Manifest
$ rpki-client -vvf rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
File: C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft (raw, json)
Hash identifier: eMb7AXiO5qfrxeYPJj3a6dq9Ml16HnB7TYmGhIOzmJE=
Subject key identifier: 9C:43:F6:4A:B1:3A:F4:C9:0F:F2:6C:96:45:12:5A:2F:CF:63:6E:CE
Authority key identifier: 0B:9C:CA:90:DD:0D:7A:8A:37:66:6B:19:21:7F:E0:D8:40:37:B7:A2
Certificate issuer: /CN=apnic-rpki-root-iana-origin
Certificate serial: 0119
Authority info access: rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Subject info access: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
Manifest number: DE
Signing time: Fri 15 May 2026 01:32:33 +0000
Manifest this update: Fri 15 May 2026 01:32:32 +0000
Manifest next update: Mon 22 Jun 2026 01:32:32 +0000
Files and hashes: 1: C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl (hash: Llb+1z8s+sorp3h/YKqZGn8EHvVIWGBXLT91U7SgPyw=)
2: mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer (hash: fiDZDvdfq6DVLcKlILUGaJIk1RP+bzpIIYUKpuUhjAc=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 22 Jun 2026 01:32:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 281 (0x119)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=apnic-rpki-root-iana-origin
Validity
Not Before: May 15 01:32:32 2026 GMT
Not After : Jun 22 01:32:32 2026 GMT
Subject: CN=6a0677b0-ed7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:e1:78:a3:42:1f:64:aa:87:7d:ed:11:47:d5:
7c:82:18:7e:ff:4f:08:ce:d9:3d:d9:b2:2f:cf:2f:
68:24:0d:9a:db:c9:b6:07:d6:00:f9:e4:0c:9a:d5:
f4:84:39:83:e1:8f:e3:13:08:5e:52:f2:3a:96:06:
f9:59:ca:d2:38:f7:09:7a:e4:b7:42:b7:11:1c:36:
4b:a7:6a:2d:6f:ac:6d:56:83:4b:76:87:1b:b7:9f:
89:1b:cb:2c:fa:79:92:37:e4:7b:e1:99:a2:27:1c:
1b:4f:a2:d6:b5:dc:a7:7f:31:f5:65:7e:30:13:14:
82:8a:06:f5:08:a3:69:4b:77:b5:b6:88:46:95:aa:
ba:d1:b0:4c:8e:ae:30:8c:a6:54:4e:18:a1:5a:c0:
7c:57:3f:9d:4f:6d:34:50:f2:43:f7:a6:bf:9b:3a:
2d:78:ed:b4:79:7b:df:90:e1:ba:80:1f:32:e6:e6:
2b:12:b3:e0:c2:87:c1:37:02:5a:e9:1f:7e:b4:fe:
1b:20:dc:9a:84:34:44:97:94:e3:0c:3d:c6:84:89:
3f:ee:5f:3b:fb:ee:f0:cc:8f:0d:2e:a8:9b:df:e2:
d1:89:8f:be:85:03:ca:35:9e:2d:0b:12:d0:f7:2f:
4e:10:5a:f0:51:4f:da:6f:70:24:1d:28:fc:7a:af:
0c:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:43:F6:4A:B1:3A:F4:C9:0F:F2:6C:96:45:12:5A:2F:CF:63:6E:CE
X509v3 Authority Key Identifier:
keyid:0B:9C:CA:90:DD:0D:7A:8A:37:66:6B:19:21:7F:E0:D8:40:37:B7:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
33:e4:c6:99:65:e9:76:5a:0a:59:54:72:57:18:89:d3:33:aa:
0d:54:09:11:4b:ec:37:61:1c:56:4f:8b:ad:d1:56:54:4f:5d:
c7:59:3d:91:d0:df:40:80:91:f2:f7:10:c3:7c:10:a4:de:61:
2b:45:f8:62:ab:3d:d7:5f:f3:a0:f1:aa:7e:ae:38:3f:0f:49:
34:65:65:6b:46:a6:62:c2:0c:9c:fe:f8:57:d0:93:a3:fe:0e:
f9:49:4a:fb:91:40:c6:4c:83:a2:22:06:f8:87:49:95:0c:7d:
23:7e:91:27:2d:fd:74:34:e6:df:7e:e2:15:fb:fd:f3:01:23:
0e:9c:21:43:73:fe:23:94:71:13:bb:87:1b:77:58:f1:f5:d0:
84:9f:aa:10:5a:68:6d:17:73:dc:1e:0d:5b:b5:de:86:65:af:
9e:c0:a8:b1:e5:3c:1c:76:d0:fc:5c:41:92:e8:7b:6c:2c:81:
cc:46:13:22:71:84:f0:41:2d:76:5a:a8:6a:79:b0:6f:17:ec:
c0:ce:c7:09:31:ef:70:55:d8:38:33:f8:e2:b8:3e:7a:68:a2:
61:08:5b:e5:1d:01:75:d3:87:41:bb:12:0f:1c:05:1c:63:6e:
fa:ff:53:bf:43:5a:4e:2b:1f:ab:2e:f8:33:4d:68:ce:c6:04:
c9:74:57:94
-----BEGIN CERTIFICATE-----
MIIE6jCCA9KgAwIBAgICARkwDQYJKoZIhvcNAQELBQAwJjEkMCIGA1UEAxMbYXBu
aWMtcnBraS1yb290LWlhbmEtb3JpZ2luMB4XDTI2MDUxNTAxMzIzMloXDTI2MDYy
MjAxMzIzMlowGDEWMBQGA1UEAxMNNmEwNjc3YjAtZWQ3ZDCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAM3heKNCH2Sqh33tEUfVfIIYfv9PCM7ZPdmyL88v
aCQNmtvJtgfWAPnkDJrV9IQ5g+GP4xMIXlLyOpYG+VnK0jj3CXrkt0K3ERw2S6dq
LW+sbVaDS3aHG7efiRvLLPp5kjfke+GZoiccG0+i1rXcp38x9WV+MBMUgooG9Qij
aUt3tbaIRpWqutGwTI6uMIymVE4YoVrAfFc/nU9tNFDyQ/emv5s6LXjttHl735Dh
uoAfMubmKxKz4MKHwTcCWukffrT+GyDcmoQ0RJeU4ww9xoSJP+5fO/vu8MyPDS6o
m9/i0YmPvoUDyjWeLQsS0PcvThBa8FFP2m9wJB0o/HqvDKcCAwEAAaOCAi4wggIq
MB0GA1UdDgQWBBScQ/ZKsTr0yQ/ybJZFElovz2NuzjAfBgNVHSMEGDAWgBQLnMqQ
3Q16ijdmaxkhf+DYQDe3ojAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5LzgzOERCMjE0MTY2
NTExRTJCM0JDMjg2MTcyRkQxRkYyL0M1ektrTjBOZW9vM1ptc1pJWF9nMkVBM3Q2
SS5jcmwwXQYIKwYBBQUHAQEEUTBPME0GCCsGAQUFBzAChkFyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvYXBuaWMtcnBraS1yb290LWlhbmEtb3JpZ2lu
LmNlcjBKBgNVHSABAf8EQDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0
dHBzOi8vd3d3LmFwbmljLm5ldC9SUEtJL0NQUy5wZGYwfgYIKwYBBQUHAQsEcjBw
MG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkv
ODM4REIyMTQxNjY1MTFFMkIzQkMyODYxNzJGRDFGRjIvQzV6S2tOME5lb28zWm1z
WklYX2cyRUEzdDZJLm1mdDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEGCCsGAQUF
BwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQADggEBADPk
xpll6XZaCllUclcYidMzqg1UCRFL7DdhHFZPi63RVlRPXcdZPZHQ30CAkfL3EMN8
EKTeYStF+GKrPddf86Dxqn6uOD8PSTRlZWtGpmLCDJz++FfQk6P+DvlJSvuRQMZM
g6IiBviHSZUMfSN+kSct/XQ05t9+4hX7/fMBIw6cIUNz/iOUcRO7hxt3WPH10ISf
qhBaaG0Xc9weDVu13oZlr57AqLHlPBx20PxcQZLoe2wsgcxGEyJxhPBBLXZaqGp5
sG8X7MDOxwkx73BV2Dgz+OK4PnpoomEIW+UdAXXTh0G7Eg8cBRxjbvr/U79DWk4r
H6su+DNNaM7GBMl0V5Q=
-----END CERTIFICATE-----
Generated at Tue Jun 2 08:04:19 2026 by rpki-client