Manifest
$ rpki-client -vvf rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
File: mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft (raw, json)
Hash identifier: 4hNvoJCQ97M2T5xIyPXbUEQ/iNs1NShdHIX4qCs4t2E=
Subject key identifier: 40:BD:00:8A:52:60:08:C2:E6:45:CF:1E:C9:15:D9:03:3D:45:D6:69
Authority key identifier: 98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
Certificate issuer: /CN=apnic-rpki-root-intermediate/serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
Certificate serial: 03B1
Authority info access: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
Subject info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
Manifest number: 01D3
Signing time: Sun 10 Aug 2025 22:38:52 +0000
Manifest this update: Sun 10 Aug 2025 22:38:51 +0000
Manifest next update: Wed 17 Sep 2025 22:38:51 +0000
Files and hashes: 1: mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl (hash: KEFg+/FKOOs0DHfr+hpS+E9rjj3oDVbOHZwJ4jcC934=)
2: DmWk9f02tb1o6zySNAiXjJB6p58.cer (hash: F5ea2PHEdnp8OkhTCvVxp73LXDgcVsjPpcfj7fYDYic=)
3: dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer (hash: xov3n6/gFsD1LsQ6oKvJBsO7b0Zt6mEPs2wIoStGnhI=)
4: NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer (hash: x4mFJOMmynkwTyJAqeOPLl/8JsviT9ztJe/+Vjo6VFw=)
5: DPzneFf88B852ZpitKpi5hWedvg.cer (hash: bYzdOUS201K8gqiq8ncffU6nm6tl5f6sVNHjv8idJNk=)
6: lqhe9LjK9dTDWhV_ThJe5JS6-Tk.cer (hash: xNGFTC4dfqtMbccyv7r/06PxIMW5lHsysOQ7ZVWen1U=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 17 Sep 2025 22:38:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 945 (0x3b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=apnic-rpki-root-intermediate, serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
Validity
Not Before: Aug 10 22:38:51 2025 GMT
Not After : Sep 17 22:38:51 2025 GMT
Subject: CN=68991f7b-87db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:90:b2:ec:f6:ee:d4:cf:d0:36:3d:6b:99:3d:
a9:2e:ec:cf:b7:4a:c5:79:02:d8:80:f4:37:29:38:
e4:b9:1a:9e:d8:ee:c1:57:e2:7d:fa:1e:db:20:b2:
25:f5:03:1e:d5:a4:22:80:b7:ab:08:c3:2c:af:0c:
40:66:f4:1a:33:cf:c1:db:58:75:2b:c3:4d:3c:73:
19:b8:2e:e8:0f:19:0a:15:c1:2f:59:39:45:94:5a:
b1:ca:9c:4b:b8:03:23:e7:55:17:57:b5:cd:7f:e9:
9e:4b:ba:03:55:8e:29:f0:f7:40:68:6b:3c:12:84:
75:55:47:9b:c7:81:e7:6b:8b:6a:30:74:64:3a:00:
52:dc:33:d1:79:b4:17:a6:7d:45:09:32:87:03:55:
4f:b6:d2:80:31:54:60:d3:63:b9:50:8b:e1:fe:ee:
f1:1d:3b:a5:e7:1d:49:e1:91:a1:f2:3a:1d:08:a9:
0a:87:f5:33:a2:26:fc:4a:bd:97:a3:b3:b4:a2:c5:
92:64:50:ba:97:37:c9:9d:dd:d0:26:00:75:69:ad:
d6:d5:aa:00:2c:74:ff:1e:ab:0c:e7:24:90:47:56:
c0:6a:8e:3a:42:10:3a:63:dc:46:d8:1f:32:5a:84:
ea:4b:c0:6b:46:1a:53:9e:47:7a:ef:39:b0:60:c3:
1f:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:BD:00:8A:52:60:08:C2:E6:45:CF:1E:C9:15:D9:03:3D:45:D6:69
X509v3 Authority Key Identifier:
keyid:98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
b6:b7:94:74:43:dc:a3:d1:c2:ba:8d:e1:97:42:02:47:3f:ec:
af:29:cf:81:b4:33:94:9c:21:91:b6:5c:5b:3e:20:8e:ba:3d:
99:03:24:a8:9d:e3:ba:07:56:29:16:4d:ad:9a:9d:dd:a6:49:
06:8a:bf:85:f0:5c:62:b2:1d:db:80:19:f2:19:a3:92:47:d9:
69:a7:f0:39:02:d1:52:59:c9:c7:73:35:d9:d5:d1:3f:15:8d:
7a:8c:4d:66:2a:8e:62:36:2f:da:39:5a:df:86:32:dc:8d:8f:
cb:8b:3b:a3:6b:6b:e0:1f:88:3e:34:a4:86:17:0b:3d:21:d4:
4f:01:24:4f:ff:fe:49:0b:10:0c:67:7e:f7:83:65:93:30:45:
62:bf:3d:39:bc:d9:b8:6e:b2:99:ba:a1:59:36:50:8f:bd:7c:
65:44:a3:53:30:78:4b:6f:a7:e3:39:3a:66:90:c9:11:f2:c8:
56:ca:93:9e:a5:c7:48:49:8f:72:b1:85:fe:aa:8d:eb:a9:75:
87:0c:b4:3e:b1:af:3c:2b:8d:4a:64:28:76:24:68:25:ee:71:
b0:b4:c0:2a:d1:60:dd:2b:d6:9f:71:c8:0c:0b:c2:c8:b5:db:
9a:36:7d:dc:e3:b5:8f:17:a4:1a:ac:8f:c1:9a:ac:77:cd:c6:
42:c1:d2:a7
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgICA7EwDQYJKoZIhvcNAQELBQAwWjElMCMGA1UEAxMcYXBu
aWMtcnBraS1yb290LWludGVybWVkaWF0ZTExMC8GA1UEBRMoOTgxNDJDOUQwQjQx
QTNCOUZCNjAzRDc2OTg0ODIzNkZEMUYzMTkyNDAeFw0yNTA4MTAyMjM4NTFaFw0y
NTA5MTcyMjM4NTFaMBgxFjAUBgNVBAMTDTY4OTkxZjdiLTg3ZGIwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQChkLLs9u7Uz9A2PWuZPaku7M+3SsV5AtiA
9DcpOOS5Gp7Y7sFX4n36HtsgsiX1Ax7VpCKAt6sIwyyvDEBm9Bozz8HbWHUrw008
cxm4LugPGQoVwS9ZOUWUWrHKnEu4AyPnVRdXtc1/6Z5LugNVjinw90BoazwShHVV
R5vHgedri2owdGQ6AFLcM9F5tBemfUUJMocDVU+20oAxVGDTY7lQi+H+7vEdO6Xn
HUnhkaHyOh0IqQqH9TOiJvxKvZejs7SixZJkULqXN8md3dAmAHVprdbVqgAsdP8e
qwznJJBHVsBqjjpCEDpj3EbYHzJahOpLwGtGGlOeR3rvObBgwx89AgMBAAGjggJP
MIICSzAdBgNVHQ4EFgQUQL0AilJgCMLmRc8eyRXZAz1F1mkwHwYDVR0jBBgwFoAU
mBQsnQtBo7n7YD12mEgjb9HzGSQwDgYDVR0PAQH/BAQDAgeAMHMGA1UdHwRsMGow
aKBmoGSGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJF
MEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9tQlFzblF0Qm83bjdZRDEybUVnamI5
SHpHU1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5LzgzOERCMjE0MTY2NTExRTJCM0JDMjg2
MTcyRkQxRkYyL21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdTUS5jZXIwSgYDVR0g
AQH/BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5h
cG5pYy5uZXQvUlBLSS9DUFMucGRmMH4GCCsGAQUFBwELBHIwcDBuBggrBgEFBQcw
C4ZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5Lzk4MDY1MkUwQjc3
RTExRTdBOTZBMzk1MjFBNEY0RkI0L21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdT
US5tZnQwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAw
BgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQC2t5R0Q9yj0cK6jeGX
QgJHP+yvKc+BtDOUnCGRtlxbPiCOuj2ZAySoneO6B1YpFk2tmp3dpkkGir+F8Fxi
sh3bgBnyGaOSR9lpp/A5AtFSWcnHczXZ1dE/FY16jE1mKo5iNi/aOVrfhjLcjY/L
izuja2vgH4g+NKSGFws9IdRPASRP//5JCxAMZ373g2WTMEVivz05vNm4brKZuqFZ
NlCPvXxlRKNTMHhLb6fjOTpmkMkR8shWypOepcdISY9ysYX+qo3rqXWHDLQ+sa88
K41KZCh2JGgl7nGwtMAq0WDdK9afccgMC8LItduaNn3c47WPF6QarI/Bmqx3zcZC
wdKn
-----END CERTIFICATE-----
Generated at Tue Aug 19 06:03:05 2025 by rpki-client