
$ rpki-client -vvf rpki.apnic.net/member_repository/A91862F7/5EAC61448FA611EA9ACB7E7FC4F9AE02/BYQh3nB4BzBHPlzFRboK5dubTAo.mft
File: BYQh3nB4BzBHPlzFRboK5dubTAo.mft (raw, json)
Hash identifier: xf3LrEu7u7pKJ7CWSUHMjE4yY1pUxPpLxO/WHPKa0cs=
Subject key identifier: 62:0E:D7:26:AD:87:F3:0B:B8:BD:F7:95:FF:F0:F5:22:A7:4F:6D:E2
Authority key identifier: 05:84:21:DE:70:78:07:30:47:3E:5C:C5:45:BA:0A:E5:DB:9B:4C:0A
Certificate issuer: /CN=A91862F7/serialNumber=058421DE70780730473E5CC545BA0AE5DB9B4C0A
Certificate serial: 0A36
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BYQh3nB4BzBHPlzFRboK5dubTAo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91862F7/5EAC61448FA611EA9ACB7E7FC4F9AE02/BYQh3nB4BzBHPlzFRboK5dubTAo.mft
Manifest number: 0A25
Signing time: Tue 24 Mar 2026 17:07:45 +0000
Manifest this update: Tue 24 Mar 2026 17:07:45 +0000
Manifest next update: Tue 31 Mar 2026 17:07:45 +0000
Files and hashes: 1: BYQh3nB4BzBHPlzFRboK5dubTAo.crl (hash: ATv9Lx572mvQPgptkK44Yzd0HoEcmxETZjp8o3eVbpY=)
2: 7B01065ECB6611F0911E3B40C4F9AE02.roa (hash: 6Dvm4ulNHKTvy2zEThI5CFxM48R2WkZ0mp2MxrhNEVA=)
3: 7C4C4384CB6611F09E0E3B40C4F9AE02.roa (hash: jmLTUdjA6fVp52xmmEEVibY5+Y7NyInAVp9PHPY/5uE=)
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91862F7/5EAC61448FA611EA9ACB7E7FC4F9AE02/BYQh3nB4BzBHPlzFRboK5dubTAo.crl
rsync://rpki.apnic.net/member_repository/A91862F7/5EAC61448FA611EA9ACB7E7FC4F9AE02/BYQh3nB4BzBHPlzFRboK5dubTAo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BYQh3nB4BzBHPlzFRboK5dubTAo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 31 Mar 2026 17:07:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2614 (0xa36)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862F7, serialNumber=058421DE70780730473E5CC545BA0AE5DB9B4C0A
Validity
Not Before: Mar 24 17:07:45 2026 GMT
Not After : Mar 31 17:07:45 2026 GMT
Subject: CN=69c2c4e1-d4d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:e3:b5:54:65:28:a6:1d:7c:9b:ed:f1:e9:98:
38:5e:cb:73:75:0d:3c:6e:bc:66:b5:b5:9e:97:f0:
0c:ce:39:f9:a7:50:0e:5f:c4:d0:e1:3f:18:ee:8f:
bb:79:e3:3c:3e:3b:39:e7:21:be:4d:b8:b3:b3:e6:
fb:3e:8a:d1:5a:37:24:e4:eb:f0:87:81:2b:05:24:
99:61:77:85:80:ef:6a:2e:27:b9:0e:a5:f2:e7:1f:
a1:8d:60:d5:00:6c:db:43:9e:66:37:20:ff:8e:49:
ef:0b:7b:7b:40:18:86:f4:11:b4:40:dc:3a:f2:c9:
a9:7a:a7:fb:f4:0b:fa:89:ec:b3:f0:21:5d:06:9d:
7f:c8:60:5f:5d:8a:fa:71:e1:0e:f9:59:c6:83:0b:
9e:81:44:c5:78:2e:0e:31:a8:fb:43:38:40:b3:9e:
d4:6b:05:cb:68:de:56:db:b7:a9:d8:3f:6a:63:3c:
4d:bd:ca:76:18:7f:c2:4b:91:6f:cc:14:9c:66:e3:
4b:1d:3e:eb:72:6e:ec:dd:1f:ad:f7:89:7f:41:f5:
50:43:3d:f2:97:5d:29:68:cb:38:e4:de:29:97:1b:
a4:e5:c8:e2:09:bb:bf:96:27:25:12:e8:73:70:73:
e6:38:5e:23:b5:32:62:79:01:34:ed:f7:ec:0b:91:
74:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:0E:D7:26:AD:87:F3:0B:B8:BD:F7:95:FF:F0:F5:22:A7:4F:6D:E2
X509v3 Authority Key Identifier:
