Manifest
$ rpki-client -vvf rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
File: mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft (raw, json)
Hash identifier: KOalMHt7WdUg9RyIF0M0GGpqDRv82z53b1Tw7akkLrs=
Subject key identifier: F2:E0:DC:6E:1E:DC:BD:AE:68:CD:5C:D4:4F:D4:F5:35:42:2E:D9:39
Authority key identifier: 98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
Certificate issuer: /CN=apnic-rpki-root-intermediate/serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
Certificate serial: 0445
Authority info access: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
Subject info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
Manifest number: 021D
Signing time: Tue 31 Mar 2026 22:32:07 +0000
Manifest this update: Tue 31 Mar 2026 22:32:06 +0000
Manifest next update: Thu 07 May 2026 22:32:06 +0000
Files and hashes: 1: mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl (hash: NJrHrYqXFsTGrPUN3YnGIEQ54R3A2xeYGA57ojJEPNM=)
2: DmWk9f02tb1o6zySNAiXjJB6p58.cer (hash: HvBVoi7peyVruKoMqA8m9fc5aNSsi6jivmqKbRjnsQc=)
3: dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer (hash: FuQ0uc0Ny5MuKRgVPx1tB1pfaGgKge1pvc6MZQ7KjDk=)
4: NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer (hash: WVmxsOlDF0xat6+qJEYw0FI7gJpo7ipvHNwUyCZPWe8=)
5: DPzneFf88B852ZpitKpi5hWedvg.cer (hash: 1pTcPlbMPfXjWzl5SfljeY9ajD7pLkgX3ePbR14Wsjc=)
6: lqhe9LjK9dTDWhV_ThJe5JS6-Tk.cer (hash: NvSQdOpjbNko8KZoxWdKOdTzk9Rg1mZxrALiFCau4lU=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 05 Apr 2026 23:18:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1093 (0x445)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=apnic-rpki-root-intermediate, serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
Validity
Not Before: Mar 31 22:32:06 2026 GMT
Not After : May 7 22:32:06 2026 GMT
Subject: CN=69cc4b67-2dd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:0e:2e:14:73:5a:3e:f3:99:69:72:4b:73:b1:
52:e4:d1:b2:a7:2d:c1:c0:b8:dd:2c:44:46:92:f6:
de:c8:56:c3:93:ea:71:99:d5:e9:da:92:08:0a:43:
82:d1:02:39:60:e6:7b:de:d7:cd:cc:5c:a2:56:d0:
85:ac:92:45:02:6b:82:64:98:9f:cf:fd:af:43:2a:
50:b6:6b:be:89:4c:c8:33:33:60:5a:92:80:da:87:
96:d1:95:1b:f9:fe:f0:ba:de:59:a5:50:56:58:3c:
f8:d9:55:e4:0d:98:a2:87:1b:7f:e0:c8:63:84:fd:
f9:8e:61:9c:4b:6c:ee:b3:b2:2e:a7:2e:79:16:46:
3a:5b:3e:7d:0d:2d:a1:40:dc:0a:13:19:4a:b9:fd:
a8:54:9d:dc:52:14:8f:b8:be:74:3d:d6:a3:b5:32:
ac:e8:d0:56:52:d4:9d:5d:de:dd:4d:bc:36:3f:f0:
98:29:ee:46:cb:6f:31:08:b9:9f:a3:2a:b4:48:52:
c2:26:3c:98:73:43:48:3d:c9:fe:7f:6c:ba:b3:eb:
50:d2:0e:98:f7:90:e0:f6:23:c8:b0:36:11:26:50:
65:57:28:7c:2c:ba:a2:e5:89:e5:2d:60:b0:20:39:
2e:4c:08:f0:99:94:fe:78:33:43:59:fb:e4:f0:6b:
07:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:E0:DC:6E:1E:DC:BD:AE:68:CD:5C:D4:4F:D4:F5:35:42:2E:D9:39
X509v3 Authority Key Identifier:
