Manifest
$ rpki-client -vvf rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
File: mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft (raw, json)
Hash identifier: IGco95WTt3MzuLt0TXmpTSFHCYs89aQpp5qlvg+AJ+0=
Subject key identifier: 7A:3C:94:FD:AC:1E:51:ED:FD:74:AA:6B:F6:C0:54:6D:62:8F:B7:D4
Authority key identifier: 98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
Certificate issuer: /CN=apnic-rpki-root-intermediate/serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
Certificate serial: 0431
Authority info access: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
Subject info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
Manifest number: 0213
Signing time: Tue 03 Mar 2026 22:44:03 +0000
Manifest this update: Tue 03 Mar 2026 22:44:02 +0000
Manifest next update: Fri 10 Apr 2026 22:44:02 +0000
Files and hashes: 1: mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl (hash: jSeXU5qzPdYM80rEW9ntMV/vgLXCFQbSeQz1cJ0h9+E=)
2: DmWk9f02tb1o6zySNAiXjJB6p58.cer (hash: HvBVoi7peyVruKoMqA8m9fc5aNSsi6jivmqKbRjnsQc=)
3: dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer (hash: t9wW+0LJZcYVTzRW7+sBrIRdZJDnQGUiC0TyylBKfRk=)
4: NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer (hash: WVmxsOlDF0xat6+qJEYw0FI7gJpo7ipvHNwUyCZPWe8=)
5: DPzneFf88B852ZpitKpi5hWedvg.cer (hash: 8w0XeFhQwtXLBKUeKvJL08n9w+4yfhBSLnPlQqmCGvc=)
6: lqhe9LjK9dTDWhV_ThJe5JS6-Tk.cer (hash: NvSQdOpjbNko8KZoxWdKOdTzk9Rg1mZxrALiFCau4lU=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 05 Apr 2026 23:18:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1073 (0x431)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=apnic-rpki-root-intermediate, serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
Validity
Not Before: Mar 3 22:44:02 2026 GMT
Not After : Apr 10 22:44:02 2026 GMT
Subject: CN=69a76432-39e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:3e:af:14:d9:c1:5f:20:19:44:eb:44:a3:10:
35:fe:42:40:bb:16:63:76:b7:ae:c1:d0:77:39:68:
ba:67:ec:ac:0c:88:2a:a5:8e:b4:f6:99:fc:21:63:
65:4f:82:fe:fc:8c:ed:f1:b7:00:db:d0:01:af:3a:
e1:7a:c3:7f:09:83:f9:ad:7c:44:9f:3d:47:85:7d:
17:30:35:b5:f1:b5:4d:56:7f:91:55:3d:4b:d2:1d:
35:20:69:7f:20:31:95:ce:47:b9:09:1a:66:b6:e0:
b3:e0:a6:91:b3:f6:37:ce:ac:d6:dd:e8:4e:61:61:
10:bd:d8:db:fb:d6:95:6a:c1:4b:7f:12:12:32:7b:
a3:06:f8:a9:8b:5e:da:14:1a:24:67:a7:f1:17:b3:
67:0d:c4:f1:4a:a0:dc:31:75:0a:a1:59:ec:6a:1e:
fb:e7:f6:9b:64:0f:a7:64:6c:8b:e9:17:ae:eb:37:
b3:8c:eb:06:e8:82:ec:26:c1:54:c9:6e:6e:c4:0a:
b8:67:c5:46:b4:6b:86:a5:61:86:3a:52:cc:21:eb:
3e:fa:5a:c9:50:c9:3e:fb:bd:83:b6:d3:65:92:7e:
5b:08:ab:23:cc:3b:df:58:74:16:2d:b0:e9:50:9b:
f0:93:12:ff:83:b8:9b:48:bf:ed:eb:a5:ba:e9:b4:
1e:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:3C:94:FD:AC:1E:51:ED:FD:74:AA:6B:F6:C0:54:6D:62:8F:B7:D4
X509v3 Authority Key Identifier:
