
$ rpki-client -vvf rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.mft
File: 3yU0hNzlLEE3y9HI7UTZyyVX9D8.mft (raw, json)
Hash identifier: TRnjxp20ZWiy+PjIQll4Rrhkm5PHTzo93LbLfILXhkk=
Subject key identifier: 05:6C:82:47:FB:F0:38:A9:0C:37:BA:5C:A6:6A:BE:E7:7D:AF:43:A3
Authority key identifier: DF:25:34:84:DC:E5:2C:41:37:CB:D1:C8:ED:44:D9:CB:25:57:F4:3F
Certificate issuer: /CN=A9158568/serialNumber=DF253484DCE52C4137CBD1C8ED44D9CB2557F43F
Certificate serial: 0CA8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3yU0hNzlLEE3y9HI7UTZyyVX9D8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.mft
Manifest number: 0C8A
Signing time: Thu 26 Mar 2026 18:30:27 +0000
Manifest this update: Thu 26 Mar 2026 18:30:26 +0000
Manifest next update: Thu 02 Apr 2026 18:30:26 +0000
Files and hashes: 1: 3yU0hNzlLEE3y9HI7UTZyyVX9D8.crl (hash: 19lu4XHWUrIvEI521W5UoFCUDHxV3cZ09Nho4BHUL7k=)
2: 3A5A84F8CB7111EBA9EEF440C4F9AE02.roa (hash: 2ZECssZFKej2Bnmujg65SvPR+m2K68FZcUfUc+ikvVg=)
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.crl
rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3yU0hNzlLEE3y9HI7UTZyyVX9D8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 02 Apr 2026 14:54:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3240 (0xca8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9158568, serialNumber=DF253484DCE52C4137CBD1C8ED44D9CB2557F43F
Validity
Not Before: Mar 26 18:30:26 2026 GMT
Not After : Apr 2 18:30:26 2026 GMT
Subject: CN=69c57b42-2a9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:34:d6:b6:b3:95:d0:fe:40:e0:b6:39:c7:e2:
92:54:da:56:57:fd:7e:18:0b:e9:70:01:f4:b8:36:
fb:34:b2:17:bf:09:31:b3:63:38:8c:be:ad:a3:5f:
1c:f2:92:e6:04:2b:2f:a0:d5:fc:1d:75:86:18:a6:
46:a5:8f:48:d4:23:87:5d:77:d6:ab:f4:15:03:71:
a4:09:cd:c4:74:82:df:ce:5e:ac:a3:f3:98:3c:03:
75:9b:fd:ca:64:9f:35:2f:32:46:d0:18:12:9e:3c:
59:99:38:ac:e4:fd:7f:21:5c:0f:c2:6f:01:2d:6c:
f2:10:cf:c1:a6:4b:12:b3:40:58:fb:a0:70:a4:a5:
fb:42:e7:72:bf:d2:65:84:6f:1e:60:3c:66:55:3f:
92:9e:a9:4b:61:22:e2:ba:02:70:bb:ad:81:b9:de:
1b:b4:ed:55:1a:bc:d9:3d:15:19:85:bc:23:f3:c7:
bf:ed:4a:86:17:4b:23:c6:5e:1e:e1:2f:5a:53:f8:
ee:41:73:53:bd:81:b4:a7:06:d0:ed:47:25:3e:15:
ff:5b:1b:d0:70:5c:d7:75:c0:00:19:d3:13:83:75:
4a:5c:fc:bb:3a:12:cc:fd:11:1d:fd:a7:69:30:80:
01:f4:5f:1b:bd:20:b1:6d:10:df:7d:0d:e0:32:f3:
83:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:6C:82:47:FB:F0:38:A9:0C:37:BA:5C:A6:6A:BE:E7:7D:AF:43:A3
X509v3 Authority Key Identifier:
keyid:DF:25:34:84:DC:E5:2C:41:37:CB:D1:C8:ED:44:D9:CB:25:57:F4:3F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3yU0hNzlLEE3y9HI7UTZyyVX9D8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
b8:c8:16:c1:a3:14:eb:9e:64:c2:65:fc:1e:8a:2b:ed:b6:35:
4d:19:cf:d5:8a:95:a5:f8:11:9c:85:f1:b0:e1:c7:41:fc:59:
99:f9:c2:33:0c:a9:65:0b:8d:c4:c6:04:af:26:48:22:18:d4:
df:f9:fd:67:4a:6e:a6:3e:8d:3e:fd:1c:a5:0e:a4:33:29:9b:
46:1f:8a:79:d8:6a:bd:f0:1b:c8:34:4f:dc:80:b2:6f:77:a4:
8d:3e:8e:0b:1b:22:44:c1:3a:72:10:22:a5:44:8e:35:4a:7e:
9d:b9:9a:0f:b9:2a:9f:77:74:e5:14:aa:2e:d4:3a:d6:4e:41:
d5:d2:c4:3b:76:30:0e:6f:c6:13:31:5d:2d:f3:80:3f:dc:f6:
28:ce:df:32:2d:35:84:be:65:c9:29:d4:60:b6:23:c0:d2:a2:
20:78:7a:6e:ba:8a:78:03:25:fa:31:d1:a0:9b:24:65:66:fb:
1a:e0:58:29:45:89:a0:63:6e:3e:2b:bb:45:9c:e3:94:38:f1:
cf:a0:fd:67:47:6d:6e:59:f6:a6:e7:0a:67:19:d2:0a:2e:87:
61:00:bf:84:40:b9:c3:46:87:71:70:a8:8c:86:aa:6e:ab:67:
01:96:a4:31:a0:5a:de:0c:86:8d:80:22:2f:bc:cf:ec:7b:bc:
9d:46:1b:b9
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICDKgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTg1NjgxMTAvBgNVBAUTKERGMjUzNDg0RENFNTJDNDEzN0NCRDFDOEVENDREOUNC
MjU1N0Y0M0YwHhcNMjYwMzI2MTgzMDI2WhcNMjYwNDAyMTgzMDI2WjAYMRYwFAYD
VQQDEw02OWM1N2I0Mi0yYTlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAjDTWtrOV0P5A4LY5x+KSVNpWV/1+GAvpcAH0uDb7NLIXvwkxs2M4jL6to18c
8pLmBCsvoNX8HXWGGKZGpY9I1COHXXfWq/QVA3GkCc3EdILfzl6so/OYPAN1m/3K
ZJ81LzJG0BgSnjxZmTis5P1/IVwPwm8BLWzyEM/BpksSs0BY+6BwpKX7Qudyv9Jl
hG8eYDxmVT+SnqlLYSLiugJwu62Bud4btO1VGrzZPRUZhbwj88e/7UqGF0sjxl4e
4S9aU/juQXNTvYG0pwbQ7UclPhX/WxvQcFzXdcAAGdMTg3VKXPy7OhLM/REd/adp
MIAB9F8bvSCxbRDffQ3gMvODbwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFAVsgkf7
8DipDDe6XKZqvud9r0OjMB8GA1UdIwQYMBaAFN8lNITc5SxBN8vRyO1E2cslV/Q/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1ODU2OC9EMzEzMDY3NjE4
NTcxMUVBOTg2MzQxNUVDNEY5QUUwMi8zeVUwaE56bExFRTN5OUhJN1VUWnl5Vlg5
RDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzN5VTBoTnpsTEVFM3k5SEk3VVRaeXlWWDlEOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
ODU2OC9EMzEzMDY3NjE4NTcxMUVBOTg2MzQxNUVDNEY5QUUwMi8zeVUwaE56bExF
RTN5OUhJN1VUWnl5Vlg5RDgubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEAuMgWwaMU655kwmX8Hoor7bY1TRnP1YqVpfgRnIXxsOHHQfxZmfnCMwypZQuN
xMYEryZIIhjU3/n9Z0pupj6NPv0cpQ6kMymbRh+KedhqvfAbyDRP3ICyb3ekjT6O
CxsiRME6chAipUSONUp+nbmaD7kqn3d05RSqLtQ61k5B1dLEO3YwDm/GEzFdLfOA
P9z2KM7fMi01hL5lySnUYLYjwNKiIHh6brqKeAMl+jHRoJskZWb7GuBYKUWJoGNu
Piu7RZzjlDjxz6D9Z0dtbln2pucKZxnSCi6HYQC/hEC5w0aHcXCojIaqbqtnAZak
MaBa3gyGjYAiL7zP7Hu8nUYbuQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 23:53:35 2026 by rpki-client