Manifest
$ rpki-client -vvf rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
File: NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft (raw, json)
Hash identifier: IMW9G85OwDs4D5S25KxsakITdSnQWBn3qwyRrToIVhQ=
Subject key identifier: 89:91:BE:73:EF:B2:0B:94:44:D6:CC:67:12:D0:85:EE:18:73:43:12
Authority key identifier: 34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22
Certificate issuer: /CN=A90DC5BE/serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22
Certificate serial: 4732
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
Subject info access: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
Manifest number: 4686
Signing time: Sat 14 Jun 2025 14:50:09 +0000
Manifest this update: Sat 14 Jun 2025 14:50:08 +0000
Manifest next update: Sat 21 Jun 2025 14:50:08 +0000
Files and hashes: 1: NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl (hash: eIp3/r34krm6fKRP7i5bSDVpr5dtgtVhu/jLq9JXIGo=)
2: CVjwl8rkKX3ycoLkGD468UJMj34.cer (hash: dIUmjSrIjTBexv9/ceLPC3WswXZRCQ+E7X3cPIrgsiw=)
3: yMD7hwR0w-hMq4NZfEaoYsR_iII.cer (hash: N0F8HE1OKVKKKHAEjBQrKcxyApq01oZoxtlct6NIs44=)
4: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer (hash: vp1tRoe4NsXHyQT0OHKIj2r+bs3aEldVk7YOXioMzPc=)
5: GHL5iLZXI3g3mSN-VU28xuSdFLA.cer (hash: EBPO+j383ZTZL3W25SBCuUDnWsryeNl/oCk3sCJDyPg=)
6: gf1WPMaGXeAtpqg_KgHxFhEdD_o.cer (hash: lK432uTKMzI/MWDWDCT/5eSJfdDwnCex4YbKV+8mZxI=)
7: NaP2H8Xf8ZLB2Qx0q4LHol1-Ftg.cer (hash: ZF1RlRehUcyZpIoR/bVaAFymoj2e9ILKyQaE+joIDZE=)
8: Tidv6UgTpdcIr4ZtYdYhNA_AUbI.cer (hash: a08n2HW5nibBBiTwza8V+WtqK6Yxby9U6HH3/Nqtoa4=)
9: yNpkCWcTSBB928ixg_VavykxJVY.cer (hash: gihqpRCjg2rI9ASnRe9SEx4bmJeI8d1jCVD9TrUB2P0=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl
rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 21 Jun 2025 14:50:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18226 (0x4732)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22
Validity
Not Before: Jun 14 14:50:08 2025 GMT
Not After : Jun 21 14:50:08 2025 GMT
Subject: CN=684d8c21-906f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:ba:48:02:b2:33:63:6e:c9:ab:dd:7f:ec:a6:
e1:80:12:72:4f:8c:9a:6c:6c:bf:0d:98:e1:ba:dd:
a3:85:61:e3:64:8d:50:8b:74:58:1b:b2:15:c7:6a:
31:f3:3b:22:5a:07:8c:b5:fd:c7:c7:94:62:d3:c6:
8f:18:2f:80:bc:d2:76:c9:f9:96:1b:64:f9:9c:e9:
6e:d0:e9:dd:79:57:27:21:bf:39:36:c3:3c:3b:06:
72:9b:7a:20:6c:65:bd:fe:8a:83:88:ea:c4:2d:3e:
2e:ea:d0:b0:7a:55:4d:c2:20:8f:44:cd:ce:36:73:
00:10:d5:a3:c0:8f:70:f1:63:ee:e9:5d:ad:4a:0e:
bf:75:e0:00:35:2f:3d:d7:48:92:94:2a:3a:33:88:
0f:cb:0c:b2:ff:d1:d8:fa:a9:ca:35:e5:53:c8:f4:
41:c0:01:a0:91:3f:d4:29:6d:26:a7:f5:12:bf:b6:
28:56:cc:ff:cb:6a:37:e5:1e:04:71:33:5c:df:b2:
73:72:c1:21:d5:27:a1:6e:3c:a4:c7:29:74:8d:70:
9d:bd:07:4d:2b:94:b0:9c:7d:1c:08:bc:6d:2f:fa:
72:d8:ed:54:18:25:19:77:6d:f0:b4:d5:38:d5:f9:
b8:b4:15:9d:72:dc:69:e4:13:ec:5d:59:9d:bb:90:
1d:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:91:BE:73:EF:B2:0B:94:44:D6:CC:67:12:D0:85:EE:18:73:43:12
