Manifest
$ rpki-client -vvf rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
File: NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft (raw, json)
Hash identifier: TOAZ1Riz8V7HQSgccezkjyAklsUnEo57XbMPLvrtEok=
Subject key identifier: 0F:3D:EB:59:98:ED:C4:FF:1E:C1:F8:62:1D:12:E3:DD:60:16:3B:C9
Authority key identifier: 34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22
Certificate issuer: /CN=A90DC5BE/serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22
Certificate serial: 47E4
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
Subject info access: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
Manifest number: 4735
Signing time: Mon 11 Aug 2025 02:50:09 +0000
Manifest this update: Mon 11 Aug 2025 02:50:09 +0000
Manifest next update: Mon 18 Aug 2025 02:50:09 +0000
Files and hashes: 1: NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl (hash: t2AKV/Q8JMGIpjlI/1W/yQHJ9h83x3DtBvrJghOst+0=)
2: CVjwl8rkKX3ycoLkGD468UJMj34.cer (hash: dIUmjSrIjTBexv9/ceLPC3WswXZRCQ+E7X3cPIrgsiw=)
3: yMD7hwR0w-hMq4NZfEaoYsR_iII.cer (hash: 9PPfP/K0Uf+S7J39zhXXnRpHgv6uH4LNhJd4TezIBSI=)
4: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer (hash: vp1tRoe4NsXHyQT0OHKIj2r+bs3aEldVk7YOXioMzPc=)
5: Tidv6UgTpdcIr4ZtYdYhNA_AUbI.cer (hash: a08n2HW5nibBBiTwza8V+WtqK6Yxby9U6HH3/Nqtoa4=)
6: NaP2H8Xf8ZLB2Qx0q4LHol1-Ftg.cer (hash: ZF1RlRehUcyZpIoR/bVaAFymoj2e9ILKyQaE+joIDZE=)
7: GHL5iLZXI3g3mSN-VU28xuSdFLA.cer (hash: EBPO+j383ZTZL3W25SBCuUDnWsryeNl/oCk3sCJDyPg=)
8: gf1WPMaGXeAtpqg_KgHxFhEdD_o.cer (hash: l5cZo0NCnOAN61PmPRwxJ+3G1YfnO8hR1ET4LiGF0Gg=)
9: yNpkCWcTSBB928ixg_VavykxJVY.cer (hash: gihqpRCjg2rI9ASnRe9SEx4bmJeI8d1jCVD9TrUB2P0=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl
rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 Aug 2025 05:57:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18404 (0x47e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22
Validity
Not Before: Aug 11 02:50:09 2025 GMT
Not After : Aug 18 02:50:09 2025 GMT
Subject: CN=68995a61-a03f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:f1:7e:2c:70:f1:d2:77:77:3c:49:20:7c:bd:
37:2d:06:07:5a:64:1f:93:bf:59:35:ea:f0:13:b7:
0e:1c:5f:12:10:21:77:68:a9:8c:58:12:c7:fc:80:
ca:e2:e8:61:f8:bd:68:1d:e3:e0:1b:e0:fc:de:c8:
3f:af:2c:07:3b:e3:45:28:b9:71:b9:46:c3:2e:52:
f3:a3:f0:8b:98:ae:9c:f3:11:c2:b4:15:13:e1:0a:
1f:25:e8:ed:c9:b0:30:72:a7:41:71:27:7b:8e:47:
90:a3:5e:18:9b:4b:52:71:db:81:ca:76:97:8d:52:
4f:02:3f:25:e7:29:80:19:78:1f:87:51:19:8e:80:
fb:9f:ab:dd:1a:79:dc:2f:46:2e:6a:a9:0d:5e:52:
86:c0:28:e3:66:14:b3:da:76:01:29:eb:f7:35:93:
f5:8e:22:3f:53:3d:4b:02:94:6f:27:a8:25:23:37:
b3:a1:46:fe:93:c6:cc:a8:30:3b:e5:db:dd:60:de:
56:af:0e:15:d9:62:ad:ba:43:6d:d2:4d:95:0a:de:
ab:4e:4c:76:a5:c1:e8:d1:57:d3:13:bd:0a:aa:a2:
18:6c:ea:80:ff:36:7c:15:4c:82:20:88:bd:fe:b5:
c2:6d:65:ed:e7:a7:9f:d9:3c:11:fe:3d:5b:cd:84:
eb:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:3D:EB:59:98:ED:C4:FF:1E:C1:F8:62:1D:12:E3:DD:60:16:3B:C9
