
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E89CD/3C0D4A16B05511EAA045B80EC4F9AE02/zlgHMAQJCIdOtirydgUp51w9XGg.mft
File: zlgHMAQJCIdOtirydgUp51w9XGg.mft (raw, json)
Hash identifier: A2wjv9EjTwJ/C1cNpLUHlln1Z9A2E+utifJ5ro2Ja4s=
Subject key identifier: D8:EB:4A:14:48:EB:04:E4:BE:A6:21:EF:1B:E9:43:CF:44:8F:35:97
Authority key identifier: CE:58:07:30:04:09:08:87:4E:B6:2A:F2:76:05:29:E7:5C:3D:5C:68
Certificate issuer: /CN=A91E89CD/serialNumber=CE580730040908874EB62AF2760529E75C3D5C68
Certificate serial: 0931
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zlgHMAQJCIdOtirydgUp51w9XGg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E89CD/3C0D4A16B05511EAA045B80EC4F9AE02/zlgHMAQJCIdOtirydgUp51w9XGg.mft
Manifest number: 0922
Signing time: Sat 18 Oct 2025 21:21:16 +0000
Manifest this update: Sat 18 Oct 2025 21:21:16 +0000
Manifest next update: Sat 25 Oct 2025 21:21:16 +0000
Files and hashes: 1: zlgHMAQJCIdOtirydgUp51w9XGg.crl (hash: IMiEJfXPwsRvk9gvoFDo8xdMMz4kGUivuuGjxaB2x8I=)
2: 8698CD28A42211EB91621734C4F9AE02.roa (hash: liguL5yWelfphfIz9rHVaKh3TqmzzrhEVoBWguDMI9M=)
3: D3ECF4B8E61D11EBB92C167BC4F9AE02.roa (hash: /n6JoBCxKb39xofyDRMG1k20W82UdWlbULQ4CPVAgMo=)
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E89CD/3C0D4A16B05511EAA045B80EC4F9AE02/zlgHMAQJCIdOtirydgUp51w9XGg.crl
rsync://rpki.apnic.net/member_repository/A91E89CD/3C0D4A16B05511EAA045B80EC4F9AE02/zlgHMAQJCIdOtirydgUp51w9XGg.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zlgHMAQJCIdOtirydgUp51w9XGg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 Oct 2025 21:21:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2353 (0x931)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E89CD, serialNumber=CE580730040908874EB62AF2760529E75C3D5C68
Validity
Not Before: Oct 18 21:21:16 2025 GMT
Not After : Oct 25 21:21:16 2025 GMT
Subject: CN=68f404cc-e3d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:86:14:25:91:29:8f:5e:a0:1a:3a:e0:15:96:
52:6f:c0:c6:14:7b:1b:08:c6:ba:50:bb:b6:25:ea:
0e:10:7b:71:ac:e9:c2:9b:89:e9:dd:ea:ae:ac:c1:
b3:a0:99:33:2c:c6:79:5b:9e:6e:b0:a9:f5:8f:f7:
fc:ee:3e:82:a4:ec:15:b4:dc:72:9b:c5:ee:99:4f:
87:78:3c:ba:fe:a2:8f:16:5c:1c:77:a6:03:fc:62:
43:d8:d7:87:d6:e6:71:bc:39:a5:e8:96:09:94:4a:
3b:e5:60:bf:5d:69:9e:2e:50:6c:82:46:d0:d6:82:
76:d0:30:18:3c:08:5a:c7:e5:5c:79:bd:c3:db:06:
84:fc:83:2f:fb:a5:cd:44:4b:04:31:ae:51:22:73:
dd:2d:84:52:a2:77:bb:3f:4e:f3:e0:b4:3a:72:c9:
af:cf:99:bb:2c:80:27:be:24:d2:a7:93:d9:82:e4:
8f:80:7f:23:90:c9:44:42:80:30:82:52:47:91:06:
29:17:35:db:4d:a1:0c:ab:11:d6:6d:a2:f9:ed:a3:
1f:12:50:b4:cf:c2:0c:46:76:1d:7e:e4:89:f4:49:
01:46:4a:0a:97:01:39:9c:da:f1:d0:4f:23:85:a5:
1f:0b:83:b0:2c:ba:93:60:e7:8d:86:78:65:f9:ae:
50:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:EB:4A:14:48:EB:04:E4:BE:A6:21:EF:1B:E9:43:CF:44:8F:35:97
X509v3 Authority Key Identifier:
keyid:CE:58:07:30:04:09:08:87:4E:B6:2A:F2:76:05:29:E7:5C:3D:5C:68
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E89CD/3C0D4A16B05511EAA045B80EC4F9AE02/zlgHMAQJCIdOtirydgUp51w9XGg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zlgHMAQJCIdOtirydgUp51w9XGg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E89CD/3C0D4A16B05511EAA045B80EC4F9AE02/zlgHMAQJCIdOtirydgUp51w9XGg.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
4e:78:82:bb:34:23:92:b7:17:94:ff:ac:6c:f4:b3:bf:6b:b9:
3f:31:04:ea:45:bf:1e:dd:3c:d6:3e:8c:59:3b:a2:c9:1e:f9:
d5:77:0b:c8:dc:9a:b0:5c:0c:6b:89:a8:cd:5a:dc:5d:d2:9e:
74:5d:0f:e8:29:a0:29:4e:29:0f:17:b3:1c:4b:fa:b5:c8:39:
6b:20:59:64:e5:81:6b:eb:06:3d:d5:0c:e5:c5:26:a8:be:84:
1f:5a:02:2a:ff:cb:2d:69:4d:e6:2b:ca:2e:77:c3:c1:b6:b3:
f1:b3:fc:40:63:8c:01:b6:39:34:7a:47:7a:6c:51:8f:61:cf:
53:c5:5b:3d:1d:fb:ec:16:fb:81:1c:8c:7d:86:c3:46:11:84:
de:e4:91:1b:4e:4b:bf:1b:46:9d:0f:1d:b0:56:49:06:81:a4:
cf:29:e8:24:08:e1:7c:5e:72:b6:7b:73:ef:8b:5d:db:2b:fd:
6b:94:44:00:20:4d:61:b4:07:4e:3f:fd:71:c5:5a:ac:3c:df:
09:49:24:d4:ac:b9:d7:f3:c8:8f:c8:af:96:82:80:ef:51:10:
28:ca:8c:c3:c3:f9:7d:27:82:1f:ff:a5:15:8a:04:bd:53:6d:
20:16:26:16:a8:b8:18:7c:d7:f4:5d:08:6e:62:55:50:ac:4e:
03:97:d8:72
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCTEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTg5Q0QxMTAvBgNVBAUTKENFNTgwNzMwMDQwOTA4ODc0RUI2MkFGMjc2MDUyOUU3
NUMzRDVDNjgwHhcNMjUxMDE4MjEyMTE2WhcNMjUxMDI1MjEyMTE2WjAYMRYwFAYD
VQQDEw02OGY0MDRjYy1lM2Q5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAp4YUJZEpj16gGjrgFZZSb8DGFHsbCMa6ULu2JeoOEHtxrOnCm4np3equrMGz
oJkzLMZ5W55usKn1j/f87j6CpOwVtNxym8XumU+HeDy6/qKPFlwcd6YD/GJD2NeH
1uZxvDml6JYJlEo75WC/XWmeLlBsgkbQ1oJ20DAYPAhax+Vceb3D2waE/IMv+6XN
REsEMa5RInPdLYRSone7P07z4LQ6csmvz5m7LIAnviTSp5PZguSPgH8jkMlEQoAw
glJHkQYpFzXbTaEMqxHWbaL57aMfElC0z8IMRnYdfuSJ9EkBRkoKlwE5nNrx0E8j
haUfC4OwLLqTYOeNhnhl+a5QEQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNjrShRI
6wTkvqYh7xvpQ89EjzWXMB8GA1UdIwQYMBaAFM5YBzAECQiHTrYq8nYFKedcPVxo
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFODlDRC8zQzBENEExNkIw
NTUxMUVBQTA0NUI4MEVDNEY5QUUwMi96bGdITUFRSkNJZE90aXJ5ZGdVcDUxdzlY
R2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3psZ0hNQVFKQ0lkT3RpcnlkZ1VwNTF3OVhHZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
ODlDRC8zQzBENEExNkIwNTUxMUVBQTA0NUI4MEVDNEY5QUUwMi96bGdITUFRSkNJ
ZE90aXJ5ZGdVcDUxdzlYR2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBOeIK7NCOStxeU/6xs9LO/a7k/MQTqRb8e3TzWPoxZO6LJHvnVdwvI
3JqwXAxriajNWtxd0p50XQ/oKaApTikPF7McS/q1yDlrIFlk5YFr6wY91QzlxSao
voQfWgIq/8staU3mK8oud8PBtrPxs/xAY4wBtjk0ekd6bFGPYc9TxVs9HfvsFvuB
HIx9hsNGEYTe5JEbTku/G0adDx2wVkkGgaTPKegkCOF8XnK2e3Pvi13bK/1rlEQA
IE1htAdOP/1xxVqsPN8JSSTUrLnX88iPyK+WgoDvURAoyozDw/l9J4If/6UVigS9
U20gFiYWqLgYfNf0XQhuYlVQrE4Dl9hy
-----END CERTIFICATE-----
Generated at Mon Oct 20 20:56:26 2025 by rpki-client