![](/console.gif)
Manifest
$ rpki-client -vvf rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
File: C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft (raw, json)
Hash identifier: hNjgX3W6RKO0xl5FCJsP+S+mycdyZcWX0mMk8gkuqOA=
Subject key identifier: 12:5E:F7:FA:35:D8:0A:7D:D6:FB:07:BD:A8:38:61:3A:DE:09:7C:FB
Authority key identifier: 0B:9C:CA:90:DD:0D:7A:8A:37:66:6B:19:21:7F:E0:D8:40:37:B7:A2
Certificate issuer: /CN=apnic-rpki-root-iana-origin
Certificate serial: F0
Authority info access: rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Subject info access: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
Manifest number: BF
Signing time: Tue 16 Jul 2024 22:21:28 +0000
Manifest this update: Tue 16 Jul 2024 22:21:27 +0000
Manifest next update: Fri 23 Aug 2024 22:21:27 +0000
Files and hashes: 1: C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl (hash: WrHLn18weZGs40s+ucgp7BZoFCyhkN37Pp/QQfOduu4=)
2: mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer (hash: EPEaiqHSOnkG7o9tmUP5KoKtvvslnla6xb5SZNqko9c=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 23 Aug 2024 22:21:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 240 (0xf0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=apnic-rpki-root-iana-origin
Validity
Not Before: Jul 16 22:21:27 2024 GMT
Not After : Aug 23 22:21:27 2024 GMT
Subject: CN=6696f267-8007
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:18:c4:f8:1a:f7:99:9c:e8:4d:e5:35:2f:1d:
e8:66:e5:77:96:23:a3:a5:51:a3:a1:23:22:3a:84:
a8:2a:f2:8e:62:85:20:f6:41:15:3c:7b:fa:a5:67:
99:8d:8b:3d:3d:30:48:a8:35:50:4a:c5:f9:7b:2f:
d3:dd:13:6c:83:84:44:76:8c:2d:6c:fb:b0:eb:51:
76:2f:32:90:bc:53:7a:bb:d4:a4:6c:d7:8d:60:92:
7d:b0:48:7e:ae:e5:42:f0:5a:ec:10:06:c7:31:31:
d2:25:21:ad:7b:04:f0:cf:34:06:29:81:12:fd:0b:
cb:65:b2:f2:d5:fb:07:16:00:98:12:b1:a5:bb:08:
70:af:9c:9d:8c:12:a8:80:5e:14:8e:02:0c:c9:f7:
e4:82:f3:5b:dc:71:4a:31:dc:43:42:b7:5a:b0:58:
c9:f6:b5:15:97:ad:d7:31:94:db:34:51:b2:d7:c2:
2a:99:ff:61:0b:29:45:44:f1:67:fc:9b:fb:26:4d:
f3:12:01:db:17:a5:b0:7a:f6:ea:db:df:6a:3b:d3:
39:e1:5d:9e:14:10:19:ef:b2:39:f5:b3:49:09:70:
8d:a6:6b:96:94:25:97:be:ae:b0:a1:f4:74:4d:05:
6d:29:c1:95:0e:c8:62:64:9f:db:a7:85:31:e0:94:
c9:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:5E:F7:FA:35:D8:0A:7D:D6:FB:07:BD:A8:38:61:3A:DE:09:7C:FB
X509v3 Authority Key Identifier:
keyid:0B:9C:CA:90:DD:0D:7A:8A:37:66:6B:19:21:7F:E0:D8:40:37:B7:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
95:76:06:26:36:bc:c7:c5:b4:6e:c3:b3:02:ca:68:89:8c:3b:
39:6e:86:0b:c3:3e:82:cb:06:f4:b6:f6:6e:a6:11:06:31:75:
6f:9e:68:cf:73:7e:8b:63:44:4d:14:1a:d7:35:cd:d8:1d:0a:
cc:39:b9:9f:69:5a:f2:50:9c:f9:ac:f0:30:fb:63:89:8c:1a:
a4:d1:c6:dc:45:71:29:65:98:03:fb:fa:b7:14:e2:ff:69:11:
7c:5c:63:00:3d:6b:db:2c:45:67:72:c9:0d:72:7a:3e:45:fb:
ef:b1:a7:f3:57:62:56:b2:1d:b5:d0:31:de:07:9b:48:9f:96:
fd:4b:d2:92:83:9f:02:4c:b3:fe:f6:4e:15:35:bf:82:53:8b:
be:f5:d7:3b:25:ab:4e:2b:ef:be:cd:6c:21:44:cb:de:6d:71:
b7:27:ae:5d:37:20:8d:79:23:c9:d4:8d:aa:31:ce:9d:12:b0:
dc:69:48:48:89:45:99:84:4c:72:33:5f:8e:2c:8f:88:74:fe:
ac:d3:ab:09:36:13:dd:b0:02:21:10:a8:72:1e:01:b9:cc:26:
3b:0b:2e:6b:8e:7c:c7:5a:18:8e:2c:48:7c:fb:93:08:ed:76:
41:50:81:0c:93:43:7a:3e:23:4d:f7:e4:25:50:c9:23:a4:ec:
61:52:f8:1e
-----BEGIN CERTIFICATE-----
MIIE6jCCA9KgAwIBAgICAPAwDQYJKoZIhvcNAQELBQAwJjEkMCIGA1UEAxMbYXBu
aWMtcnBraS1yb290LWlhbmEtb3JpZ2luMB4XDTI0MDcxNjIyMjEyN1oXDTI0MDgy
MzIyMjEyN1owGDEWMBQGA1UEAxMNNjY5NmYyNjctODAwNzCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBANgYxPga95mc6E3lNS8d6Gbld5Yjo6VRo6EjIjqE
qCryjmKFIPZBFTx7+qVnmY2LPT0wSKg1UErF+Xsv090TbIOERHaMLWz7sOtRdi8y
kLxTervUpGzXjWCSfbBIfq7lQvBa7BAGxzEx0iUhrXsE8M80BimBEv0Ly2Wy8tX7
BxYAmBKxpbsIcK+cnYwSqIBeFI4CDMn35ILzW9xxSjHcQ0K3WrBYyfa1FZet1zGU
2zRRstfCKpn/YQspRUTxZ/yb+yZN8xIB2xelsHr26tvfajvTOeFdnhQQGe+yOfWz
SQlwjaZrlpQll76usKH0dE0FbSnBlQ7IYmSf26eFMeCUyU0CAwEAAaOCAi4wggIq
MB0GA1UdDgQWBBQSXvf6NdgKfdb7B72oOGE63gl8+zAfBgNVHSMEGDAWgBQLnMqQ
3Q16ijdmaxkhf+DYQDe3ojAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5LzgzOERCMjE0MTY2
NTExRTJCM0JDMjg2MTcyRkQxRkYyL0M1ektrTjBOZW9vM1ptc1pJWF9nMkVBM3Q2
SS5jcmwwXQYIKwYBBQUHAQEEUTBPME0GCCsGAQUFBzAChkFyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvYXBuaWMtcnBraS1yb290LWlhbmEtb3JpZ2lu
LmNlcjBKBgNVHSABAf8EQDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0
dHBzOi8vd3d3LmFwbmljLm5ldC9SUEtJL0NQUy5wZGYwfgYIKwYBBQUHAQsEcjBw
MG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkv
ODM4REIyMTQxNjY1MTFFMkIzQkMyODYxNzJGRDFGRjIvQzV6S2tOME5lb28zWm1z
WklYX2cyRUEzdDZJLm1mdDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEGCCsGAQUF
BwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQADggEBAJV2
BiY2vMfFtG7DswLKaImMOzluhgvDPoLLBvS29m6mEQYxdW+eaM9zfotjRE0UGtc1
zdgdCsw5uZ9pWvJQnPms8DD7Y4mMGqTRxtxFcSllmAP7+rcU4v9pEXxcYwA9a9ss
RWdyyQ1yej5F+++xp/NXYlayHbXQMd4Hm0iflv1L0pKDnwJMs/72ThU1v4JTi771
1zslq04r777NbCFEy95tcbcnrl03II15I8nUjaoxzp0SsNxpSEiJRZmETHIzX44s
j4h0/qzTqwk2E92wAiEQqHIeAbnMJjsLLmuOfMdaGI4sSHz7kwjtdkFQgQyTQ3o+
I0335CVQySOk7GFS+B4=
-----END CERTIFICATE-----
Generated at Tue Jul 16 23:59:42 2024 by rpki-client on console-fra.rpki-client.org