
$ rpki-client -vvf rpki.apnic.net/member_repository/A9170E11/D060C9B25BD611ECAD833651C4F9AE02/PWRH1yl0gylOzsuFOl5QCTXRuNc.mft
File: PWRH1yl0gylOzsuFOl5QCTXRuNc.mft (raw, json)
Hash identifier: UkcxEmIB8zXM01OinYzfmjIyhTr7j8jJgbxaGsfS+tY=
Subject key identifier: 5D:93:9D:6A:78:B5:CD:C9:EF:A5:C9:2A:EB:37:6A:9D:0E:13:6E:36
Authority key identifier: 3D:64:47:D7:29:74:83:29:4E:CE:CB:85:3A:5E:50:09:35:D1:B8:D7
Certificate issuer: /CN=A9170E11/serialNumber=3D6447D7297483294ECECB853A5E500935D1B8D7
Certificate serial: 04BE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PWRH1yl0gylOzsuFOl5QCTXRuNc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9170E11/D060C9B25BD611ECAD833651C4F9AE02/PWRH1yl0gylOzsuFOl5QCTXRuNc.mft
Manifest number: 0498
Signing time: Sun 19 Oct 2025 01:54:43 +0000
Manifest this update: Sun 19 Oct 2025 01:54:42 +0000
Manifest next update: Sun 26 Oct 2025 01:54:42 +0000
Files and hashes: 1: PWRH1yl0gylOzsuFOl5QCTXRuNc.crl (hash: 2lAEVcsbgoUL3S1bOKv9RJ6cVXYE5CcOTA8EB1o2F+o=)
2: 5997A6A624E011EDAEC0E529C4F9AE02.roa (hash: 264WZ0f5FSYRLcE55bzQKj/lfReOWZZQL9W6/+XrL50=)
3: 793803867DEA11EC9FC67D66C4F9AE02.roa (hash: vRD5gvetOl4M72g0Ox/17wn2gRRkZ+MKIO7MmLjvLgg=)
4: 2CE5BE065BDA11ECAA855355C4F9AE02.roa (hash: K/T3wX+b6EJFTbJdX5T/49+xTnSJoc5fKtBw2NmgoBw=)
5: 18611004B42A11EC9BD3DE42C4F9AE02.roa (hash: MrOehOXflQUhc9W+FdP7kViEOIm0zhC3RKvz9jpM7pY=)
6: 27992F96832811EFA1BAAC4FC4F9AE02.roa (hash: 9hr8e6Q+evY4tAAVgrktH6R5E0K57yFV9RXeFdQNtLw=)
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9170E11/D060C9B25BD611ECAD833651C4F9AE02/PWRH1yl0gylOzsuFOl5QCTXRuNc.crl
rsync://rpki.apnic.net/member_repository/A9170E11/D060C9B25BD611ECAD833651C4F9AE02/PWRH1yl0gylOzsuFOl5QCTXRuNc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PWRH1yl0gylOzsuFOl5QCTXRuNc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 26 Oct 2025 01:54:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1214 (0x4be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9170E11, serialNumber=3D6447D7297483294ECECB853A5E500935D1B8D7
Validity
Not Before: Oct 19 01:54:42 2025 GMT
Not After : Oct 26 01:54:42 2025 GMT
Subject: CN=68f444e3-ed49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:fc:ad:56:73:30:cf:1c:b5:a2:d7:1c:ca:ee:
af:38:cd:81:de:66:dc:e7:85:7d:7c:55:e0:39:d7:
5a:34:ad:bf:df:31:30:81:84:dc:9e:77:c7:04:d8:
e1:7e:be:6f:60:3c:e1:10:2f:09:f0:2c:fb:cb:49:
6a:27:d9:33:68:4f:e1:68:49:9d:ee:d5:11:6b:41:
28:e8:2d:fb:b6:f1:c6:af:80:0b:ca:cf:c0:09:87:
a3:c2:6b:4c:43:e5:72:84:e2:99:64:a3:bd:0e:c9:
4a:c3:a7:5d:6a:3a:5e:5b:05:a8:c1:a7:0f:ed:62:
9e:36:d3:a3:36:23:37:3e:c2:6f:36:cf:5e:bc:5b:
22:d7:96:00:a2:c6:56:4a:82:47:9a:34:07:09:ab:
15:ba:0f:05:5a:04:89:e4:84:8f:90:7c:8e:7a:31:
57:83:ca:c8:f5:e1:0a:38:51:82:0d:16:3e:01:34:
a5:08:58:39:2c:fb:b9:b9:f1:d9:48:55:6e:e3:ac:
e4:09:01:d9:7e:42:76:25:57:16:bc:55:80:ca:d6:
af:5c:3e:ba:61:cf:26:29:c6:a0:71:57:89:a2:74:
f1:ff:81:bc:54:a9:b4:63:48:0a:52:ef:c6:da:c5:
c6:11:37:25:0a:60:0d:01:9b:2c:94:3c:71:71:d8:
