Manifest
$ rpki-client -vvf rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
File: mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft (raw, json)
Hash identifier: CvvqlVBclKnHiGKB0w24TfaOwjpom+DlKlsDWH7D+FE=
Subject key identifier: FA:6F:AC:6D:BD:C8:94:8D:F4:0A:8E:E3:31:E3:E6:0B:BE:22:A3:CA
Authority key identifier: 98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
Certificate issuer: /CN=apnic-rpki-root-intermediate/serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
Certificate serial: 0433
Authority info access: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
Subject info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
Manifest number: 0214
Signing time: Wed 11 Mar 2026 04:13:31 +0000
Manifest this update: Wed 11 Mar 2026 04:13:30 +0000
Manifest next update: Sat 18 Apr 2026 04:13:30 +0000
Files and hashes: 1: mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl (hash: 4kTE7+mmvD4VBnJ0TTssvTiGc/nH+WD6kAoTmxx4RZA=)
2: DmWk9f02tb1o6zySNAiXjJB6p58.cer (hash: HvBVoi7peyVruKoMqA8m9fc5aNSsi6jivmqKbRjnsQc=)
3: dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer (hash: AYRJQMey03A23BqsDiCq097hR0Fnslw7dY1uxX0IMhk=)
4: NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer (hash: WVmxsOlDF0xat6+qJEYw0FI7gJpo7ipvHNwUyCZPWe8=)
5: DPzneFf88B852ZpitKpi5hWedvg.cer (hash: 8w0XeFhQwtXLBKUeKvJL08n9w+4yfhBSLnPlQqmCGvc=)
6: lqhe9LjK9dTDWhV_ThJe5JS6-Tk.cer (hash: NvSQdOpjbNko8KZoxWdKOdTzk9Rg1mZxrALiFCau4lU=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 05 Apr 2026 23:18:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1075 (0x433)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=apnic-rpki-root-intermediate, serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
Validity
Not Before: Mar 11 04:13:30 2026 GMT
Not After : Apr 18 04:13:30 2026 GMT
Subject: CN=69b0ebea-98e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:91:40:f2:07:ac:c1:71:a4:3a:ae:5f:48:57:
9e:44:3d:c0:26:4e:ce:45:a4:90:cb:f4:a8:bb:ba:
04:a4:a5:d1:33:6c:b9:62:97:01:8c:1d:32:b2:f5:
74:44:77:8f:3f:94:55:cb:9d:0a:1e:3d:72:3f:ec:
2b:e4:86:44:2a:40:d4:ec:62:7e:83:2a:7f:7e:26:
c6:e3:53:49:e0:60:c3:fb:4d:e2:c1:87:81:eb:44:
0f:e1:1c:65:15:21:06:35:c1:5c:7d:04:1e:52:7f:
10:de:98:e6:c6:ab:bc:68:e0:8b:ca:88:42:f5:9c:
9a:79:19:19:d2:17:73:3f:78:08:13:db:1b:f6:88:
0a:10:1f:aa:d3:d7:cf:76:d2:f1:97:e1:d9:a9:06:
6c:79:fe:ad:03:0c:32:2b:6b:be:83:74:c2:77:f5:
a6:81:5d:3b:2c:65:65:9b:7e:47:e0:b4:a1:0e:51:
a9:d2:c9:5d:df:68:a8:7f:86:bf:66:02:df:d1:c9:
90:62:36:6d:37:fc:fb:d9:0d:0d:41:24:00:85:37:
f6:0a:38:23:db:d7:1a:48:bc:95:44:50:23:2e:b7:
b2:d6:b5:dd:cc:9d:27:ac:59:61:ac:9f:9d:c7:da:
cd:74:ec:10:4c:67:e9:f1:3d:ac:63:de:01:a4:71:
d5:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:6F:AC:6D:BD:C8:94:8D:F4:0A:8E:E3:31:E3:E6:0B:BE:22:A3:CA
X509v3 Authority Key Identifier:
keyid:98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
51:ac:65:6f:e2:0a:d0:c3:b4:c9:35:b2:7f:86:ae:20:df:c3:
17:0a:51:b0:94:7c:28:c6:4a:f5:dd:70:60:49:2a:fb:26:1c:
8e:5b:d9:71:f5:b8:71:43:c0:5d:a9:49:9b:7e:7c:4e:47:7a:
a9:25:58:3a:22:30:9e:51:e3:8a:b5:5f:db:f0:e4:b8:ab:54:
2a:25:46:1a:e0:62:f5:1c:3b:76:cf:ef:90:97:99:55:d3:2d:
5e:91:0c:39:4c:84:a1:e7:37:b4:0a:5f:e5:62:93:44:91:dd:
d3:67:52:63:ee:0a:ba:58:9e:2d:7d:52:6a:7a:49:8b:de:ab:
b0:c2:c3:99:7f:c6:e5:d8:74:27:0a:3e:ef:fa:9c:ee:a0:b5:
66:1a:1f:8b:89:70:6c:14:07:ba:b6:53:e1:8e:ce:e2:09:05:
2a:cf:c9:ef:6c:03:57:49:77:9a:93:8e:c9:a3:8f:e7:f1:bd:
09:a7:c2:08:cd:ba:9f:f3:3d:af:b0:c8:16:14:4b:36:ff:e5:
6c:e5:87:f2:43:a4:47:f6:2b:35:30:b1:60:81:19:c0:df:07:
1c:76:13:8c:94:39:03:5b:90:8f:15:32:26:b1:58:66:67:45:
eb:35:52:50:8b:ed:95:a1:d6:6b:a3:87:46:5c:c2:73:b3:7a:
70:c7:11:7b
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgICBDMwDQYJKoZIhvcNAQELBQAwWjElMCMGA1UEAxMcYXBu
aWMtcnBraS1yb290LWludGVybWVkaWF0ZTExMC8GA1UEBRMoOTgxNDJDOUQwQjQx
QTNCOUZCNjAzRDc2OTg0ODIzNkZEMUYzMTkyNDAeFw0yNjAzMTEwNDEzMzBaFw0y
NjA0MTgwNDEzMzBaMBgxFjAUBgNVBAMTDTY5YjBlYmVhLTk4ZTMwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvkUDyB6zBcaQ6rl9IV55EPcAmTs5FpJDL
9Ki7ugSkpdEzbLlilwGMHTKy9XREd48/lFXLnQoePXI/7CvkhkQqQNTsYn6DKn9+
JsbjU0ngYMP7TeLBh4HrRA/hHGUVIQY1wVx9BB5SfxDemObGq7xo4IvKiEL1nJp5
GRnSF3M/eAgT2xv2iAoQH6rT18920vGX4dmpBmx5/q0DDDIra76DdMJ39aaBXTss
ZWWbfkfgtKEOUanSyV3faKh/hr9mAt/RyZBiNm03/PvZDQ1BJACFN/YKOCPb1xpI
vJVEUCMut7LWtd3MnSesWWGsn53H2s107BBMZ+nxPaxj3gGkcdVDAgMBAAGjggJP
MIICSzAdBgNVHQ4EFgQU+m+sbb3IlI30Co7jMePmC74io8owHwYDVR0jBBgwFoAU
mBQsnQtBo7n7YD12mEgjb9HzGSQwDgYDVR0PAQH/BAQDAgeAMHMGA1UdHwRsMGow
aKBmoGSGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJF
MEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9tQlFzblF0Qm83bjdZRDEybUVnamI5
SHpHU1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5LzgzOERCMjE0MTY2NTExRTJCM0JDMjg2
MTcyRkQxRkYyL21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdTUS5jZXIwSgYDVR0g
AQH/BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5h
cG5pYy5uZXQvUlBLSS9DUFMucGRmMH4GCCsGAQUFBwELBHIwcDBuBggrBgEFBQcw
C4ZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5Lzk4MDY1MkUwQjc3
RTExRTdBOTZBMzk1MjFBNEY0RkI0L21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdT
US5tZnQwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAw
BgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQBRrGVv4grQw7TJNbJ/
hq4g38MXClGwlHwoxkr13XBgSSr7JhyOW9lx9bhxQ8BdqUmbfnxOR3qpJVg6IjCe
UeOKtV/b8OS4q1QqJUYa4GL1HDt2z++Ql5lV0y1ekQw5TISh5ze0Cl/lYpNEkd3T
Z1Jj7gq6WJ4tfVJqekmL3quwwsOZf8bl2HQnCj7v+pzuoLVmGh+LiXBsFAe6tlPh
js7iCQUqz8nvbANXSXeak47Jo4/n8b0Jp8IIzbqf8z2vsMgWFEs2/+Vs5YfyQ6RH
9is1MLFggRnA3wccdhOMlDkDW5CPFTImsVhmZ0XrNVJQi+2VodZro4dGXMJzs3pw
xxF7
-----END CERTIFICATE-----
Generated at Wed Mar 11 17:23:54 2026 by rpki-client