keyid:05:84:21:DE:70:78:07:30:47:3E:5C:C5:45:BA:0A:E5:DB:9B:4C:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91862F7/5EAC61448FA611EA9ACB7E7FC4F9AE02/BYQh3nB4BzBHPlzFRboK5dubTAo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BYQh3nB4BzBHPlzFRboK5dubTAo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91862F7/5EAC61448FA611EA9ACB7E7FC4F9AE02/BYQh3nB4BzBHPlzFRboK5dubTAo.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
c2:f3:b9:a0:9c:f5:0d:42:75:74:f1:67:32:7c:b7:fb:1c:f9:
ad:99:e1:27:9f:ee:23:99:e1:e7:c0:1f:87:21:b1:d2:52:f3:
5d:45:fe:fb:47:23:4b:90:9c:00:e3:76:db:5e:08:6c:13:21:
e2:d6:59:6d:ee:57:04:1c:0f:82:c0:b0:9c:cc:06:fe:e3:47:
41:62:7b:db:70:4c:24:09:b2:4a:13:b8:48:df:4c:45:6f:f3:
0c:70:3c:07:00:88:df:f4:15:06:93:15:f8:55:2b:e0:73:d0:
e2:98:59:4f:33:34:39:d8:f5:2b:3f:28:42:55:97:59:ca:c2:
73:9b:48:36:66:97:99:6e:da:cf:1a:c0:4c:5a:5a:0c:71:a9:
81:93:e7:4c:34:aa:5a:8f:40:d5:f2:8a:d3:ba:d6:5a:c6:6b:
09:c1:8c:31:a4:d5:10:bf:67:50:f3:42:0f:fb:81:07:89:a2:
58:e6:0d:21:ab:25:25:66:c5:15:54:bc:25:68:97:06:9c:1f:
c2:a6:33:ef:d5:62:a5:d5:5d:05:0e:36:34:24:e5:58:7d:2e:
b1:04:14:68:cb:02:67:c6:f6:e9:bd:44:37:69:e8:bb:ae:5b:
5a:08:6d:89:0c:21:a9:27:a3:ad:f0:aa:ec:6c:e6:2d:b9:5f:
bb:2e:e5:d7
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICCjYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODYyRjcxMTAvBgNVBAUTKDA1ODQyMURFNzA3ODA3MzA0NzNFNUNDNTQ1QkEwQUU1
REI5QjRDMEEwHhcNMjYwMzI0MTcwNzQ1WhcNMjYwMzMxMTcwNzQ1WjAYMRYwFAYD
VQQDEw02OWMyYzRlMS1kNGQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0+O1VGUoph18m+3x6Zg4XstzdQ08brxmtbWel/AMzjn5p1AOX8TQ4T8Y7o+7
eeM8Pjs55yG+Tbizs+b7PorRWjck5Ovwh4ErBSSZYXeFgO9qLie5DqXy5x+hjWDV
AGzbQ55mNyD/jknvC3t7QBiG9BG0QNw68smpeqf79Av6ieyz8CFdBp1/yGBfXYr6
ceEO+VnGgwuegUTFeC4OMaj7QzhAs57UawXLaN5W27ep2D9qYzxNvcp2GH/CS5Fv
zBScZuNLHT7rcm7s3R+t94l/QfVQQz3yl10paMs45N4plxuk5cjiCbu/liclEuhz
cHPmOF4jtTJieQE07ffsC5F05wIDAQABo4ICczCCAm8wHQYDVR0OBBYEFGIO1yat
h/MLuL33lf/w9SKnT23iMB8GA1UdIwQYMBaAFAWEId5weAcwRz5cxUW6CuXbm0wK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NjJGNy81RUFDNjE0NDhG
QTYxMUVBOUFDQjdFN0ZDNEY5QUUwMi9CWVFoM25CNEJ6QkhQbHpGUmJvSzVkdWJU
QW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0JZUWgzbkI0QnpCSFBsekZSYm9LNWR1YlRBby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
NjJGNy81RUFDNjE0NDhGQTYxMUVBOUFDQjdFN0ZDNEY5QUUwMi9CWVFoM25CNEJ6
QkhQbHpGUmJvSzVkdWJUQW8ubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEAwvO5oJz1DUJ1dPFnMny3+xz5rZnhJ5/uI5nh58AfhyGx0lLzXUX++0cjS5Cc
AON2214IbBMh4tZZbe5XBBwPgsCwnMwG/uNHQWJ723BMJAmyShO4SN9MRW/zDHA8
BwCI3/QVBpMV+FUr4HPQ4phZTzM0Odj1Kz8oQlWXWcrCc5tINmaXmW7azxrATFpa
DHGpgZPnTDSqWo9A1fKK07rWWsZrCcGMMaTVEL9nUPNCD/uBB4miWOYNIaslJWbF
FVS8JWiXBpwfwqYz79VipdVdBQ42NCTlWH0usQQUaMsCZ8b26b1EN2nou65bWght
iQwhqSejrfCq7GzmLblfuy7l1w==
-----END CERTIFICATE-----
Generated at Thu Mar 26 19:15:35 2026 by rpki-client