Manifest
$ rpki-client -vvf rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
File: mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft (raw, json)
Hash identifier: v1q0g/NRJEutcCuDHRVAp0PTW2m1v87oNV6wxdxZdOs=
Subject key identifier: 68:B9:C8:58:5C:9E:5C:06:C0:0B:10:E0:C5:C0:4F:0A:35:64:D8:C9
Authority key identifier: 98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
Certificate issuer: /CN=apnic-rpki-root-intermediate/serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
Certificate serial: 03AD
Authority info access: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
Subject info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
Manifest number: 01D1
Signing time: Wed 30 Jul 2025 23:55:59 +0000
Manifest this update: Wed 30 Jul 2025 23:55:58 +0000
Manifest next update: Sat 06 Sep 2025 23:55:58 +0000
Files and hashes: 1: mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl (hash: KssYOAkyuhS1WaPmnxgyMZmWa6h0wQP+s7tp01v9k5Y=)
2: DmWk9f02tb1o6zySNAiXjJB6p58.cer (hash: F5ea2PHEdnp8OkhTCvVxp73LXDgcVsjPpcfj7fYDYic=)
3: dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer (hash: rcc6TEtSjVXPLeeXCGRc3ac6e1+qea3Tx7YxlOf1XAI=)
4: NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer (hash: x4mFJOMmynkwTyJAqeOPLl/8JsviT9ztJe/+Vjo6VFw=)
5: DPzneFf88B852ZpitKpi5hWedvg.cer (hash: bYzdOUS201K8gqiq8ncffU6nm6tl5f6sVNHjv8idJNk=)
6: lqhe9LjK9dTDWhV_ThJe5JS6-Tk.cer (hash: /2yzJwAtTJqt8ivA3yv6yDv5Ialu5ubqlmHKX9paiSo=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 Aug 2025 05:57:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 941 (0x3ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=apnic-rpki-root-intermediate, serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
Validity
Not Before: Jul 30 23:55:58 2025 GMT
Not After : Sep 6 23:55:58 2025 GMT
Subject: CN=688ab10e-fe15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:16:ba:4b:96:6e:95:bb:6a:ca:c1:4a:ea:50:
cc:63:0f:53:93:1d:e1:7b:d4:5c:01:a6:1e:b5:4d:
60:56:35:41:6b:23:9c:70:81:92:b5:e0:f0:a3:18:
65:e3:73:78:a4:d3:bf:ae:09:ef:50:51:f2:78:a3:
98:20:63:c3:41:7c:dd:a7:2a:25:3d:27:33:39:f4:
13:e1:f8:07:ce:9a:e0:80:9a:7f:75:13:75:7b:b8:
9f:29:12:d6:e7:04:7f:2b:d8:6e:e2:ab:7c:e9:d5:
70:e8:08:b0:e0:05:f8:af:95:d7:43:13:16:33:06:
f2:6a:fe:06:b4:0b:bf:39:0a:ad:37:ed:f2:80:7a:
fa:9e:be:a2:80:48:5b:f3:ca:79:ee:c8:f1:bf:3b:
23:3e:f4:08:a8:63:c4:e3:0d:43:9b:b7:62:c2:70:
29:fb:3b:5f:34:c1:99:74:99:98:4f:80:39:f4:d1:
ca:55:74:e3:66:bd:68:79:f7:71:46:df:d0:6f:03:
4e:da:12:59:b5:cc:15:21:60:c8:6c:cb:f6:db:19:
72:1b:d3:53:ba:d7:ac:bc:b9:88:41:9b:74:f2:03:
79:1c:04:ea:93:77:2c:7d:15:39:30:a6:4c:a2:cb:
16:b6:d0:10:f9:f0:cd:2d:b5:48:1a:87:d9:10:69:
ef:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:B9:C8:58:5C:9E:5C:06:C0:0B:10:E0:C5:C0:4F:0A:35:64:D8:C9
X509v3 Authority Key Identifier:
