Manifest
$ rpki-client -vvf rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
File: C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft (raw, json)
Hash identifier: Co6UkpdU6z+O5f0nO/+8/gF2uI7GWlpmVszGQD0EgU4=
Subject key identifier: 0E:A6:1A:3A:D0:8E:B3:87:D8:F3:6A:13:73:A7:71:79:DF:E6:8C:E7
Authority key identifier: 0B:9C:CA:90:DD:0D:7A:8A:37:66:6B:19:21:7F:E0:D8:40:37:B7:A2
Certificate issuer: /CN=apnic-rpki-root-iana-origin
Certificate serial: 0105
Authority info access: rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Subject info access: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
Manifest number: CF
Signing time: Mon 07 Jul 2025 05:57:39 +0000
Manifest this update: Mon 07 Jul 2025 05:57:38 +0000
Manifest next update: Thu 14 Aug 2025 05:57:38 +0000
Files and hashes: 1: C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl (hash: 2X9m8RQZfeoRhPe66LaubHnfzpKJTh2KUfvM/bJRHjg=)
2: mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer (hash: Gp4osGE4UQ9LkF7mLZIVmTaSgfEvlpp2XSQvK1Ebkj0=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 Aug 2025 05:57:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 261 (0x105)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=apnic-rpki-root-iana-origin
Validity
Not Before: Jul 7 05:57:38 2025 GMT
Not After : Aug 14 05:57:38 2025 GMT
Subject: CN=686b61d2-8a41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:4f:34:b6:37:68:1f:7b:6b:23:47:34:98:7b:
4a:6a:ee:83:32:fd:e5:ef:0c:66:0c:35:ba:de:79:
7a:76:ad:d0:bb:99:e1:c2:ce:58:39:9e:65:b3:cc:
ff:98:c7:a7:7c:5f:d2:e9:0a:91:eb:f2:1e:bc:14:
ff:f7:fc:04:88:3d:8f:45:f2:78:a4:d2:83:5e:78:
ff:7a:16:0a:43:d0:8c:ef:63:17:11:a7:62:90:17:
66:3a:ed:59:32:22:38:47:73:7d:4e:52:80:bb:55:
51:5b:af:67:25:2a:77:df:d6:81:b2:09:c0:2d:89:
2d:3d:c2:d2:02:83:06:3a:16:d7:49:74:1b:77:b3:
ef:4f:67:70:90:f6:24:28:59:de:cf:9a:7a:c0:69:
ba:db:29:97:a3:8b:2b:fe:6a:4f:e4:1b:91:5f:8b:
b8:2e:43:08:e7:d0:ee:79:a3:bb:47:d7:63:11:6c:
83:53:6e:cc:69:78:15:74:fd:05:3f:16:a9:d6:c5:
a8:ca:5e:cd:3c:bb:78:b5:15:e8:fe:6f:64:eb:c1:
74:a7:92:4c:d7:46:4a:74:79:42:a5:df:3d:ce:0e:
22:44:38:71:2b:b9:70:ed:a7:cc:8d:3a:2a:d5:54:
dc:5a:b0:07:4a:77:c0:fa:7c:49:dc:76:dd:84:24:
70:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:A6:1A:3A:D0:8E:B3:87:D8:F3:6A:13:73:A7:71:79:DF:E6:8C:E7
X509v3 Authority Key Identifier:
keyid:0B:9C:CA:90:DD:0D:7A:8A:37:66:6B:19:21:7F:E0:D8:40:37:B7:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
8a:75:53:ce:b6:f6:42:9a:5b:31:aa:0e:f2:68:82:63:e8:89:
