
$ rpki-client -vvf rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
File: NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft (raw, json)
Hash identifier: +3BBWuraLtD37Ej+KNy0vJvrDmpr3PrGc6Jm2PB7Vmk=
Subject key identifier: B4:9A:EE:AF:FE:6C:7E:5B:91:14:51:CB:75:7C:C9:5E:90:5D:5E:1D
Authority key identifier: 34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22
Certificate issuer: /CN=A90DC5BE/serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22
Certificate serial: 4C20
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
Subject info access: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
Manifest number: 4B5B
Signing time: Sun 19 Jul 2026 02:50:12 +0000
Manifest this update: Sun 19 Jul 2026 02:50:11 +0000
Manifest next update: Sun 26 Jul 2026 02:50:11 +0000
Files and hashes: 1: NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl (hash: ziCFnrF1KT0X5ASExUM9kcg9a86w6bdqdrl0m2OE2Ws=)
2: yNpkCWcTSBB928ixg_VavykxJVY.cer (hash: 7LlC/Thv3K3ldgRtVocDRf7FXSGXuQd9aYtJXeGWXow=)
3: gf1WPMaGXeAtpqg_KgHxFhEdD_o.cer (hash: l5cZo0NCnOAN61PmPRwxJ+3G1YfnO8hR1ET4LiGF0Gg=)
4: Tidv6UgTpdcIr4ZtYdYhNA_AUbI.cer (hash: D+f82NqHOXX+gsbqchoR8C6o8P1bkW7IXideKsJzx+U=)
5: NaP2H8Xf8ZLB2Qx0q4LHol1-Ftg.cer (hash: IkSuUU7ZWS/JW8FM1z4r+u5UkK4TPFlbZKL6zIaBvUw=)
6: OQnM9p1_GhfcoBh4-uBuw5s447w.cer (hash: dheRiRgVpRQ/DT7YDIA6NP8Jb2BhQkOd97ylQTa/NVI=)
7: yMD7hwR0w-hMq4NZfEaoYsR_iII.cer (hash: gk69FcDJVfnMVDAPpkly9FYmRvv1My0o9FTRcFxsV+4=)
8: GHL5iLZXI3g3mSN-VU28xuSdFLA.cer (hash: m47+BAuEPyhZwLckC0gdvrJPZh1uimGWoBLYXZjyP3s=)
9: Erbl4Y99wQAc4IrxPdBNc8YOm5w.cer (hash: +S+jLZmqvsxjRO9HUtO3lUkaQPoZYi1woNnTGp4+JPA=)
10: 7sFGJFcUG4P9PfwliWp2Aj3oRzk.cer (hash: vKRegTYpP6Q4sKTEn3qYiflxyO8Q+1eOJ1tvz7oQ69o=)
11: hH8uEuq1BqUBCZRCB7HXAmZ38Js.cer (hash: GZKUTMvEU2v6QtpY7LVbQt7xtQeoTFLXXWOJzks3wco=)
12: CVjwl8rkKX3ycoLkGD468UJMj34.cer (hash: Rcb9yIZz7YIKD8PtnrnxPR64gvvH07YAhXdMB3XP/OA=)
13: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer (hash: Tj0DMc17GIlsrNOPo2Vrd8QYbq2oFDge8erwmAtJhmI=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl
rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 26 Jul 2026 02:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19488 (0x4c20)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22
Validity
Not Before: Jul 19 02:50:11 2026 GMT
Not After : Jul 26 02:50:11 2026 GMT
Subject: CN=6a5c3b63-de6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:0a:ef:84:4b:64:a6:48:45:a9:4a:52:1e:8c:
c6:bb:24:4c:61:de:14:e9:db:39:d7:aa:ea:fe:a6:
b1:dd:36:29:3c:0a:b3:23:98:f2:b0:97:17:26:ba:
92:95:36:43:4f:fb:06:28:a1:59:f8:a3:17:9f:1f:
ab:0f:33:77:9e:27:38:4c:45:7f:41:d5:5d:3d:ff:
f9:b1:d6:8b:0b:5f:43:4f:3e:8a:b8:0e:da:1f:7f:
cf:5e:7b:57:1e:1f:67:4b:04:06:13:88:58:17:62:
04:dd:36:a5:bf:9d:6e:41:88:96:c8:ef:20:55:d7:
78:51:65:06:5c:0a:db:56:d9:7c:3d:2b:c4:9d:06:
f0:16:22:d7:14:b7:d3:6c:35:99:fe:87:e7:33:dc:
31:e3:6c:08:7c:b5:28:ec:48:f9:8d:82:3f:e9:e2:
20:99:dc:ff:b0:9e:33:2b:89:c3:1f:30:b8:48:ab:
9e:50:68:8b:53:c7:4d:35:ab:2f:3e:a5:82:6c:d7:
0d:43:2a:b7:0d:a6:b5:2b:ea:74:45:07:f6:fb:3f:
2a:63:ff:99:54:64:c6:26:00:8a:5a:85:81:64:6f:
9d:61:9a:a5:07:b8:8a:ed:e8:b3:6b:06:99:05:9c:
bd:4b:17:bd:f7:d8:8f:c1:42:a1:8e:3b:11:2a:04:
e7:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:9A:EE:AF:FE:6C:7E:5B:91:14:51:CB:75:7C:C9:5E:90:5D:5E:1D
X509v3 Authority Key Identifier:
keyid:34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
31:81:71:1d:dd:08:9f:b0:9f:eb:09:25:fd:b2:ae:bb:b5:4d:
7f:90:82:2f:f7:e2:52:85:9b:61:f9:7e:0a:7c:91:17:b3:20:
7a:86:8c:e0:f4:1d:66:7c:8b:56:e4:ae:e9:10:1b:7e:ee:6f:
22:95:e6:e6:d1:7d:2d:83:65:b6:01:9a:b6:3b:30:ca:bd:32:
5a:f7:22:d8:3f:0e:6c:c3:7c:9b:24:6e:85:54:c5:05:38:2f:
bf:4a:f2:24:1c:e1:ab:cb:00:c7:23:e8:ea:dd:8a:a8:f7:6d:
68:58:45:31:51:17:d3:e4:86:18:7f:05:05:68:a9:66:d1:36:
4c:af:06:e5:eb:3e:c6:1e:3a:93:73:08:0c:b9:a3:7b:d6:22:
70:f6:bf:29:17:eb:a8:fe:4a:f6:43:43:21:7f:d3:e7:80:c3:
b5:f3:47:c4:77:72:5f:b1:45:05:df:d2:38:74:c2:67:c7:ec:
86:65:6f:69:eb:9f:39:c3:bc:b1:26:d9:3c:98:ec:10:ca:a0:
e9:7e:cf:ba:eb:36:0d:98:8d:0b:ba:65:20:00:7d:df:02:db:
a4:82:88:b5:df:25:8f:39:bd:66:f7:37:5f:75:1e:c2:b7:d1:
90:aa:8c:b1:da:d8:11:c9:fe:14:32:70:ed:39:33:3c:e3:f6:
8f:40:cc:fb
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgICTCAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDM0OEY5QjlCOTJBNzJDQ0ZEMzZGM0M3MEYzNTY3NTcz
M0NDOEVBMjIwHhcNMjYwNzE5MDI1MDExWhcNMjYwNzI2MDI1MDExWjAYMRYwFAYD
VQQDEw02YTVjM2I2My1kZTZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuQrvhEtkpkhFqUpSHozGuyRMYd4U6ds516rq/qax3TYpPAqzI5jysJcXJrqS
lTZDT/sGKKFZ+KMXnx+rDzN3nic4TEV/QdVdPf/5sdaLC19DTz6KuA7aH3/PXntX
Hh9nSwQGE4hYF2IE3Talv51uQYiWyO8gVdd4UWUGXArbVtl8PSvEnQbwFiLXFLfT
bDWZ/ofnM9wx42wIfLUo7Ej5jYI/6eIgmdz/sJ4zK4nDHzC4SKueUGiLU8dNNasv
PqWCbNcNQyq3Daa1K+p0RQf2+z8qY/+ZVGTGJgCKWoWBZG+dYZqlB7iK7eizawaZ
BZy9Sxe999iPwUKhjjsRKgTnAwIDAQABo4ICTzCCAkswHQYDVR0OBBYEFLSa7q/+
bH5bkRRRy3V8yV6QXV4dMB8GA1UdIwQYMBaAFDSPm5uSpyzP0288cPNWdXM8yOoi
MA4GA1UdDwEB/wQEAwIHgDBzBgNVHR8EbDBqMGigZqBkhmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjQxRkU2MTAxRDY2MTFFMkE2MkY4NzdDNzJG
RDFGRjIvTkktYm01S25MTV9UYnp4dzgxWjFjenpJNmlJLmNybDB+BggrBgEFBQcB
AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np
dG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9OSS1ibTVLbkxN
X1Rienh3ODFaMWN6ekk2aUkuY2VyMEoGA1UdIAEB/wRAMD4wPAYIKwYBBQUHDgIw
MDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMubmV0L1JQS0kvQ1BTLnBk
ZjB+BggrBgEFBQcBCwRyMHAwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5hcG5p
Yy5uZXQvcmVwb3NpdG9yeS9CNDFGRTYxMDFENjYxMUUyQTYyRjg3N0M3MkZEMUZG
Mi9OSS1ibTVLbkxNX1Rienh3ODFaMWN6ekk2aUkubWZ0MBUGCCsGAQUFBwEIAQH/
BAYwBKACBQAwIQYIKwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkq
hkiG9w0BAQsFAAOCAQEAMYFxHd0In7Cf6wkl/bKuu7VNf5CCL/fiUoWbYfl+CnyR
F7MgeoaM4PQdZnyLVuSu6RAbfu5vIpXm5tF9LYNltgGatjswyr0yWvci2D8ObMN8
myRuhVTFBTgvv0ryJBzhq8sAxyPo6t2KqPdtaFhFMVEX0+SGGH8FBWipZtE2TK8G
5es+xh46k3MIDLmje9YicPa/KRfrqP5K9kNDIX/T54DDtfNHxHdyX7FFBd/SOHTC
Z8fshmVvaeufOcO8sSbZPJjsEMqg6X7Puus2DZiNC7plIAB93wLbpIKItd8ljzm9
Zvc3X3UewrfRkKqMsdrYEcn+FDJw7TkzPOP2j0DM+w==
-----END CERTIFICATE-----
Generated at Sun Jul 19 13:09:51 2026 by rpki-client