X509v3 Authority Key Identifier:
keyid:34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
ad:34:70:5b:63:4c:7c:ba:b3:8d:8e:7e:82:66:35:0c:a5:d5:
7c:1f:fe:59:7f:22:9f:02:7b:b1:32:8f:e3:6d:1a:bb:64:85:
87:eb:11:f5:3f:f3:a8:8f:fc:af:0a:4c:ef:a9:94:8c:8a:56:
d4:45:33:be:d9:ef:cd:7d:a4:c8:fe:b2:b6:36:04:91:cf:a8:
3b:51:0a:f2:a0:ff:52:ad:b8:71:b4:3e:43:3b:5f:32:bf:b4:
d5:4f:63:87:5b:45:85:30:b1:9f:82:e1:3f:86:87:3e:f4:7c:
c8:d1:fc:9a:dd:16:24:ac:13:7e:f2:4d:14:4d:d9:aa:43:20:
65:2e:01:70:5d:35:bc:c6:8f:9f:3e:26:1e:99:8d:4b:68:ac:
ca:20:d4:28:3d:c2:91:87:00:c5:31:a4:4c:89:b5:c4:cc:29:
14:b4:f0:3c:cb:01:89:2e:76:17:c5:be:3a:3d:05:e2:11:f2:
6f:4d:e4:88:26:24:a9:9f:8c:7f:8a:55:f7:f3:10:a2:c2:58:
93:7d:76:1a:e9:21:f6:e2:b6:47:39:a5:1a:a5:50:df:da:74:
85:77:50:00:b3:85:2e:6c:a3:a1:ec:84:e2:cb:76:5b:fc:4c:
81:3c:c0:92:ba:88:70:99:58:84:fd:be:2e:3e:1e:72:a7:ac:
b6:26:3b:82
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgICRzIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDM0OEY5QjlCOTJBNzJDQ0ZEMzZGM0M3MEYzNTY3NTcz
M0NDOEVBMjIwHhcNMjUwNjE0MTQ1MDA4WhcNMjUwNjIxMTQ1MDA4WjAYMRYwFAYD
VQQDEw02ODRkOGMyMS05MDZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1bpIArIzY27Jq91/7KbhgBJyT4yabGy/DZjhut2jhWHjZI1Qi3RYG7IVx2ox
8zsiWgeMtf3Hx5Ri08aPGC+AvNJ2yfmWG2T5nOlu0OndeVcnIb85NsM8OwZym3og
bGW9/oqDiOrELT4u6tCwelVNwiCPRM3ONnMAENWjwI9w8WPu6V2tSg6/deAANS89
10iSlCo6M4gPywyy/9HY+qnKNeVTyPRBwAGgkT/UKW0mp/USv7YoVsz/y2o35R4E
cTNc37JzcsEh1Sehbjykxyl0jXCdvQdNK5SwnH0cCLxtL/py2O1UGCUZd23wtNU4
1fm4tBWdctxp5BPsXVmdu5Ad0wIDAQABo4IChzCCAoMwHQYDVR0OBBYEFImRvnPv
sguURNbMZxLQhe4Yc0MSMB8GA1UdIwQYMBaAFDSPm5uSpyzP0288cPNWdXM8yOoi
MA4GA1UdDwEB/wQEAwIHgDBzBgNVHR8EbDBqMGigZqBkhmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjQxRkU2MTAxRDY2MTFFMkE2MkY4NzdDNzJG
RDFGRjIvTkktYm01S25MTV9UYnp4dzgxWjFjenpJNmlJLmNybDB+BggrBgEFBQcB
AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np
dG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9OSS1ibTVLbkxN
X1Rienh3ODFaMWN6ekk2aUkuY2VyMEoGA1UdIAEB/wRAMD4wPAYIKwYBBQUHDgIw
MDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMubmV0L1JQS0kvQ1BTLnBk
ZjCBtQYIKwYBBQUHAQsEgagwgaUwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNDFGRTYxMDFENjYxMUUyQTYyRjg3N0M3MkZE
MUZGMi9OSS1ibTVLbkxNX1Rienh3ODFaMWN6ekk2aUkubWZ0MDMGCCsGAQUFBzAN
hidodHRwczovL3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYB
BQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIA
AgUAMA0GCSqGSIb3DQEBCwUAA4IBAQCtNHBbY0x8urONjn6CZjUMpdV8H/5ZfyKf
AnuxMo/jbRq7ZIWH6xH1P/Ooj/yvCkzvqZSMilbURTO+2e/NfaTI/rK2NgSRz6g7
UQryoP9SrbhxtD5DO18yv7TVT2OHW0WFMLGfguE/hoc+9HzI0fya3RYkrBN+8k0U
TdmqQyBlLgFwXTW8xo+fPiYemY1LaKzKINQoPcKRhwDFMaRMibXEzCkUtPA8ywGJ
LnYXxb46PQXiEfJvTeSIJiSpn4x/ilX38xCiwliTfXYa6SH24rZHOaUapVDf2nSF
d1AAs4UubKOh7ITiy3Zb/EyBPMCSuohwmViE/b4uPh5yp6y2JjuC
-----END CERTIFICATE-----
Generated at Sat Jun 14 19:31:00 2025 by rpki-client