keyid:98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
d2:92:4c:d2:fe:05:2c:bd:2f:ce:94:fa:3e:57:b9:b8:80:87:
18:b3:f6:be:1d:a8:ce:96:81:e1:49:55:23:3c:48:22:a8:38:
ce:7a:66:67:bb:18:f8:72:f5:c6:84:7c:fc:2d:2d:ac:74:32:
33:d6:23:ec:6c:b1:a5:4d:e7:0c:07:d6:e6:69:39:35:05:93:
e2:57:59:2d:3b:2a:77:7c:13:ab:68:f5:7e:dc:e5:97:a3:c8:
f1:12:ed:bf:9d:49:0f:3f:23:b7:d2:15:5d:42:00:3b:cb:d3:
c1:14:13:eb:f7:09:6a:d3:0d:61:cf:6c:9f:2e:08:69:4e:f1:
cb:66:87:69:22:92:ca:c4:ac:7c:6d:13:2d:94:3c:ad:9b:c1:
6e:9c:b1:af:ba:44:c6:8c:ad:f7:9f:14:d7:e5:11:c8:ba:4c:
8a:05:ae:b5:4b:b9:e4:96:fe:37:ac:78:16:11:ab:ca:1c:d4:
6d:4e:b3:22:53:c5:98:4d:32:e8:64:47:aa:e6:92:6c:97:d0:
3c:ac:3d:5a:81:6c:44:a9:35:dc:22:ff:e7:66:1e:e3:75:69:
a7:31:34:43:d6:83:fe:63:07:35:0a:7d:09:72:50:74:7e:02:
71:46:b3:f1:13:3c:c3:f2:79:4b:97:6a:d5:43:6c:9e:9f:0a:
47:20:57:de
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgICBEUwDQYJKoZIhvcNAQELBQAwWjElMCMGA1UEAxMcYXBu
aWMtcnBraS1yb290LWludGVybWVkaWF0ZTExMC8GA1UEBRMoOTgxNDJDOUQwQjQx
QTNCOUZCNjAzRDc2OTg0ODIzNkZEMUYzMTkyNDAeFw0yNjAzMzEyMjMyMDZaFw0y
NjA1MDcyMjMyMDZaMBgxFjAUBgNVBAMTDTY5Y2M0YjY3LTJkZDcwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCMDi4Uc1o+85lpcktzsVLk0bKnLcHAuN0s
REaS9t7IVsOT6nGZ1enakggKQ4LRAjlg5nve183MXKJW0IWskkUCa4JkmJ/P/a9D
KlC2a76JTMgzM2BakoDah5bRlRv5/vC63lmlUFZYPPjZVeQNmKKHG3/gyGOE/fmO
YZxLbO6zsi6nLnkWRjpbPn0NLaFA3AoTGUq5/ahUndxSFI+4vnQ91qO1Mqzo0FZS
1J1d3t1NvDY/8Jgp7kbLbzEIuZ+jKrRIUsImPJhzQ0g9yf5/bLqz61DSDpj3kOD2
I8iwNhEmUGVXKHwsuqLlieUtYLAgOS5MCPCZlP54M0NZ++TwawfTAgMBAAGjggJP
MIICSzAdBgNVHQ4EFgQU8uDcbh7cva5ozVzUT9T1NUIu2TkwHwYDVR0jBBgwFoAU
mBQsnQtBo7n7YD12mEgjb9HzGSQwDgYDVR0PAQH/BAQDAgeAMHMGA1UdHwRsMGow
aKBmoGSGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJF
MEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9tQlFzblF0Qm83bjdZRDEybUVnamI5
SHpHU1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5LzgzOERCMjE0MTY2NTExRTJCM0JDMjg2
MTcyRkQxRkYyL21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdTUS5jZXIwSgYDVR0g
AQH/BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5h
cG5pYy5uZXQvUlBLSS9DUFMucGRmMH4GCCsGAQUFBwELBHIwcDBuBggrBgEFBQcw
C4ZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5Lzk4MDY1MkUwQjc3
RTExRTdBOTZBMzk1MjFBNEY0RkI0L21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdT
US5tZnQwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAw
BgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQDSkkzS/gUsvS/OlPo+
V7m4gIcYs/a+HajOloHhSVUjPEgiqDjOemZnuxj4cvXGhHz8LS2sdDIz1iPsbLGl
TecMB9bmaTk1BZPiV1ktOyp3fBOraPV+3OWXo8jxEu2/nUkPPyO30hVdQgA7y9PB
FBPr9wlq0w1hz2yfLghpTvHLZodpIpLKxKx8bRMtlDytm8FunLGvukTGjK33nxTX
5RHIukyKBa61S7nklv43rHgWEavKHNRtTrMiU8WYTTLoZEeq5pJsl9A8rD1agWxE
qTXcIv/nZh7jdWmnMTRD1oP+Ywc1Cn0JclB0fgJxRrPxEzzD8nlLl2rVQ2yenwpH
IFfe
-----END CERTIFICATE-----
Generated at Thu Apr 2 14:16:23 2026 by rpki-client