e0:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:93:9D:6A:78:B5:CD:C9:EF:A5:C9:2A:EB:37:6A:9D:0E:13:6E:36
X509v3 Authority Key Identifier:
keyid:3D:64:47:D7:29:74:83:29:4E:CE:CB:85:3A:5E:50:09:35:D1:B8:D7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9170E11/D060C9B25BD611ECAD833651C4F9AE02/PWRH1yl0gylOzsuFOl5QCTXRuNc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PWRH1yl0gylOzsuFOl5QCTXRuNc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170E11/D060C9B25BD611ECAD833651C4F9AE02/PWRH1yl0gylOzsuFOl5QCTXRuNc.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
24:74:87:8b:89:25:20:e3:76:61:dd:e7:a9:71:46:73:7e:26:
39:48:fa:85:e0:bc:92:03:17:38:92:f8:3e:fd:6e:ad:64:51:
7b:f2:56:4b:cc:81:44:ab:82:50:31:f5:23:2c:43:f8:53:65:
36:86:68:c6:30:13:82:09:93:e9:17:ee:7a:9a:e8:fd:c0:f3:
d4:fe:26:f9:28:d6:f8:e4:35:0c:dc:76:94:d0:39:b7:5e:e7:
81:16:53:d4:74:0d:f0:04:7b:7c:45:ef:f0:8f:c4:7e:46:e7:
42:ed:c6:8d:a1:9f:30:5e:2c:7c:0a:62:b3:6e:cb:f4:6a:ea:
24:a7:1d:3f:e8:f4:4c:c6:c9:a5:33:fe:cd:fc:59:ff:ef:15:
3a:56:0a:d0:15:4b:ec:65:80:f5:3b:d8:bc:be:5c:3e:fe:35:
ac:8d:5a:8e:fd:1e:f4:cd:c1:c2:54:cf:bb:4c:a2:a7:ab:00:
34:f5:76:7c:eb:d1:01:fe:ea:9a:c9:c0:e2:cd:5d:9e:91:5f:
e6:50:79:e9:e7:a0:b5:1e:66:b2:95:56:4d:75:b7:eb:d8:37:
d9:f0:b0:e7:c5:ab:95:c9:8f:9c:33:e8:f4:74:33:50:3c:d7:
59:64:97:71:f3:95:30:5f:b9:16:58:8e:23:48:ee:70:3a:29:
37:b9:7e:0f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICBL4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzBFMTExMTAvBgNVBAUTKDNENjQ0N0Q3Mjk3NDgzMjk0RUNFQ0I4NTNBNUU1MDA5
MzVEMUI4RDcwHhcNMjUxMDE5MDE1NDQyWhcNMjUxMDI2MDE1NDQyWjAYMRYwFAYD
VQQDEw02OGY0NDRlMy1lZDQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuPytVnMwzxy1otccyu6vOM2B3mbc54V9fFXgOddaNK2/3zEwgYTcnnfHBNjh
fr5vYDzhEC8J8Cz7y0lqJ9kzaE/haEmd7tURa0Eo6C37tvHGr4ALys/ACYejwmtM
Q+VyhOKZZKO9DslKw6ddajpeWwWowacP7WKeNtOjNiM3PsJvNs9evFsi15YAosZW
SoJHmjQHCasVug8FWgSJ5ISPkHyOejFXg8rI9eEKOFGCDRY+ATSlCFg5LPu5ufHZ
SFVu46zkCQHZfkJ2JVcWvFWAytavXD66Yc8mKcagcVeJonTx/4G8VKm0Y0gKUu/G
2sXGETclCmANAZsslDxxcdjgCQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFF2TnWp4
tc3J76XJKus3ap0OE242MB8GA1UdIwQYMBaAFD1kR9cpdIMpTs7LhTpeUAk10bjX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MEUxMS9EMDYwQzlCMjVC
RDYxMUVDQUQ4MzM2NTFDNEY5QUUwMi9QV1JIMXlsMGd5bE96c3VGT2w1UUNUWFJ1
TmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BXUkgxeWwwZ3lsT3pzdUZPbDVRQ1RYUnVOYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MEUxMS9EMDYwQzlCMjVCRDYxMUVDQUQ4MzM2NTFDNEY5QUUwMi9QV1JIMXlsMGd5
bE96c3VGT2w1UUNUWFJ1TmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAkdIeLiSUg43Zh3eepcUZzfiY5SPqF4LySAxc4kvg+/W6tZFF78lZL
zIFEq4JQMfUjLEP4U2U2hmjGMBOCCZPpF+56muj9wPPU/ib5KNb45DUM3HaU0Dm3
XueBFlPUdA3wBHt8Re/wj8R+RudC7caNoZ8wXix8CmKzbsv0auokpx0/6PRMxsml
M/7N/Fn/7xU6VgrQFUvsZYD1O9i8vlw+/jWsjVqO/R70zcHCVM+7TKKnqwA09XZ8
69EB/uqaycDizV2ekV/mUHnp56C1HmaylVZNdbfr2DfZ8LDnxauVyY+cM+j0dDNQ
PNdZZJdx85UwX7kWWI4jSO5wOik3uX4P
-----END CERTIFICATE-----
Generated at Mon Oct 20 19:24:57 2025 by rpki-client