Manifest
$ rpki-client -vvf rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
File: mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft (raw, json)
Hash identifier: 5YeuX8K6iibLECJBIAvEqCrDZi8osg+GgGORe6/IMSw=
Subject key identifier: F5:80:83:8A:49:10:9E:10:2B:89:E1:60:61:2F:06:D5:CD:37:FB:4B
Authority key identifier: 98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
Certificate issuer: /CN=apnic-rpki-root-intermediate/serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
Certificate serial: 0435
Authority info access: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
Subject info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
Manifest number: 0215
Signing time: Mon 16 Mar 2026 23:51:15 +0000
Manifest this update: Mon 16 Mar 2026 23:51:14 +0000
Manifest next update: Thu 23 Apr 2026 23:51:14 +0000
Files and hashes: 1: mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl (hash: a/RAcI5wQePOGPuaiNVtZ65yvXqubfGCw1kyvGAGk8k=)
2: DmWk9f02tb1o6zySNAiXjJB6p58.cer (hash: HvBVoi7peyVruKoMqA8m9fc5aNSsi6jivmqKbRjnsQc=)
3: dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer (hash: AYRJQMey03A23BqsDiCq097hR0Fnslw7dY1uxX0IMhk=)
4: NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer (hash: WVmxsOlDF0xat6+qJEYw0FI7gJpo7ipvHNwUyCZPWe8=)
5: DPzneFf88B852ZpitKpi5hWedvg.cer (hash: EhqCW0ScttytEEc4WaEJBsUYb/7VPgktq792tb0adQ4=)
6: lqhe9LjK9dTDWhV_ThJe5JS6-Tk.cer (hash: NvSQdOpjbNko8KZoxWdKOdTzk9Rg1mZxrALiFCau4lU=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 05 Apr 2026 23:18:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1077 (0x435)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=apnic-rpki-root-intermediate, serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
Validity
Not Before: Mar 16 23:51:14 2026 GMT
Not After : Apr 23 23:51:14 2026 GMT
Subject: CN=69b89772-a936
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:26:03:92:45:2d:df:8c:46:5b:a0:58:5e:9b:
e1:e1:44:57:7f:1e:fa:95:cb:75:f3:64:3a:1c:d2:
02:ee:ca:83:d9:16:1d:58:c9:a7:ec:3d:19:80:ce:
e0:4c:ff:9a:7c:a3:63:dc:5a:3f:4d:1c:00:e8:80:
aa:45:4d:53:0c:c8:e2:8b:23:6a:00:c1:8d:fe:f0:
a7:d1:42:a9:a4:f4:26:46:2c:21:67:c5:c3:b0:d0:
e6:a2:6f:7f:55:df:16:3a:a9:e7:bb:88:cd:cd:2b:
c8:d7:25:d1:1a:6e:7e:d0:5e:16:86:cc:0e:4c:93:
59:9d:25:40:1a:74:ad:03:2c:08:14:af:a1:23:96:
02:9e:92:45:eb:b2:6f:fa:fd:c7:cc:46:51:28:75:
0a:0d:dd:37:0c:c0:45:ec:e2:b0:8c:76:8b:a9:ee:
72:d9:8c:32:b4:f7:6c:92:c8:e9:36:76:c8:22:db:
65:1a:1d:fd:7d:a4:92:45:76:37:1a:42:e2:b3:72:
7d:77:53:4e:5a:be:96:64:86:3c:86:ee:8d:89:b2:
c0:3e:cf:f2:73:0e:79:7d:ea:07:ad:4d:c3:40:7a:
11:5c:e9:8e:70:65:08:f0:8c:30:29:5d:d3:09:ed:
f6:0e:a0:96:27:63:74:c4:20:f7:36:d5:0a:c2:73:
42:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:80:83:8A:49:10:9E:10:2B:89:E1:60:61:2F:06:D5:CD:37:FB:4B
X509v3 Authority Key Identifier:
keyid:98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
29:c0:c3:70:38:0f:b7:e3:5b:e5:73:ab:d5:43:a2:3a:22:b1:
aa:9b:77:c1:d2:1f:2f:a9:e7:72:ab:c7:e4:69:ce:e2:c4:2e:
67:d3:9a:ff:0f:d7:0d:6d:51:a1:ed:c9:7d:39:03:73:50:61:
99:28:9e:21:4c:ab:f4:b0:75:00:de:d9:b9:5e:67:53:ab:b2:
d2:0c:d7:08:9b:c2:2f:cf:af:f0:7a:86:8b:93:ef:74:9b:f7:
e2:0f:dd:50:9a:36:da:6f:ed:d9:b2:18:81:75:24:f4:ba:99:
90:b9:cf:26:ba:21:f8:53:44:38:d0:52:0f:26:a7:3b:67:66:
e0:a2:a8:64:d2:60:ef:56:98:4a:d1:da:d4:84:cf:00:16:15:
39:6e:28:cb:89:df:bc:74:4d:0e:e5:da:14:6d:2a:1e:5a:41:
88:fc:99:4f:18:9a:63:51:1d:22:f1:2f:be:69:ba:9f:b9:e0:
22:f0:74:7d:2c:c7:7c:96:67:0a:ec:6c:e3:cd:20:a0:25:9a:
9b:e3:30:0d:73:fe:9b:34:e5:1e:e6:b7:43:23:43:1d:c0:6c:
a7:71:30:29:53:0e:94:ec:b5:73:ea:0a:76:69:2f:d4:6d:5a:
bd:14:ef:96:85:95:20:db:c7:ba:93:7a:36:1f:f6:ba:c4:8f:
fe:ba:7b:a4
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgICBDUwDQYJKoZIhvcNAQELBQAwWjElMCMGA1UEAxMcYXBu
aWMtcnBraS1yb290LWludGVybWVkaWF0ZTExMC8GA1UEBRMoOTgxNDJDOUQwQjQx
QTNCOUZCNjAzRDc2OTg0ODIzNkZEMUYzMTkyNDAeFw0yNjAzMTYyMzUxMTRaFw0y
NjA0MjMyMzUxMTRaMBgxFjAUBgNVBAMTDTY5Yjg5NzcyLWE5MzYwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrJgOSRS3fjEZboFhem+HhRFd/HvqVy3Xz
ZDoc0gLuyoPZFh1YyafsPRmAzuBM/5p8o2PcWj9NHADogKpFTVMMyOKLI2oAwY3+
8KfRQqmk9CZGLCFnxcOw0Oaib39V3xY6qee7iM3NK8jXJdEabn7QXhaGzA5Mk1md
JUAadK0DLAgUr6EjlgKekkXrsm/6/cfMRlEodQoN3TcMwEXs4rCMdoup7nLZjDK0
92ySyOk2dsgi22UaHf19pJJFdjcaQuKzcn13U05avpZkhjyG7o2JssA+z/JzDnl9
6getTcNAehFc6Y5wZQjwjDApXdMJ7fYOoJYnY3TEIPc21QrCc0LJAgMBAAGjggJP
MIICSzAdBgNVHQ4EFgQU9YCDikkQnhArieFgYS8G1c03+0swHwYDVR0jBBgwFoAU
mBQsnQtBo7n7YD12mEgjb9HzGSQwDgYDVR0PAQH/BAQDAgeAMHMGA1UdHwRsMGow
aKBmoGSGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJF
MEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9tQlFzblF0Qm83bjdZRDEybUVnamI5
SHpHU1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5LzgzOERCMjE0MTY2NTExRTJCM0JDMjg2
MTcyRkQxRkYyL21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdTUS5jZXIwSgYDVR0g
AQH/BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5h
cG5pYy5uZXQvUlBLSS9DUFMucGRmMH4GCCsGAQUFBwELBHIwcDBuBggrBgEFBQcw
C4ZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5Lzk4MDY1MkUwQjc3
RTExRTdBOTZBMzk1MjFBNEY0RkI0L21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdT
US5tZnQwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAw
BgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQApwMNwOA+341vlc6vV
Q6I6IrGqm3fB0h8vqedyq8fkac7ixC5n05r/D9cNbVGh7cl9OQNzUGGZKJ4hTKv0
sHUA3tm5XmdTq7LSDNcIm8Ivz6/weoaLk+90m/fiD91Qmjbab+3ZshiBdST0upmQ
uc8muiH4U0Q40FIPJqc7Z2bgoqhk0mDvVphK0drUhM8AFhU5bijLid+8dE0O5doU
bSoeWkGI/JlPGJpjUR0i8S++abqfueAi8HR9LMd8lmcK7GzjzSCgJZqb4zANc/6b
NOUe5rdDI0MdwGyncTApUw6U7LVz6gp2aS/UbVq9FO+WhZUg28e6k3o2H/a6xI/+
unuk
-----END CERTIFICATE-----
Generated at Wed Mar 18 07:56:31 2026 by rpki-client