Manifest
$ rpki-client -vvf rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
File: C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft (raw, json)
Hash identifier: 4Vr4YYFP0qrlZLHSSJzNVNpbMTSm1MnoF2pbQby1bSw=
Subject key identifier: FD:B2:B8:1A:FB:9B:70:0F:03:E9:1F:2E:A9:27:05:63:49:53:04:7D
Authority key identifier: 0B:9C:CA:90:DD:0D:7A:8A:37:66:6B:19:21:7F:E0:D8:40:37:B7:A2
Certificate issuer: /CN=apnic-rpki-root-iana-origin
Certificate serial: 0108
Authority info access: rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Subject info access: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
Manifest number: D2
Signing time: Wed 15 Oct 2025 22:58:48 +0000
Manifest this update: Wed 15 Oct 2025 22:58:47 +0000
Manifest next update: Sat 22 Nov 2025 22:58:47 +0000
Files and hashes: 1: C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl (hash: t4bntdF5rOsENqSQi8ai7mLz37NdTv6siqGKvtqiG+c=)
2: mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer (hash: Gp4osGE4UQ9LkF7mLZIVmTaSgfEvlpp2XSQvK1Ebkj0=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 22 Nov 2025 22:58:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 264 (0x108)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=apnic-rpki-root-iana-origin
Validity
Not Before: Oct 15 22:58:47 2025 GMT
Not After : Nov 22 22:58:47 2025 GMT
Subject: CN=68f02728-8257
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:83:77:7f:8b:60:d7:04:5c:bc:13:c4:b3:21:
77:3f:c1:d2:6a:f1:d5:b8:45:f6:b2:a9:31:69:c0:
cd:d7:12:6a:03:9e:6b:95:39:63:e1:93:1f:f6:76:
09:28:93:c4:fd:bf:84:fa:cf:fc:66:76:82:c4:58:
a9:e2:10:f7:84:8f:67:51:f5:9a:dd:f1:27:cb:74:
ed:c7:f9:3e:51:d2:4f:92:10:84:d8:fa:13:d0:fc:
11:71:b4:4f:70:32:31:eb:04:f2:bd:8e:7f:97:b8:
fe:ff:8b:29:45:d8:3e:db:66:4e:cb:4d:97:21:37:
5e:ec:24:de:7a:0a:2e:d7:f7:a6:5b:83:9d:46:cf:
9b:ca:6a:dc:7a:5c:f2:74:80:ef:28:fe:5f:1f:65:
ca:7b:01:79:33:b6:38:39:2a:00:ef:08:95:09:45:
e5:6f:73:9b:a6:cc:59:38:16:a8:e0:6b:da:20:75:
d5:45:d3:da:70:8a:99:be:02:a7:44:89:02:62:d8:
51:e0:1c:dc:09:62:ac:6a:8a:46:db:b4:3e:69:66:
81:74:01:ad:09:a4:36:73:40:21:00:cb:27:bd:37:
b0:36:fd:df:fc:5f:53:6b:46:72:f0:2a:ba:28:8e:
68:6a:1b:33:0d:95:94:41:42:bf:34:d9:70:f2:09:
42:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:B2:B8:1A:FB:9B:70:0F:03:E9:1F:2E:A9:27:05:63:49:53:04:7D
X509v3 Authority Key Identifier:
keyid:0B:9C:CA:90:DD:0D:7A:8A:37:66:6B:19:21:7F:E0:D8:40:37:B7:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
3a:1d:cb:08:e4:aa:72:16:79:35:0f:ea:02:2f:bc:29:4f:a7:
