Manifest
$ rpki-client -vvf rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
File: C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft (raw, json)
Hash identifier: vMUXe3QxcyFj2rgqAedjSAqQ0XSPZrlOJhKO/Lt0LDk=
Subject key identifier: F6:39:48:0B:ED:BC:60:FD:E6:D8:D6:CA:97:81:9C:20:8F:95:05:F5
Authority key identifier: 0B:9C:CA:90:DD:0D:7A:8A:37:66:6B:19:21:7F:E0:D8:40:37:B7:A2
Certificate issuer: /CN=apnic-rpki-root-iana-origin
Certificate serial: 0117
Authority info access: rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Subject info access: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
Manifest number: DC
Signing time: Thu 02 Apr 2026 22:28:54 +0000
Manifest this update: Thu 02 Apr 2026 22:28:53 +0000
Manifest next update: Sat 09 May 2026 22:28:53 +0000
Files and hashes: 1: C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl (hash: TjbWcCo278PMSabOtJczfuXKP5F7IYsnmEeBMMo0N7s=)
2: mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer (hash: fiDZDvdfq6DVLcKlILUGaJIk1RP+bzpIIYUKpuUhjAc=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 09 May 2026 22:28:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 279 (0x117)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=apnic-rpki-root-iana-origin
Validity
Not Before: Apr 2 22:28:53 2026 GMT
Not After : May 9 22:28:53 2026 GMT
Subject: CN=69ceeda6-7271
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:11:c5:52:b6:45:7a:9e:17:00:d3:19:76:b8:
9d:76:80:16:21:71:ae:f0:d2:33:2f:40:ff:33:fd:
75:41:35:7e:5e:68:c6:6b:af:ca:a5:3c:e2:98:77:
8e:76:ec:93:51:09:75:f8:16:4b:c0:88:b1:fb:1f:
7a:54:36:61:f2:b3:55:e8:b1:6b:82:2c:1d:11:06:
3d:0d:36:d1:44:51:1c:91:9c:9c:54:3e:d6:6a:ed:
6e:ef:05:a2:5d:c7:21:b0:1d:18:c1:f7:1c:33:20:
e3:a3:6a:43:99:70:9c:33:55:2a:55:9d:15:aa:cc:
07:42:fb:81:61:d3:cf:fb:43:72:a7:82:7b:1c:f2:
9e:df:5c:0e:63:8b:7f:28:71:9f:d8:10:e0:53:e1:
63:6a:91:10:e5:95:8c:d9:91:6d:3e:ae:3c:09:9a:
35:2f:26:40:7d:1b:ee:e3:51:a8:53:a7:37:a0:26:
57:9c:1b:8e:a5:5d:cf:49:a6:ce:73:ea:5f:90:a1:
4b:b3:87:3a:fa:77:5a:53:95:58:d7:6c:6b:5c:40:
92:7d:68:df:f3:80:2f:7f:f1:1a:3b:1a:16:20:b6:
fe:5f:08:8e:45:31:d4:cb:d5:91:22:72:77:27:9f:
24:7c:9b:cf:97:33:39:62:15:eb:94:0b:c2:9d:ba:
a4:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:39:48:0B:ED:BC:60:FD:E6:D8:D6:CA:97:81:9C:20:8F:95:05:F5
X509v3 Authority Key Identifier:
keyid:0B:9C:CA:90:DD:0D:7A:8A:37:66:6B:19:21:7F:E0:D8:40:37:B7:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
ba:e3:41:7b:32:7c:d2:ee:53:ce:dd:14:72:dc:99:50:7d:0a:
4f:20:13:43:fe:69:8c:b6:f4:c5:4e:93:34:ef:8e:94:5f:7b:
40:69:f8:d2:47:a1:a1:7d:62:26:20:df:3b:09:44:b1:2c:2b:
2d:e3:92:a2:e9:a2:71:54:f9:3a:56:78:39:00:66:35:d4:ed:
71:23:9d:5e:dc:09:2d:9a:dc:fc:ff:c2:00:df:01:c4:55:71:
fe:69:12:ed:5b:94:79:b4:de:3c:3c:a3:7c:a6:14:c0:a0:c3:
e6:b8:aa:2d:38:56:20:01:13:6b:ef:40:44:dc:17:22:0e:5d:
a3:36:0f:ae:8b:39:99:6a:62:77:8b:a6:20:4a:bf:98:d2:33:
3d:47:b1:85:6a:0d:a5:c3:50:dc:a9:02:fb:83:51:29:3c:9d:
7e:8a:5d:57:cf:64:99:bb:6a:37:9b:fd:11:f2:5c:d0:91:ee:
ba:f9:57:2d:1b:b0:db:c4:e2:b1:fd:99:d6:77:55:51:30:f3:
49:c5:df:73:48:67:f5:cc:1d:4c:46:fe:a4:0c:ec:80:c3:0f:
bf:d8:d7:fa:ba:e2:30:2e:d5:69:ca:2e:fe:60:b2:73:4e:4a:
08:60:77:ef:15:56:f2:24:40:14:b3:7e:8e:5e:bc:84:b3:5a:
ad:ae:e1:6e
-----BEGIN CERTIFICATE-----
MIIE6jCCA9KgAwIBAgICARcwDQYJKoZIhvcNAQELBQAwJjEkMCIGA1UEAxMbYXBu
aWMtcnBraS1yb290LWlhbmEtb3JpZ2luMB4XDTI2MDQwMjIyMjg1M1oXDTI2MDUw
OTIyMjg1M1owGDEWMBQGA1UEAxMNNjljZWVkYTYtNzI3MTCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAMoRxVK2RXqeFwDTGXa4nXaAFiFxrvDSMy9A/zP9
dUE1fl5oxmuvyqU84ph3jnbsk1EJdfgWS8CIsfsfelQ2YfKzVeixa4IsHREGPQ02
0URRHJGcnFQ+1mrtbu8Fol3HIbAdGMH3HDMg46NqQ5lwnDNVKlWdFarMB0L7gWHT
z/tDcqeCexzynt9cDmOLfyhxn9gQ4FPhY2qREOWVjNmRbT6uPAmaNS8mQH0b7uNR
qFOnN6AmV5wbjqVdz0mmznPqX5ChS7OHOvp3WlOVWNdsa1xAkn1o3/OAL3/xGjsa
FiC2/l8IjkUx1MvVkSJydyefJHybz5czOWIV65QLwp26pEcCAwEAAaOCAi4wggIq
MB0GA1UdDgQWBBT2OUgL7bxg/ebY1sqXgZwgj5UF9TAfBgNVHSMEGDAWgBQLnMqQ
3Q16ijdmaxkhf+DYQDe3ojAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5LzgzOERCMjE0MTY2
NTExRTJCM0JDMjg2MTcyRkQxRkYyL0M1ektrTjBOZW9vM1ptc1pJWF9nMkVBM3Q2
SS5jcmwwXQYIKwYBBQUHAQEEUTBPME0GCCsGAQUFBzAChkFyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvYXBuaWMtcnBraS1yb290LWlhbmEtb3JpZ2lu
LmNlcjBKBgNVHSABAf8EQDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0
dHBzOi8vd3d3LmFwbmljLm5ldC9SUEtJL0NQUy5wZGYwfgYIKwYBBQUHAQsEcjBw
MG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkv
ODM4REIyMTQxNjY1MTFFMkIzQkMyODYxNzJGRDFGRjIvQzV6S2tOME5lb28zWm1z
WklYX2cyRUEzdDZJLm1mdDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEGCCsGAQUF
BwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQADggEBALrj
QXsyfNLuU87dFHLcmVB9Ck8gE0P+aYy29MVOkzTvjpRfe0Bp+NJHoaF9YiYg3zsJ
RLEsKy3jkqLponFU+TpWeDkAZjXU7XEjnV7cCS2a3Pz/wgDfAcRVcf5pEu1blHm0
3jw8o3ymFMCgw+a4qi04ViABE2vvQETcFyIOXaM2D66LOZlqYneLpiBKv5jSMz1H
sYVqDaXDUNypAvuDUSk8nX6KXVfPZJm7ajeb/RHyXNCR7rr5Vy0bsNvE4rH9mdZ3
VVEw80nF33NIZ/XMHUxG/qQM7IDDD7/Y1/q64jAu1WnKLv5gsnNOSghgd+8VVvIk
QBSzfo5evISzWq2u4W4=
-----END CERTIFICATE-----
Generated at Fri Apr 3 08:37:56 2026 by rpki-client