
$ rpki-client -vvf rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.mft
File: XAq0JfK0I14cgVaDvWyOi3uAtyc.mft (raw, json)
Hash identifier: iJjytN8kmS04aeKdK6Cgkn8hXSfV3mrLsytKCDqEyKc=
Subject key identifier: A9:E2:B4:3F:3B:F0:18:15:3C:72:BD:93:48:3A:76:49:72:4F:7A:4D
Authority key identifier: 5C:0A:B4:25:F2:B4:23:5E:1C:81:56:83:BD:6C:8E:8B:7B:80:B7:27
Certificate issuer: /CN=A917F8A9/serialNumber=5C0AB425F2B4235E1C815683BD6C8E8B7B80B727
Certificate serial: 0A15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAq0JfK0I14cgVaDvWyOi3uAtyc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.mft
Manifest number: 09FC
Signing time: Mon 02 Mar 2026 00:24:47 +0000
Manifest this update: Mon 02 Mar 2026 00:24:45 +0000
Manifest next update: Mon 09 Mar 2026 00:24:45 +0000
Files and hashes: 1: XAq0JfK0I14cgVaDvWyOi3uAtyc.crl (hash: iipZZe8gHP/JGnlgnCdOgKpzsNE0aGhSdgFnh0Z7QtU=)
2: 83DC30E0D0DB11EA9336962FC4F9AE02.roa (hash: 6ZGy644lUjSn/iRWamVdu/Cx4lbrco/8//Ud8xr+hK4=)
3: 0774A2C894F211EAB30E7682C4F9AE02.roa (hash: l2tsnXDfo/hIktpCNOIO2/elh/NggYLVtKn+htr+20w=)
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.crl
rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAq0JfK0I14cgVaDvWyOi3uAtyc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 00:24:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2581 (0xa15)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917F8A9, serialNumber=5C0AB425F2B4235E1C815683BD6C8E8B7B80B727
Validity
Not Before: Mar 2 00:24:45 2026 GMT
Not After : Mar 9 00:24:45 2026 GMT
Subject: CN=69a4d8ce-0fbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:62:37:3c:ae:35:f6:c2:51:d6:f6:4b:5d:16:
37:df:8a:e7:b9:67:27:e7:8a:ec:cc:73:d8:21:53:
61:b8:06:a8:8b:e8:20:ff:42:39:d3:0d:82:a7:50:
d9:9c:cf:84:c9:50:51:0b:66:d2:25:24:cb:f6:57:
ac:99:eb:70:6c:6d:04:4a:4f:95:63:33:4f:d7:5f:
72:b1:71:5e:8e:2b:ec:5f:bf:3a:5b:0f:3f:4e:1e:
79:19:bf:c3:11:a2:22:5e:ba:8f:f8:0f:81:91:35:
42:64:56:7f:b4:f2:cf:1b:b2:be:45:5d:64:3e:59:
9e:78:a5:5f:be:4f:df:b1:a0:89:56:38:49:7f:af:
0d:c3:57:2c:bc:33:8f:3c:bd:93:b4:8e:88:45:34:
b5:35:25:ba:2c:6c:b2:de:66:c3:27:d7:69:8e:5d:
c5:41:99:53:69:3b:0e:f1:00:f5:75:66:f0:6f:9d:
f0:19:32:3b:e1:9c:b6:c0:1c:73:f8:e6:38:be:fd:
dc:54:a0:c0:84:74:e0:95:7c:8d:d5:39:14:4c:5e:
1f:74:4a:1c:f3:29:11:8f:6a:10:94:de:32:62:c4:
bd:70:db:f0:c4:f4:43:ad:60:33:aa:18:e9:1f:2a:
a4:52:24:b1:46:fb:02:ef:dc:fd:a1:45:03:ef:78:
0e:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:E2:B4:3F:3B:F0:18:15:3C:72:BD:93:48:3A:76:49:72:4F:7A:4D
X509v3 Authority Key Identifier:
keyid:5C:0A:B4:25:F2:B4:23:5E:1C:81:56:83:BD:6C:8E:8B:7B:80:B7:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAq0JfK0I14cgVaDvWyOi3uAtyc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
55:d0:eb:51:e8:77:22:92:dd:da:7f:7e:13:d0:a3:b3:4c:37:
3c:ea:9d:05:ac:e4:04:36:ef:c6:ec:6f:d9:f8:60:1c:bd:d0:
f2:59:02:b4:3d:6a:d1:60:2c:3c:8d:16:3d:ff:08:d6:9b:5c:
32:79:64:ae:4e:89:31:9f:03:eb:15:34:ea:c6:23:44:9a:29:
65:d2:cd:ce:ce:df:c0:15:38:c5:e9:b3:d3:04:6a:e1:db:5e:
97:c8:6e:6a:58:00:4e:ca:ec:7a:47:07:d5:9c:18:0e:1f:58:
3a:47:93:54:ec:5a:f3:69:79:65:f6:c0:57:e9:88:07:dc:43:
4d:39:9e:2d:54:e6:2f:03:0e:9f:22:0e:25:bd:59:2f:2d:d8:
87:ed:de:4d:a3:3e:ec:c5:60:43:ca:2c:7b:4d:6e:1a:15:6c:
a6:14:64:f5:8d:8f:82:1f:c4:f6:34:cb:9b:b7:67:48:fd:e6:
11:50:b6:a1:02:7d:57:82:95:1c:aa:5b:7b:21:95:d1:50:4b:
c5:6d:47:85:22:e6:d2:cc:04:19:ec:84:1d:b3:d0:24:30:b3:
7f:ed:49:f5:9b:fd:fb:63:4d:71:65:d8:7d:9f:3b:09:40:25:
8a:8a:9b:4e:b0:76:98:7f:0a:49:c4:17:7f:1f:eb:07:e2:6f:
85:1c:cd:13
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICChUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0Y4QTkxMTAvBgNVBAUTKDVDMEFCNDI1RjJCNDIzNUUxQzgxNTY4M0JENkM4RThC
N0I4MEI3MjcwHhcNMjYwMzAyMDAyNDQ1WhcNMjYwMzA5MDAyNDQ1WjAYMRYwFAYD
VQQDEw02OWE0ZDhjZS0wZmJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0GI3PK419sJR1vZLXRY334rnuWcn54rszHPYIVNhuAaoi+gg/0I50w2Cp1DZ
nM+EyVBRC2bSJSTL9lesmetwbG0ESk+VYzNP119ysXFejivsX786Ww8/Th55Gb/D
EaIiXrqP+A+BkTVCZFZ/tPLPG7K+RV1kPlmeeKVfvk/fsaCJVjhJf68Nw1csvDOP
PL2TtI6IRTS1NSW6LGyy3mbDJ9dpjl3FQZlTaTsO8QD1dWbwb53wGTI74Zy2wBxz
+OY4vv3cVKDAhHTglXyN1TkUTF4fdEoc8ykRj2oQlN4yYsS9cNvwxPRDrWAzqhjp
HyqkUiSxRvsC79z9oUUD73gOFQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFKnitD87
8BgVPHK9k0g6dklyT3pNMB8GA1UdIwQYMBaAFFwKtCXytCNeHIFWg71sjot7gLcn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RjhBOS8yQUEwNDMzMDk0
RjAxMUVBODNFRjFFN0RDNEY5QUUwMi9YQXEwSmZLMEkxNGNnVmFEdld5T2kzdUF0
eWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hBcTBKZkswSTE0Y2dWYUR2V3lPaTN1QXR5Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
RjhBOS8yQUEwNDMzMDk0RjAxMUVBODNFRjFFN0RDNEY5QUUwMi9YQXEwSmZLMEkx
NGNnVmFEdld5T2kzdUF0eWMubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEAVdDrUeh3IpLd2n9+E9Cjs0w3POqdBazkBDbvxuxv2fhgHL3Q8lkCtD1q0WAs
PI0WPf8I1ptcMnlkrk6JMZ8D6xU06sYjRJopZdLNzs7fwBU4xemz0wRq4dtel8hu
algATsrsekcH1ZwYDh9YOkeTVOxa82l5ZfbAV+mIB9xDTTmeLVTmLwMOnyIOJb1Z
Ly3Yh+3eTaM+7MVgQ8ose01uGhVsphRk9Y2Pgh/E9jTLm7dnSP3mEVC2oQJ9V4KV
HKpbeyGV0VBLxW1HhSLm0swEGeyEHbPQJDCzf+1J9Zv9+2NNcWXYfZ87CUAlioqb
TrB2mH8KScQXfx/rB+JvhRzNEw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:52:38 2026 by rpki-client