41:3a:1e:44:58:fb:2d:ef:fa:8a:fb:e9:2f:05:25:87:13:75:
2a:b7:a2:78:56:74:50:ce:b7:45:ca:cb:db:ea:9b:9d:70:f4:
a9:df:4d:a3:e3:c8:e7:df:2b:f0:b8:2d:80:04:73:79:9e:90:
54:e0:83:f0:2b:84:56:94:74:b4:64:69:6a:ad:a8:e5:23:eb:
c3:e8:37:99:db:bf:bf:15:2f:06:85:7e:98:35:3d:59:2a:f3:
40:4d:d4:52:ed:53:68:6b:ee:84:e1:19:c4:7d:25:7e:1f:1e:
9a:45:e4:2f:f3:c4:b6:f9:d3:93:e8:8f:d2:c0:35:73:dd:60:
e5:90:37:f4:ce:54:20:93:6d:34:2b:71:dd:e7:9f:30:fc:be:
ef:b3:43:84:9e:e9:66:25:76:f7:70:ff:b9:62:9b:96:58:5e:
8e:f2:63:39:b0:a4:61:ce:49:71:a1:41:90:cf:95:9c:3d:d4:
0e:d8:90:c8:8a:30:89:e0:8b:2a:36:b5:09:70:36:57:6c:44:
15:ac:c2:81:10:a4:24:ed:07:5f:6c:07:77:98:ab:fa:a1:4d:
de:31:d0:15:ee:3f:dc:1c:25:f1:69:50:80:f4:55:3d:09:2c:
f1:7f:37:3c
-----BEGIN CERTIFICATE-----
MIIE6jCCA9KgAwIBAgICAQgwDQYJKoZIhvcNAQELBQAwJjEkMCIGA1UEAxMbYXBu
aWMtcnBraS1yb290LWlhbmEtb3JpZ2luMB4XDTI1MTAxNTIyNTg0N1oXDTI1MTEy
MjIyNTg0N1owGDEWMBQGA1UEAxMNNjhmMDI3MjgtODI1NzCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAMuDd3+LYNcEXLwTxLMhdz/B0mrx1bhF9rKpMWnA
zdcSagOea5U5Y+GTH/Z2CSiTxP2/hPrP/GZ2gsRYqeIQ94SPZ1H1mt3xJ8t07cf5
PlHST5IQhNj6E9D8EXG0T3AyMesE8r2Of5e4/v+LKUXYPttmTstNlyE3Xuwk3noK
Ltf3pluDnUbPm8pq3Hpc8nSA7yj+Xx9lynsBeTO2ODkqAO8IlQlF5W9zm6bMWTgW
qOBr2iB11UXT2nCKmb4Cp0SJAmLYUeAc3AlirGqKRtu0PmlmgXQBrQmkNnNAIQDL
J703sDb93/xfU2tGcvAquiiOaGobMw2VlEFCvzTZcPIJQnECAwEAAaOCAi4wggIq
MB0GA1UdDgQWBBT9srga+5twDwPpHy6pJwVjSVMEfTAfBgNVHSMEGDAWgBQLnMqQ
3Q16ijdmaxkhf+DYQDe3ojAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5LzgzOERCMjE0MTY2
NTExRTJCM0JDMjg2MTcyRkQxRkYyL0M1ektrTjBOZW9vM1ptc1pJWF9nMkVBM3Q2
SS5jcmwwXQYIKwYBBQUHAQEEUTBPME0GCCsGAQUFBzAChkFyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvYXBuaWMtcnBraS1yb290LWlhbmEtb3JpZ2lu
LmNlcjBKBgNVHSABAf8EQDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0
dHBzOi8vd3d3LmFwbmljLm5ldC9SUEtJL0NQUy5wZGYwfgYIKwYBBQUHAQsEcjBw
MG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkv
ODM4REIyMTQxNjY1MTFFMkIzQkMyODYxNzJGRDFGRjIvQzV6S2tOME5lb28zWm1z
WklYX2cyRUEzdDZJLm1mdDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEGCCsGAQUF
BwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQADggEBADod
ywjkqnIWeTUP6gIvvClPp0E6HkRY+y3v+or76S8FJYcTdSq3onhWdFDOt0XKy9vq
m51w9KnfTaPjyOffK/C4LYAEc3mekFTgg/ArhFaUdLRkaWqtqOUj68PoN5nbv78V
LwaFfpg1PVkq80BN1FLtU2hr7oThGcR9JX4fHppF5C/zxLb505Poj9LANXPdYOWQ
N/TOVCCTbTQrcd3nnzD8vu+zQ4Se6WYldvdw/7lim5ZYXo7yYzmwpGHOSXGhQZDP
lZw91A7YkMiKMIngiyo2tQlwNldsRBWswoEQpCTtB19sB3eYq/qhTd4x0BXuP9wc
JfFpUID0VT0JLPF/Nzw=
-----END CERTIFICATE-----
Generated at Thu Oct 16 21:46:37 2025 by rpki-client