Manifest
$ rpki-client -vvf rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
File: mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft (raw, json)
Hash identifier: Cem8IHL5FBXgiuk1CUgMpbhW0quI9adiAhZ9YUB1KQ4=
Subject key identifier: 01:63:EA:7E:C6:85:5B:1D:D6:86:F8:54:82:C4:D9:86:48:97:0D:45
Authority key identifier: 98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
Certificate issuer: /CN=apnic-rpki-root-intermediate/serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
Certificate serial: 0395
Authority info access: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
Subject info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
Manifest number: 01C5
Signing time: Mon 21 Apr 2025 22:40:05 +0000
Manifest this update: Mon 21 Apr 2025 22:40:05 +0000
Manifest next update: Wed 28 May 2025 22:40:05 +0000
Files and hashes: 1: mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl (hash: xPGpGLVkdDpI6Pm83C1Aq+gMvtWpgS3tDTSIw8Qiz78=)
2: DmWk9f02tb1o6zySNAiXjJB6p58.cer (hash: f5O/J7LFGu/Ot9Z0LkMmyXiBH0SnxZeSKXYT5wQmDj8=)
3: dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer (hash: 23vZ5Sm/XNTMqIhP+Z1bqmMoLduRndwV0y0uJQNBRcA=)
4: NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer (hash: x4mFJOMmynkwTyJAqeOPLl/8JsviT9ztJe/+Vjo6VFw=)
5: DPzneFf88B852ZpitKpi5hWedvg.cer (hash: /MHS3Sit3L4L/hosPfsdjiBL9WFnsioWd9nUWmUkMwI=)
6: lqhe9LjK9dTDWhV_ThJe5JS6-Tk.cer (hash: /2yzJwAtTJqt8ivA3yv6yDv5Ialu5ubqlmHKX9paiSo=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 13 May 2025 23:16:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 917 (0x395)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=apnic-rpki-root-intermediate, serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
Validity
Not Before: Apr 21 22:40:05 2025 GMT
Not After : May 28 22:40:05 2025 GMT
Subject: CN=6806c945-8f65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:36:b5:e6:70:3d:8c:cb:dd:88:b3:a1:9a:67:
98:28:80:15:c1:28:93:b3:42:b5:24:ed:82:83:4b:
12:74:eb:3a:75:2b:0e:d3:61:b4:cb:07:5d:32:5f:
d1:96:72:c5:bf:f2:47:04:41:2e:0b:b0:74:80:a4:
92:54:51:51:57:bd:af:c5:59:60:9d:8d:5a:5f:83:
ce:01:da:5f:c9:8c:07:24:98:64:61:78:ed:22:f4:
8a:d3:4f:28:11:7a:2f:d4:c7:d1:ab:33:65:e5:01:
78:63:91:16:f4:1e:ab:28:f3:76:85:84:20:e8:19:
a4:44:e6:51:bf:f9:a7:88:bd:6f:71:3b:1c:91:39:
25:93:c5:84:da:a7:d8:24:70:96:8e:b6:43:3f:3f:
5c:71:83:28:66:ca:39:4d:c8:6a:35:3d:51:69:5c:
ba:fc:b1:fe:bf:2a:8e:0a:f6:62:39:4c:f3:d0:11:
96:6d:76:60:24:fb:b9:6a:e0:9b:03:18:f2:43:11:
05:38:19:bc:af:bd:8a:1b:54:cc:65:11:b8:a3:1a:
eb:3c:48:b7:f2:e0:76:d9:94:60:6b:07:8f:55:72:
18:da:53:af:33:30:f5:97:f7:8c:64:13:b2:50:2a:
0c:63:98:d8:98:93:06:33:53:da:37:da:49:2e:aa:
10:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:63:EA:7E:C6:85:5B:1D:D6:86:F8:54:82:C4:D9:86:48:97:0D:45
X509v3 Authority Key Identifier:
keyid:98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
c5:61:21:73:55:95:e1:70:15:e2:cb:34:54:ff:aa:28:65:16:
3a:19:a7:83:25:94:49:0b:b9:36:b2:22:cd:9a:43:a0:9a:3e:
70:f5:0f:11:65:4e:1c:51:39:63:ff:48:72:14:15:08:6d:b1:
93:54:dd:4e:83:b1:4f:e4:67:ab:7f:d3:b7:8b:38:98:0a:63:
94:ff:6e:34:fc:0d:ed:3a:49:79:08:29:5f:55:b7:68:75:6f:
d9:5f:3e:68:e7:1e:dc:70:c9:31:94:aa:5e:65:4b:01:01:a6:
bf:02:0d:42:c9:c4:d1:fe:50:15:a9:da:78:d1:52:f3:f0:23:
60:b0:22:2c:09:52:7c:7e:94:df:d5:ca:c8:3c:f6:35:59:38:
84:2a:62:b0:e8:15:49:0f:7d:ac:82:08:61:0e:1f:75:42:98:
bf:67:a4:96:95:6c:eb:e1:0e:8c:25:0c:4e:0d:8a:f8:3a:23:
8b:cf:a1:2a:f9:d8:7a:58:b6:8c:a1:a3:a5:5a:79:4d:4f:be:
e7:3d:27:d5:a4:76:cd:0d:96:4d:14:b3:b8:4f:f9:37:4d:44:
f1:31:02:06:26:0a:4d:7f:d2:b9:4d:2f:2a:e2:40:ad:2c:c6:
ac:7a:d2:70:3d:24:11:b9:0c:85:04:c1:f5:e3:e0:bc:a4:0a:
47:41:6b:bb
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgICA5UwDQYJKoZIhvcNAQELBQAwWjElMCMGA1UEAxMcYXBu
aWMtcnBraS1yb290LWludGVybWVkaWF0ZTExMC8GA1UEBRMoOTgxNDJDOUQwQjQx
QTNCOUZCNjAzRDc2OTg0ODIzNkZEMUYzMTkyNDAeFw0yNTA0MjEyMjQwMDVaFw0y
NTA1MjgyMjQwMDVaMBgxFjAUBgNVBAMTDTY4MDZjOTQ1LThmNjUwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaNrXmcD2My92Is6GaZ5gogBXBKJOzQrUk
7YKDSxJ06zp1Kw7TYbTLB10yX9GWcsW/8kcEQS4LsHSApJJUUVFXva/FWWCdjVpf
g84B2l/JjAckmGRheO0i9IrTTygRei/Ux9GrM2XlAXhjkRb0Hqso83aFhCDoGaRE
5lG/+aeIvW9xOxyROSWTxYTap9gkcJaOtkM/P1xxgyhmyjlNyGo1PVFpXLr8sf6/
Ko4K9mI5TPPQEZZtdmAk+7lq4JsDGPJDEQU4GbyvvYobVMxlEbijGus8SLfy4HbZ
lGBrB49VchjaU68zMPWX94xkE7JQKgxjmNiYkwYzU9o32kkuqhCbAgMBAAGjggJP
MIICSzAdBgNVHQ4EFgQUAWPqfsaFWx3WhvhUgsTZhkiXDUUwHwYDVR0jBBgwFoAU
mBQsnQtBo7n7YD12mEgjb9HzGSQwDgYDVR0PAQH/BAQDAgeAMHMGA1UdHwRsMGow
aKBmoGSGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJF
MEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9tQlFzblF0Qm83bjdZRDEybUVnamI5
SHpHU1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5LzgzOERCMjE0MTY2NTExRTJCM0JDMjg2
MTcyRkQxRkYyL21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdTUS5jZXIwSgYDVR0g
AQH/BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5h
cG5pYy5uZXQvUlBLSS9DUFMucGRmMH4GCCsGAQUFBwELBHIwcDBuBggrBgEFBQcw
C4ZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5Lzk4MDY1MkUwQjc3
RTExRTdBOTZBMzk1MjFBNEY0RkI0L21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdT
US5tZnQwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAw
BgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQDFYSFzVZXhcBXiyzRU
/6ooZRY6GaeDJZRJC7k2siLNmkOgmj5w9Q8RZU4cUTlj/0hyFBUIbbGTVN1Og7FP
5Gerf9O3iziYCmOU/240/A3tOkl5CClfVbdodW/ZXz5o5x7ccMkxlKpeZUsBAaa/
Ag1CycTR/lAVqdp40VLz8CNgsCIsCVJ8fpTf1crIPPY1WTiEKmKw6BVJD32sgghh
Dh91Qpi/Z6SWlWzr4Q6MJQxODYr4OiOLz6Eq+dh6WLaMoaOlWnlNT77nPSfVpHbN
DZZNFLO4T/k3TUTxMQIGJgpNf9K5TS8q4kCtLMasetJwPSQRuQyFBMH14+C8pApH
QWu7
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:34:08 2025 by rpki-client