
$ rpki-client -vvf rpki.apnic.net/member_repository/A9159FAF/129575C46E4211EEAB4C9C6CC4F9AE02/y-xvGDkFSHUhx5R7T3v9bLeNpHk.mft
File: y-xvGDkFSHUhx5R7T3v9bLeNpHk.mft (raw, json)
Hash identifier: jGKjQ76Ez7fiXHf9OcdoQ/FKEe76s/m+CakJ5pStaBI=
Subject key identifier: 87:FA:01:F7:78:CD:5A:5F:8C:94:1B:83:8B:F7:88:7C:7A:3D:96:21
Authority key identifier: CB:EC:6F:18:39:05:48:75:21:C7:94:7B:4F:7B:FD:6C:B7:8D:A4:79
Certificate issuer: /CN=A9159FAF/serialNumber=CBEC6F183905487521C7947B4F7BFD6CB78DA479
Certificate serial: 01E2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y-xvGDkFSHUhx5R7T3v9bLeNpHk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9159FAF/129575C46E4211EEAB4C9C6CC4F9AE02/y-xvGDkFSHUhx5R7T3v9bLeNpHk.mft
Manifest number: 01CA
Signing time: Mon 02 Mar 2026 01:30:50 +0000
Manifest this update: Mon 02 Mar 2026 01:30:49 +0000
Manifest next update: Mon 09 Mar 2026 01:30:49 +0000
Files and hashes: 1: y-xvGDkFSHUhx5R7T3v9bLeNpHk.crl (hash: Y6Y/ih7u5uIXUmSy5vIpDPiS/V1b4BnD+7h7eM3LPtA=)
2: 6A0C1182CA9D11F084B0E810C4F9AE02.roa (hash: Ur2xb9scSwvGgEl+imNvKk+65kBRDU8GyWd41dxPers=)
3: A910F37297CE11F0885B0A30C4F9AE02.roa (hash: Y7hqH6AdlNN+CGQx5eSl2EAvXIdaBV9/RAugdoHMkMg=)
4: B752E03A97CE11F0ADE43030C4F9AE02.roa (hash: pvNtxEebaDqgsEGcGKNlJatXfUnFwrPrh9xqF+/MFUI=)
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9159FAF/129575C46E4211EEAB4C9C6CC4F9AE02/y-xvGDkFSHUhx5R7T3v9bLeNpHk.crl
rsync://rpki.apnic.net/member_repository/A9159FAF/129575C46E4211EEAB4C9C6CC4F9AE02/y-xvGDkFSHUhx5R7T3v9bLeNpHk.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y-xvGDkFSHUhx5R7T3v9bLeNpHk.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 01:30:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 482 (0x1e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9159FAF, serialNumber=CBEC6F183905487521C7947B4F7BFD6CB78DA479
Validity
Not Before: Mar 2 01:30:49 2026 GMT
Not After : Mar 9 01:30:49 2026 GMT
Subject: CN=69a4e84a-9061
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:dd:20:81:10:5d:2c:a3:8b:80:9d:5e:48:d5:
96:10:82:73:93:0c:49:de:a8:07:44:4d:37:18:9a:
93:03:80:59:fd:c9:44:27:56:47:71:32:4e:ce:38:
12:a7:51:8a:94:7d:e9:1a:82:b8:7f:d7:87:30:14:
31:e4:53:d6:c5:79:98:26:a1:a9:16:9b:f2:05:58:
96:fc:53:60:7c:75:30:10:40:e2:02:1e:dc:27:60:
98:99:da:96:ad:6b:93:81:f1:e5:ba:c9:09:fa:c7:
5e:97:af:c3:42:f8:62:01:5a:a2:e5:f5:88:49:55:
29:a7:9e:97:c0:61:a1:ac:b2:8f:79:62:01:0d:58:
18:d1:9c:59:8b:45:25:19:49:13:f4:aa:2d:97:0a:
37:55:61:6c:b5:59:bc:f2:90:ec:dd:b4:c8:84:58:
1f:3c:74:87:e4:6d:96:8d:66:22:82:5d:e1:3d:d7:
06:9d:d9:67:ad:90:75:06:ad:9c:0b:0f:d7:22:9e:
d0:94:7b:20:0f:e8:06:ea:d2:e4:c4:f2:19:42:9c:
1a:e0:e5:81:73:de:b1:84:04:3d:70:f1:be:b6:4a:
4a:aa:69:a4:c7:a6:8f:60:23:cf:c9:66:34:14:8b:
a1:a3:16:9f:5e:20:84:36:d8:37:97:68:97:67:76:
fd:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:FA:01:F7:78:CD:5A:5F:8C:94:1B:83:8B:F7:88:7C:7A:3D:96:21
