
$ rpki-client -vvf rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
File: NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft (raw, json)
Hash identifier: aGYyVocRH6qgqnFZAVkITpC4OINoQGDrx1CGxnA+tyE=
Subject key identifier: 9C:06:8B:00:CE:35:E2:2C:6B:6C:EE:67:1B:A4:22:16:FA:FC:49:C4
Authority key identifier: 34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22
Certificate issuer: /CN=A90DC5BE/serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22
Certificate serial: 4B6F
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
Subject info access: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
Manifest number: 4AB2
Signing time: Wed 27 May 2026 02:50:11 +0000
Manifest this update: Wed 27 May 2026 02:50:11 +0000
Manifest next update: Wed 03 Jun 2026 02:50:11 +0000
Files and hashes: 1: NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl (hash: v7zwJMA5vXOA9l73H80qNppNdyzBotQSeETFBwKCwX0=)
2: CVjwl8rkKX3ycoLkGD468UJMj34.cer (hash: Rcb9yIZz7YIKD8PtnrnxPR64gvvH07YAhXdMB3XP/OA=)
3: Erbl4Y99wQAc4IrxPdBNc8YOm5w.cer (hash: +S+jLZmqvsxjRO9HUtO3lUkaQPoZYi1woNnTGp4+JPA=)
4: yNpkCWcTSBB928ixg_VavykxJVY.cer (hash: gihqpRCjg2rI9ASnRe9SEx4bmJeI8d1jCVD9TrUB2P0=)
5: yMD7hwR0w-hMq4NZfEaoYsR_iII.cer (hash: 9PPfP/K0Uf+S7J39zhXXnRpHgv6uH4LNhJd4TezIBSI=)
6: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer (hash: Tj0DMc17GIlsrNOPo2Vrd8QYbq2oFDge8erwmAtJhmI=)
7: 7sFGJFcUG4P9PfwliWp2Aj3oRzk.cer (hash: vKRegTYpP6Q4sKTEn3qYiflxyO8Q+1eOJ1tvz7oQ69o=)
8: GHL5iLZXI3g3mSN-VU28xuSdFLA.cer (hash: m47+BAuEPyhZwLckC0gdvrJPZh1uimGWoBLYXZjyP3s=)
9: Tidv6UgTpdcIr4ZtYdYhNA_AUbI.cer (hash: a08n2HW5nibBBiTwza8V+WtqK6Yxby9U6HH3/Nqtoa4=)
10: NaP2H8Xf8ZLB2Qx0q4LHol1-Ftg.cer (hash: ZF1RlRehUcyZpIoR/bVaAFymoj2e9ILKyQaE+joIDZE=)
11: gf1WPMaGXeAtpqg_KgHxFhEdD_o.cer (hash: l5cZo0NCnOAN61PmPRwxJ+3G1YfnO8hR1ET4LiGF0Gg=)
12: hH8uEuq1BqUBCZRCB7HXAmZ38Js.cer (hash: GZKUTMvEU2v6QtpY7LVbQt7xtQeoTFLXXWOJzks3wco=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl
rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 03 Jun 2026 02:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19311 (0x4b6f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22
Validity
Not Before: May 27 02:50:11 2026 GMT
Not After : Jun 3 02:50:11 2026 GMT
Subject: CN=6a165be3-d0fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:97:7a:cf:75:d9:3c:ce:3b:36:e7:b3:b9:e7:
2a:b9:d1:06:4d:ca:4f:a7:8f:de:68:fa:91:40:66:
90:64:d7:a2:a8:0f:ed:cb:61:c5:0d:79:4d:65:96:
50:e3:10:e8:b7:8a:99:58:32:53:ad:bc:30:e8:4a:
79:97:27:61:f6:d5:47:73:79:c6:96:ae:f9:d1:a8:
dc:ba:8c:3c:c9:39:6b:cc:9a:28:f0:8e:1c:eb:d1:
c4:42:57:74:c4:d7:bf:e4:9e:5f:1e:9b:8e:ec:44:
6e:15:8c:49:ac:56:9a:62:93:3f:7e:e0:36:2d:37:
2a:ac:4c:a3:22:ff:7b:57:fc:94:b7:c7:85:05:bc:
0f:c4:e7:4f:64:d1:77:2c:1f:4e:c7:6c:56:bd:fc:
44:89:9c:3b:10:c9:ae:42:85:97:ba:90:5a:c6:c0:
62:a8:fe:2c:ca:88:95:fe:db:26:b9:d8:e5:fe:16:
08:8d:7f:14:a0:ac:ac:8c:d8:83:d6:73:95:29:f4:
a2:d9:fa:17:e6:20:15:1c:04:62:1f:5b:3d:b8:11:
bb:55:a0:6e:62:20:2f:26:45:2b:ef:8c:28:46:47:
6e:dd:21:d4:32:c5:2c:cb:bf:97:41:68:0e:5c:2a:
ba:fc:39:4c:5f:a9:f0:a9:ca:46:bd:19:6e:84:07:
8e:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:06:8B:00:CE:35:E2:2C:6B:6C:EE:67:1B:A4:22:16:FA:FC:49:C4
X509v3 Authority Key Identifier:
keyid:34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
31:13:a7:b5:5a:f2:a3:2e:02:7a:c6:ab:af:a5:5f:5f:14:74:
8f:23:04:6a:1a:28:57:99:0d:22:2f:4e:6f:4e:87:87:8d:b5:
f2:ec:5d:f0:2a:8f:2c:52:e7:17:fb:e5:f7:71:ba:2e:73:5b:
ff:0d:77:24:02:35:7f:3c:d2:c7:c8:ac:67:5d:52:a1:71:0b:
33:2a:50:2a:b2:99:22:5b:42:b8:bb:60:a5:c5:04:cc:7a:0a:
ba:81:04:92:84:c2:e3:73:8a:49:ad:df:8d:c5:51:98:40:9f:
15:a0:be:ba:47:94:41:ed:cf:d3:34:8a:a9:b2:9d:7e:8a:56:
19:33:d2:b7:53:e0:07:1e:32:06:54:60:3a:17:5f:0b:7e:35:
8f:78:99:54:77:0c:c0:c7:4a:eb:4c:e0:18:9a:c3:02:ec:6e:
00:f6:2e:dc:57:39:0a:a3:a4:a7:82:e1:c4:0b:3c:36:f9:8c:
9e:36:d5:9c:bb:48:45:34:90:4b:97:f0:66:ae:6a:43:5d:99:
be:06:45:07:96:8a:77:45:e2:ed:0c:26:d7:10:5b:86:df:f7:
08:c5:4d:06:11:d3:8d:82:29:6b:a8:34:29:e5:c1:89:62:47:
b4:6e:30:fa:ba:7c:4d:26:23:ea:b4:61:05:1b:16:2f:3a:f7:
d2:f4:f8:08
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgICS28wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDM0OEY5QjlCOTJBNzJDQ0ZEMzZGM0M3MEYzNTY3NTcz
M0NDOEVBMjIwHhcNMjYwNTI3MDI1MDExWhcNMjYwNjAzMDI1MDExWjAYMRYwFAYD
VQQDEw02YTE2NWJlMy1kMGZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv5d6z3XZPM47NuezuecqudEGTcpPp4/eaPqRQGaQZNeiqA/ty2HFDXlNZZZQ
4xDot4qZWDJTrbww6Ep5lydh9tVHc3nGlq750ajcuow8yTlrzJoo8I4c69HEQld0
xNe/5J5fHpuO7ERuFYxJrFaaYpM/fuA2LTcqrEyjIv97V/yUt8eFBbwPxOdPZNF3
LB9Ox2xWvfxEiZw7EMmuQoWXupBaxsBiqP4syoiV/tsmudjl/hYIjX8UoKysjNiD
1nOVKfSi2foX5iAVHARiH1s9uBG7VaBuYiAvJkUr74woRkdu3SHUMsUsy7+XQWgO
XCq6/DlMX6nwqcpGvRluhAeOZQIDAQABo4ICTzCCAkswHQYDVR0OBBYEFJwGiwDO
NeIsa2zuZxukIhb6/EnEMB8GA1UdIwQYMBaAFDSPm5uSpyzP0288cPNWdXM8yOoi
MA4GA1UdDwEB/wQEAwIHgDBzBgNVHR8EbDBqMGigZqBkhmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjQxRkU2MTAxRDY2MTFFMkE2MkY4NzdDNzJG
RDFGRjIvTkktYm01S25MTV9UYnp4dzgxWjFjenpJNmlJLmNybDB+BggrBgEFBQcB
AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np
dG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9OSS1ibTVLbkxN
X1Rienh3ODFaMWN6ekk2aUkuY2VyMEoGA1UdIAEB/wRAMD4wPAYIKwYBBQUHDgIw
MDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMubmV0L1JQS0kvQ1BTLnBk
ZjB+BggrBgEFBQcBCwRyMHAwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5hcG5p
Yy5uZXQvcmVwb3NpdG9yeS9CNDFGRTYxMDFENjYxMUUyQTYyRjg3N0M3MkZEMUZG
Mi9OSS1ibTVLbkxNX1Rienh3ODFaMWN6ekk2aUkubWZ0MBUGCCsGAQUFBwEIAQH/
BAYwBKACBQAwIQYIKwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkq
hkiG9w0BAQsFAAOCAQEAMROntVryoy4Cesarr6VfXxR0jyMEahooV5kNIi9Ob06H
h4218uxd8CqPLFLnF/vl93G6LnNb/w13JAI1fzzSx8isZ11SoXELMypQKrKZIltC
uLtgpcUEzHoKuoEEkoTC43OKSa3fjcVRmECfFaC+ukeUQe3P0zSKqbKdfopWGTPS
t1PgBx4yBlRgOhdfC341j3iZVHcMwMdK60zgGJrDAuxuAPYu3Fc5CqOkp4LhxAs8
NvmMnjbVnLtIRTSQS5fwZq5qQ12ZvgZFB5aKd0Xi7Qwm1xBbht/3CMVNBhHTjYIp
a6g0KeXBiWJHtG4w+rp8TSYj6rRhBRsWLzr30vT4CA==
-----END CERTIFICATE-----
Generated at Wed May 27 07:18:09 2026 by rpki-client