Manifest
$ rpki-client -vvf rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
File: C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft (raw, json)
Hash identifier: 6bVWV9u2sQjBR0Qn8UBbNWNTnInl4eFumrqfAzm7pq0=
Subject key identifier: F8:CC:34:B0:65:BA:21:8C:B8:D5:EC:D1:A7:7B:66:59:90:91:9D:02
Authority key identifier: 0B:9C:CA:90:DD:0D:7A:8A:37:66:6B:19:21:7F:E0:D8:40:37:B7:A2
Certificate issuer: /CN=apnic-rpki-root-iana-origin
Certificate serial: 0106
Authority info access: rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Subject info access: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
Manifest number: D0
Signing time: Mon 11 Aug 2025 22:49:29 +0000
Manifest this update: Mon 11 Aug 2025 22:49:29 +0000
Manifest next update: Thu 18 Sep 2025 22:49:29 +0000
Files and hashes: 1: C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl (hash: aAEc8W0G1EztcS9o0T9JjNzN7ftARDEsZDQZE9twZkc=)
2: mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer (hash: Gp4osGE4UQ9LkF7mLZIVmTaSgfEvlpp2XSQvK1Ebkj0=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 18 Sep 2025 22:49:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 262 (0x106)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=apnic-rpki-root-iana-origin
Validity
Not Before: Aug 11 22:49:29 2025 GMT
Not After : Sep 18 22:49:29 2025 GMT
Subject: CN=689a7379-f4c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:58:15:da:4b:d8:60:53:33:1a:30:ff:0a:99:
29:08:6f:b7:5e:c9:95:54:b5:b7:89:37:f6:c1:34:
4d:ca:a7:62:32:99:8e:54:bf:67:3a:df:32:b2:7a:
0c:34:38:13:2c:59:9e:65:3f:a5:89:f5:eb:48:47:
8b:19:56:3e:05:d4:eb:8b:39:be:18:49:d5:48:c7:
16:b6:ea:06:28:11:6f:b1:84:85:e2:3e:a8:19:10:
ed:c3:c2:33:37:85:39:62:5e:72:e0:67:81:b6:39:
8e:61:8a:03:80:63:d6:df:1d:f0:b2:18:2b:9e:cf:
be:c0:aa:63:91:98:e4:3b:bf:22:35:fe:01:dc:86:
19:c9:f7:38:af:db:6f:1e:7b:da:92:2e:b4:cc:da:
a1:d8:92:b1:bc:04:8f:f7:4c:8e:38:46:fc:77:ed:
40:3d:99:b6:1e:9d:4d:43:9d:75:9e:a2:c8:72:b6:
e1:a8:3d:46:41:7b:1b:a0:e4:30:02:85:47:e6:19:
94:8d:7d:54:20:28:cc:8e:12:67:ec:c2:3a:56:ed:
5e:fb:19:ca:9f:d9:b9:55:c1:0d:67:59:be:e1:ac:
6f:65:b8:51:2e:bd:da:71:c4:c2:b6:67:d3:cb:ba:
9a:15:a7:1d:a8:85:c6:75:c0:d3:fe:52:dc:b7:48:
5f:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:CC:34:B0:65:BA:21:8C:B8:D5:EC:D1:A7:7B:66:59:90:91:9D:02
X509v3 Authority Key Identifier:
keyid:0B:9C:CA:90:DD:0D:7A:8A:37:66:6B:19:21:7F:E0:D8:40:37:B7:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
c5:84:05:ee:40:01:b6:01:db:dd:d1:2c:59:16:59:e6:44:b9:
