Manifest
$ rpki-client -vvf rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
File: C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft (raw, json)
Hash identifier: 4mgpEN8tpEablFRvspsUMn884UVOzzLD7qCPhtOUa9I=
Subject key identifier: 3C:F9:5B:EC:51:E4:3E:B8:72:A8:39:A1:50:4D:93:EF:3E:D6:04:2B
Authority key identifier: 0B:9C:CA:90:DD:0D:7A:8A:37:66:6B:19:21:7F:E0:D8:40:37:B7:A2
Certificate issuer: /CN=apnic-rpki-root-iana-origin
Certificate serial: 011A
Authority info access: rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Subject info access: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
Manifest number: DF
Signing time: Thu 18 Jun 2026 22:49:39 +0000
Manifest this update: Thu 18 Jun 2026 22:49:38 +0000
Manifest next update: Sat 25 Jul 2026 22:49:38 +0000
Files and hashes: 1: C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl (hash: u+YaXHlyJTAHxJsCizZtW5GgiZGTmJ0+NnSMkejUtPE=)
2: mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer (hash: fiDZDvdfq6DVLcKlILUGaJIk1RP+bzpIIYUKpuUhjAc=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 Jul 2026 22:49:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 282 (0x11a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=apnic-rpki-root-iana-origin
Validity
Not Before: Jun 18 22:49:38 2026 GMT
Not After : Jul 25 22:49:38 2026 GMT
Subject: CN=6a347602-77a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:5e:e6:31:ca:22:68:9e:54:a9:81:6b:b5:ff:
ec:c8:ee:14:93:41:2d:74:9d:37:20:ef:e0:31:62:
a2:25:93:41:b9:d3:5b:49:d1:46:f3:8b:73:a4:da:
76:93:10:fb:8e:c5:be:28:c6:ea:2e:ce:30:e3:ec:
73:06:f4:39:42:ef:7a:df:c3:e5:7b:96:aa:eb:13:
06:3f:9b:25:b8:27:a6:69:86:69:ba:3e:82:7c:5c:
ca:c9:75:f3:c5:9a:a7:e3:1a:ca:5e:be:c4:dd:85:
9a:11:e5:4a:c4:48:97:cc:07:62:93:89:60:ce:94:
e5:89:4c:bb:80:33:de:15:c6:10:79:b8:0b:75:6a:
0f:5e:cf:eb:c9:a6:cc:83:8e:4e:ac:18:29:4c:16:
0e:66:c4:1f:85:e8:fe:58:77:7e:2a:59:ba:67:17:
a8:d4:31:de:22:dc:99:a9:eb:5c:d9:0e:a1:33:e4:
4c:00:99:7e:3c:b5:4c:bb:73:a1:1a:7e:91:8a:e7:
3f:7a:01:fa:42:cd:89:d1:5c:ac:11:3a:47:ff:ba:
62:00:f8:d4:31:72:f4:c4:27:ad:55:a0:18:73:79:
1b:5f:c4:dd:1e:8f:e7:0e:79:4e:66:a0:92:1f:7f:
71:08:2d:60:10:37:0d:71:bd:78:fe:a5:ba:b1:00:
09:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:F9:5B:EC:51:E4:3E:B8:72:A8:39:A1:50:4D:93:EF:3E:D6:04:2B
X509v3 Authority Key Identifier:
keyid:0B:9C:CA:90:DD:0D:7A:8A:37:66:6B:19:21:7F:E0:D8:40:37:B7:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
0f:0a:4b:48:25:d0:e5:ff:41:75:84:5d:bd:f5:91:08:d6:33:
75:57:b0:92:c8:d5:6d:5e:b8:de:d9:a6:15:10:8b:af:dc:5d:
20:c7:4b:c5:28:67:36:c7:85:34:8f:c8:bb:51:2f:80:b3:38:
1d:d7:4b:a5:8d:f7:ac:56:c6:ec:10:5c:8c:89:df:ad:03:b4:
bb:5a:02:a5:0e:35:f0:29:2c:52:4e:ad:af:f9:8e:5a:c4:75:
e9:35:35:5c:a3:6b:23:34:a5:b1:b1:93:8e:4d:f9:27:0b:e9:
df:af:42:c1:da:4c:d1:a2:98:9a:4a:d4:50:5f:cf:9f:05:68:
07:4a:f9:53:47:23:47:1b:44:83:47:43:4e:be:41:cb:76:8b:
45:c0:75:d2:34:04:3a:7b:18:6a:d1:92:89:22:f3:33:ac:e7:
ad:9c:c6:c8:ff:8d:62:69:9f:94:5f:83:84:6c:f6:5d:f4:0b:
9d:b6:73:4d:36:af:ba:81:8e:22:ec:33:70:19:a0:49:11:c6:
1c:63:09:52:be:0e:18:22:d7:96:1d:3c:25:5e:8a:1e:e3:5a:
71:cf:a9:a1:df:66:85:c6:b7:33:9b:ff:cb:e9:5f:37:70:c5:
51:e6:00:5f:c0:c4:a8:f5:23:05:7a:75:93:de:85:6f:78:da:
37:1b:61:8c
-----BEGIN CERTIFICATE-----
MIIE6jCCA9KgAwIBAgICARowDQYJKoZIhvcNAQELBQAwJjEkMCIGA1UEAxMbYXBu
aWMtcnBraS1yb290LWlhbmEtb3JpZ2luMB4XDTI2MDYxODIyNDkzOFoXDTI2MDcy
NTIyNDkzOFowGDEWMBQGA1UEAxMNNmEzNDc2MDItNzdhMTCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAKJe5jHKImieVKmBa7X/7MjuFJNBLXSdNyDv4DFi
oiWTQbnTW0nRRvOLc6TadpMQ+47FvijG6i7OMOPscwb0OULvet/D5XuWqusTBj+b
JbgnpmmGabo+gnxcysl188Wap+Mayl6+xN2FmhHlSsRIl8wHYpOJYM6U5YlMu4Az
3hXGEHm4C3VqD17P68mmzIOOTqwYKUwWDmbEH4Xo/lh3fipZumcXqNQx3iLcmanr
XNkOoTPkTACZfjy1TLtzoRp+kYrnP3oB+kLNidFcrBE6R/+6YgD41DFy9MQnrVWg
GHN5G1/E3R6P5w55Tmagkh9/cQgtYBA3DXG9eP6lurEACQ0CAwEAAaOCAi4wggIq
MB0GA1UdDgQWBBQ8+VvsUeQ+uHKoOaFQTZPvPtYEKzAfBgNVHSMEGDAWgBQLnMqQ
3Q16ijdmaxkhf+DYQDe3ojAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5LzgzOERCMjE0MTY2
NTExRTJCM0JDMjg2MTcyRkQxRkYyL0M1ektrTjBOZW9vM1ptc1pJWF9nMkVBM3Q2
SS5jcmwwXQYIKwYBBQUHAQEEUTBPME0GCCsGAQUFBzAChkFyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvYXBuaWMtcnBraS1yb290LWlhbmEtb3JpZ2lu
LmNlcjBKBgNVHSABAf8EQDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0
dHBzOi8vd3d3LmFwbmljLm5ldC9SUEtJL0NQUy5wZGYwfgYIKwYBBQUHAQsEcjBw
MG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkv
ODM4REIyMTQxNjY1MTFFMkIzQkMyODYxNzJGRDFGRjIvQzV6S2tOME5lb28zWm1z
WklYX2cyRUEzdDZJLm1mdDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEGCCsGAQUF
BwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQADggEBAA8K
S0gl0OX/QXWEXb31kQjWM3VXsJLI1W1euN7ZphUQi6/cXSDHS8UoZzbHhTSPyLtR
L4CzOB3XS6WN96xWxuwQXIyJ360DtLtaAqUONfApLFJOra/5jlrEdek1NVyjayM0
pbGxk45N+ScL6d+vQsHaTNGimJpK1FBfz58FaAdK+VNHI0cbRINHQ06+Qct2i0XA
ddI0BDp7GGrRkoki8zOs562cxsj/jWJpn5Rfg4Rs9l30C522c002r7qBjiLsM3AZ
oEkRxhxjCVK+Dhgi15YdPCVeih7jWnHPqaHfZoXGtzOb/8vpXzdwxVHmAF/AxKj1
IwV6dZPehW942jcbYYw=
-----END CERTIFICATE-----
Generated at Tue Jun 23 10:32:11 2026 by rpki-client