keyid:98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
23:7b:f4:21:61:8c:76:63:c5:db:b3:13:af:d5:82:7a:ee:f2:
9b:47:ac:25:3c:41:a2:3a:23:a6:a4:d4:3b:99:32:3f:41:a2:
23:fd:be:45:96:c6:65:e5:a5:f3:68:4d:83:3e:3f:3a:4a:a8:
f7:82:ce:eb:81:bc:83:3a:28:73:99:10:20:63:de:b1:8a:63:
a1:2a:b8:47:3c:51:9c:1e:fb:74:27:3b:6d:ab:10:56:ec:e2:
20:12:b3:c7:61:a9:48:b0:ec:37:0e:05:e9:6d:c6:21:72:6c:
ae:a1:cd:4a:49:08:2a:ec:54:51:07:22:ba:a7:fe:ac:e5:71:
3f:e0:b3:ab:15:57:cf:17:33:87:0f:99:a8:3f:5a:a4:f3:b7:
ee:c9:be:60:bf:f2:cb:5f:1c:55:2c:16:bf:21:38:83:97:16:
3e:56:32:1b:65:e4:91:2d:61:d2:64:ed:71:8d:17:f7:19:c8:
01:62:26:5f:a7:b4:c6:cb:9c:9f:34:c5:2a:9e:ac:3d:10:e1:
b8:48:81:ed:10:be:3c:7b:be:1d:96:c2:91:52:f7:28:08:78:
bc:98:c8:96:aa:ee:71:fe:43:66:08:ab:b4:23:34:d2:2d:ad:
80:32:83:24:b6:17:47:23:33:7a:76:1a:03:75:3b:92:d2:f0:
88:40:0a:53
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgICBDEwDQYJKoZIhvcNAQELBQAwWjElMCMGA1UEAxMcYXBu
aWMtcnBraS1yb290LWludGVybWVkaWF0ZTExMC8GA1UEBRMoOTgxNDJDOUQwQjQx
QTNCOUZCNjAzRDc2OTg0ODIzNkZEMUYzMTkyNDAeFw0yNjAzMDMyMjQ0MDJaFw0y
NjA0MTAyMjQ0MDJaMBgxFjAUBgNVBAMTDTY5YTc2NDMyLTM5ZTQwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpPq8U2cFfIBlE60SjEDX+QkC7FmN2t67B
0Hc5aLpn7KwMiCqljrT2mfwhY2VPgv78jO3xtwDb0AGvOuF6w38Jg/mtfESfPUeF
fRcwNbXxtU1Wf5FVPUvSHTUgaX8gMZXOR7kJGma24LPgppGz9jfOrNbd6E5hYRC9
2Nv71pVqwUt/EhIye6MG+KmLXtoUGiRnp/EXs2cNxPFKoNwxdQqhWexqHvvn9ptk
D6dkbIvpF67rN7OM6wboguwmwVTJbm7ECrhnxUa0a4alYYY6Uswh6z76WslQyT77
vYO202WSflsIqyPMO99YdBYtsOlQm/CTEv+DuJtIv+3rpbrptB7HAgMBAAGjggJP
MIICSzAdBgNVHQ4EFgQUejyU/aweUe39dKpr9sBUbWKPt9QwHwYDVR0jBBgwFoAU
mBQsnQtBo7n7YD12mEgjb9HzGSQwDgYDVR0PAQH/BAQDAgeAMHMGA1UdHwRsMGow
aKBmoGSGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJF
MEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9tQlFzblF0Qm83bjdZRDEybUVnamI5
SHpHU1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5LzgzOERCMjE0MTY2NTExRTJCM0JDMjg2
MTcyRkQxRkYyL21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdTUS5jZXIwSgYDVR0g
AQH/BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5h
cG5pYy5uZXQvUlBLSS9DUFMucGRmMH4GCCsGAQUFBwELBHIwcDBuBggrBgEFBQcw
C4ZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5Lzk4MDY1MkUwQjc3
RTExRTdBOTZBMzk1MjFBNEY0RkI0L21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdT
US5tZnQwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAw
BgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQAje/QhYYx2Y8XbsxOv
1YJ67vKbR6wlPEGiOiOmpNQ7mTI/QaIj/b5FlsZl5aXzaE2DPj86Sqj3gs7rgbyD
OihzmRAgY96ximOhKrhHPFGcHvt0JzttqxBW7OIgErPHYalIsOw3DgXpbcYhcmyu
oc1KSQgq7FRRByK6p/6s5XE/4LOrFVfPFzOHD5moP1qk87fuyb5gv/LLXxxVLBa/
ITiDlxY+VjIbZeSRLWHSZO1xjRf3GcgBYiZfp7TGy5yfNMUqnqw9EOG4SIHtEL48
e74dlsKRUvcoCHi8mMiWqu5x/kNmCKu0IzTSLa2AMoMkthdHIzN6dhoDdTuS0vCI
QApT
-----END CERTIFICATE-----
Generated at Wed Mar 4 17:30:33 2026 by rpki-client