Manifest
$ rpki-client -vvf rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
File: mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft (raw, json)
Hash identifier: 1THA+CtlvPfNL7OOUckrGUe255H7qG27XsczNldBGX0=
Subject key identifier: 95:F4:BC:FF:F3:4E:15:51:FC:71:FB:B0:67:FB:E2:78:95:1F:67:12
Authority key identifier: 98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
Certificate issuer: /CN=apnic-rpki-root-intermediate/serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
Certificate serial: 044D
Authority info access: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
Subject info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
Manifest number: 0221
Signing time: Thu 09 Apr 2026 23:58:03 +0000
Manifest this update: Thu 09 Apr 2026 23:58:03 +0000
Manifest next update: Sat 16 May 2026 23:58:03 +0000
Files and hashes: 1: mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl (hash: ByR6/j6Jo/SRyfiY8cBfxlrJRVTzeri6QXPDiElUQCI=)
2: DmWk9f02tb1o6zySNAiXjJB6p58.cer (hash: HvBVoi7peyVruKoMqA8m9fc5aNSsi6jivmqKbRjnsQc=)
3: dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer (hash: YWMTPz4UzJyzZzgG2tTkB4LomijdMBYeWiYsfxMjT4M=)
4: NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer (hash: WVmxsOlDF0xat6+qJEYw0FI7gJpo7ipvHNwUyCZPWe8=)
5: DPzneFf88B852ZpitKpi5hWedvg.cer (hash: YVio2jc3AawzIw0uiZL5Gkju5OhBfR6DBRvDSpCQM1U=)
6: lqhe9LjK9dTDWhV_ThJe5JS6-Tk.cer (hash: smAWZS9K8MP9hAYwZBrtiFmM1mhy7IDnVmOxvMZLNLs=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 09 May 2026 22:28:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1101 (0x44d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=apnic-rpki-root-intermediate, serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
Validity
Not Before: Apr 9 23:58:03 2026 GMT
Not After : May 16 23:58:03 2026 GMT
Subject: CN=69d83d0b-c117
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:75:69:c9:e5:e1:ac:31:1b:72:9d:a0:40:6b:
36:f4:85:06:11:ab:d8:85:5b:19:aa:e1:63:38:c6:
5b:31:3d:c4:a3:40:7f:47:36:f5:0c:cd:40:f8:87:
60:c1:9e:6f:73:35:b2:37:76:19:4b:65:79:af:b1:
f2:f3:f7:9f:47:fa:73:9c:98:ad:36:13:a5:c6:7a:
93:18:e0:2d:c0:e6:22:8f:35:3e:78:8b:b3:cb:da:
95:db:4b:ad:ff:c6:bb:9a:f2:3b:7e:fa:b2:04:a3:
9d:7d:30:24:78:ed:d5:4c:f8:41:98:7b:af:54:f6:
ad:17:3a:5a:55:14:b7:bc:82:03:89:12:2b:f7:8f:
09:5b:7d:fe:41:da:fe:6f:7f:22:7a:1e:1e:0e:b6:
60:e6:7d:f9:87:55:34:f6:90:e3:7e:69:84:ed:6f:
cd:cd:ba:1a:34:f1:6e:f0:8d:7f:3d:15:24:13:43:
b9:55:7b:33:28:06:a8:02:f1:1e:e2:08:a6:46:1e:
02:b4:0b:08:a8:ba:96:0b:aa:e6:96:a1:76:32:50:
ae:dc:04:d0:48:82:56:60:16:60:be:dd:94:5c:12:
c2:e6:8b:be:30:14:d0:05:bf:ae:d9:4a:71:59:fc:
64:13:bb:de:dd:aa:91:fa:ec:93:98:0c:ba:cc:de:
63:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:F4:BC:FF:F3:4E:15:51:FC:71:FB:B0:67:FB:E2:78:95:1F:67:12
X509v3 Authority Key Identifier:
keyid:98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
24:4b:c7:99:64:bb:1a:76:15:81:8b:dd:aa:d2:7d:20:72:dd:
ae:f2:f8:4c:55:45:6f:43:b2:52:be:2b:61:20:df:cb:6d:bb:
b2:32:98:36:16:1f:d2:1b:72:30:c3:99:da:36:2b:7e:cc:23:
dc:40:a0:07:04:91:35:50:a2:f1:6e:20:3d:66:70:f0:eb:11:
93:76:e8:ea:d3:48:6a:cc:e5:c2:e2:1f:ad:cc:62:17:82:4a:
72:7b:20:ab:88:9c:03:a8:9f:3f:99:38:d1:da:c4:cb:56:50:
a5:11:75:28:46:07:61:69:eb:63:a4:12:6f:cc:65:c1:a3:fe:
66:e9:55:82:7c:35:e7:8b:6b:a0:9f:0d:ea:b7:2f:ff:ce:6e:
ed:ce:d1:12:30:cb:03:35:db:f7:08:b1:a0:05:f4:f7:a4:a8:
62:29:1c:a1:01:93:d4:6f:a0:71:15:51:34:a5:d8:0e:ab:5b:
35:63:54:aa:3e:bb:81:95:fa:d6:d9:a9:32:de:3d:a0:24:46:
13:ef:9e:5b:87:81:cb:d8:da:c3:b0:46:e9:69:eb:8d:03:6c:
72:ce:34:83:60:22:de:8c:f7:d9:b8:49:ee:e7:de:ea:cd:d8:
67:1e:b6:7e:6d:bc:72:34:80:01:e2:42:b5:e3:25:8c:75:7b:
92:3b:29:33
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgICBE0wDQYJKoZIhvcNAQELBQAwWjElMCMGA1UEAxMcYXBu
aWMtcnBraS1yb290LWludGVybWVkaWF0ZTExMC8GA1UEBRMoOTgxNDJDOUQwQjQx
QTNCOUZCNjAzRDc2OTg0ODIzNkZEMUYzMTkyNDAeFw0yNjA0MDkyMzU4MDNaFw0y
NjA1MTYyMzU4MDNaMBgxFjAUBgNVBAMTDTY5ZDgzZDBiLWMxMTcwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQD7dWnJ5eGsMRtynaBAazb0hQYRq9iFWxmq
4WM4xlsxPcSjQH9HNvUMzUD4h2DBnm9zNbI3dhlLZXmvsfLz959H+nOcmK02E6XG
epMY4C3A5iKPNT54i7PL2pXbS63/xrua8jt++rIEo519MCR47dVM+EGYe69U9q0X
OlpVFLe8ggOJEiv3jwlbff5B2v5vfyJ6Hh4OtmDmffmHVTT2kON+aYTtb83Nuho0
8W7wjX89FSQTQ7lVezMoBqgC8R7iCKZGHgK0CwioupYLquaWoXYyUK7cBNBIglZg
FmC+3ZRcEsLmi74wFNAFv67ZSnFZ/GQTu97dqpH67JOYDLrM3mOFAgMBAAGjggJP
MIICSzAdBgNVHQ4EFgQUlfS8//NOFVH8cfuwZ/vieJUfZxIwHwYDVR0jBBgwFoAU
mBQsnQtBo7n7YD12mEgjb9HzGSQwDgYDVR0PAQH/BAQDAgeAMHMGA1UdHwRsMGow
aKBmoGSGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJF
MEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9tQlFzblF0Qm83bjdZRDEybUVnamI5
SHpHU1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5LzgzOERCMjE0MTY2NTExRTJCM0JDMjg2
MTcyRkQxRkYyL21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdTUS5jZXIwSgYDVR0g
AQH/BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5h
cG5pYy5uZXQvUlBLSS9DUFMucGRmMH4GCCsGAQUFBwELBHIwcDBuBggrBgEFBQcw
C4ZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5Lzk4MDY1MkUwQjc3
RTExRTdBOTZBMzk1MjFBNEY0RkI0L21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdT
US5tZnQwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAw
BgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQAkS8eZZLsadhWBi92q
0n0gct2u8vhMVUVvQ7JSvithIN/LbbuyMpg2Fh/SG3Iww5naNit+zCPcQKAHBJE1
UKLxbiA9ZnDw6xGTdujq00hqzOXC4h+tzGIXgkpyeyCriJwDqJ8/mTjR2sTLVlCl
EXUoRgdhaetjpBJvzGXBo/5m6VWCfDXni2ugnw3qty//zm7tztESMMsDNdv3CLGg
BfT3pKhiKRyhAZPUb6BxFVE0pdgOq1s1Y1SqPruBlfrW2aky3j2gJEYT755bh4HL
2NrDsEbpaeuNA2xyzjSDYCLejPfZuEnu597qzdhnHrZ+bbxyNIAB4kK14yWMdXuS
Oykz
-----END CERTIFICATE-----
Generated at Sun Apr 12 23:16:23 2026 by rpki-client