Manifest
$ rpki-client -vvf rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
File: mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft (raw, json)
Hash identifier: ltVi3z+SU6d7+S63v+aLhh6TYcZR4FLGxqvj6wWiNMU=
Subject key identifier: BD:4F:A8:DC:A6:AE:24:54:B9:E0:A3:B1:BB:42:BF:4E:51:3E:85:77
Authority key identifier: 98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
Certificate issuer: /CN=apnic-rpki-root-intermediate/serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
Certificate serial: 0391
Authority info access: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
Subject info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
Manifest number: 01C3
Signing time: Thu 13 Mar 2025 22:44:02 +0000
Manifest this update: Thu 13 Mar 2025 22:44:02 +0000
Manifest next update: Sun 20 Apr 2025 22:44:02 +0000
Files and hashes: 1: mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl (hash: bs5PwMqppO2v+R5SreePgxEKfT6D0oeJ6fQkRW1u34M=)
2: DmWk9f02tb1o6zySNAiXjJB6p58.cer (hash: f5O/J7LFGu/Ot9Z0LkMmyXiBH0SnxZeSKXYT5wQmDj8=)
3: dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer (hash: zBoszrNHtEy/8eR7/yv5huFvhXvRU2EbmikNH/RHdTs=)
4: NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer (hash: xbOvcm4cTAO8hyEpcZXnJrtYGPEjfzvMb6rXd6jwTIs=)
5: DPzneFf88B852ZpitKpi5hWedvg.cer (hash: /MHS3Sit3L4L/hosPfsdjiBL9WFnsioWd9nUWmUkMwI=)
6: lqhe9LjK9dTDWhV_ThJe5JS6-Tk.cer (hash: /2yzJwAtTJqt8ivA3yv6yDv5Ialu5ubqlmHKX9paiSo=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 12 Apr 2025 07:53:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 913 (0x391)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=apnic-rpki-root-intermediate
Validity
Not Before: Mar 13 22:44:02 2025 GMT
Not After : Apr 20 22:44:02 2025 GMT
Subject: CN=67d35fb2-ddf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f1:9d:a9:61:62:b0:32:71:19:4c:f5:2d:dc:
c8:1d:0c:7d:2c:10:53:28:ec:18:11:1c:89:c4:91:
aa:7e:cc:c1:75:22:ef:c0:b9:0e:f6:8d:17:e4:a7:
b9:c5:07:8d:32:af:eb:09:c3:19:93:08:5c:1e:11:
a0:84:49:0b:fb:a7:55:55:5c:7d:42:40:a1:3a:f5:
9a:03:49:98:ba:77:f5:39:ef:46:c4:03:33:fc:49:
9a:99:79:03:4f:43:b4:fa:06:dc:76:6d:c1:67:54:
06:7f:cc:74:6c:85:6b:02:87:bf:08:d9:81:ef:ff:
71:fd:a2:19:91:30:a3:7b:09:bd:b2:77:cb:fb:d6:
74:18:0f:9d:0e:31:48:58:dd:82:e6:d7:2e:9b:29:
3f:45:27:38:98:f6:e1:8b:2b:4c:5b:4f:01:52:11:
d1:16:fe:f0:d9:fa:55:51:63:e7:70:3d:7c:12:c0:
4d:2b:36:8b:f7:fc:ce:04:dd:36:6f:9a:3a:3a:b0:
91:ec:57:e7:cd:5a:d7:d5:06:c0:b7:0f:08:dd:60:
7d:a0:1d:31:3a:01:08:7e:8a:ee:33:ad:3b:de:b1:
50:5a:fc:4d:40:21:3c:78:d0:b7:46:66:6a:9f:eb:
99:c2:13:8c:e1:c2:44:fa:7d:45:2b:02:9d:3d:ad:
fd:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:4F:A8:DC:A6:AE:24:54:B9:E0:A3:B1:BB:42:BF:4E:51:3E:85:77
X509v3 Authority Key Identifier:
keyid:98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
