Manifest
$ rpki-client -vvf rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
File: mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft (raw, json)
Hash identifier: J5XnwRRFKCw5ciKk0bNGiRqwfGs8/9VMF7xu9CW9xfg=
Subject key identifier: 24:FB:FE:D1:96:52:DA:F0:49:13:64:7C:7F:8F:8A:8D:16:C7:8E:9C
Authority key identifier: 98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
Certificate issuer: /CN=apnic-rpki-root-intermediate/serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
Certificate serial: 03A5
Authority info access: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
Subject info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
Manifest number: 01CD
Signing time: Mon 23 Jun 2025 22:28:45 +0000
Manifest this update: Mon 23 Jun 2025 22:28:45 +0000
Manifest next update: Wed 30 Jul 2025 22:28:45 +0000
Files and hashes: 1: mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl (hash: yJSMK7h207qXetfTf0fKIbK7GmcKHVWz9RM5cgC0Tuk=)
2: DmWk9f02tb1o6zySNAiXjJB6p58.cer (hash: F5ea2PHEdnp8OkhTCvVxp73LXDgcVsjPpcfj7fYDYic=)
3: dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer (hash: L5hpH5UJel8nR0VDqvKzj57tQIQ0DLsn6bRiua+2o1U=)
4: NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer (hash: x4mFJOMmynkwTyJAqeOPLl/8JsviT9ztJe/+Vjo6VFw=)
5: DPzneFf88B852ZpitKpi5hWedvg.cer (hash: /MHS3Sit3L4L/hosPfsdjiBL9WFnsioWd9nUWmUkMwI=)
6: lqhe9LjK9dTDWhV_ThJe5JS6-Tk.cer (hash: /2yzJwAtTJqt8ivA3yv6yDv5Ialu5ubqlmHKX9paiSo=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 10 Jul 2025 03:15:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 933 (0x3a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=apnic-rpki-root-intermediate, serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
Validity
Not Before: Jun 23 22:28:45 2025 GMT
Not After : Jul 30 22:28:45 2025 GMT
Subject: CN=6859d51d-020a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:03:8c:42:34:bd:7a:54:69:1e:93:d1:ac:0c:
27:c0:9b:3a:2d:47:a2:df:0a:44:49:11:71:53:a7:
df:d7:25:de:75:96:5c:49:2d:c9:b3:ef:26:51:f8:
e9:f7:f0:5e:a4:40:d4:65:d0:b1:fc:70:9b:f0:a2:
bf:d2:74:fa:ca:2b:db:73:46:00:ba:8a:bf:a1:62:
62:a9:89:35:bf:e9:39:46:34:f5:f1:da:4f:86:dc:
30:02:94:b5:93:a7:ba:f7:f8:85:61:c5:f5:5a:b8:
a0:da:69:d8:30:2e:be:87:e7:d4:46:55:fa:53:a8:
81:88:1a:3c:03:b9:be:2e:39:b3:4b:6e:e1:8e:89:
14:8f:7a:ae:5c:83:46:e7:36:3a:84:36:c2:ea:53:
90:7c:a1:2c:3b:d5:3b:fd:65:55:05:d6:cb:08:57:
b1:04:74:24:08:08:cd:b7:76:4b:60:d1:7d:4a:ab:
9f:79:2c:15:38:ba:58:00:6a:00:fa:a0:f8:d4:c1:
9d:0b:60:b4:64:cd:5e:db:46:2c:17:1e:bb:5c:7d:
87:96:ea:9f:be:72:60:a0:4b:94:26:7b:fa:fe:b4:
14:a9:44:c9:f1:be:b5:6b:a4:be:75:92:e4:8e:27:
a7:a5:2b:86:bc:88:af:e9:e1:d9:f2:71:0c:05:12:
36:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:FB:FE:D1:96:52:DA:F0:49:13:64:7C:7F:8F:8A:8D:16:C7:8E:9C
X509v3 Authority Key Identifier:
keyid:98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
44:70:0a:06:04:95:65:8f:f2:6e:a2:cb:8b:1e:6c:8b:33:37:
6d:a9:3f:1e:64:35:08:d2:6d:ad:87:18:84:4c:97:74:10:ff:
4e:19:d9:19:a3:ae:6f:c8:30:9e:de:a6:84:78:24:19:68:f3:
63:0f:a6:9d:7e:3f:ef:d2:85:d8:07:fd:15:1c:7c:7d:39:f8:
10:3d:7e:a0:1f:bc:4f:85:dd:64:50:aa:2c:d4:32:31:19:68:
ff:3b:17:1d:50:21:32:48:a1:45:e8:83:d6:22:41:a2:35:e3:
c4:95:59:f1:88:75:9e:5e:d9:08:5e:f4:b7:11:ad:2c:2a:e1:
ff:b0:b2:a7:65:b2:0e:2b:e7:50:2d:80:9b:10:1d:a5:ea:8c:
d7:e8:81:39:4c:c1:90:cc:2c:06:bf:14:fa:e3:1b:72:b1:76:
21:54:8f:16:3d:d0:0a:f7:44:60:e0:6e:27:d9:dd:f8:62:90:
a4:2c:c6:72:f3:ec:90:70:e6:b8:3a:a7:4a:86:39:61:4d:d4:
f0:de:9c:ef:35:88:f3:07:57:0b:dc:d3:6e:52:54:3c:54:87:
19:af:3f:4d:1d:be:4a:65:6e:ea:ee:22:7f:47:1e:fe:87:96:
f6:b5:73:28:2a:fd:0f:ae:4a:2e:bc:a7:e0:1f:1c:3a:49:cd:
76:5b:c4:eb
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgICA6UwDQYJKoZIhvcNAQELBQAwWjElMCMGA1UEAxMcYXBu
aWMtcnBraS1yb290LWludGVybWVkaWF0ZTExMC8GA1UEBRMoOTgxNDJDOUQwQjQx
QTNCOUZCNjAzRDc2OTg0ODIzNkZEMUYzMTkyNDAeFw0yNTA2MjMyMjI4NDVaFw0y
NTA3MzAyMjI4NDVaMBgxFjAUBgNVBAMTDTY4NTlkNTFkLTAyMGEwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOA4xCNL16VGkek9GsDCfAmzotR6LfCkRJ
EXFTp9/XJd51llxJLcmz7yZR+On38F6kQNRl0LH8cJvwor/SdPrKK9tzRgC6ir+h
YmKpiTW/6TlGNPXx2k+G3DAClLWTp7r3+IVhxfVauKDaadgwLr6H59RGVfpTqIGI
GjwDub4uObNLbuGOiRSPeq5cg0bnNjqENsLqU5B8oSw71Tv9ZVUF1ssIV7EEdCQI
CM23dktg0X1Kq595LBU4ulgAagD6oPjUwZ0LYLRkzV7bRiwXHrtcfYeW6p++cmCg
S5Qme/r+tBSpRMnxvrVrpL51kuSOJ6elK4a8iK/p4dnycQwFEjahAgMBAAGjggJP
MIICSzAdBgNVHQ4EFgQUJPv+0ZZS2vBJE2R8f4+KjRbHjpwwHwYDVR0jBBgwFoAU
mBQsnQtBo7n7YD12mEgjb9HzGSQwDgYDVR0PAQH/BAQDAgeAMHMGA1UdHwRsMGow
aKBmoGSGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJF
MEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9tQlFzblF0Qm83bjdZRDEybUVnamI5
SHpHU1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5LzgzOERCMjE0MTY2NTExRTJCM0JDMjg2
MTcyRkQxRkYyL21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdTUS5jZXIwSgYDVR0g
AQH/BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5h
cG5pYy5uZXQvUlBLSS9DUFMucGRmMH4GCCsGAQUFBwELBHIwcDBuBggrBgEFBQcw
C4ZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5Lzk4MDY1MkUwQjc3
RTExRTdBOTZBMzk1MjFBNEY0RkI0L21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdT
US5tZnQwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAw
BgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQBEcAoGBJVlj/JuosuL
HmyLMzdtqT8eZDUI0m2thxiETJd0EP9OGdkZo65vyDCe3qaEeCQZaPNjD6adfj/v
0oXYB/0VHHx9OfgQPX6gH7xPhd1kUKos1DIxGWj/OxcdUCEySKFF6IPWIkGiNePE
lVnxiHWeXtkIXvS3Ea0sKuH/sLKnZbIOK+dQLYCbEB2l6ozX6IE5TMGQzCwGvxT6
4xtysXYhVI8WPdAK90Rg4G4n2d34YpCkLMZy8+yQcOa4OqdKhjlhTdTw3pzvNYjz
B1cL3NNuUlQ8VIcZrz9NHb5KZW7q7iJ/Rx7+h5b2tXMoKv0PrkouvKfgHxw6Sc12
W8Tr
-----END CERTIFICATE-----
Generated at Tue Jun 24 09:13:12 2025 by rpki-client