
$ rpki-client -vvf rpki.apnic.net/member_repository/A918D0AA/365BCCEC7A3C11ED861B2933C4F9AE02/ChYfF3ryrIp11Br-R61A0quRh8o.mft
File: ChYfF3ryrIp11Br-R61A0quRh8o.mft (raw, json)
Hash identifier: Ipa1T7h/t4W/77ViOnxF0ANbKExgXO4yp0qHbkLVd4s=
Subject key identifier: 00:23:33:E3:94:8D:DC:D5:2D:05:E2:44:8A:BC:C3:3F:B9:DA:EB:6F
Authority key identifier: 0A:16:1F:17:7A:F2:AC:8A:75:D4:1A:FE:47:AD:40:D2:AB:91:87:CA
Certificate issuer: /CN=A918D0AA/serialNumber=0A161F177AF2AC8A75D41AFE47AD40D2AB9187CA
Certificate serial: 022C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ChYfF3ryrIp11Br-R61A0quRh8o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918D0AA/365BCCEC7A3C11ED861B2933C4F9AE02/ChYfF3ryrIp11Br-R61A0quRh8o.mft
Manifest number: 0224
Signing time: Sun 19 Oct 2025 04:28:20 +0000
Manifest this update: Sun 19 Oct 2025 04:28:19 +0000
Manifest next update: Sun 26 Oct 2025 04:28:19 +0000
Files and hashes: 1: ChYfF3ryrIp11Br-R61A0quRh8o.crl (hash: J3X5MdO00geOYMMJAb9XcsMAWdn4+MmiMh51hB1nFyM=)
2: 7817D2327A5C11EDA0156D76C4F9AE02.roa (hash: /aLZRZnVDc3gbgHvgjjTVhimEYu2WCp9inOhdZerK9k=)
3: 1376B9341FAE11F0B3E41E84C4F9AE02.roa (hash: 046Nkak/mvU2MIy/D/sQyHF4+9Nf/OVFcgvY3OIqwCQ=)
4: 130A89761FAE11F0B3E41E84C4F9AE02.roa (hash: 7uR7mk8CLJJlZZvBz+Qm2/sDak7TWidIc0rXMu5Xnkk=)
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918D0AA/365BCCEC7A3C11ED861B2933C4F9AE02/ChYfF3ryrIp11Br-R61A0quRh8o.crl
rsync://rpki.apnic.net/member_repository/A918D0AA/365BCCEC7A3C11ED861B2933C4F9AE02/ChYfF3ryrIp11Br-R61A0quRh8o.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ChYfF3ryrIp11Br-R61A0quRh8o.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 26 Oct 2025 04:28:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 556 (0x22c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918D0AA, serialNumber=0A161F177AF2AC8A75D41AFE47AD40D2AB9187CA
Validity
Not Before: Oct 19 04:28:19 2025 GMT
Not After : Oct 26 04:28:19 2025 GMT
Subject: CN=68f468e3-658b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:fa:10:15:53:c5:ac:80:10:17:bb:82:76:68:
65:15:5b:25:f3:9f:f3:a9:86:78:1d:4d:32:7d:c2:
aa:a2:4f:ac:94:b7:84:88:1b:ab:1c:c9:d6:fd:5d:
3e:d9:21:90:39:11:98:a9:ca:c1:d0:16:1a:5f:b3:
80:da:64:80:21:79:e7:c1:92:21:32:04:51:dc:a5:
5c:52:53:6a:c1:bd:55:b4:dd:74:c3:fc:f4:f7:d5:
57:54:bc:de:fe:b1:33:53:74:88:b2:d9:ba:ff:04:
2c:8c:4e:78:6a:31:e6:be:9a:2b:72:b6:86:db:2a:
7d:33:a2:63:d9:8e:fd:e5:57:68:7f:2a:b2:e3:09:
dc:d5:0f:12:d3:1f:2a:ba:72:13:a1:89:d6:a5:04:
02:ea:66:3b:8a:2f:e3:e4:90:d5:c7:c3:c1:8c:33:
60:a5:03:8e:0e:b1:3d:9f:ba:bf:de:89:29:d3:38:
0f:fe:1d:44:70:fa:aa:bd:98:32:c6:aa:34:17:47:
8d:e6:3c:e2:18:22:3b:7a:0f:30:04:27:24:8f:74:
87:07:2a:b3:28:7e:e4:23:ea:d4:71:3a:e2:00:15:
07:01:a2:f1:be:a5:33:fe:35:2d:91:b4:4d:e7:c2:
ba:8c:dc:42:b8:30:ad:79:a9:02:02:5c:c6:0e:b5:
79:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:23:33:E3:94:8D:DC:D5:2D:05:E2:44:8A:BC:C3:3F:B9:DA:EB:6F