ab:2a:44:2b:27:a2:55:10:df:2a:de:b4:e2:6e:67:38:3d:eb:
cc:70:d9:bf:40:d3:72:07:33:7b:84:52:6c:cd:a5:0b:b4:35:
8b:c9:f0:08:e0:f4:b7:46:f8:cc:a6:2a:92:d0:3c:38:c7:c6:
08:d6:ba:e9:73:c5:21:fb:4a:3d:fc:49:db:4b:48:18:12:59:
0d:7e:4a:73:1e:93:72:ce:92:c4:28:47:bc:40:e0:1c:23:c4:
8d:b2:ea:40:61:85:90:8f:d2:95:c3:bb:4d:4d:18:0c:65:4d:
da:32:80:1a:9b:2c:2c:d5:ac:64:74:ea:8a:7c:36:95:e3:04:
ed:62:4d:22:a5:94:0b:fc:f4:2c:60:fd:77:f7:4d:cc:1a:c5:
65:39:43:e6:ab:59:73:b2:20:0a:c9:1e:ac:b6:a1:dd:65:ad:
3f:5b:42:a6:eb:e6:45:fa:46:28:1b:16:ab:cd:82:ea:62:d7:
48:24:b5:c2:41:33:50:f3:20:66:de:1d:ae:5a:81:1a:21:b3:
3c:e2:a3:c6:f2:5f:3d:e5:ae:06:e4:31:e5:34:7e:6f:4f:d3:
19:de:48:e5:63:0b:34:96:85:bf:08:96:9e:55:c5:f2:f0:f5:
2d:e4:51:ca
-----BEGIN CERTIFICATE-----
MIIE6jCCA9KgAwIBAgICAQYwDQYJKoZIhvcNAQELBQAwJjEkMCIGA1UEAxMbYXBu
aWMtcnBraS1yb290LWlhbmEtb3JpZ2luMB4XDTI1MDgxMTIyNDkyOVoXDTI1MDkx
ODIyNDkyOVowGDEWMBQGA1UEAxMNNjg5YTczNzktZjRjMDCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAMJYFdpL2GBTMxow/wqZKQhvt17JlVS1t4k39sE0
TcqnYjKZjlS/ZzrfMrJ6DDQ4EyxZnmU/pYn160hHixlWPgXU64s5vhhJ1UjHFrbq
BigRb7GEheI+qBkQ7cPCMzeFOWJecuBngbY5jmGKA4Bj1t8d8LIYK57PvsCqY5GY
5Du/IjX+AdyGGcn3OK/bbx572pIutMzaodiSsbwEj/dMjjhG/HftQD2Zth6dTUOd
dZ6iyHK24ag9RkF7G6DkMAKFR+YZlI19VCAozI4SZ+zCOlbtXvsZyp/ZuVXBDWdZ
vuGsb2W4US692nHEwrZn08u6mhWnHaiFxnXA0/5S3LdIX0sCAwEAAaOCAi4wggIq
MB0GA1UdDgQWBBT4zDSwZbohjLjV7NGne2ZZkJGdAjAfBgNVHSMEGDAWgBQLnMqQ
3Q16ijdmaxkhf+DYQDe3ojAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5LzgzOERCMjE0MTY2
NTExRTJCM0JDMjg2MTcyRkQxRkYyL0M1ektrTjBOZW9vM1ptc1pJWF9nMkVBM3Q2
SS5jcmwwXQYIKwYBBQUHAQEEUTBPME0GCCsGAQUFBzAChkFyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvYXBuaWMtcnBraS1yb290LWlhbmEtb3JpZ2lu
LmNlcjBKBgNVHSABAf8EQDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0
dHBzOi8vd3d3LmFwbmljLm5ldC9SUEtJL0NQUy5wZGYwfgYIKwYBBQUHAQsEcjBw
MG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkv
ODM4REIyMTQxNjY1MTFFMkIzQkMyODYxNzJGRDFGRjIvQzV6S2tOME5lb28zWm1z
WklYX2cyRUEzdDZJLm1mdDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEGCCsGAQUF
BwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQADggEBAMWE
Be5AAbYB293RLFkWWeZEuasqRCsnolUQ3yretOJuZzg968xw2b9A03IHM3uEUmzN
pQu0NYvJ8Ajg9LdG+MymKpLQPDjHxgjWuulzxSH7Sj38SdtLSBgSWQ1+SnMek3LO
ksQoR7xA4BwjxI2y6kBhhZCP0pXDu01NGAxlTdoygBqbLCzVrGR06op8NpXjBO1i
TSKllAv89Cxg/Xf3TcwaxWU5Q+arWXOyIArJHqy2od1lrT9bQqbr5kX6RigbFqvN
gupi10gktcJBM1DzIGbeHa5agRohszzio8byXz3lrgbkMeU0fm9P0xneSOVjCzSW
hb8Ilp5VxfLw9S3kUco=
-----END CERTIFICATE-----
Generated at Fri Aug 22 08:21:22 2025 by rpki-client