Manifest
$ rpki-client -vvf rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
File: NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft (raw, json)
Hash identifier: PVQ4k24YLE3rvshadeD57XGFYSn/lDK8MEDScOzzb9w=
Subject key identifier: B7:80:4C:9B:65:11:20:D4:95:08:F9:30:A6:D9:85:58:FD:F5:56:E9
Authority key identifier: 34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22
Certificate issuer: /CN=A90DC5BE/serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22
Certificate serial: 469B
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
Subject info access: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
Manifest number: 45F2
Signing time: Sat 26 Apr 2025 14:50:09 +0000
Manifest this update: Sat 26 Apr 2025 14:50:08 +0000
Manifest next update: Sat 03 May 2025 14:50:08 +0000
Files and hashes: 1: NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl (hash: qBhsRI3R+QLHBqW5q4FA6J5Iy5b0GsJ7UqLZ51Q6Yes=)
2: CVjwl8rkKX3ycoLkGD468UJMj34.cer (hash: dIUmjSrIjTBexv9/ceLPC3WswXZRCQ+E7X3cPIrgsiw=)
3: yMD7hwR0w-hMq4NZfEaoYsR_iII.cer (hash: N0F8HE1OKVKKKHAEjBQrKcxyApq01oZoxtlct6NIs44=)
4: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer (hash: vp1tRoe4NsXHyQT0OHKIj2r+bs3aEldVk7YOXioMzPc=)
5: GHL5iLZXI3g3mSN-VU28xuSdFLA.cer (hash: EBPO+j383ZTZL3W25SBCuUDnWsryeNl/oCk3sCJDyPg=)
6: gf1WPMaGXeAtpqg_KgHxFhEdD_o.cer (hash: lK432uTKMzI/MWDWDCT/5eSJfdDwnCex4YbKV+8mZxI=)
7: NaP2H8Xf8ZLB2Qx0q4LHol1-Ftg.cer (hash: okjzU3E4UBevhxAwJ+/GBUGWv9CrjBdiXIkVX/kNLUw=)
8: Tidv6UgTpdcIr4ZtYdYhNA_AUbI.cer (hash: wPpie+ThAR/1TthkCM7hgEd/wJa4M0QWrfReez52vcc=)
9: yNpkCWcTSBB928ixg_VavykxJVY.cer (hash: yeZNkJNHC+qtIscVm8AAik64XQjEl1j01cQ1Y6MWxhE=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl
rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 03 May 2025 14:50:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18075 (0x469b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22
Validity
Not Before: Apr 26 14:50:08 2025 GMT
Not After : May 3 14:50:08 2025 GMT
Subject: CN=680cf2a1-ad92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:9d:6f:a6:a0:19:1b:ce:dd:0e:94:e0:b6:04:
f9:1a:97:0f:20:a7:b1:4a:c1:1b:3f:1e:c6:aa:f4:
39:3f:02:25:2a:0d:b9:57:1b:6b:55:d6:42:92:ce:
1c:32:33:2a:25:0e:d6:75:d2:98:fd:22:0f:a9:87:
56:49:ce:7b:54:54:8c:f0:a8:89:1d:27:eb:5d:a0:
50:e6:0e:1f:96:55:fb:36:76:88:5b:fa:dd:35:09:
5f:a2:9c:0d:43:d7:54:ee:4f:a9:ba:27:d3:17:57:
cd:7d:6b:9e:35:0e:11:1d:15:49:1e:a3:3f:97:e0:
de:63:83:9e:00:35:b6:d6:e8:61:32:5b:25:71:54:
4d:fc:33:17:b3:6c:25:08:d1:32:86:39:f5:89:ba:
f1:ad:da:a3:44:98:3c:44:1c:a7:ab:01:ad:3a:c9:
ad:7e:33:8b:b3:1f:d8:54:a0:70:8d:b8:58:95:29:
e7:1a:2f:61:92:45:30:d6:7c:e2:8c:33:70:22:66:
74:da:01:d4:fa:10:98:fa:3a:60:0f:63:26:90:8a:
02:36:87:8b:84:3f:8e:62:8c:e1:15:ba:c7:ad:6d:
9a:cc:11:79:f1:d2:63:f6:39:a9:74:a0:0b:c2:20:
8e:08:8a:72:9b:35:e0:6a:80:15:41:73:d8:08:13:
79:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:80:4C:9B:65:11:20:D4:95:08:F9:30:A6:D9:85:58:FD:F5:56:E9