c2:e1:9e:33:69:60:ed:42:cc:82:cd:23:6c:7f:5f:6a:d6:83:
a9:b1:e9:a9:9d:30:3a:7d:3e:71:be:7c:55:ae:c6:9d:ff:ec:
0c:c8:0f:38:ab:38:df:77:7e:e6:ea:27:e7:16:67:89:b6:bb:
97:47:3f:5a:fa:b4:72:38:fb:ac:55:89:64:e9:b0:78:81:b9:
1d:8f:e3:95:22:70:2b:68:10:f5:b4:87:22:0e:c2:ff:08:3e:
be:10:08:de:b4:1d:ad:20:16:bb:f5:a5:2c:0f:20:73:a4:31:
a4:52:54:12:43:4b:69:b8:cd:6e:c9:fb:8d:55:e7:a7:9b:44:
ac:1d:b4:fc:d8:6a:d3:45:a3:57:1c:4d:08:58:27:de:95:2b:
bf:07:a3:8f:00:b5:5b:af:41:4b:30:08:02:e1:be:8b:9d:5d:
6e:cd:99:f8:8e:f4:63:cd:10:c9:1d:b7:a5:e1:9c:07:43:10:
8c:d1:d4:62:0f:1a:38:84:cb:d9:34:d0:d9:b2:73:50:14:78:
6a:ea:31:dd:45:c4:1b:f2:dd:fa:2f:44:c5:46:a7:20:6a:37:
11:41:9b:59:ef:2d:2e:a8:4e:41:ed:b6:28:03:52:1c:57:cc:
a8:34:ff:2f:dc:0e:df:99:1d:a9:95:f4:08:11:5a:0a:00:87:
d3:05:63:f8
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgICA5EwDQYJKoZIhvcNAQELBQAwWjElMCMGA1UEAxMcYXBu
aWMtcnBraS1yb290LWludGVybWVkaWF0ZTExMC8GA1UEBRMoOTgxNDJDOUQwQjQx
QTNCOUZCNjAzRDc2OTg0ODIzNkZEMUYzMTkyNDAeFw0yNTAzMTMyMjQ0MDJaFw0y
NTA0MjAyMjQ0MDJaMBgxFjAUBgNVBAMTDTY3ZDM1ZmIyLWRkZjUwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC88Z2pYWKwMnEZTPUt3MgdDH0sEFMo7BgR
HInEkap+zMF1Iu/AuQ72jRfkp7nFB40yr+sJwxmTCFweEaCESQv7p1VVXH1CQKE6
9ZoDSZi6d/U570bEAzP8SZqZeQNPQ7T6Btx2bcFnVAZ/zHRshWsCh78I2YHv/3H9
ohmRMKN7Cb2yd8v71nQYD50OMUhY3YLm1y6bKT9FJziY9uGLK0xbTwFSEdEW/vDZ
+lVRY+dwPXwSwE0rNov3/M4E3TZvmjo6sJHsV+fNWtfVBsC3DwjdYH2gHTE6AQh+
iu4zrTvesVBa/E1AITx40LdGZmqf65nCE4zhwkT6fUUrAp09rf2tAgMBAAGjggJP
MIICSzAdBgNVHQ4EFgQUvU+o3KauJFS54KOxu0K/TlE+hXcwHwYDVR0jBBgwFoAU
mBQsnQtBo7n7YD12mEgjb9HzGSQwDgYDVR0PAQH/BAQDAgeAMHMGA1UdHwRsMGow
aKBmoGSGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJF
MEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9tQlFzblF0Qm83bjdZRDEybUVnamI5
SHpHU1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5LzgzOERCMjE0MTY2NTExRTJCM0JDMjg2
MTcyRkQxRkYyL21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdTUS5jZXIwSgYDVR0g
AQH/BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5h
cG5pYy5uZXQvUlBLSS9DUFMucGRmMH4GCCsGAQUFBwELBHIwcDBuBggrBgEFBQcw
C4ZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5Lzk4MDY1MkUwQjc3
RTExRTdBOTZBMzk1MjFBNEY0RkI0L21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdT
US5tZnQwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAw
BgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQDC4Z4zaWDtQsyCzSNs
f19q1oOpsempnTA6fT5xvnxVrsad/+wMyA84qzjfd37m6ifnFmeJtruXRz9a+rRy
OPusVYlk6bB4gbkdj+OVInAraBD1tIciDsL/CD6+EAjetB2tIBa79aUsDyBzpDGk
UlQSQ0tpuM1uyfuNVeenm0SsHbT82GrTRaNXHE0IWCfelSu/B6OPALVbr0FLMAgC
4b6LnV1uzZn4jvRjzRDJHbel4ZwHQxCM0dRiDxo4hMvZNNDZsnNQFHhq6jHdRcQb
8t36L0TFRqcgajcRQZtZ7y0uqE5B7bYoA1IcV8yoNP8v3A7fmR2plfQIEVoKAIfT
BWP4
-----END CERTIFICATE-----
Generated at Thu Apr 3 07:50:44 2025 by rpki-client