
$ rpki-client -vvf rpki.apnic.net/member_repository/A9170BBF/E491123A30BF11ECA85C4414C4F9AE02/IQ_xZmjfljvg_KkGkzkX_-3tn5U.mft
File: IQ_xZmjfljvg_KkGkzkX_-3tn5U.mft (raw, json)
Hash identifier: C1J+XNJ71VGsDi/5WukTD5I5sHf80WuY8042yc23A18=
Subject key identifier: F1:C8:10:37:D0:93:ED:BE:39:17:81:51:A9:0C:28:F2:A3:15:1D:EE
Authority key identifier: 21:0F:F1:66:68:DF:96:3B:E0:FC:A9:06:93:39:17:FF:ED:ED:9F:95
Certificate issuer: /CN=A9170BBF/serialNumber=210FF16668DF963BE0FCA906933917FFEDED9F95
Certificate serial: 04FE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IQ_xZmjfljvg_KkGkzkX_-3tn5U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9170BBF/E491123A30BF11ECA85C4414C4F9AE02/IQ_xZmjfljvg_KkGkzkX_-3tn5U.mft
Manifest number: 04F4
Signing time: Sun 19 Oct 2025 01:29:34 +0000
Manifest this update: Sun 19 Oct 2025 01:29:33 +0000
Manifest next update: Sun 26 Oct 2025 01:29:33 +0000
Files and hashes: 1: IQ_xZmjfljvg_KkGkzkX_-3tn5U.crl (hash: LCZckixx1gPMPZo/lfl79Wxphmw8/0QKu2TJ4Cl4PMk=)
2: 06CAA9C230C211ECBB5A4116C4F9AE02.roa (hash: CU8ZA4/4TdlPTUdktMFTY7GCuwd/QCyrxC7+CMDATDo=)
3: 0628D74630C211ECBB5A4116C4F9AE02.roa (hash: yUQWHT36J9pLE1kpKGBgRzyjB4VNhd4/HCHR7qeOtAQ=)
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9170BBF/E491123A30BF11ECA85C4414C4F9AE02/IQ_xZmjfljvg_KkGkzkX_-3tn5U.crl
rsync://rpki.apnic.net/member_repository/A9170BBF/E491123A30BF11ECA85C4414C4F9AE02/IQ_xZmjfljvg_KkGkzkX_-3tn5U.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IQ_xZmjfljvg_KkGkzkX_-3tn5U.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 26 Oct 2025 01:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1278 (0x4fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9170BBF, serialNumber=210FF16668DF963BE0FCA906933917FFEDED9F95
Validity
Not Before: Oct 19 01:29:33 2025 GMT
Not After : Oct 26 01:29:33 2025 GMT
Subject: CN=68f43efe-5243
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:89:11:51:bc:a9:cb:a3:58:5a:ce:e1:24:74:
c1:aa:01:22:0d:47:a8:27:00:c7:34:48:af:7c:43:
c6:ac:32:cf:0d:8d:4d:e4:78:0a:30:36:a7:ed:0f:
51:02:36:52:e5:65:24:14:00:d5:9d:e9:d4:b6:36:
96:99:2b:38:23:77:ee:10:76:8b:b0:9d:fb:a7:c9:
7d:1f:ad:d4:b8:83:74:23:26:63:cb:b6:f2:be:4c:
3a:a9:1a:bd:36:3f:ae:6d:84:c7:8e:76:99:9b:7d:
3f:af:2e:bf:7a:3d:41:00:65:80:4a:f6:b0:c4:fb:
fb:78:2c:3f:af:b4:1e:50:6d:48:b1:b5:eb:8b:9f:
f7:87:3e:9a:d1:e7:d9:78:58:5e:b5:1a:7e:5c:79:
71:ef:9a:e8:05:6c:a3:28:1b:e0:eb:9f:f3:0c:49:
3c:29:83:51:df:16:e3:b8:21:48:df:c0:ca:fa:2e:
ac:bd:18:2b:db:02:60:1c:69:70:84:ac:e1:a7:3e:
3e:86:d0:7a:18:4a:18:1e:fe:f2:29:a3:5b:4a:26:
6a:f9:a3:9a:11:a3:ab:66:e8:9e:fd:57:d3:e6:90:
0f:08:8c:ed:75:18:32:47:e6:bd:8e:91:72:71:8e:
74:e9:62:02:cc:89:5f:4b:d7:91:85:1c:47:aa:e3:
04:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:C8:10:37:D0:93:ED:BE:39:17:81:51:A9:0C:28:F2:A3:15:1D:EE
X509v3 Authority Key Identifier:
keyid:21:0F:F1:66:68:DF:96:3B:E0:FC:A9:06:93:39:17:FF:ED:ED:9F:95
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9170BBF/E491123A30BF11ECA85C4414C4F9AE02/IQ_xZmjfljvg_KkGkzkX_-3tn5U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IQ_xZmjfljvg_KkGkzkX_-3tn5U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170BBF/E491123A30BF11ECA85C4414C4F9AE02/IQ_xZmjfljvg_KkGkzkX_-3tn5U.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
56:35:7c:9a:81:20:39:a2:4e:5d:76:7a:d0:09:d3:5a:ba:1b:
7c:0c:ec:d5:9e:55:f7:30:b4:36:76:24:59:d4:f1:59:9d:7f:
a2:00:d2:cb:da:6d:3b:31:7d:44:b1:fb:db:5d:82:2c:24:02:
0a:2f:fe:fd:d4:d7:9d:75:95:91:d6:0f:5d:79:16:58:4e:a1:
90:8f:23:45:ed:ed:8d:f7:26:42:2c:b9:49:e9:26:7e:77:d5:
37:d4:8a:09:78:bf:d2:62:7b:b3:d7:47:b0:16:d4:c3:2b:f7:
2a:3c:f5:ea:5e:1b:b2:a3:f0:fd:f1:b5:43:f8:d6:c5:9b:88:
10:a5:ab:e3:af:26:15:6b:7c:2e:54:81:fd:e7:04:e4:7e:7d:
e9:e0:0b:b0:d6:17:01:8d:98:66:cd:cb:c7:b1:0b:e6:72:a1:
e3:c8:d6:57:12:45:5c:8f:fb:6a:83:c9:63:18:78:f1:1a:41:
fb:1b:90:f4:20:9a:c7:77:fb:c5:00:76:74:1b:b3:aa:0d:ce:
1e:bc:9d:6b:07:b6:d0:e5:6e:50:7e:2a:8e:b6:52:de:b3:47:
e2:f2:1a:2e:01:c2:b3:a3:ed:f3:da:de:eb:8e:7e:55:1a:e6:
0c:6b:a8:dc:a6:f8:b7:27:6f:92:c1:4d:57:3c:ce:e3:ef:4c:
b5:08:5a:31
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICBP4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzBCQkYxMTAvBgNVBAUTKDIxMEZGMTY2NjhERjk2M0JFMEZDQTkwNjkzMzkxN0ZG
RURFRDlGOTUwHhcNMjUxMDE5MDEyOTMzWhcNMjUxMDI2MDEyOTMzWjAYMRYwFAYD
VQQDEw02OGY0M2VmZS01MjQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnYkRUbypy6NYWs7hJHTBqgEiDUeoJwDHNEivfEPGrDLPDY1N5HgKMDan7Q9R
AjZS5WUkFADVnenUtjaWmSs4I3fuEHaLsJ37p8l9H63UuIN0IyZjy7byvkw6qRq9
Nj+ubYTHjnaZm30/ry6/ej1BAGWASvawxPv7eCw/r7QeUG1IsbXri5/3hz6a0efZ
eFhetRp+XHlx75roBWyjKBvg65/zDEk8KYNR3xbjuCFI38DK+i6svRgr2wJgHGlw
hKzhpz4+htB6GEoYHv7yKaNbSiZq+aOaEaOrZuie/VfT5pAPCIztdRgyR+a9jpFy
cY506WICzIlfS9eRhRxHquMEtQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPHIEDfQ
k+2+OReBUakMKPKjFR3uMB8GA1UdIwQYMBaAFCEP8WZo35Y74PypBpM5F//t7Z+V
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MEJCRi9FNDkxMTIzQTMw
QkYxMUVDQTg1QzQ0MTRDNEY5QUUwMi9JUV94Wm1qZmxqdmdfS2tHa3prWF8tM3Ru
NVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0lRX3habWpmbGp2Z19La0dremtYXy0zdG41VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MEJCRi9FNDkxMTIzQTMwQkYxMUVDQTg1QzQ0MTRDNEY5QUUwMi9JUV94Wm1qZmxq
dmdfS2tHa3prWF8tM3RuNVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBWNXyagSA5ok5ddnrQCdNauht8DOzVnlX3MLQ2diRZ1PFZnX+iANLL
2m07MX1EsfvbXYIsJAIKL/791NeddZWR1g9deRZYTqGQjyNF7e2N9yZCLLlJ6SZ+
d9U31IoJeL/SYnuz10ewFtTDK/cqPPXqXhuyo/D98bVD+NbFm4gQpavjryYVa3wu
VIH95wTkfn3p4Auw1hcBjZhmzcvHsQvmcqHjyNZXEkVcj/tqg8ljGHjxGkH7G5D0
IJrHd/vFAHZ0G7OqDc4evJ1rB7bQ5W5QfiqOtlLes0fi8houAcKzo+3z2t7rjn5V
GuYMa6jcpvi3J2+SwU1XPM7j70y1CFox
-----END CERTIFICATE-----
Generated at Mon Oct 20 19:47:57 2025 by rpki-client