keyid:98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
75:88:a3:d2:3b:52:85:da:fd:8b:12:0d:ae:02:60:c8:fa:59:
dd:c9:dc:6b:da:da:63:f4:72:69:8d:b6:59:5e:c1:0c:d1:f5:
58:b6:5c:46:4d:71:99:8c:8e:5d:b6:68:45:b8:e6:5c:79:79:
37:44:cb:0f:69:fb:47:ee:cd:e2:9b:b0:89:3a:52:2f:30:1b:
0b:68:e9:14:13:7c:09:e1:ad:6c:bd:2b:67:67:76:32:b3:ca:
da:c3:13:7c:6c:8b:6d:ed:f9:23:fb:31:5f:9d:bf:b9:8a:f2:
4a:4a:d2:4a:4b:09:9c:7a:41:2e:a8:fc:d1:e1:be:10:b0:ba:
4d:a9:9c:d9:66:24:a9:98:b0:36:f4:71:5f:85:b0:0d:4e:30:
01:27:75:a8:60:bf:5d:d7:b9:6a:0a:4f:4f:9c:9a:16:57:9c:
65:fb:73:53:85:e7:f3:fc:99:48:42:b3:de:3c:06:f5:46:43:
a9:7a:28:7d:cf:63:bf:c1:9a:81:86:d6:6e:10:70:20:08:cd:
82:22:e9:fb:84:92:1c:70:9f:a8:af:75:f3:c9:af:5f:54:f1:
fe:a1:30:85:ae:bc:9e:ab:45:c2:32:88:43:36:71:51:77:91:
06:bf:73:0c:a0:c1:be:ab:35:34:11:98:55:7e:9c:3b:50:fa:
14:66:38:c6
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgICA60wDQYJKoZIhvcNAQELBQAwWjElMCMGA1UEAxMcYXBu
aWMtcnBraS1yb290LWludGVybWVkaWF0ZTExMC8GA1UEBRMoOTgxNDJDOUQwQjQx
QTNCOUZCNjAzRDc2OTg0ODIzNkZEMUYzMTkyNDAeFw0yNTA3MzAyMzU1NThaFw0y
NTA5MDYyMzU1NThaMBgxFjAUBgNVBAMTDTY4OGFiMTBlLWZlMTUwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLFrpLlm6Vu2rKwUrqUMxjD1OTHeF71FwB
ph61TWBWNUFrI5xwgZK14PCjGGXjc3ik07+uCe9QUfJ4o5ggY8NBfN2nKiU9JzM5
9BPh+AfOmuCAmn91E3V7uJ8pEtbnBH8r2G7iq3zp1XDoCLDgBfivlddDExYzBvJq
/ga0C785Cq037fKAevqevqKASFvzynnuyPG/OyM+9AioY8TjDUObt2LCcCn7O180
wZl0mZhPgDn00cpVdONmvWh593FG39BvA07aElm1zBUhYMhsy/bbGXIb01O616y8
uYhBm3TyA3kcBOqTdyx9FTkwpkyiyxa20BD58M0ttUgah9kQae/tAgMBAAGjggJP
MIICSzAdBgNVHQ4EFgQUaLnIWFyeXAbACxDgxcBPCjVk2MkwHwYDVR0jBBgwFoAU
mBQsnQtBo7n7YD12mEgjb9HzGSQwDgYDVR0PAQH/BAQDAgeAMHMGA1UdHwRsMGow
aKBmoGSGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJF
MEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9tQlFzblF0Qm83bjdZRDEybUVnamI5
SHpHU1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5LzgzOERCMjE0MTY2NTExRTJCM0JDMjg2
MTcyRkQxRkYyL21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdTUS5jZXIwSgYDVR0g
AQH/BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5h
cG5pYy5uZXQvUlBLSS9DUFMucGRmMH4GCCsGAQUFBwELBHIwcDBuBggrBgEFBQcw
C4ZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5Lzk4MDY1MkUwQjc3
RTExRTdBOTZBMzk1MjFBNEY0RkI0L21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdT
US5tZnQwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAw
BgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQB1iKPSO1KF2v2LEg2u
AmDI+lndydxr2tpj9HJpjbZZXsEM0fVYtlxGTXGZjI5dtmhFuOZceXk3RMsPaftH
7s3im7CJOlIvMBsLaOkUE3wJ4a1svStnZ3Yys8rawxN8bItt7fkj+zFfnb+5ivJK
StJKSwmcekEuqPzR4b4QsLpNqZzZZiSpmLA29HFfhbANTjABJ3WoYL9d17lqCk9P
nJoWV5xl+3NThefz/JlIQrPePAb1RkOpeih9z2O/wZqBhtZuEHAgCM2CIun7hJIc
cJ+or3Xzya9fVPH+oTCFrryeq0XCMohDNnFRd5EGv3MMoMG+qzU0EZhVfpw7UPoU
ZjjG
-----END CERTIFICATE-----
Generated at Mon Aug 4 04:07:18 2025 by rpki-client