Manifest
$ rpki-client -vvf rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
File: mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft (raw, json)
Hash identifier: xeRr5OgfBHKByBOhvCvfDgV6ndsrjEIbH4SCLWb2c3E=
Subject key identifier: FA:2D:38:96:1C:7D:98:5E:49:BB:C3:BA:CF:7D:59:40:24:C3:8F:06
Authority key identifier: 98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
Certificate issuer: /CN=apnic-rpki-root-intermediate/serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
Certificate serial: 0457
Authority info access: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
Subject info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
Manifest number: 0226
Signing time: Wed 22 Apr 2026 22:31:50 +0000
Manifest this update: Wed 22 Apr 2026 22:31:50 +0000
Manifest next update: Fri 29 May 2026 22:31:50 +0000
Files and hashes: 1: mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl (hash: NA/3CKlvVvRt3pQQjtoDzPLmPWuo31iF5zwy/FaxHi8=)
2: DmWk9f02tb1o6zySNAiXjJB6p58.cer (hash: HvBVoi7peyVruKoMqA8m9fc5aNSsi6jivmqKbRjnsQc=)
3: dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer (hash: uSLC4//edhdnxLUQRFPV2cpaMq/E/9eB88pPv6hCm/E=)
4: NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer (hash: WVmxsOlDF0xat6+qJEYw0FI7gJpo7ipvHNwUyCZPWe8=)
5: DPzneFf88B852ZpitKpi5hWedvg.cer (hash: UgICvZ1zHQvu0E62yB+jYqRk2UVQ+i84ToB/O9HgOdM=)
6: lqhe9LjK9dTDWhV_ThJe5JS6-Tk.cer (hash: FLBJTvafyvtonZegi0betf7Ox94/W60g5bTDkef+XJs=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 09 May 2026 22:28:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1111 (0x457)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=apnic-rpki-root-intermediate, serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
Validity
Not Before: Apr 22 22:31:50 2026 GMT
Not After : May 29 22:31:50 2026 GMT
Subject: CN=69e94c56-9a67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:af:ee:23:92:2e:82:88:06:2b:0a:1d:b0:41:
c1:a9:f7:e4:5c:80:bf:14:62:7a:cd:aa:12:91:0e:
62:cb:29:6c:7d:24:fb:b4:99:d7:c7:08:fb:82:d0:
14:1f:f2:ce:ba:5e:d2:db:c3:fa:ea:92:c9:85:af:
8f:6a:88:a8:c7:4b:93:84:a1:9e:e4:bd:3b:6b:c2:
cd:5e:16:58:fb:8c:d6:f8:a1:07:45:90:3a:54:c6:
be:3b:f7:48:ad:bc:30:c4:79:21:35:06:57:09:98:
07:31:30:f4:dc:2b:5a:f0:21:d9:35:11:46:9f:69:
fa:0f:53:9c:e2:4d:bb:c8:7d:84:01:95:f2:c2:9e:
66:78:51:ec:6b:5f:0b:2f:c1:e2:d4:a9:42:8c:f0:
9a:fb:3d:1c:24:70:a9:7e:a9:59:16:86:1b:6c:cd:
ba:7e:29:d0:e0:78:1f:47:97:ed:fc:65:a0:d9:47:
e0:29:ad:3c:4a:7b:9c:5a:04:24:98:e4:36:71:c2:
76:22:e8:e6:9e:87:89:35:ab:98:a3:2d:9e:98:31:
e9:b1:31:38:d9:78:7e:80:17:7d:58:b8:2e:92:25:
0e:9b:d7:b4:44:e2:57:09:5e:eb:39:54:68:c7:d0:
b3:dd:c7:f8:97:68:3d:f7:2e:ba:cd:38:dc:82:0b:
95:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:2D:38:96:1C:7D:98:5E:49:BB:C3:BA:CF:7D:59:40:24:C3:8F:06
X509v3 Authority Key Identifier:
keyid:98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
d1:93:e5:4c:1a:56:7e:1f:7b:4a:70:a3:b0:1e:47:55:f4:6f:
9e:c3:37:4c:1b:45:2e:b0:99:9c:db:6e:8c:a4:c4:70:07:2f:
b0:31:fd:06:fa:91:63:37:61:e6:db:af:b8:e6:aa:04:8b:10:
e7:1c:de:bd:c4:be:45:8a:8d:7f:bb:65:cc:64:22:1c:60:6b:
70:3c:c9:92:c4:2c:e4:64:7f:e5:2d:82:1f:e1:5e:d4:01:44:
69:f7:f5:78:04:67:a6:60:b1:7f:87:87:85:70:bb:d1:af:04:
34:7d:96:b6:f2:53:68:92:a2:98:28:c6:5d:46:65:0f:90:61:
ae:b1:da:5b:83:84:39:e3:2d:39:77:a4:0f:e0:95:36:d4:c3:
b7:05:b2:f6:6a:50:a6:8a:89:4f:02:14:55:41:7e:58:9a:c0:
e0:8d:1f:f7:7a:ea:78:55:ae:eb:06:a4:e3:94:0f:64:de:96:
7b:3b:5e:8b:f4:b8:81:bf:ab:f9:67:b0:7c:b9:02:90:4f:0e:
83:c3:c3:19:dc:42:13:8d:f8:0c:7d:48:0f:1d:fc:95:de:6b:
88:71:f9:fb:3f:c2:3c:d1:db:f3:a2:7b:78:88:ad:86:a4:fd:
96:8d:bc:3a:27:7d:69:8e:e4:b3:5a:f3:3b:9d:2a:ca:4f:50:
12:b9:97:7d
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgICBFcwDQYJKoZIhvcNAQELBQAwWjElMCMGA1UEAxMcYXBu
aWMtcnBraS1yb290LWludGVybWVkaWF0ZTExMC8GA1UEBRMoOTgxNDJDOUQwQjQx
QTNCOUZCNjAzRDc2OTg0ODIzNkZEMUYzMTkyNDAeFw0yNjA0MjIyMjMxNTBaFw0y
NjA1MjkyMjMxNTBaMBgxFjAUBgNVBAMTDTY5ZTk0YzU2LTlhNjcwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8r+4jki6CiAYrCh2wQcGp9+RcgL8UYnrN
qhKRDmLLKWx9JPu0mdfHCPuC0BQf8s66XtLbw/rqksmFr49qiKjHS5OEoZ7kvTtr
ws1eFlj7jNb4oQdFkDpUxr4790itvDDEeSE1BlcJmAcxMPTcK1rwIdk1EUafafoP
U5ziTbvIfYQBlfLCnmZ4UexrXwsvweLUqUKM8Jr7PRwkcKl+qVkWhhtszbp+KdDg
eB9Hl+38ZaDZR+AprTxKe5xaBCSY5DZxwnYi6Oaeh4k1q5ijLZ6YMemxMTjZeH6A
F31YuC6SJQ6b17RE4lcJXus5VGjH0LPdx/iXaD33LrrNONyCC5WpAgMBAAGjggJP
MIICSzAdBgNVHQ4EFgQU+i04lhx9mF5Ju8O6z31ZQCTDjwYwHwYDVR0jBBgwFoAU
mBQsnQtBo7n7YD12mEgjb9HzGSQwDgYDVR0PAQH/BAQDAgeAMHMGA1UdHwRsMGow
aKBmoGSGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJF
MEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9tQlFzblF0Qm83bjdZRDEybUVnamI5
SHpHU1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5LzgzOERCMjE0MTY2NTExRTJCM0JDMjg2
MTcyRkQxRkYyL21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdTUS5jZXIwSgYDVR0g
AQH/BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5h
cG5pYy5uZXQvUlBLSS9DUFMucGRmMH4GCCsGAQUFBwELBHIwcDBuBggrBgEFBQcw
C4ZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5Lzk4MDY1MkUwQjc3
RTExRTdBOTZBMzk1MjFBNEY0RkI0L21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdT
US5tZnQwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAw
BgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQDRk+VMGlZ+H3tKcKOw
HkdV9G+ewzdMG0UusJmc226MpMRwBy+wMf0G+pFjN2Hm26+45qoEixDnHN69xL5F
io1/u2XMZCIcYGtwPMmSxCzkZH/lLYIf4V7UAURp9/V4BGemYLF/h4eFcLvRrwQ0
fZa28lNokqKYKMZdRmUPkGGusdpbg4Q54y05d6QP4JU21MO3BbL2alCmiolPAhRV
QX5YmsDgjR/3eup4Va7rBqTjlA9k3pZ7O16L9LiBv6v5Z7B8uQKQTw6Dw8MZ3EIT
jfgMfUgPHfyV3muIcfn7P8I80dvzont4iK2GpP2Wjbw6J31pjuSzWvM7nSrKT1AS
uZd9
-----END CERTIFICATE-----
Generated at Mon Apr 27 18:42:00 2026 by rpki-client