Manifest
$ rpki-client -vvf rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
File: mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft (raw, json)
Hash identifier: /qL0qfz2Qj1UCgq6tFxGmso6M4WiM1uFh+ueCRk691M=
Subject key identifier: A9:3B:E5:10:52:7F:F8:AA:F2:66:CB:92:95:F2:D1:0C:20:51:BF:E2
Authority key identifier: 98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
Certificate issuer: /CN=apnic-rpki-root-intermediate/serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
Certificate serial: 046F
Authority info access: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
Subject info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
Manifest number: 0232
Signing time: Tue 19 May 2026 21:23:20 +0000
Manifest this update: Tue 19 May 2026 21:23:19 +0000
Manifest next update: Fri 26 Jun 2026 21:23:19 +0000
Files and hashes: 1: mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl (hash: cHwRjMgvDxulhwkc2QYyAgBxLimOnTPFdGfR0GxqyOA=)
2: DmWk9f02tb1o6zySNAiXjJB6p58.cer (hash: HvBVoi7peyVruKoMqA8m9fc5aNSsi6jivmqKbRjnsQc=)
3: dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer (hash: qh4nK9cHrKFPfL/gxHU+JPA2pbi1XDDvkI7ZEyjfRWU=)
4: NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer (hash: WVmxsOlDF0xat6+qJEYw0FI7gJpo7ipvHNwUyCZPWe8=)
5: DPzneFf88B852ZpitKpi5hWedvg.cer (hash: cM87XeVmDMSzMu5MivyF3KYZ+0jWLHmZ3t/7ui1VcgU=)
6: lqhe9LjK9dTDWhV_ThJe5JS6-Tk.cer (hash: PJIO4EkIbc5Wfgs3qRuAWbwtuWqVYDA0960OOy6ijN8=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 22 Jun 2026 01:32:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1135 (0x46f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=apnic-rpki-root-intermediate, serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
Validity
Not Before: May 19 21:23:19 2026 GMT
Not After : Jun 26 21:23:19 2026 GMT
Subject: CN=6a0cd4c7-a34f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c9:7c:58:56:b2:53:b6:77:a0:33:0d:cb:71:
a4:35:6e:46:92:4b:26:2a:19:fa:ab:74:97:5a:15:
52:4e:16:da:7f:46:f3:5b:94:4e:a2:55:34:96:3b:
73:38:ed:11:56:79:ec:8d:92:34:d4:1a:97:1c:68:
a7:8a:2a:33:7d:9f:ed:ad:82:31:3c:49:c5:7a:06:
70:3e:5b:aa:30:57:52:86:0e:b3:9a:c1:4b:4e:af:
af:7a:d5:52:32:6d:39:c2:d6:64:97:09:b0:64:e9:
26:bf:ad:3b:64:fc:97:1d:7d:0b:34:cf:9b:cb:c9:
7d:d7:93:c4:d8:3b:a2:11:34:97:35:2b:7a:2f:fe:
53:49:94:cd:f3:5c:49:e1:6b:6d:87:31:f1:82:3c:
e9:18:8f:a6:43:36:a4:2d:57:5a:47:62:6a:64:3f:
3b:50:b4:d6:3d:b2:d9:94:e6:15:3c:2a:ef:d1:ff:
ea:e8:de:d0:aa:f5:dd:db:91:87:19:96:28:40:d1:
76:60:b0:c5:19:f1:9a:b8:d3:a9:7c:f1:b9:b8:bb:
8f:7b:d4:2c:36:d2:2b:ea:ce:d4:d6:dc:ac:c5:18:
eb:96:7d:c1:11:3e:03:35:c2:93:40:ac:8e:54:bc:
a2:c0:63:80:3a:71:f5:41:1e:47:31:0b:f5:25:9c:
b9:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:3B:E5:10:52:7F:F8:AA:F2:66:CB:92:95:F2:D1:0C:20:51:BF:E2
X509v3 Authority Key Identifier:
keyid:98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
67:b6:ef:fc:9a:22:4d:f5:d6:46:2c:77:31:a2:e6:be:38:eb:
5d:8a:b9:c9:bc:bf:ca:94:77:2d:31:c3:4f:c6:a9:9b:b1:a4:
0b:db:cd:d3:96:2d:9d:25:8a:b6:67:08:44:4d:d9:64:1b:bd:
fc:da:42:ad:79:6a:a0:6a:21:67:37:b3:14:c2:2d:f9:ef:85:
cb:14:ad:19:a3:4f:69:f4:79:2a:6a:eb:90:74:32:ff:0f:77:
66:01:c4:18:e1:20:be:0e:b3:2a:26:b7:f1:61:c4:82:05:6d:
c0:46:f1:91:5f:e6:1a:39:55:ec:14:8e:3b:33:b4:ce:9e:fb:
93:62:4e:16:ef:20:de:e6:04:8d:be:97:d2:26:9a:5c:cc:32:
43:89:89:01:b6:b8:7c:e4:b6:fa:75:ef:6a:da:c0:e1:91:c6:
7b:3d:85:67:c9:43:ae:17:76:cb:4b:a9:1f:c7:2a:cd:e4:51:
b5:ea:37:0e:3c:b2:bf:67:cc:b4:f3:f3:74:dd:22:ea:bf:96:
c4:a2:37:6e:e8:a8:3b:e1:af:24:4d:4a:14:fd:80:ca:f7:28:
17:08:45:94:2c:41:83:4c:93:b1:97:72:0f:21:9c:f6:3e:50:
5c:e3:56:99:ee:6e:72:d4:e7:b2:4c:88:76:d8:c0:dd:5d:eb:
e3:a0:b6:43
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgICBG8wDQYJKoZIhvcNAQELBQAwWjElMCMGA1UEAxMcYXBu
aWMtcnBraS1yb290LWludGVybWVkaWF0ZTExMC8GA1UEBRMoOTgxNDJDOUQwQjQx
QTNCOUZCNjAzRDc2OTg0ODIzNkZEMUYzMTkyNDAeFw0yNjA1MTkyMTIzMTlaFw0y
NjA2MjYyMTIzMTlaMBgxFjAUBgNVBAMTDTZhMGNkNGM3LWEzNGYwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxyXxYVrJTtnegMw3LcaQ1bkaSSyYqGfqr
dJdaFVJOFtp/RvNblE6iVTSWO3M47RFWeeyNkjTUGpccaKeKKjN9n+2tgjE8ScV6
BnA+W6owV1KGDrOawUtOr6961VIybTnC1mSXCbBk6Sa/rTtk/JcdfQs0z5vLyX3X
k8TYO6IRNJc1K3ov/lNJlM3zXEnha22HMfGCPOkYj6ZDNqQtV1pHYmpkPztQtNY9
stmU5hU8Ku/R/+ro3tCq9d3bkYcZlihA0XZgsMUZ8Zq406l88bm4u4971Cw20ivq
ztTW3KzFGOuWfcERPgM1wpNArI5UvKLAY4A6cfVBHkcxC/UlnLnpAgMBAAGjggJP
MIICSzAdBgNVHQ4EFgQUqTvlEFJ/+KryZsuSlfLRDCBRv+IwHwYDVR0jBBgwFoAU
mBQsnQtBo7n7YD12mEgjb9HzGSQwDgYDVR0PAQH/BAQDAgeAMHMGA1UdHwRsMGow
aKBmoGSGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJF
MEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9tQlFzblF0Qm83bjdZRDEybUVnamI5
SHpHU1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5LzgzOERCMjE0MTY2NTExRTJCM0JDMjg2
MTcyRkQxRkYyL21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdTUS5jZXIwSgYDVR0g
AQH/BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5h
cG5pYy5uZXQvUlBLSS9DUFMucGRmMH4GCCsGAQUFBwELBHIwcDBuBggrBgEFBQcw
C4ZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5Lzk4MDY1MkUwQjc3
RTExRTdBOTZBMzk1MjFBNEY0RkI0L21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdT
US5tZnQwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAw
BgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQBntu/8miJN9dZGLHcx
oua+OOtdirnJvL/KlHctMcNPxqmbsaQL283Tli2dJYq2ZwhETdlkG7382kKteWqg
aiFnN7MUwi3574XLFK0Zo09p9HkqauuQdDL/D3dmAcQY4SC+DrMqJrfxYcSCBW3A
RvGRX+YaOVXsFI47M7TOnvuTYk4W7yDe5gSNvpfSJppczDJDiYkBtrh85Lb6de9q
2sDhkcZ7PYVnyUOuF3bLS6kfxyrN5FG16jcOPLK/Z8y08/N03SLqv5bEojdu6Kg7
4a8kTUoU/YDK9ygXCEWULEGDTJOxl3IPIZz2PlBc41aZ7m5y1OeyTIh22MDdXevj
oLZD
-----END CERTIFICATE-----
Generated at Mon May 25 21:19:54 2026 by rpki-client