X509v3 Authority Key Identifier:
keyid:CB:EC:6F:18:39:05:48:75:21:C7:94:7B:4F:7B:FD:6C:B7:8D:A4:79
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9159FAF/129575C46E4211EEAB4C9C6CC4F9AE02/y-xvGDkFSHUhx5R7T3v9bLeNpHk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y-xvGDkFSHUhx5R7T3v9bLeNpHk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9159FAF/129575C46E4211EEAB4C9C6CC4F9AE02/y-xvGDkFSHUhx5R7T3v9bLeNpHk.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
bd:a9:f3:4d:cb:97:47:ae:92:6c:62:d7:5b:fa:63:e7:5f:ed:
02:07:5b:3b:d3:08:be:51:47:7b:38:36:e2:49:88:32:b4:51:
1f:6b:65:25:34:25:da:5e:0a:cd:8b:4c:c0:3d:45:b3:0f:ff:
c9:2d:db:2c:55:15:a8:61:23:b2:10:df:8f:73:b7:f5:f1:d9:
d0:b2:a5:2b:ed:59:67:83:7c:e0:82:27:e6:0a:c9:58:40:ee:
aa:c6:7f:83:03:6b:2a:ad:70:71:27:0a:a4:83:06:12:55:e5:
f8:34:2c:0b:5c:37:58:b7:d4:26:73:c8:11:3c:7d:3b:05:27:
55:ce:94:26:13:96:d6:6f:a7:df:aa:9f:77:13:48:5e:a6:9b:
8f:9d:5e:91:3f:84:59:8c:d4:1c:92:00:77:41:1c:de:60:8b:
97:10:74:79:a8:03:2a:21:99:b0:64:4d:fb:28:2c:f3:7d:a3:
ba:05:53:03:ae:e3:8f:54:f5:c1:4c:50:4a:50:21:15:78:ca:
4e:46:16:33:b9:d3:77:cb:e3:73:6a:f2:08:a1:e9:2e:19:cc:
20:f2:f2:84:bd:34:db:5c:32:f2:08:7b:97:34:ff:c3:82:e0:
24:5c:b8:dd:1f:10:4d:c1:66:b2:f2:56:38:f4:fd:18:1e:92:
e9:de:33:b5
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICAeIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTlGQUYxMTAvBgNVBAUTKENCRUM2RjE4MzkwNTQ4NzUyMUM3OTQ3QjRGN0JGRDZD
Qjc4REE0NzkwHhcNMjYwMzAyMDEzMDQ5WhcNMjYwMzA5MDEzMDQ5WjAYMRYwFAYD
VQQDEw02OWE0ZTg0YS05MDYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAlN0ggRBdLKOLgJ1eSNWWEIJzkwxJ3qgHRE03GJqTA4BZ/clEJ1ZHcTJOzjgS
p1GKlH3pGoK4f9eHMBQx5FPWxXmYJqGpFpvyBViW/FNgfHUwEEDiAh7cJ2CYmdqW
rWuTgfHluskJ+sdel6/DQvhiAVqi5fWISVUpp56XwGGhrLKPeWIBDVgY0ZxZi0Ul
GUkT9Kotlwo3VWFstVm88pDs3bTIhFgfPHSH5G2WjWYigl3hPdcGndlnrZB1Bq2c
Cw/XIp7QlHsgD+gG6tLkxPIZQpwa4OWBc96xhAQ9cPG+tkpKqmmkx6aPYCPPyWY0
FIuhoxafXiCENtg3l2iXZ3b9WwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFIf6Afd4
zVpfjJQbg4v3iHx6PZYhMB8GA1UdIwQYMBaAFMvsbxg5BUh1IceUe097/Wy3jaR5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OUZBRi8xMjk1NzVDNDZF
NDIxMUVFQUI0QzlDNkNDNEY5QUUwMi95LXh2R0RrRlNIVWh4NVI3VDN2OWJMZU5w
SGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3kteHZHRGtGU0hVaHg1UjdUM3Y5YkxlTnBIay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
OUZBRi8xMjk1NzVDNDZFNDIxMUVFQUI0QzlDNkNDNEY5QUUwMi95LXh2R0RrRlNI
VWh4NVI3VDN2OWJMZU5wSGsubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEAvanzTcuXR66SbGLXW/pj51/tAgdbO9MIvlFHezg24kmIMrRRH2tlJTQl2l4K
zYtMwD1Fsw//yS3bLFUVqGEjshDfj3O39fHZ0LKlK+1ZZ4N84IIn5grJWEDuqsZ/
gwNrKq1wcScKpIMGElXl+DQsC1w3WLfUJnPIETx9OwUnVc6UJhOW1m+n36qfdxNI
Xqabj51ekT+EWYzUHJIAd0Ec3mCLlxB0eagDKiGZsGRN+ygs832jugVTA67jj1T1
wUxQSlAhFXjKTkYWM7nTd8vjc2ryCKHpLhnMIPLyhL0021wy8gh7lzT/w4LgJFy4
3R8QTcFmsvJWOPT9GB6S6d4ztQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:55:48 2026 by rpki-client