X509v3 Authority Key Identifier:
keyid:0A:16:1F:17:7A:F2:AC:8A:75:D4:1A:FE:47:AD:40:D2:AB:91:87:CA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918D0AA/365BCCEC7A3C11ED861B2933C4F9AE02/ChYfF3ryrIp11Br-R61A0quRh8o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ChYfF3ryrIp11Br-R61A0quRh8o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918D0AA/365BCCEC7A3C11ED861B2933C4F9AE02/ChYfF3ryrIp11Br-R61A0quRh8o.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
84:a5:12:e1:ff:b9:b2:23:99:ab:dc:99:2f:00:69:02:8e:85:
20:6c:48:2b:0a:b0:ad:77:05:c0:d9:18:72:11:72:4f:7f:c1:
59:ed:71:47:be:e4:b9:90:33:81:04:de:27:a8:7c:b0:86:1d:
49:db:b8:22:e2:36:49:01:0b:fc:ad:af:08:65:ea:a8:ed:7f:
53:44:f9:68:93:e5:aa:b0:e5:b9:1d:54:e3:90:3d:7a:24:83:
83:91:6c:21:a6:11:b1:05:b2:92:a2:2f:86:26:e9:70:a7:c0:
b1:42:20:09:19:fa:ec:00:40:03:f9:22:22:ca:e8:ec:0e:7a:
36:04:fc:4a:c4:21:23:b6:0e:fc:36:3b:14:ba:2f:63:65:bc:
7d:a0:1e:0c:bd:e6:3a:ab:59:68:f0:14:2b:49:82:89:da:ff:
35:9d:fe:40:03:c9:64:14:c8:9f:3a:a1:bf:ac:3e:98:ca:48:
29:66:23:ac:95:5a:c5:bd:bc:c3:4f:9d:23:4c:15:ae:33:55:
d6:aa:34:ec:9d:38:8c:aa:79:a6:a0:d8:c5:88:7d:25:1f:8d:
8c:b3:e9:d7:e9:2f:b6:c3:0e:6f:99:79:6a:63:b7:b0:d2:16:
6a:38:c9:dd:6e:dd:9e:ef:4d:4c:1e:5b:d6:7c:db:95:6c:bc:
96:e9:9b:b5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAiwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEQwQUExMTAvBgNVBAUTKDBBMTYxRjE3N0FGMkFDOEE3NUQ0MUFGRTQ3QUQ0MEQy
QUI5MTg3Q0EwHhcNMjUxMDE5MDQyODE5WhcNMjUxMDI2MDQyODE5WjAYMRYwFAYD
VQQDEw02OGY0NjhlMy02NThiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArfoQFVPFrIAQF7uCdmhlFVsl85/zqYZ4HU0yfcKqok+slLeEiBurHMnW/V0+
2SGQORGYqcrB0BYaX7OA2mSAIXnnwZIhMgRR3KVcUlNqwb1VtN10w/z099VXVLze
/rEzU3SIstm6/wQsjE54ajHmvporcraG2yp9M6Jj2Y795Vdofyqy4wnc1Q8S0x8q
unIToYnWpQQC6mY7ii/j5JDVx8PBjDNgpQOODrE9n7q/3okp0zgP/h1EcPqqvZgy
xqo0F0eN5jziGCI7eg8wBCckj3SHByqzKH7kI+rUcTriABUHAaLxvqUz/jUtkbRN
58K6jNxCuDCteakCAlzGDrV5cwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAAjM+OU
jdzVLQXiRIq8wz+52utvMB8GA1UdIwQYMBaAFAoWHxd68qyKddQa/ketQNKrkYfK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RDBBQS8zNjVCQ0NFQzdB
M0MxMUVEODYxQjI5MzNDNEY5QUUwMi9DaFlmRjNyeXJJcDExQnItUjYxQTBxdVJo
OG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NoWWZGM3J5cklwMTFCci1SNjFBMHF1Umg4by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
RDBBQS8zNjVCQ0NFQzdBM0MxMUVEODYxQjI5MzNDNEY5QUUwMi9DaFlmRjNyeXJJ
cDExQnItUjYxQTBxdVJoOG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCEpRLh/7myI5mr3JkvAGkCjoUgbEgrCrCtdwXA2RhyEXJPf8FZ7XFH
vuS5kDOBBN4nqHywhh1J27gi4jZJAQv8ra8IZeqo7X9TRPlok+WqsOW5HVTjkD16
JIODkWwhphGxBbKSoi+GJulwp8CxQiAJGfrsAEAD+SIiyujsDno2BPxKxCEjtg78
NjsUui9jZbx9oB4MveY6q1lo8BQrSYKJ2v81nf5AA8lkFMifOqG/rD6YykgpZiOs
lVrFvbzDT50jTBWuM1XWqjTsnTiMqnmmoNjFiH0lH42Ms+nX6S+2ww5vmXlqY7ew
0hZqOMndbt2e701MHlvWfNuVbLyW6Zu1
-----END CERTIFICATE-----
Generated at Mon Oct 20 19:12:57 2025 by rpki-client