
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft
File: KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft (raw, json)
Hash identifier: d3Xlt5UzN8wjKA9WD335StFIelBoK2efR+UjSwd0tMA=
Subject key identifier: 8C:9A:EF:36:FD:BF:9D:56:C7:AB:0D:C2:3D:20:AF:93:C7:7D:49:FB
Authority key identifier: 28:E6:70:C2:E3:70:12:F0:5C:63:BB:56:6E:20:3C:51:DC:45:E2:B2
Certificate issuer: /CN=A91E868C/serialNumber=28E670C2E37012F05C63BB566E203C51DC45E2B2
Certificate serial: 0EEC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft
Manifest number: 0E9C
Signing time: Mon 20 Oct 2025 18:16:15 +0000
Manifest this update: Mon 20 Oct 2025 18:16:15 +0000
Manifest next update: Mon 27 Oct 2025 18:16:15 +0000
Files and hashes: 1: KOZwwuNwEvBcY7tWbiA8UdxF4rI.crl (hash: i78NiO39l7iAJbksBAJpxZbBGhc8iw1wRqWu8/5PLLI=)
2: 433917A83D8211EEA0E4DD46C4F9AE02.roa (hash: h1piDIbFbu2D+AHr+FNeuVa8V0LAf8dUKVxZfkw96aI=)
3: 5915642864AB11EEBFD54F2EC4F9AE02.roa (hash: wbUo+m2N2pVjNOlqoJ9Ve/RDUUkR0+GFezmtrgOfh+0=)
4: 40BA3F5C3D8211EEA0E4DD46C4F9AE02.roa (hash: DsQ8k2r18shy7gg+hUBL2SO8HUEFyNSKHtxB+WEbNG4=)
5: 41A09C683D8211EEA0E4DD46C4F9AE02.roa (hash: hPUFimj9BE3+BwwQ7RyTBe4Kb4UDlyO5v1n1M99BRDE=)
6: DED77BB2FA2F11EF98728875C4F9AE02.roa (hash: uul2CdaEoquPtSKMLPmrjkbQbRp1WUkF6rtkLx9zg64=)
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.crl
rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 27 Oct 2025 18:16:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3820 (0xeec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E868C, serialNumber=28E670C2E37012F05C63BB566E203C51DC45E2B2
Validity
Not Before: Oct 20 18:16:15 2025 GMT
Not After : Oct 27 18:16:15 2025 GMT
Subject: CN=68f67c6f-d420
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:97:80:7a:c7:f7:3c:fb:74:b3:59:22:2c:bc:
c1:cb:93:e8:82:37:74:86:68:3f:af:62:f8:ce:8a:
08:95:cc:a3:de:8f:96:ab:a7:58:c1:df:0e:12:6a:
ae:11:89:95:f8:1e:a8:6a:16:b4:a0:c4:86:07:9d:
89:ce:59:0a:c6:e3:d9:58:a9:60:d7:9d:d4:08:d2:
0a:6c:71:77:f8:e5:0f:69:3e:fd:25:89:f2:d5:fe:
d6:1d:9f:e2:5b:a7:a6:64:63:dd:b3:53:2c:bb:49:
48:92:30:fb:5f:d6:41:d2:3f:cf:2a:55:20:09:4b:
a4:ba:1b:c9:5f:4b:7a:ea:63:66:00:ee:51:a0:68:
d4:a1:0f:af:02:3b:17:e8:b3:2c:2b:38:d5:75:65:
7c:0b:db:51:57:8c:4b:9f:44:ab:7a:03:24:75:e4:
02:c5:6e:c4:45:4d:1d:46:1a:2c:8a:32:6b:ab:5e:
6c:41:a3:54:13:da:b3:15:98:05:db:4b:58:70:c0:
0e:06:28:79:dd:df:91:fd:12:df:b7:2a:61:be:29:
b0:01:d4:2d:cc:b8:53:5a:dc:c3:da:21:3e:ef:ee:
da:64:db:0a:a1:9e:93:4d:6b:9a:e0:40:d9:f4:f9:
53:36:f4:21:03:ba:2e:89:01:86:ce:90:48:eb:0f:
09:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:9A:EF:36:FD:BF:9D:56:C7:AB:0D:C2:3D:20:AF:93:C7:7D:49:FB
