Manifest
$ rpki-client -vvf rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
File: mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft (raw, json)
Hash identifier: D0iCth8dh53/dZm6NAupXOWIsHGiIzkEoWeDTCJ1ZJM=
Subject key identifier: E6:BD:FC:53:54:49:1E:36:F4:C6:89:25:E9:26:5C:7A:33:B1:10:E2
Authority key identifier: 98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
Certificate issuer: /CN=apnic-rpki-root-intermediate/serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
Certificate serial: 03DF
Authority info access: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
Subject info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
Manifest number: 01EA
Signing time: Thu 23 Oct 2025 22:47:58 +0000
Manifest this update: Thu 23 Oct 2025 22:47:58 +0000
Manifest next update: Sun 30 Nov 2025 22:47:58 +0000
Files and hashes: 1: mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl (hash: XHGV1aG+QS2gJylHc4/5Q27KVYuibY8TbNWg6teiQsk=)
2: DmWk9f02tb1o6zySNAiXjJB6p58.cer (hash: F5ea2PHEdnp8OkhTCvVxp73LXDgcVsjPpcfj7fYDYic=)
3: dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer (hash: mHv6iTALxe7c2xf31EqUUzFbqznwEXc4amWj+lViTOA=)
4: NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer (hash: NNRmCkUau9X02u79Px3QwcTodHbkWW+WmHkQngETnp4=)
5: DPzneFf88B852ZpitKpi5hWedvg.cer (hash: igs+reot5kgJsxddRxiEafN+gdbkJ3sE/yj3o/R2hck=)
6: lqhe9LjK9dTDWhV_ThJe5JS6-Tk.cer (hash: QLuyYGFjHOfjGkdX50x1QKWUDmxdxeES20sT+ydLol4=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 22 Nov 2025 22:58:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 991 (0x3df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=apnic-rpki-root-intermediate, serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
Validity
Not Before: Oct 23 22:47:58 2025 GMT
Not After : Nov 30 22:47:58 2025 GMT
Subject: CN=68fab09e-ca60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:72:fa:ee:21:dc:4d:94:9d:61:1b:14:39:6b:
04:d5:41:5e:07:94:6b:f4:62:e9:34:31:95:cf:bd:
0c:65:9d:70:b4:99:25:96:d1:15:4f:4f:00:78:61:
07:9a:91:8e:14:6b:8a:ad:6b:f1:ce:f4:53:f2:bc:
6d:c2:5c:8b:b7:86:c7:7b:30:e3:b6:ae:1e:08:d0:
2d:d1:00:6f:1d:7d:fc:b1:83:af:d2:4c:c3:94:16:
b2:c5:b9:a7:d2:07:a1:24:bb:42:1c:91:fe:14:8c:
3e:b8:eb:3f:2b:a8:7e:c7:aa:f6:8f:1a:55:04:8d:
d6:5d:f0:61:31:04:06:0d:6c:a4:e7:29:88:9c:44:
f0:98:06:35:1d:c8:15:cf:83:ed:3e:51:62:66:59:
4e:76:79:a1:e8:d4:5a:dd:04:ee:67:29:b2:a4:2b:
bb:e8:0e:15:6c:68:64:58:cc:0a:b5:90:d8:71:6d:
04:6f:42:3f:f6:92:18:a4:7d:8e:c7:01:5a:5b:42:
b3:96:e9:eb:7e:83:36:82:18:ec:2b:20:c4:38:fc:
21:c2:f6:a7:3c:84:08:2f:c1:87:55:b8:1a:8a:cd:
82:da:36:d7:47:6a:5f:84:63:98:41:7a:d1:e6:5e:
4a:3f:d2:6e:90:28:1b:ca:b1:48:aa:98:dc:05:d2:
e0:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:BD:FC:53:54:49:1E:36:F4:C6:89:25:E9:26:5C:7A:33:B1:10:E2
X509v3 Authority Key Identifier:
keyid:98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
0a:4f:6b:1b:53:78:5d:17:e3:87:c9:3f:f5:a8:66:7f:87:6d:
2d:c5:4a:2f:85:50:ba:89:52:d2:8b:c9:0a:e9:fb:b9:44:7f:
2e:b7:11:15:dc:f6:7a:a5:87:b2:d6:41:99:93:19:e9:28:fa:
d4:27:07:28:20:27:3b:6f:aa:c2:77:3e:0d:aa:76:c9:62:98:
14:32:8a:4d:76:58:0b:f0:09:a3:0a:70:82:04:65:3a:62:bf:
44:86:ea:85:df:d1:17:71:25:06:ce:10:87:56:2e:88:ad:7f:
78:fa:59:6d:e7:ee:10:05:84:f5:6e:aa:a2:b3:ab:0e:06:34:
16:36:d4:e8:11:0e:92:2a:85:f6:b9:ef:5c:4a:4c:6b:ac:38:
38:e2:15:8b:c8:43:4f:a8:5f:2e:e9:6b:82:fa:e5:92:3e:de:
57:30:34:6c:e5:68:74:17:ea:8e:0e:6f:3e:e8:bd:5e:c8:fc:
49:90:fb:06:cd:16:e9:0a:38:c0:54:6c:14:0c:47:90:a8:6f:
db:92:28:82:68:7e:41:ca:7c:2f:89:f2:ba:49:5c:45:f8:52:
0d:b9:fd:d1:98:83:94:62:f5:ac:ac:26:3c:ff:d5:58:97:06:
cc:de:f0:fa:a8:df:05:93:54:3a:1d:a9:03:7b:2f:2c:88:02:
ec:d6:44:8b
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgICA98wDQYJKoZIhvcNAQELBQAwWjElMCMGA1UEAxMcYXBu
aWMtcnBraS1yb290LWludGVybWVkaWF0ZTExMC8GA1UEBRMoOTgxNDJDOUQwQjQx
QTNCOUZCNjAzRDc2OTg0ODIzNkZEMUYzMTkyNDAeFw0yNTEwMjMyMjQ3NThaFw0y
NTExMzAyMjQ3NThaMBgxFjAUBgNVBAMTDTY4ZmFiMDllLWNhNjAwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0cvruIdxNlJ1hGxQ5awTVQV4HlGv0Yuk0
MZXPvQxlnXC0mSWW0RVPTwB4YQeakY4Ua4qta/HO9FPyvG3CXIu3hsd7MOO2rh4I
0C3RAG8dffyxg6/STMOUFrLFuafSB6Eku0Ickf4UjD646z8rqH7HqvaPGlUEjdZd
8GExBAYNbKTnKYicRPCYBjUdyBXPg+0+UWJmWU52eaHo1FrdBO5nKbKkK7voDhVs
aGRYzAq1kNhxbQRvQj/2khikfY7HAVpbQrOW6et+gzaCGOwrIMQ4/CHC9qc8hAgv
wYdVuBqKzYLaNtdHal+EY5hBetHmXko/0m6QKBvKsUiqmNwF0uBbAgMBAAGjggJP
MIICSzAdBgNVHQ4EFgQU5r38U1RJHjb0xokl6SZcejOxEOIwHwYDVR0jBBgwFoAU
mBQsnQtBo7n7YD12mEgjb9HzGSQwDgYDVR0PAQH/BAQDAgeAMHMGA1UdHwRsMGow
aKBmoGSGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJF
MEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9tQlFzblF0Qm83bjdZRDEybUVnamI5
SHpHU1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5LzgzOERCMjE0MTY2NTExRTJCM0JDMjg2
MTcyRkQxRkYyL21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdTUS5jZXIwSgYDVR0g
AQH/BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5h
cG5pYy5uZXQvUlBLSS9DUFMucGRmMH4GCCsGAQUFBwELBHIwcDBuBggrBgEFBQcw
C4ZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5Lzk4MDY1MkUwQjc3
RTExRTdBOTZBMzk1MjFBNEY0RkI0L21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdT
US5tZnQwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAw
BgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQAKT2sbU3hdF+OHyT/1
qGZ/h20txUovhVC6iVLSi8kK6fu5RH8utxEV3PZ6pYey1kGZkxnpKPrUJwcoICc7
b6rCdz4NqnbJYpgUMopNdlgL8AmjCnCCBGU6Yr9EhuqF39EXcSUGzhCHVi6IrX94
+llt5+4QBYT1bqqis6sOBjQWNtToEQ6SKoX2ue9cSkxrrDg44hWLyENPqF8u6WuC
+uWSPt5XMDRs5Wh0F+qODm8+6L1eyPxJkPsGzRbpCjjAVGwUDEeQqG/bkiiCaH5B
ynwvifK6SVxF+FINuf3RmIOUYvWsrCY8/9VYlwbM3vD6qN8Fk1Q6HakDey8siALs
1kSL
-----END CERTIFICATE-----
Generated at Mon Nov 3 12:50:06 2025 by rpki-client