Manifest
$ rpki-client -vvf rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
File: mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft (raw, json)
Hash identifier: o6PgaODhh+87Ux8G6WT+VfRPQNYgFCpmiYUOymL+/xI=
Subject key identifier: CA:45:58:69:90:7F:E3:12:BC:85:8A:BC:FF:AA:6D:34:55:CF:A3:5E
Authority key identifier: 98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
Certificate issuer: /CN=apnic-rpki-root-intermediate/serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
Certificate serial: 043D
Authority info access: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
Subject info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
Manifest number: 0219
Signing time: Wed 25 Mar 2026 23:21:41 +0000
Manifest this update: Wed 25 Mar 2026 23:21:40 +0000
Manifest next update: Fri 01 May 2026 23:21:40 +0000
Files and hashes: 1: mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl (hash: QmR+N/ZHTyCD9jzHVz2zAxQDQm851yUtc8ORNevyjd4=)
2: DmWk9f02tb1o6zySNAiXjJB6p58.cer (hash: HvBVoi7peyVruKoMqA8m9fc5aNSsi6jivmqKbRjnsQc=)
3: dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer (hash: Y2SeM9snJJN76xEMqV9M1MnQGaDRZh7Ft237OSOnMig=)
4: NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer (hash: WVmxsOlDF0xat6+qJEYw0FI7gJpo7ipvHNwUyCZPWe8=)
5: DPzneFf88B852ZpitKpi5hWedvg.cer (hash: Ruoq0B1BTnhUXAO5yEkBp8G+tJeDt1HJZYuzo5dhBik=)
6: lqhe9LjK9dTDWhV_ThJe5JS6-Tk.cer (hash: NvSQdOpjbNko8KZoxWdKOdTzk9Rg1mZxrALiFCau4lU=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 05 Apr 2026 23:18:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1085 (0x43d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=apnic-rpki-root-intermediate, serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
Validity
Not Before: Mar 25 23:21:40 2026 GMT
Not After : May 1 23:21:40 2026 GMT
Subject: CN=69c46e05-c240
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:28:fa:d7:73:06:41:2c:77:70:b5:c4:7b:f3:
22:71:10:06:33:4f:cd:99:ce:d3:85:e2:7c:e5:38:
93:7a:0d:23:8a:89:6c:0b:c2:88:a5:96:23:d4:54:
88:f6:9b:76:e1:24:7e:ed:21:d0:4b:61:81:6c:75:
6b:9b:ab:e1:16:4f:94:8c:06:a6:d3:16:4c:5a:83:
4b:2f:c4:bb:ef:4a:3d:c8:59:5e:1f:9b:9b:b0:83:
a7:e4:43:4c:b7:56:5f:d2:76:00:3d:ef:f5:70:7b:
d9:8c:47:60:3b:ec:da:3b:d2:23:13:3f:83:46:3a:
8f:2d:f8:99:74:ce:b5:a4:3c:ee:1c:99:8f:55:9b:
e7:b3:26:38:60:4a:14:f7:d9:dd:09:ae:09:45:b7:
43:06:17:bf:a1:cf:c2:d6:7d:8d:3b:a5:ca:f4:be:
75:7d:d6:8b:d7:ad:15:b8:68:5f:95:05:97:53:77:
aa:15:3a:c3:bd:fe:e4:ac:60:16:3c:c2:d7:e1:9f:
18:5b:6b:9d:4e:7f:9d:a2:75:65:cd:48:34:6d:dc:
4f:bd:29:85:c8:2f:20:9d:83:7f:00:29:ee:73:89:
9e:b5:44:c6:af:7d:0a:6e:e7:32:75:5f:ec:d5:45:
a3:03:ff:fe:7c:fa:9e:dc:65:24:dc:fa:49:e8:b3:
00:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:45:58:69:90:7F:E3:12:BC:85:8A:BC:FF:AA:6D:34:55:CF:A3:5E
X509v3 Authority Key Identifier:
keyid:98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
89:34:df:4b:e7:39:61:bc:0e:df:3d:6a:8d:09:4b:93:d3:a8:
cb:9b:54:4a:30:ad:6c:19:ae:90:91:a9:95:c1:5d:5b:12:18:
2b:a3:ba:c2:af:38:1f:47:e8:07:12:b8:eb:fe:c1:de:b7:fc:
53:c6:a2:f2:f5:be:36:5c:3e:b0:39:6a:d4:8d:97:c4:23:01:
48:e5:7f:e7:bc:6f:9b:de:84:48:91:56:c1:1b:2e:19:f8:12:
a8:b0:70:0a:8d:c0:19:1e:95:d1:03:dc:87:97:a1:56:48:1e:
2d:61:88:a7:de:e0:78:88:47:af:c5:33:d4:f6:48:fb:cf:ea:
ca:52:84:25:e6:50:b8:e9:f5:33:ff:1e:a1:39:35:a7:f9:f9:
4e:80:38:f9:6d:44:2d:d2:42:c4:93:b4:57:bf:56:2f:38:5c:
6f:31:3a:79:df:f7:5f:40:61:9b:07:62:2a:33:f8:14:ee:7c:
9f:09:26:9d:e0:a5:9a:f1:b5:80:a8:ef:51:b3:85:7b:45:f3:
4a:35:1e:7d:f7:ac:11:d7:95:fe:23:99:71:fa:a0:7a:dd:f0:
5e:1e:65:8b:7c:09:35:12:44:e1:f4:b5:8e:86:6a:26:4b:65:
b4:75:61:44:bd:40:be:81:a0:1e:c6:c3:ed:11:2d:34:41:ac:
dc:53:ab:93
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgICBD0wDQYJKoZIhvcNAQELBQAwWjElMCMGA1UEAxMcYXBu
aWMtcnBraS1yb290LWludGVybWVkaWF0ZTExMC8GA1UEBRMoOTgxNDJDOUQwQjQx
QTNCOUZCNjAzRDc2OTg0ODIzNkZEMUYzMTkyNDAeFw0yNjAzMjUyMzIxNDBaFw0y
NjA1MDEyMzIxNDBaMBgxFjAUBgNVBAMTDTY5YzQ2ZTA1LWMyNDAwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmKPrXcwZBLHdwtcR78yJxEAYzT82ZztOF
4nzlOJN6DSOKiWwLwoilliPUVIj2m3bhJH7tIdBLYYFsdWubq+EWT5SMBqbTFkxa
g0svxLvvSj3IWV4fm5uwg6fkQ0y3Vl/SdgA97/Vwe9mMR2A77No70iMTP4NGOo8t
+Jl0zrWkPO4cmY9Vm+ezJjhgShT32d0JrglFt0MGF7+hz8LWfY07pcr0vnV91ovX
rRW4aF+VBZdTd6oVOsO9/uSsYBY8wtfhnxhba51Of52idWXNSDRt3E+9KYXILyCd
g38AKe5ziZ61RMavfQpu5zJ1X+zVRaMD//58+p7cZSTc+knoswDFAgMBAAGjggJP
MIICSzAdBgNVHQ4EFgQUykVYaZB/4xK8hYq8/6ptNFXPo14wHwYDVR0jBBgwFoAU
mBQsnQtBo7n7YD12mEgjb9HzGSQwDgYDVR0PAQH/BAQDAgeAMHMGA1UdHwRsMGow
aKBmoGSGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJF
MEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9tQlFzblF0Qm83bjdZRDEybUVnamI5
SHpHU1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5LzgzOERCMjE0MTY2NTExRTJCM0JDMjg2
MTcyRkQxRkYyL21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdTUS5jZXIwSgYDVR0g
AQH/BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5h
cG5pYy5uZXQvUlBLSS9DUFMucGRmMH4GCCsGAQUFBwELBHIwcDBuBggrBgEFBQcw
C4ZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5Lzk4MDY1MkUwQjc3
RTExRTdBOTZBMzk1MjFBNEY0RkI0L21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdT
US5tZnQwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAw
BgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQCJNN9L5zlhvA7fPWqN
CUuT06jLm1RKMK1sGa6QkamVwV1bEhgro7rCrzgfR+gHErjr/sHet/xTxqLy9b42
XD6wOWrUjZfEIwFI5X/nvG+b3oRIkVbBGy4Z+BKosHAKjcAZHpXRA9yHl6FWSB4t
YYin3uB4iEevxTPU9kj7z+rKUoQl5lC46fUz/x6hOTWn+flOgDj5bUQt0kLEk7RX
v1YvOFxvMTp53/dfQGGbB2IqM/gU7nyfCSad4KWa8bWAqO9Rs4V7RfNKNR5996wR
15X+I5lx+qB63fBeHmWLfAk1EkTh9LWOhmomS2W0dWFEvUC+gaAexsPtES00Qazc
U6uT
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:57:38 2026 by rpki-client