Manifest
$ rpki-client -vvf rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
File: C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft (raw, json)
Hash identifier: fmqeHw43NzigufIQ8+dPb8r0T71G+tMiu1oZ7NtF/KU=
Subject key identifier: C6:66:CC:21:F4:E2:41:C5:B1:CB:B0:5D:1B:BC:BF:6C:B6:0E:18:F6
Authority key identifier: 0B:9C:CA:90:DD:0D:7A:8A:37:66:6B:19:21:7F:E0:D8:40:37:B7:A2
Certificate issuer: /CN=apnic-rpki-root-iana-origin
Certificate serial: 0116
Authority info access: rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Subject info access: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
Manifest number: DB
Signing time: Thu 26 Feb 2026 23:18:11 +0000
Manifest this update: Thu 26 Feb 2026 23:18:10 +0000
Manifest next update: Sun 05 Apr 2026 23:18:10 +0000
Files and hashes: 1: C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl (hash: VgSdwmAlvZuQSsqx2eIh1wXHuTdRCQ24773HM+v+qmw=)
2: mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer (hash: fiDZDvdfq6DVLcKlILUGaJIk1RP+bzpIIYUKpuUhjAc=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 05 Apr 2026 23:18:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 278 (0x116)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=apnic-rpki-root-iana-origin
Validity
Not Before: Feb 26 23:18:10 2026 GMT
Not After : Apr 5 23:18:10 2026 GMT
Subject: CN=69a0d4b2-5ad3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ad:f1:fc:53:be:04:4a:09:bc:59:84:3d:a0:
20:c5:24:50:c2:9c:9a:d0:64:43:69:c6:b8:cb:fd:
45:fe:a9:9d:0f:13:8f:c8:30:d2:61:40:e0:fe:e2:
e5:1a:21:af:46:d9:49:f1:dd:b9:72:4f:9c:86:c5:
0b:c1:b6:f5:37:72:c8:4a:08:26:22:a4:e0:6c:60:
4b:b4:c5:1c:74:47:36:62:91:c3:a6:26:a2:88:ac:
68:67:b3:f6:2b:b3:a2:7e:5a:1a:14:3a:d5:93:59:
15:ad:5b:4d:1b:9c:e8:28:2c:c7:e8:f2:de:de:c1:
e0:ff:eb:d2:6f:cf:2c:8a:54:aa:7c:e6:7c:8b:b1:
2b:3a:4c:23:e3:e8:9e:a0:b7:d4:91:0a:8d:a2:3d:
0d:08:83:9e:f6:2b:c3:bc:02:40:cf:99:7f:f2:ad:
69:2d:21:8d:87:0a:03:2e:10:c6:5e:20:e4:5a:8c:
50:f5:89:b9:df:fc:86:0d:3a:8f:38:9a:29:50:93:
70:84:24:45:5b:cf:3f:fe:4a:93:04:db:9f:65:93:
a2:95:9d:21:41:e2:f3:c8:08:39:ad:45:a9:d6:cd:
4b:d0:17:a0:2a:eb:ce:6b:94:0b:33:1c:cc:c7:5d:
02:a4:3c:fd:7c:ee:61:ee:a8:8e:4c:66:e3:d9:99:
b4:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:66:CC:21:F4:E2:41:C5:B1:CB:B0:5D:1B:BC:BF:6C:B6:0E:18:F6
X509v3 Authority Key Identifier:
keyid:0B:9C:CA:90:DD:0D:7A:8A:37:66:6B:19:21:7F:E0:D8:40:37:B7:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
c5:e9:d9:5f:02:c6:a0:db:ca:af:c1:05:1e:21:a2:d5:53:b2:
dc:dc:a2:09:2b:b3:f7:c2:3d:05:0c:70:81:c8:9c:16:ce:fb:
5e:9f:99:e1:57:f1:f5:25:18:24:d0:91:97:76:e2:2f:e3:1b:
9f:77:f4:23:84:25:21:60:57:46:b6:f6:58:49:dc:93:74:11:
ac:3f:17:15:28:84:50:3b:77:a5:37:db:0f:87:ff:50:f3:c1:
b5:35:d5:95:c7:47:1c:76:38:07:35:32:c6:45:3a:df:43:7c:
80:62:d8:62:3e:39:cb:2c:f9:bc:71:88:ef:bb:43:d0:a6:fb:
a6:b4:44:94:f7:0a:06:9f:f3:25:6c:2f:89:f7:73:3c:5a:1d:
3d:b5:ff:5f:58:de:e0:2a:2a:d4:be:7e:f9:6a:94:1a:23:06:
84:9c:e8:57:26:be:7e:23:3b:5a:70:94:33:16:e4:d0:1f:03:
63:06:05:f2:41:6b:cf:56:bc:83:2c:9f:fe:c3:5c:8e:10:67:
1e:06:c5:96:84:e5:ae:52:9e:14:ac:fe:8b:2a:ff:96:67:bb:
85:a8:6f:ad:9a:6d:c7:6f:16:e8:34:72:2d:e0:b8:c5:26:c5:
1c:d2:05:9e:b7:20:28:44:e1:c4:61:a1:97:de:61:7d:d5:55:
6e:70:25:4d
-----BEGIN CERTIFICATE-----
MIIE6jCCA9KgAwIBAgICARYwDQYJKoZIhvcNAQELBQAwJjEkMCIGA1UEAxMbYXBu
aWMtcnBraS1yb290LWlhbmEtb3JpZ2luMB4XDTI2MDIyNjIzMTgxMFoXDTI2MDQw
NTIzMTgxMFowGDEWMBQGA1UEAxMNNjlhMGQ0YjItNWFkMzCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAMSt8fxTvgRKCbxZhD2gIMUkUMKcmtBkQ2nGuMv9
Rf6pnQ8Tj8gw0mFA4P7i5Rohr0bZSfHduXJPnIbFC8G29TdyyEoIJiKk4GxgS7TF
HHRHNmKRw6YmooisaGez9iuzon5aGhQ61ZNZFa1bTRuc6Cgsx+jy3t7B4P/r0m/P
LIpUqnzmfIuxKzpMI+PonqC31JEKjaI9DQiDnvYrw7wCQM+Zf/KtaS0hjYcKAy4Q
xl4g5FqMUPWJud/8hg06jziaKVCTcIQkRVvPP/5KkwTbn2WTopWdIUHi88gIOa1F
qdbNS9AXoCrrzmuUCzMczMddAqQ8/XzuYe6ojkxm49mZtCsCAwEAAaOCAi4wggIq
MB0GA1UdDgQWBBTGZswh9OJBxbHLsF0bvL9stg4Y9jAfBgNVHSMEGDAWgBQLnMqQ
3Q16ijdmaxkhf+DYQDe3ojAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5LzgzOERCMjE0MTY2
NTExRTJCM0JDMjg2MTcyRkQxRkYyL0M1ektrTjBOZW9vM1ptc1pJWF9nMkVBM3Q2
SS5jcmwwXQYIKwYBBQUHAQEEUTBPME0GCCsGAQUFBzAChkFyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvYXBuaWMtcnBraS1yb290LWlhbmEtb3JpZ2lu
LmNlcjBKBgNVHSABAf8EQDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0
dHBzOi8vd3d3LmFwbmljLm5ldC9SUEtJL0NQUy5wZGYwfgYIKwYBBQUHAQsEcjBw
MG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkv
ODM4REIyMTQxNjY1MTFFMkIzQkMyODYxNzJGRDFGRjIvQzV6S2tOME5lb28zWm1z
WklYX2cyRUEzdDZJLm1mdDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEGCCsGAQUF
BwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQADggEBAMXp
2V8CxqDbyq/BBR4hotVTstzcogkrs/fCPQUMcIHInBbO+16fmeFX8fUlGCTQkZd2
4i/jG5939COEJSFgV0a29lhJ3JN0Eaw/FxUohFA7d6U32w+H/1DzwbU11ZXHRxx2
OAc1MsZFOt9DfIBi2GI+Ocss+bxxiO+7Q9Cm+6a0RJT3Cgaf8yVsL4n3czxaHT21
/19Y3uAqKtS+fvlqlBojBoSc6Fcmvn4jO1pwlDMW5NAfA2MGBfJBa89WvIMsn/7D
XI4QZx4GxZaE5a5SnhSs/osq/5Znu4Wob62abcdvFug0ci3guMUmxRzSBZ63IChE
4cRhoZfeYX3VVW5wJU0=
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:07:00 2026 by rpki-client