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F0721/C9127B3EADC811ED9216220EC4F9AE02/BNhIIeE7gDAzVMS-NDMdURHyvKY.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
05:8d:7b:b4:2c:ec:69:e8:28:a4:47:9a:48:61:96:ab:8f:bc:
17:44:97:a1:83:db:49:63:45:58:46:e4:ec:b4:27:79:c3:1b:
64:98:bc:b2:0e:17:92:ca:23:91:c4:a4:96:54:05:27:10:bc:
1c:a3:f7:82:89:c8:76:cd:8d:8c:e2:03:43:02:4c:f4:ec:e2:
63:ca:92:f4:97:ea:04:df:6e:f4:8b:7a:08:c6:79:88:ef:3d:
c7:2c:04:33:97:38:26:32:8d:7a:18:67:20:cf:64:fd:4e:53:
87:db:07:45:4b:8c:1c:22:7a:4e:c1:a0:83:64:ab:3a:3f:27:
82:dc:d4:13:fd:3f:d2:28:c4:43:de:45:28:22:66:51:08:d8:
4f:da:fc:8d:f0:e9:19:2d:f7:f5:20:7a:31:60:7e:e6:3d:58:
2f:c0:aa:88:0f:ae:13:7f:24:38:1d:7b:15:6e:0a:d4:54:9e:
ce:dc:d8:e8:f4:3d:d9:dc:9b:10:01:6a:14:f3:23:14:37:95:
fc:7a:18:47:c5:98:c0:fc:34:b4:84:30:71:99:06:91:c5:a6:
09:af:96:6c:40:4e:b4:47:92:2d:55:85:65:f3:96:67:94:46:
2a:5f:44:cc:fb:f1:f3:d7:69:57:b5:f5:90:1b:d5:c0:22:7a:
f9:31:a4:d2
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICAo0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjA3MjExMTAvBgNVBAUTKDA0RDg0ODIxRTEzQjgwMzAzMzU0QzRCRTM0MzMxRDUx
MTFGMkJDQTYwHhcNMjYwNzA1MDIyNzA4WhcNMjYwNzEyMDIyNzA4WjAYMRYwFAYD
VQQDEw02YTQ5YzBmYy04MmUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6NdzTU2Hbq5w9JI8sqSzaNRMQnlEfAegQZBeFI9uj8K79fkR1HzRMrye6+iG
xLoQWHgSWj7LMHrDO9TWpwQWCgOvZFutImmLXwG+HmKnu7kz/ObvkiaFz5gQ0YYa
DpeyS3HRbAI/0+HSYvTUnO93Epv833sXkxDIpWvXdPLcO9Nz1e9FaKtbSmWmLckt
JfvYhp6eiWgCjSPx3vO9WyODx4p7dULFEC9D+9LLy68dBPDE/NLbIlevIKRGfSUW
CCtM0Cgr7YFJWcBvr6lSbYpFyA+5McIosD85qBOvBco0nCK+sPf3bAAUL0fRIQKv
1fyOxFiLxwkASrHng9vSUcIutwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFBfSZy6w
UC3W+tGiA8BSNOiacLKWMB8GA1UdIwQYMBaAFATYSCHhO4AwM1TEvjQzHVER8rym
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMDcyMS9DOTEyN0IzRUFE
QzgxMUVEOTIxNjIyMEVDNEY5QUUwMi9CTmhJSWVFN2dEQXpWTVMtTkRNZFVSSHl2
S1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0JOaElJZUU3Z0RBelZNUy1ORE1kVVJIeXZLWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
MDcyMS9DOTEyN0IzRUFEQzgxMUVEOTIxNjIyMEVDNEY5QUUwMi9CTmhJSWVFN2dE
QXpWTVMtTkRNZFVSSHl2S1kubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEABY17tCzsaegopEeaSGGWq4+8F0SXoYPbSWNFWEbk7LQnecMbZJi8sg4Xksoj
kcSkllQFJxC8HKP3gonIds2NjOIDQwJM9OziY8qS9JfqBN9u9It6CMZ5iO89xywE
M5c4JjKNehhnIM9k/U5Th9sHRUuMHCJ6TsGgg2SrOj8ngtzUE/0/0ijEQ95FKCJm
UQjYT9r8jfDpGS339SB6MWB+5j1YL8CqiA+uE38kOB17FW4K1FSeztzY6PQ92dyb
EAFqFPMjFDeV/HoYR8WYwPw0tIQwcZkGkcWmCa+WbEBOtEeSLVWFZfOWZ5RGKl9E
zPvx89dpV7X1kBvVwCJ6+TGk0g==
-----END CERTIFICATE-----
Generated at Sun Jul 5 08:37:42 2026 by rpki-client