eb:e8:f7:a7:04:73:66:82:c4:2f:52:d6:97:46:05:da:d7:62:
02:79:45:86:76:bd:8b:a6:cf:a4:c5:31:c7:f7:06:e1:54:54:
39:58:4a:03:a7:2e:e3:41:c6:71:d5:87:ca:72:ca:ee:66:6b:
fc:26:4e:a0:3c:2a:73:08:ca:ec:ed:ce:8c:90:93:b3:60:4f:
ac:24:5a:30:d4:01:b7:45:1b:6d:c4:84:43:61:7d:34:7d:8b:
8d:b1:b5:3f:ef:b0:3a:30:0a:8c:22:bc:7f:9b:d7:a2:fe:6d:
49:bc:9b:19:68:99:b9:a8:b4:24:cd:3e:a6:9d:f8:9f:17:13:
e5:70:67:99:a1:d6:fb:1b:c3:d4:16:82:a1:f9:f3:7c:eb:a4:
49:b0:e3:86:55:00:e5:de:91:35:8b:52:02:18:40:0f:1a:0c:
33:a2:d9:e5:73:05:c4:e3:47:21:0b:7a:7a:db:3e:44:b1:b5:
0f:44:93:cf:69:44:b3:08:80:d9:3d:98:3b:2d:68:e6:e6:bc:
fc:12:d7:95:b9:10:4b:28:55:85:58:ff:e3:6d:02:da:de:84:
7b:0d:65:4a:1a:50:1f:2f:ce:31:95:69:04:19:1f:c7:05:e6:
61:ab:04:f8
-----BEGIN CERTIFICATE-----
MIIE6jCCA9KgAwIBAgICAQUwDQYJKoZIhvcNAQELBQAwJjEkMCIGA1UEAxMbYXBu
aWMtcnBraS1yb290LWlhbmEtb3JpZ2luMB4XDTI1MDcwNzA1NTczOFoXDTI1MDgx
NDA1NTczOFowGDEWMBQGA1UEAxMNNjg2YjYxZDItOGE0MTCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAK5PNLY3aB97ayNHNJh7SmrugzL95e8MZgw1ut55
enat0LuZ4cLOWDmeZbPM/5jHp3xf0ukKkevyHrwU//f8BIg9j0XyeKTSg154/3oW
CkPQjO9jFxGnYpAXZjrtWTIiOEdzfU5SgLtVUVuvZyUqd9/WgbIJwC2JLT3C0gKD
BjoW10l0G3ez709ncJD2JChZ3s+aesBputspl6OLK/5qT+QbkV+LuC5DCOfQ7nmj
u0fXYxFsg1NuzGl4FXT9BT8WqdbFqMpezTy7eLUV6P5vZOvBdKeSTNdGSnR5QqXf
Pc4OIkQ4cSu5cO2nzI06KtVU3FqwB0p3wPp8Sdx23YQkcIECAwEAAaOCAi4wggIq
MB0GA1UdDgQWBBQOpho60I6zh9jzahNzp3F53+aM5zAfBgNVHSMEGDAWgBQLnMqQ
3Q16ijdmaxkhf+DYQDe3ojAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5LzgzOERCMjE0MTY2
NTExRTJCM0JDMjg2MTcyRkQxRkYyL0M1ektrTjBOZW9vM1ptc1pJWF9nMkVBM3Q2
SS5jcmwwXQYIKwYBBQUHAQEEUTBPME0GCCsGAQUFBzAChkFyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvYXBuaWMtcnBraS1yb290LWlhbmEtb3JpZ2lu
LmNlcjBKBgNVHSABAf8EQDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0
dHBzOi8vd3d3LmFwbmljLm5ldC9SUEtJL0NQUy5wZGYwfgYIKwYBBQUHAQsEcjBw
MG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkv
ODM4REIyMTQxNjY1MTFFMkIzQkMyODYxNzJGRDFGRjIvQzV6S2tOME5lb28zWm1z
WklYX2cyRUEzdDZJLm1mdDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEGCCsGAQUF
BwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQADggEBAIp1
U8629kKaWzGqDvJogmPoievo96cEc2aCxC9S1pdGBdrXYgJ5RYZ2vYumz6TFMcf3
BuFUVDlYSgOnLuNBxnHVh8pyyu5ma/wmTqA8KnMIyuztzoyQk7NgT6wkWjDUAbdF
G23EhENhfTR9i42xtT/vsDowCowivH+b16L+bUm8mxlombmotCTNPqad+J8XE+Vw
Z5mh1vsbw9QWgqH583zrpEmw44ZVAOXekTWLUgIYQA8aDDOi2eVzBcTjRyELenrb
PkSxtQ9Ek89pRLMIgNk9mDstaObmvPwS15W5EEsoVYVY/+NtAtrehHsNZUoaUB8v
zjGVaQQZH8cF5mGrBPg=
-----END CERTIFICATE-----
Generated at Mon Aug 4 03:59:26 2025 by rpki-client