X509v3 Authority Key Identifier:
keyid:34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
a8:a0:68:da:ad:69:38:22:0d:2f:f1:ba:00:88:fa:dd:91:0a:
a9:4c:1b:f2:9e:a0:87:6a:bf:98:10:e8:df:eb:52:10:d6:b2:
6f:4b:80:55:1b:0c:37:c7:d0:81:fe:9a:04:8b:8d:dd:73:96:
6b:56:ea:66:bf:ed:b1:a8:de:fa:51:c4:b8:68:28:4f:76:a8:
00:5b:21:92:0c:e6:10:f0:01:ed:67:64:91:1c:3c:39:ce:ea:
14:07:c1:c8:62:8f:ab:cf:87:9e:4f:d2:ee:91:ca:e4:6d:3e:
b4:26:c4:b7:26:b0:a9:88:84:42:7a:3f:94:af:9f:d9:12:f8:
ff:62:87:d9:c5:bc:1b:9b:a6:d4:44:f6:04:48:99:15:d4:b5:
dd:f3:2f:89:40:48:6b:7e:9b:f6:19:02:d6:b5:5f:ff:f7:21:
78:5c:84:91:f2:42:a7:c9:99:61:18:76:72:1b:21:4d:25:2d:
36:7e:30:80:6a:36:0e:f5:1d:38:5b:96:99:9c:cc:58:76:3b:
2c:26:d8:d2:d4:2d:92:73:f5:4d:87:38:02:9f:95:e4:75:5c:
53:ee:67:b9:55:91:50:c9:eb:f4:35:4d:1a:50:9d:5b:9d:ac:
c2:81:ec:18:f4:bd:14:83:39:e0:e4:1a:84:c4:91:2d:ef:79:
e0:7b:f0:8a
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgICR+QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDM0OEY5QjlCOTJBNzJDQ0ZEMzZGM0M3MEYzNTY3NTcz
M0NDOEVBMjIwHhcNMjUwODExMDI1MDA5WhcNMjUwODE4MDI1MDA5WjAYMRYwFAYD
VQQDEw02ODk5NWE2MS1hMDNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9fF+LHDx0nd3PEkgfL03LQYHWmQfk79ZNerwE7cOHF8SECF3aKmMWBLH/IDK
4uhh+L1oHePgG+D83sg/rywHO+NFKLlxuUbDLlLzo/CLmK6c8xHCtBUT4QofJejt
ybAwcqdBcSd7jkeQo14Ym0tScduBynaXjVJPAj8l5ymAGXgfh1EZjoD7n6vdGnnc
L0YuaqkNXlKGwCjjZhSz2nYBKev3NZP1jiI/Uz1LApRvJ6glIzezoUb+k8bMqDA7
5dvdYN5Wrw4V2WKtukNt0k2VCt6rTkx2pcHo0VfTE70KqqIYbOqA/zZ8FUyCIIi9
/rXCbWXt56ef2TwR/j1bzYTr4wIDAQABo4IChzCCAoMwHQYDVR0OBBYEFA8961mY
7cT/HsH4Yh0S491gFjvJMB8GA1UdIwQYMBaAFDSPm5uSpyzP0288cPNWdXM8yOoi
MA4GA1UdDwEB/wQEAwIHgDBzBgNVHR8EbDBqMGigZqBkhmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjQxRkU2MTAxRDY2MTFFMkE2MkY4NzdDNzJG
RDFGRjIvTkktYm01S25MTV9UYnp4dzgxWjFjenpJNmlJLmNybDB+BggrBgEFBQcB
AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np
dG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9OSS1ibTVLbkxN
X1Rienh3ODFaMWN6ekk2aUkuY2VyMEoGA1UdIAEB/wRAMD4wPAYIKwYBBQUHDgIw
MDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMubmV0L1JQS0kvQ1BTLnBk
ZjCBtQYIKwYBBQUHAQsEgagwgaUwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNDFGRTYxMDFENjYxMUUyQTYyRjg3N0M3MkZE
MUZGMi9OSS1ibTVLbkxNX1Rienh3ODFaMWN6ekk2aUkubWZ0MDMGCCsGAQUFBzAN
hidodHRwczovL3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYB
BQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIA
AgUAMA0GCSqGSIb3DQEBCwUAA4IBAQCooGjarWk4Ig0v8boAiPrdkQqpTBvynqCH
ar+YEOjf61IQ1rJvS4BVGww3x9CB/poEi43dc5ZrVupmv+2xqN76UcS4aChPdqgA
WyGSDOYQ8AHtZ2SRHDw5zuoUB8HIYo+rz4eeT9LukcrkbT60JsS3JrCpiIRCej+U
r5/ZEvj/YofZxbwbm6bURPYESJkV1LXd8y+JQEhrfpv2GQLWtV//9yF4XISR8kKn
yZlhGHZyGyFNJS02fjCAajYO9R04W5aZnMxYdjssJtjS1C2Sc/VNhzgCn5XkdVxT
7me5VZFQyev0NU0aUJ1bnazCgewY9L0Ugzng5BqExJEt73nge/CK
-----END CERTIFICATE-----
Generated at Mon Aug 11 07:27:26 2025 by rpki-client