X509v3 Authority Key Identifier:
keyid:34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
8e:df:04:6c:68:d8:ee:fb:10:a5:6c:65:41:45:06:e9:b9:bc:
40:e6:ad:b6:c8:d9:92:fa:1c:83:2b:52:18:a9:cf:18:5a:66:
34:c1:85:f3:0d:0e:5e:23:7f:d0:01:86:4a:47:80:89:54:b3:
35:ea:99:82:88:69:40:01:c5:8d:04:77:9d:ad:8b:dd:c7:2c:
bb:74:d8:01:2b:a7:e1:dc:74:14:01:26:99:55:c6:ed:53:2d:
b5:70:de:94:80:b6:06:21:82:29:e4:99:22:3d:35:07:69:57:
32:dc:ba:45:b2:40:c3:b1:e5:d1:f7:7e:1d:79:84:2f:8a:27:
d9:6c:9d:17:07:14:4a:ad:d0:64:1b:ac:9c:55:82:c5:4f:f5:
81:e0:c9:35:88:07:ed:5e:33:84:ba:43:fc:3d:00:83:0a:03:
5b:13:5b:f6:99:74:da:f8:a9:6e:27:8d:2d:83:df:da:a7:f5:
17:8e:15:34:a4:33:3d:4e:76:65:b1:8d:f2:c3:fb:5c:22:96:
62:2c:79:b2:aa:59:b0:4e:2b:6c:99:2b:ad:f8:6b:e0:d3:f2:
43:bf:49:ec:fa:55:a5:46:7e:30:15:d6:97:28:65:e8:ed:ff:
6d:a7:5e:0e:e4:49:a5:e2:3b:10:70:c2:db:e9:55:aa:58:82:
f6:e5:73:98
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgICRpswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDM0OEY5QjlCOTJBNzJDQ0ZEMzZGM0M3MEYzNTY3NTcz
M0NDOEVBMjIwHhcNMjUwNDI2MTQ1MDA4WhcNMjUwNTAzMTQ1MDA4WjAYMRYwFAYD
VQQDEw02ODBjZjJhMS1hZDkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAup1vpqAZG87dDpTgtgT5GpcPIKexSsEbPx7GqvQ5PwIlKg25VxtrVdZCks4c
MjMqJQ7WddKY/SIPqYdWSc57VFSM8KiJHSfrXaBQ5g4fllX7NnaIW/rdNQlfopwN
Q9dU7k+puifTF1fNfWueNQ4RHRVJHqM/l+DeY4OeADW21uhhMlslcVRN/DMXs2wl
CNEyhjn1ibrxrdqjRJg8RBynqwGtOsmtfjOLsx/YVKBwjbhYlSnnGi9hkkUw1nzi
jDNwImZ02gHU+hCY+jpgD2MmkIoCNoeLhD+OYozhFbrHrW2azBF58dJj9jmpdKAL
wiCOCIpymzXgaoAVQXPYCBN5IQIDAQABo4IChzCCAoMwHQYDVR0OBBYEFLeATJtl
ESDUlQj5MKbZhVj99VbpMB8GA1UdIwQYMBaAFDSPm5uSpyzP0288cPNWdXM8yOoi
MA4GA1UdDwEB/wQEAwIHgDBzBgNVHR8EbDBqMGigZqBkhmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjQxRkU2MTAxRDY2MTFFMkE2MkY4NzdDNzJG
RDFGRjIvTkktYm01S25MTV9UYnp4dzgxWjFjenpJNmlJLmNybDB+BggrBgEFBQcB
AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np
dG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9OSS1ibTVLbkxN
X1Rienh3ODFaMWN6ekk2aUkuY2VyMEoGA1UdIAEB/wRAMD4wPAYIKwYBBQUHDgIw
MDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMubmV0L1JQS0kvQ1BTLnBk
ZjCBtQYIKwYBBQUHAQsEgagwgaUwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNDFGRTYxMDFENjYxMUUyQTYyRjg3N0M3MkZE
MUZGMi9OSS1ibTVLbkxNX1Rienh3ODFaMWN6ekk2aUkubWZ0MDMGCCsGAQUFBzAN
hidodHRwczovL3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYB
BQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIA
AgUAMA0GCSqGSIb3DQEBCwUAA4IBAQCO3wRsaNju+xClbGVBRQbpubxA5q22yNmS
+hyDK1IYqc8YWmY0wYXzDQ5eI3/QAYZKR4CJVLM16pmCiGlAAcWNBHedrYvdxyy7
dNgBK6fh3HQUASaZVcbtUy21cN6UgLYGIYIp5JkiPTUHaVcy3LpFskDDseXR934d
eYQviifZbJ0XBxRKrdBkG6ycVYLFT/WB4Mk1iAftXjOEukP8PQCDCgNbE1v2mXTa
+KluJ40tg9/ap/UXjhU0pDM9TnZlsY3yw/tcIpZiLHmyqlmwTitsmSut+Gvg0/JD
v0ns+lWlRn4wFdaXKGXo7f9tp14O5Eml4jsQcMLb6VWqWIL25XOY
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:09:24 2025 by rpki-client