Manifest
$ rpki-client -vvf rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
File: C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft (raw, json)
Hash identifier: /KshJ0X8bBa3+QIJ1Pem3ObBrOhFJsZmOeO4sn4qziY=
Subject key identifier: F0:A6:FA:BF:CD:BA:AC:DF:8D:4A:68:A8:3C:80:66:3A:E6:D0:D6:FB
Authority key identifier: 0B:9C:CA:90:DD:0D:7A:8A:37:66:6B:19:21:7F:E0:D8:40:37:B7:A2
Certificate issuer: /CN=apnic-rpki-root-iana-origin
Certificate serial: 0104
Authority info access: rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Subject info access: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
Manifest number: CE
Signing time: Tue 03 Jun 2025 03:15:41 +0000
Manifest this update: Tue 03 Jun 2025 03:15:41 +0000
Manifest next update: Thu 10 Jul 2025 03:15:41 +0000
Files and hashes: 1: C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl (hash: LzE4XO8s4ostFsSpmGDonR80J9644NIkr7JPQqWldug=)
2: mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer (hash: Gp4osGE4UQ9LkF7mLZIVmTaSgfEvlpp2XSQvK1Ebkj0=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 10 Jul 2025 03:15:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 260 (0x104)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=apnic-rpki-root-iana-origin
Validity
Not Before: Jun 3 03:15:41 2025 GMT
Not After : Jul 10 03:15:41 2025 GMT
Subject: CN=683e68dd-0b56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ce:91:6f:3e:40:ba:cb:3c:49:ce:2b:32:c3:
51:f8:e7:75:f1:7d:45:b6:ac:a3:95:2c:5e:02:81:
a3:6d:16:a5:5b:f6:a1:6e:ad:b7:41:fa:3e:6a:a7:
b6:a7:95:37:57:55:94:6c:7e:3e:75:d4:e3:26:1c:
a5:99:2b:99:36:c1:83:04:99:99:52:11:04:91:d0:
21:68:87:6f:6a:df:82:87:02:f8:f7:61:eb:52:3a:
3e:7f:bd:b2:2d:f2:71:1a:e4:2a:7b:42:57:cf:4a:
c2:cc:f5:b3:75:7c:98:59:0d:91:b7:35:b5:e5:f5:
1e:31:07:b9:b4:c7:1f:7e:eb:ed:73:ac:75:3c:de:
37:a3:76:30:ca:b1:ab:ee:f5:83:f1:53:81:73:ca:
c2:e2:c3:94:1f:79:ea:de:b2:8a:6e:da:da:72:81:
46:4c:05:45:53:1a:10:da:f5:b8:28:a2:59:f7:6c:
3d:78:e4:60:f6:8b:5d:fd:6f:b0:2a:b9:2d:86:79:
8b:be:4a:d0:be:5f:92:4c:32:84:02:69:20:b7:e5:
05:64:39:e0:42:22:11:93:c4:8e:10:45:04:f0:1d:
cc:55:bd:c3:dc:6d:81:44:e7:3d:c8:ee:a8:7e:35:
f4:85:61:b7:03:64:1e:27:35:63:3e:3a:b0:0c:06:
c7:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:A6:FA:BF:CD:BA:AC:DF:8D:4A:68:A8:3C:80:66:3A:E6:D0:D6:FB
X509v3 Authority Key Identifier:
keyid:0B:9C:CA:90:DD:0D:7A:8A:37:66:6B:19:21:7F:E0:D8:40:37:B7:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
a3:f4:d0:cb:5c:7b:8d:38:27:9a:ae:10:d1:bf:1c:3c:c2:1d:
61:ea:ef:fa:cc:63:28:31:af:e3:f1:c7:ca:fa:86:f7:c9:0b:
44:f4:04:b8:51:41:82:0b:c7:06:ed:db:1a:ec:65:55:c7:87:
dd:5e:7a:a1:cb:01:93:32:36:3a:09:c6:54:62:88:3b:92:76:
0e:db:be:62:62:08:c0:ea:98:96:af:6f:a2:68:ca:0c:07:25:
90:31:78:aa:6c:08:12:8b:f5:31:74:0b:8e:37:92:b6:05:67:
ba:ce:8a:b0:71:21:0a:c3:9a:2d:7f:7e:3d:20:b2:fa:ac:24:
78:4c:a1:51:83:3e:1b:66:bb:ff:da:74:95:16:56:89:d9:78:
1b:60:0d:5f:68:2d:88:72:36:d2:5d:d5:71:60:9e:93:50:37:
42:e5:c4:32:c3:0c:46:10:70:9d:34:99:8d:90:b3:62:b3:71:
7c:67:ba:19:e8:b7:18:42:b5:1b:d2:4c:78:4a:99:23:f7:68:
76:43:34:bc:46:a2:16:b7:a9:12:67:19:08:03:d1:3d:64:81:
21:eb:99:76:c5:0b:9f:78:7d:7b:78:db:94:13:e2:1b:f3:a2:
12:48:14:40:5e:7d:53:d8:ba:4a:86:ce:a5:85:a9:55:03:86:
d9:ee:99:9d
-----BEGIN CERTIFICATE-----
MIIE6jCCA9KgAwIBAgICAQQwDQYJKoZIhvcNAQELBQAwJjEkMCIGA1UEAxMbYXBu
aWMtcnBraS1yb290LWlhbmEtb3JpZ2luMB4XDTI1MDYwMzAzMTU0MVoXDTI1MDcx
MDAzMTU0MVowGDEWMBQGA1UEAxMNNjgzZTY4ZGQtMGI1NjCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBANfOkW8+QLrLPEnOKzLDUfjndfF9Rbaso5UsXgKB
o20WpVv2oW6tt0H6PmqntqeVN1dVlGx+PnXU4yYcpZkrmTbBgwSZmVIRBJHQIWiH
b2rfgocC+Pdh61I6Pn+9si3ycRrkKntCV89Kwsz1s3V8mFkNkbc1teX1HjEHubTH
H37r7XOsdTzeN6N2MMqxq+71g/FTgXPKwuLDlB956t6yim7a2nKBRkwFRVMaENr1
uCiiWfdsPXjkYPaLXf1vsCq5LYZ5i75K0L5fkkwyhAJpILflBWQ54EIiEZPEjhBF
BPAdzFW9w9xtgUTnPcjuqH419IVhtwNkHic1Yz46sAwGx38CAwEAAaOCAi4wggIq
MB0GA1UdDgQWBBTwpvq/zbqs341KaKg8gGY65tDW+zAfBgNVHSMEGDAWgBQLnMqQ
3Q16ijdmaxkhf+DYQDe3ojAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5LzgzOERCMjE0MTY2
NTExRTJCM0JDMjg2MTcyRkQxRkYyL0M1ektrTjBOZW9vM1ptc1pJWF9nMkVBM3Q2
SS5jcmwwXQYIKwYBBQUHAQEEUTBPME0GCCsGAQUFBzAChkFyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvYXBuaWMtcnBraS1yb290LWlhbmEtb3JpZ2lu
LmNlcjBKBgNVHSABAf8EQDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0
dHBzOi8vd3d3LmFwbmljLm5ldC9SUEtJL0NQUy5wZGYwfgYIKwYBBQUHAQsEcjBw
MG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkv
ODM4REIyMTQxNjY1MTFFMkIzQkMyODYxNzJGRDFGRjIvQzV6S2tOME5lb28zWm1z
WklYX2cyRUEzdDZJLm1mdDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEGCCsGAQUF
BwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQADggEBAKP0
0Mtce404J5quENG/HDzCHWHq7/rMYygxr+Pxx8r6hvfJC0T0BLhRQYILxwbt2xrs
ZVXHh91eeqHLAZMyNjoJxlRiiDuSdg7bvmJiCMDqmJavb6JoygwHJZAxeKpsCBKL
9TF0C443krYFZ7rOirBxIQrDmi1/fj0gsvqsJHhMoVGDPhtmu//adJUWVonZeBtg
DV9oLYhyNtJd1XFgnpNQN0LlxDLDDEYQcJ00mY2Qs2KzcXxnuhnotxhCtRvSTHhK
mSP3aHZDNLxGoha3qRJnGQgD0T1kgSHrmXbFC594fXt425QT4hvzohJIFEBefVPY
ukqGzqWFqVUDhtnumZ0=
-----END CERTIFICATE-----
Generated at Sun Jul 6 23:00:55 2025 by rpki-client