Manifest
$ rpki-client -vvf rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
File: C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft (raw, json)
Hash identifier: H/s4J8KN33UlkJiQTgG9z3T11PZ41cBSyPdbd4poVLc=
Subject key identifier: 8A:09:EA:C6:AC:0F:4F:5C:DF:FC:3A:B3:4C:44:69:A0:71:6A:3C:B5
Authority key identifier: 0B:9C:CA:90:DD:0D:7A:8A:37:66:6B:19:21:7F:E0:D8:40:37:B7:A2
Certificate issuer: /CN=apnic-rpki-root-iana-origin
Certificate serial: FF
Authority info access: rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Subject info access: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
Manifest number: CB
Signing time: Thu 08 May 2025 00:50:56 +0000
Manifest this update: Thu 08 May 2025 00:50:55 +0000
Manifest next update: Sun 15 Jun 2025 00:50:55 +0000
Files and hashes: 1: C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl (hash: wn7dhaxejdVrktmauyRvgu4CG8w1UqAGUAkCU16xSbk=)
2: mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer (hash: RvLioQUJYOx3lSLbpD/vdlVYJnUihm1q0DARHdn3xcs=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 15 Jun 2025 00:50:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 255 (0xff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=apnic-rpki-root-iana-origin
Validity
Not Before: May 8 00:50:55 2025 GMT
Not After : Jun 15 00:50:55 2025 GMT
Subject: CN=681bfff0-3b6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:6b:7a:ac:66:21:d0:e2:eb:a7:0b:6e:56:38:
c6:c5:3e:38:6f:87:9b:7e:85:37:4c:ae:0a:47:7e:
89:b1:08:a3:16:af:78:e5:10:ee:f6:7c:7f:2a:8c:
d4:52:e6:0a:94:7e:fa:6d:6b:91:5f:1f:e6:22:15:
b6:cf:35:75:47:8b:12:6f:42:ed:25:ca:bb:1a:93:
08:ab:6b:70:dc:58:cb:29:9f:f2:b3:cb:66:26:47:
c9:57:b2:63:ce:9b:09:7a:ce:4a:80:a9:37:26:51:
01:7b:57:c5:e0:35:e7:65:82:35:12:61:f6:59:aa:
23:be:e0:e5:e8:52:cb:88:79:68:ea:32:19:45:d3:
34:4c:8b:a0:f5:e7:af:21:57:62:6c:50:11:ba:07:
8a:b1:cb:67:fb:7e:55:cd:fd:7f:07:81:ef:6d:f7:
f3:b9:a9:3a:20:2c:97:54:b3:2e:a3:d8:56:ed:0f:
56:1b:c5:6f:d8:fd:40:68:e3:a8:53:3b:9b:f5:77:
33:a0:f9:1e:58:da:c8:e3:04:36:48:76:7d:04:32:
93:74:da:a5:49:f7:47:7b:d6:6e:87:3c:ef:a7:f7:
da:b5:61:a5:d1:32:42:e4:bd:fb:92:ce:e7:a9:51:
29:b7:65:02:20:4e:bc:59:3d:cc:e5:4e:d7:a2:8a:
2b:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:09:EA:C6:AC:0F:4F:5C:DF:FC:3A:B3:4C:44:69:A0:71:6A:3C:B5
X509v3 Authority Key Identifier:
keyid:0B:9C:CA:90:DD:0D:7A:8A:37:66:6B:19:21:7F:E0:D8:40:37:B7:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
0b:d4:5d:31:a2:f8:59:cc:77:85:b5:37:86:95:2b:9a:f8:42:
35:5b:07:b6:d0:14:7d:ff:f7:cb:36:f0:37:af:58:e3:10:03:
d4:8e:86:93:d4:45:f2:07:d5:ee:cd:46:73:c2:9a:a5:94:e8:
7a:e8:83:c7:27:64:d9:8a:d3:4b:52:cf:b4:a7:d9:fd:59:49:
b3:4c:9c:87:b8:17:d5:8c:1a:10:dc:8e:f6:33:c4:0c:29:10:
32:fd:80:5f:74:73:a4:46:9d:d4:89:cb:41:3d:8a:86:e6:dd:
6c:45:f0:40:f3:bd:b1:c0:0d:c3:01:a6:ba:b4:fa:b6:53:7e:
db:54:1f:49:d2:6b:63:4f:c3:26:64:ad:6f:db:13:e7:a3:ea:
c5:f4:1a:0d:86:2c:18:94:07:b1:5e:e1:89:05:a1:b8:62:3f:
e5:94:8f:28:87:92:aa:69:54:4a:d2:6c:8d:09:20:02:2b:da:
68:dd:9c:bc:0d:3a:fe:f9:a0:2e:e5:c5:55:4d:42:a2:e4:01:
68:1c:a0:5b:7a:4b:22:0f:31:b4:5d:df:c4:80:5c:d0:e5:54:
70:4c:13:0c:6a:cf:37:fa:46:3e:ae:eb:f2:fb:3e:05:65:88:
ce:6c:a1:5a:92:51:2d:a8:6c:a7:9f:b3:99:70:3e:fe:0f:37:
5e:d2:ca:24
-----BEGIN CERTIFICATE-----
MIIE6jCCA9KgAwIBAgICAP8wDQYJKoZIhvcNAQELBQAwJjEkMCIGA1UEAxMbYXBu
aWMtcnBraS1yb290LWlhbmEtb3JpZ2luMB4XDTI1MDUwODAwNTA1NVoXDTI1MDYx
NTAwNTA1NVowGDEWMBQGA1UEAxMNNjgxYmZmZjAtM2I2YzCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAMpreqxmIdDi66cLblY4xsU+OG+Hm36FN0yuCkd+
ibEIoxaveOUQ7vZ8fyqM1FLmCpR++m1rkV8f5iIVts81dUeLEm9C7SXKuxqTCKtr
cNxYyymf8rPLZiZHyVeyY86bCXrOSoCpNyZRAXtXxeA152WCNRJh9lmqI77g5ehS
y4h5aOoyGUXTNEyLoPXnryFXYmxQEboHirHLZ/t+Vc39fweB723387mpOiAsl1Sz
LqPYVu0PVhvFb9j9QGjjqFM7m/V3M6D5HljayOMENkh2fQQyk3TapUn3R3vWboc8
76f32rVhpdEyQuS9+5LO56lRKbdlAiBOvFk9zOVO16KKKzcCAwEAAaOCAi4wggIq
MB0GA1UdDgQWBBSKCerGrA9PXN/8OrNMRGmgcWo8tTAfBgNVHSMEGDAWgBQLnMqQ
3Q16ijdmaxkhf+DYQDe3ojAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5LzgzOERCMjE0MTY2
NTExRTJCM0JDMjg2MTcyRkQxRkYyL0M1ektrTjBOZW9vM1ptc1pJWF9nMkVBM3Q2
SS5jcmwwXQYIKwYBBQUHAQEEUTBPME0GCCsGAQUFBzAChkFyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvYXBuaWMtcnBraS1yb290LWlhbmEtb3JpZ2lu
LmNlcjBKBgNVHSABAf8EQDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0
dHBzOi8vd3d3LmFwbmljLm5ldC9SUEtJL0NQUy5wZGYwfgYIKwYBBQUHAQsEcjBw
MG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkv
ODM4REIyMTQxNjY1MTFFMkIzQkMyODYxNzJGRDFGRjIvQzV6S2tOME5lb28zWm1z
WklYX2cyRUEzdDZJLm1mdDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEGCCsGAQUF
BwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQADggEBAAvU
XTGi+FnMd4W1N4aVK5r4QjVbB7bQFH3/98s28DevWOMQA9SOhpPURfIH1e7NRnPC
mqWU6Hrog8cnZNmK00tSz7Sn2f1ZSbNMnIe4F9WMGhDcjvYzxAwpEDL9gF90c6RG
ndSJy0E9iobm3WxF8EDzvbHADcMBprq0+rZTfttUH0nSa2NPwyZkrW/bE+ej6sX0
Gg2GLBiUB7Fe4YkFobhiP+WUjyiHkqppVErSbI0JIAIr2mjdnLwNOv75oC7lxVVN
QqLkAWgcoFt6SyIPMbRd38SAXNDlVHBMEwxqzzf6Rj6u6/L7PgVliM5soVqSUS2o
bKefs5lwPv4PN17SyiQ=
-----END CERTIFICATE-----
Generated at Thu May 29 15:34:41 2025 by rpki-client