X509v3 Authority Key Identifier:
keyid:28:E6:70:C2:E3:70:12:F0:5C:63:BB:56:6E:20:3C:51:DC:45:E2:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
5a:b9:6c:f3:62:82:10:a3:e3:61:0b:17:20:e7:2a:c7:85:89:
37:ee:05:54:1c:01:56:f1:95:8a:5a:b6:fe:e8:12:af:fe:99:
29:b1:6c:1c:da:a2:44:fe:75:12:ab:98:37:ec:87:28:4b:27:
b1:f1:9b:b0:e3:97:e0:10:98:5b:3a:1a:c0:93:dd:ca:a9:0a:
e6:36:02:42:5f:e7:5f:d9:8f:ab:51:f7:e2:a5:26:47:ce:be:
41:c5:8e:90:33:40:c3:b9:71:5e:ec:60:f4:fc:fb:64:a1:26:
88:e9:f9:27:c1:63:79:5d:93:30:8a:4c:4e:56:b9:4f:88:67:
c0:0b:b5:90:63:3e:80:c3:7d:54:ec:b2:94:23:e2:64:f5:86:
43:0c:30:76:ad:5d:25:67:ef:0a:1e:c5:a9:98:c2:7b:74:c5:
30:ce:96:6c:9e:cf:b9:44:a0:5b:5d:ae:77:aa:9d:b0:16:c0:
fe:06:8d:b6:99:03:99:e6:e2:a4:db:e4:69:1b:52:2f:a0:16:
6a:f9:14:cc:ed:da:fc:53:65:e2:d3:91:86:c4:13:6f:96:7e:
02:7c:37:f2:fc:c1:26:a3:0a:3d:95:a8:92:96:5b:f7:19:27:
01:04:99:c0:5a:a2:b2:bb:6f:e0:36:df:67:c0:86:ac:40:95:
5b:15:2c:c4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICDuwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTg2OEMxMTAvBgNVBAUTKDI4RTY3MEMyRTM3MDEyRjA1QzYzQkI1NjZFMjAzQzUx
REM0NUUyQjIwHhcNMjUxMDIwMTgxNjE1WhcNMjUxMDI3MTgxNjE1WjAYMRYwFAYD
VQQDEw02OGY2N2M2Zi1kNDIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuJeAesf3PPt0s1kiLLzBy5Pogjd0hmg/r2L4zooIlcyj3o+Wq6dYwd8OEmqu
EYmV+B6oaha0oMSGB52JzlkKxuPZWKlg153UCNIKbHF3+OUPaT79JYny1f7WHZ/i
W6emZGPds1Msu0lIkjD7X9ZB0j/PKlUgCUukuhvJX0t66mNmAO5RoGjUoQ+vAjsX
6LMsKzjVdWV8C9tRV4xLn0SregMkdeQCxW7ERU0dRhosijJrq15sQaNUE9qzFZgF
20tYcMAOBih53d+R/RLftyphvimwAdQtzLhTWtzD2iE+7+7aZNsKoZ6TTWua4EDZ
9PlTNvQhA7ouiQGGzpBI6w8JAwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIya7zb9
v51Wx6sNwj0gr5PHfUn7MB8GA1UdIwQYMBaAFCjmcMLjcBLwXGO7Vm4gPFHcReKy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFODY4Qy8zRkI5MzM2OEE5
REIxMUU5ODQyODUyODZDNEY5QUUwMi9LT1p3d3VOd0V2QmNZN3RXYmlBOFVkeEY0
ckkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tPWnd3dU53RXZCY1k3dFdiaUE4VWR4RjRySS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
ODY4Qy8zRkI5MzM2OEE5REIxMUU5ODQyODUyODZDNEY5QUUwMi9LT1p3d3VOd0V2
QmNZN3RXYmlBOFVkeEY0ckkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBauWzzYoIQo+NhCxcg5yrHhYk37gVUHAFW8ZWKWrb+6BKv/pkpsWwc
2qJE/nUSq5g37IcoSyex8Zuw45fgEJhbOhrAk93KqQrmNgJCX+df2Y+rUffipSZH
zr5BxY6QM0DDuXFe7GD0/PtkoSaI6fknwWN5XZMwikxOVrlPiGfAC7WQYz6Aw31U
7LKUI+Jk9YZDDDB2rV0lZ+8KHsWpmMJ7dMUwzpZsns+5RKBbXa53qp2wFsD+Bo22
mQOZ5uKk2+RpG1IvoBZq+RTM7dr8U2Xi05GGxBNvln4CfDfy/MEmowo9laiSllv3
GScBBJnAWqKyu2/gNt9nwIasQJVbFSzE
-----END CERTIFICATE-----
Generated at Mon Oct 20 21:01:26 2025 by rpki-client