Manifest
$ rpki-client -vvf rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
File: C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft (raw, json)
Hash identifier: DnD3760k344ZvJddZ5T6RBY39qNwOE1aKQMPancxa0s=
Subject key identifier: E2:FF:47:B0:51:1D:9F:B2:8D:80:EA:9A:42:EB:23:E6:79:A3:EA:2E
Authority key identifier: 0B:9C:CA:90:DD:0D:7A:8A:37:66:6B:19:21:7F:E0:D8:40:37:B7:A2
Certificate issuer: /CN=apnic-rpki-root-iana-origin
Certificate serial: 0107
Authority info access: rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Subject info access: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
Manifest number: D1
Signing time: Mon 15 Sep 2025 06:21:01 +0000
Manifest this update: Mon 15 Sep 2025 06:20:58 +0000
Manifest next update: Wed 22 Oct 2025 06:20:58 +0000
Files and hashes: 1: C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl (hash: q9JQA/V6tKuwDKsS3/gCJan5bJq8aRdVdwUdxAkchbc=)
2: mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer (hash: Gp4osGE4UQ9LkF7mLZIVmTaSgfEvlpp2XSQvK1Ebkj0=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 22 Oct 2025 06:20:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 263 (0x107)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=apnic-rpki-root-iana-origin
Validity
Not Before: Sep 15 06:20:58 2025 GMT
Not After : Oct 22 06:20:58 2025 GMT
Subject: CN=68c7b04a-9ea3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:25:ef:d2:55:c4:58:fa:93:68:e4:0a:1c:77:
50:17:2e:9e:aa:a8:64:32:47:85:1c:63:a0:75:d2:
06:fb:0d:7b:33:69:2b:4d:09:da:4c:f0:0c:bf:cf:
c5:e4:7e:07:8c:83:ac:5c:f4:27:24:75:28:38:76:
78:d3:7d:a6:d2:a6:ab:9d:e7:3a:c7:90:7b:2d:6a:
ec:53:dd:e0:ae:4f:8a:2a:1d:e3:96:7b:f6:cd:1d:
1f:dc:e4:50:b6:06:87:c1:b8:33:2c:ec:46:0c:e5:
5b:74:4f:ee:54:8b:ed:39:99:07:79:25:fb:19:ad:
51:0e:0f:18:15:9e:72:bd:31:4b:6c:01:02:f1:86:
a9:07:8d:c4:e6:6f:1c:7e:95:12:f7:25:97:e2:56:
37:a3:d5:4f:fe:7d:aa:e5:b5:2d:86:82:2b:9b:f8:
98:5d:fb:b8:3c:33:c9:77:3b:ef:d8:d7:25:4b:ce:
f8:2d:5d:6b:77:a0:d9:04:30:83:0d:44:7c:47:5b:
a2:e9:84:2a:20:11:d0:1b:4d:a1:d7:7c:08:9a:cf:
2b:ba:71:95:06:3f:d2:c5:41:75:07:15:03:e8:2d:
86:04:2e:f9:77:68:f8:9d:a2:1e:10:6c:8a:f7:94:
3d:4e:24:8a:ac:3c:f4:db:13:ba:b7:7f:38:55:5a:
f0:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:FF:47:B0:51:1D:9F:B2:8D:80:EA:9A:42:EB:23:E6:79:A3:EA:2E
X509v3 Authority Key Identifier:
keyid:0B:9C:CA:90:DD:0D:7A:8A:37:66:6B:19:21:7F:E0:D8:40:37:B7:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
2e:10:ec:03:e6:da:e1:40:3b:f4:b6:b8:e6:81:b9:5d:80:77:
19:6f:ae:c0:92:0d:4d:df:dc:d7:5d:de:82:e6:19:57:57:2c:
4d:43:58:14:26:69:58:8e:84:55:6c:2f:85:2e:b5:e1:2f:9e:
01:82:23:69:ce:3f:25:e3:ef:2a:a1:a0:17:d1:85:bf:e8:a6:
db:84:51:82:9b:2d:56:46:70:ba:d2:ff:ae:2d:f1:76:c4:2c:
20:58:c6:25:70:ab:f5:3d:df:24:63:47:5b:12:fe:ad:7f:70:
e2:2e:e6:a8:56:f1:dd:fb:31:02:ef:8d:7e:1a:75:55:b5:bb:
e9:c3:77:67:fa:5e:e9:db:7a:3a:b5:30:4a:df:ec:e0:e7:d4:
9f:46:7c:5c:6b:7d:bd:3e:e4:7a:e3:5a:ba:4a:32:d9:ec:73:
f4:98:9b:6a:de:da:cd:fe:74:0a:8b:47:aa:f2:bc:4e:3b:7e:
af:2d:52:83:93:da:bc:f9:7d:97:3d:3a:fe:c8:97:48:ca:fb:
cb:ed:0b:52:f3:0f:2f:a0:fe:1d:df:8c:73:d6:1f:18:37:05:
95:d5:6a:21:d0:d8:84:66:08:eb:ff:48:8e:0a:c4:b4:99:94:
4e:0b:43:da:eb:e3:61:de:fb:f9:ef:d1:44:11:a3:81:10:c7:
63:50:b2:2e
-----BEGIN CERTIFICATE-----
MIIE6jCCA9KgAwIBAgICAQcwDQYJKoZIhvcNAQELBQAwJjEkMCIGA1UEAxMbYXBu
aWMtcnBraS1yb290LWlhbmEtb3JpZ2luMB4XDTI1MDkxNTA2MjA1OFoXDTI1MTAy
MjA2MjA1OFowGDEWMBQGA1UEAxMNNjhjN2IwNGEtOWVhMzCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAKYl79JVxFj6k2jkChx3UBcunqqoZDJHhRxjoHXS
BvsNezNpK00J2kzwDL/PxeR+B4yDrFz0JyR1KDh2eNN9ptKmq53nOseQey1q7FPd
4K5Piiod45Z79s0dH9zkULYGh8G4MyzsRgzlW3RP7lSL7TmZB3kl+xmtUQ4PGBWe
cr0xS2wBAvGGqQeNxOZvHH6VEvcll+JWN6PVT/59quW1LYaCK5v4mF37uDwzyXc7
79jXJUvO+C1da3eg2QQwgw1EfEdboumEKiAR0BtNodd8CJrPK7pxlQY/0sVBdQcV
A+gthgQu+Xdo+J2iHhBsiveUPU4kiqw89NsTurd/OFVa8EsCAwEAAaOCAi4wggIq
MB0GA1UdDgQWBBTi/0ewUR2fso2A6ppC6yPmeaPqLjAfBgNVHSMEGDAWgBQLnMqQ
3Q16ijdmaxkhf+DYQDe3ojAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5LzgzOERCMjE0MTY2
NTExRTJCM0JDMjg2MTcyRkQxRkYyL0M1ektrTjBOZW9vM1ptc1pJWF9nMkVBM3Q2
SS5jcmwwXQYIKwYBBQUHAQEEUTBPME0GCCsGAQUFBzAChkFyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvYXBuaWMtcnBraS1yb290LWlhbmEtb3JpZ2lu
LmNlcjBKBgNVHSABAf8EQDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0
dHBzOi8vd3d3LmFwbmljLm5ldC9SUEtJL0NQUy5wZGYwfgYIKwYBBQUHAQsEcjBw
MG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkv
ODM4REIyMTQxNjY1MTFFMkIzQkMyODYxNzJGRDFGRjIvQzV6S2tOME5lb28zWm1z
WklYX2cyRUEzdDZJLm1mdDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEGCCsGAQUF
BwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQADggEBAC4Q
7APm2uFAO/S2uOaBuV2AdxlvrsCSDU3f3Ndd3oLmGVdXLE1DWBQmaViOhFVsL4Uu
teEvngGCI2nOPyXj7yqhoBfRhb/optuEUYKbLVZGcLrS/64t8XbELCBYxiVwq/U9
3yRjR1sS/q1/cOIu5qhW8d37MQLvjX4adVW1u+nDd2f6Xunbejq1MErf7ODn1J9G
fFxrfb0+5HrjWrpKMtnsc/SYm2re2s3+dAqLR6ryvE47fq8tUoOT2rz5fZc9Ov7I
l0jK+8vtC1LzDy+g/h3fjHPWHxg3BZXVaiHQ2IRmCOv/SI4KxLSZlE4LQ9rr42He
+/nv0UQRo4EQx2NQsi4=
-----END CERTIFICATE-----
Generated at Mon Sep 15 17:54:08 2025 by rpki-client