
$ rpki-client -vvf rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.mft
File: OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.mft (raw, json)
Hash identifier: N/D2xxWszfEO2lAOIZcCfy1ab/5vzFOJ9ECyeSCjv6g=
Subject key identifier: 42:BF:5A:1C:EF:F7:64:8A:1A:7B:76:E1:28:E2:33:F8:E1:8E:70:3F
Authority key identifier: 39:C4:39:67:57:00:87:F5:83:E4:25:A9:FE:9B:69:B9:50:6A:59:BD
Certificate issuer: /CN=A9157D67/serialNumber=39C43967570087F583E425A9FE9B69B9506A59BD
Certificate serial: 0C1B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.mft
Manifest number: 0A48
Signing time: Sat 28 Feb 2026 22:00:05 +0000
Manifest this update: Sat 28 Feb 2026 22:00:04 +0000
Manifest next update: Sat 07 Mar 2026 22:00:04 +0000
Files and hashes: 1: OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.crl (hash: muD0ZtW83mqAXBhy+XWd+LwABco0BpiRpoKxYiTpk4E=)
2: 93EE047E4BB511EE9309AA4EC4F9AE02.roa (hash: vQWuHkxNO3W+64VKIpJFVWJTeNRMIc+wKzNHsAhde4Q=)
3: AB96EF3852CD11ECAB209C5FC4F9AE02.roa (hash: KHmIhJVDnUN/JIAGOGyBUT9fEQNuIGqQSzduAjkMS7g=)
4: 72C9BE36950211EFAC892C5EC4F9AE02.roa (hash: tUqKc58G4NP/ZiNhEE4m52A3vGMH09GTzhVMgnnCe/8=)
5: 3CE7D21201A311F1A14FC5D2686F56BC.roa (hash: tbQAlweobxqYSyZXYMdXYHESq0/1wUD9q6FdS2Vlai4=)
6: B8D1EFFECFF111F085D0CF76C4F9AE02.roa (hash: OKHo5PlaRkuq1valJ2KLlI42leF/3R3vRaJtQrRDfSg=)
7: 61EE2500936E11F091943583C4F9AE02.roa (hash: 3JfsBJZyJ7baGTS+kkN2fPZJoCA1dtmC1aKrkMepRDk=)
8: 263DB02C4BB611EE9B959267C4F9AE02.roa (hash: uy/Ya9Uphz8yk5gzFrvw8K92wA25vKbiFTbIY5cp56U=)
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.crl
rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 07 Mar 2026 22:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3099 (0xc1b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9157D67, serialNumber=39C43967570087F583E425A9FE9B69B9506A59BD
Validity
Not Before: Feb 28 22:00:04 2026 GMT
Not After : Mar 7 22:00:04 2026 GMT
Subject: CN=69a36564-3655
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:18:1f:34:96:69:10:b3:08:df:80:28:c2:b8:
83:ec:bc:cf:72:65:3c:71:93:08:e8:85:d3:12:96:
86:aa:97:a6:6e:b5:75:35:48:36:15:24:7b:ab:07:
8a:99:30:e0:85:b8:18:fc:f9:81:cd:85:a1:60:8a:
72:56:73:4a:5d:a6:1b:d8:91:52:a9:bb:f0:ab:30:
12:ed:9a:8b:bc:ba:de:e4:d1:83:8d:06:c3:5c:c1:
c0:cf:dd:5f:8f:41:87:68:be:f1:75:06:33:f2:37:
c5:6e:17:89:1b:0d:82:60:74:10:23:02:1e:7b:c3:
a5:6d:48:ee:39:78:b5:91:5c:2c:68:ce:7f:95:61:
4b:93:a5:3d:80:0c:5a:47:79:6d:0c:da:75:8b:2f:
4a:ee:d7:c2:61:92:1c:03:e0:64:28:55:ee:65:10:
d2:13:20:d3:ec:db:8d:cd:1b:f4:c6:30:7e:13:95:
2f:54:ba:d3:20:2c:a0:63:ad:42:cb:0f:25:75:90:
34:5c:be:a7:50:cf:aa:f9:d0:56:01:f3:4e:05:01:
38:a5:2c:7a:41:29:ba:29:7a:bd:a0:20:18:21:9a:
22:9d:9b:bf:76:81:ec:fa:b6:fd:e2:95:fd:44:11:
f5:5e:08:d1:f2:32:8f:f7:a4:be:1b:11:bf:1c:6e:
95:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:BF:5A:1C:EF:F7:64:8A:1A:7B:76:E1:28:E2:33:F8:E1:8E:70:3F
X509v3 Authority Key Identifier:
keyid:39:C4:39:67:57:00:87:F5:83:E4:25:A9:FE:9B:69:B9:50:6A:59:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
ad:42:77:61:fb:aa:71:d8:07:0f:9b:b1:aa:a8:15:f7:76:d0:
88:bf:14:a6:fc:7e:f4:11:60:fd:6a:2f:f9:17:46:1d:0f:f2:
db:85:46:c3:dc:a8:e7:04:1c:d5:b4:ce:b5:57:d3:25:44:54:
39:c8:a7:2c:8d:b9:3e:6c:07:b0:5c:c6:c8:10:dd:53:b2:4b:
1f:85:b1:16:c0:ed:52:12:bd:14:b7:52:2e:7f:09:cc:74:d1:
1c:4e:04:41:48:2a:04:3d:24:64:d5:e2:ed:a2:03:00:42:be:
ed:25:55:0b:14:a8:49:4d:f5:39:82:78:07:7f:7f:c7:15:37:
b0:dc:3e:a5:c6:53:3e:67:14:04:f0:d3:e9:98:4a:81:6c:89:
ba:d2:d8:95:93:fb:bd:cd:af:76:b7:2c:b8:e5:71:92:a5:18:
6c:6a:ba:9c:08:54:ad:87:5c:d0:70:88:61:f1:71:5f:42:7d:
95:e1:51:56:8f:d6:75:30:5c:14:ae:ee:c4:8b:41:41:67:2a:
c5:0a:c5:89:b7:73:bf:77:bd:4f:b9:8a:7d:d2:48:c3:2b:6b:
4c:db:d1:d0:96:e7:ff:2f:02:95:da:46:88:4c:d8:61:81:c5:
31:3a:72:ed:b4:32:cc:89:b5:9b:f9:e6:4d:70:8b:43:9b:eb:
ae:38:f9:d8
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICDBswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTdENjcxMTAvBgNVBAUTKDM5QzQzOTY3NTcwMDg3RjU4M0U0MjVBOUZFOUI2OUI5
NTA2QTU5QkQwHhcNMjYwMjI4MjIwMDA0WhcNMjYwMzA3MjIwMDA0WjAYMRYwFAYD
VQQDDA02OWEzNjU2NC0zNjU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApBgfNJZpELMI34AowriD7LzPcmU8cZMI6IXTEpaGqpembrV1NUg2FSR7qweK
mTDghbgY/PmBzYWhYIpyVnNKXaYb2JFSqbvwqzAS7ZqLvLre5NGDjQbDXMHAz91f
j0GHaL7xdQYz8jfFbheJGw2CYHQQIwIee8OlbUjuOXi1kVwsaM5/lWFLk6U9gAxa
R3ltDNp1iy9K7tfCYZIcA+BkKFXuZRDSEyDT7NuNzRv0xjB+E5UvVLrTICygY61C
yw8ldZA0XL6nUM+q+dBWAfNOBQE4pSx6QSm6KXq9oCAYIZoinZu/doHs+rb94pX9
RBH1XgjR8jKP96S+GxG/HG6VRwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFEK/Whzv
92SKGnt24SjiM/jhjnA/MB8GA1UdIwQYMBaAFDnEOWdXAIf1g+Qlqf6bablQalm9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0Q2Ny82OUU2QzE2QTQ0
MkExMUVCOTU5OUFEMzhDNEY5QUUwMi9PY1E1WjFjQWhfV0Q1Q1dwX3B0cHVWQnFX
YjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09jUTVaMWNBaF9XRDVDV3BfcHRwdVZCcVdiMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
N0Q2Ny82OUU2QzE2QTQ0MkExMUVCOTU5OUFEMzhDNEY5QUUwMi9PY1E1WjFjQWhf
V0Q1Q1dwX3B0cHVWQnFXYjAubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEArUJ3YfuqcdgHD5uxqqgV93bQiL8Upvx+9BFg/Wov+RdGHQ/y24VGw9yo5wQc
1bTOtVfTJURUOcinLI25PmwHsFzGyBDdU7JLH4WxFsDtUhK9FLdSLn8JzHTRHE4E
QUgqBD0kZNXi7aIDAEK+7SVVCxSoSU31OYJ4B39/xxU3sNw+pcZTPmcUBPDT6ZhK
gWyJutLYlZP7vc2vdrcsuOVxkqUYbGq6nAhUrYdc0HCIYfFxX0J9leFRVo/WdTBc
FK7uxItBQWcqxQrFibdzv3e9T7mKfdJIwytrTNvR0Jbn/y8CldpGiEzYYYHFMTpy
7bQyzIm1m/nmTXCLQ5vrrjj52A==
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:26:25 2026 by rpki-client