
$ rpki-client -vvf rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
File: NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft (raw, json)
Hash identifier: 6RWkUGL8DRqbFvpIE73kbZGdl0WkhXHHf3nu+5AL6aM=
Subject key identifier: 35:DB:A9:C9:28:45:C9:C1:F7:0B:00:5F:B3:B9:E7:82:F8:BA:1A:92
Authority key identifier: 34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22
Certificate issuer: /CN=A90DC5BE/serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22
Certificate serial: 4B05
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
Subject info access: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
Manifest number: 4A4A
Signing time: Fri 24 Apr 2026 02:50:11 +0000
Manifest this update: Fri 24 Apr 2026 02:50:10 +0000
Manifest next update: Fri 01 May 2026 02:50:10 +0000
Files and hashes: 1: NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl (hash: fEbAw3WQ+jwBUQfwXwSFvX4hKwVNXTKEaoBFTpdFE3w=)
2: CVjwl8rkKX3ycoLkGD468UJMj34.cer (hash: Rcb9yIZz7YIKD8PtnrnxPR64gvvH07YAhXdMB3XP/OA=)
3: Erbl4Y99wQAc4IrxPdBNc8YOm5w.cer (hash: +S+jLZmqvsxjRO9HUtO3lUkaQPoZYi1woNnTGp4+JPA=)
4: GHL5iLZXI3g3mSN-VU28xuSdFLA.cer (hash: BH/FRxhYgE+v5+WE2GNEUCiZazOjIIn0k6v2ud3DD3s=)
5: yNpkCWcTSBB928ixg_VavykxJVY.cer (hash: gihqpRCjg2rI9ASnRe9SEx4bmJeI8d1jCVD9TrUB2P0=)
6: Tidv6UgTpdcIr4ZtYdYhNA_AUbI.cer (hash: a08n2HW5nibBBiTwza8V+WtqK6Yxby9U6HH3/Nqtoa4=)
7: NaP2H8Xf8ZLB2Qx0q4LHol1-Ftg.cer (hash: ZF1RlRehUcyZpIoR/bVaAFymoj2e9ILKyQaE+joIDZE=)
8: gf1WPMaGXeAtpqg_KgHxFhEdD_o.cer (hash: l5cZo0NCnOAN61PmPRwxJ+3G1YfnO8hR1ET4LiGF0Gg=)
9: 7sFGJFcUG4P9PfwliWp2Aj3oRzk.cer (hash: esFXDH7ynBztsLYpp3vRpQNNhw8U+R5jMyP12TntS0I=)
10: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer (hash: Tj0DMc17GIlsrNOPo2Vrd8QYbq2oFDge8erwmAtJhmI=)
11: hH8uEuq1BqUBCZRCB7HXAmZ38Js.cer (hash: GZKUTMvEU2v6QtpY7LVbQt7xtQeoTFLXXWOJzks3wco=)
12: yMD7hwR0w-hMq4NZfEaoYsR_iII.cer (hash: 9PPfP/K0Uf+S7J39zhXXnRpHgv6uH4LNhJd4TezIBSI=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl
rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 01 May 2026 02:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19205 (0x4b05)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22
Validity
Not Before: Apr 24 02:50:10 2026 GMT
Not After : May 1 02:50:10 2026 GMT
Subject: CN=69eada63-696c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:07:62:5e:f6:7a:10:ac:57:04:9a:de:f0:73:
e3:d2:9d:b5:fd:f4:bf:3f:3b:d3:30:32:d7:da:3d:
f4:ae:15:f7:0a:d3:df:67:d5:c6:99:49:a2:3a:94:
a1:dd:44:95:da:04:49:1c:c9:f9:c4:69:9f:35:75:
5a:27:d3:4d:34:b8:07:86:94:a3:38:03:56:94:aa:
dc:7d:3c:c9:96:cf:93:bd:e3:52:77:94:f6:df:68:
00:42:b9:64:5e:59:e8:fe:90:27:5d:88:c2:e2:04:
45:8a:30:0d:41:92:49:24:dd:2f:b1:66:4a:20:45:
f6:d2:89:57:8b:67:47:ed:2b:63:42:61:a2:03:2b:
a7:72:51:6f:4a:99:15:cd:8d:8d:a4:30:36:ae:ea:
0c:cf:76:2e:f4:d5:4f:f8:f2:4a:c2:5a:11:49:0a:
55:f0:9f:7e:7a:09:46:07:7e:1f:52:f8:57:2c:2e:
4f:4d:2f:8a:6d:62:99:a3:0c:88:47:9a:eb:66:e6:
4e:12:10:19:50:eb:59:3b:9d:b7:fe:1a:44:7b:8c:
c0:83:a8:e0:1a:02:8e:d0:52:f7:b3:37:de:92:b2:
5d:ef:f6:0b:bf:8e:5e:c2:d0:4b:8a:74:89:42:74:
e9:f8:6e:ea:90:ed:e3:21:64:08:8d:fb:fe:c2:99:
6d:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:DB:A9:C9:28:45:C9:C1:F7:0B:00:5F:B3:B9:E7:82:F8:BA:1A:92
X509v3 Authority Key Identifier:
keyid:34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
06:63:29:b4:81:47:1e:63:36:71:e8:6d:fd:8e:61:ac:1f:9e:
08:d4:56:7c:e4:74:e0:bb:17:e8:80:61:28:5d:67:4d:3a:a7:
33:a6:6e:87:5a:d1:78:96:b9:d6:80:3b:5a:41:30:9f:d6:ce:
23:61:f1:92:0f:4c:f0:a4:a0:ce:77:19:d1:e0:5c:92:64:5f:
d3:fa:4d:a2:8b:fc:bc:a0:6e:b9:e9:85:b0:2f:79:52:5b:a0:
5a:06:1b:b1:52:ea:3e:47:c7:45:b9:0d:f1:5f:e2:e5:2f:c3:
b0:a0:f5:c9:38:9a:2a:6b:03:06:fc:1f:a6:46:e0:3f:45:0b:
cf:4a:c1:07:4e:19:77:2e:4b:98:24:6f:fc:38:d4:08:41:95:
50:e0:2c:df:8b:72:d6:be:6f:14:fc:55:7d:ab:90:cf:6a:87:
e7:08:ab:37:6d:3f:63:4d:db:7d:7d:29:a4:57:50:1f:3e:11:
22:5b:17:24:e1:eb:27:83:fc:5e:a1:6c:db:48:ba:95:e4:7d:
13:4f:d2:85:0e:e2:08:bc:2f:fc:d4:81:e3:5c:08:bd:09:61:
b7:f7:73:8e:8a:3e:d5:f1:a5:61:67:32:7a:59:a1:d9:7f:0e:
c6:b7:f2:5d:36:33:d8:f8:5e:6e:17:9c:b5:5c:0e:fe:39:6d:
4e:21:42:13
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgICSwUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDM0OEY5QjlCOTJBNzJDQ0ZEMzZGM0M3MEYzNTY3NTcz
M0NDOEVBMjIwHhcNMjYwNDI0MDI1MDEwWhcNMjYwNTAxMDI1MDEwWjAYMRYwFAYD
VQQDEw02OWVhZGE2My02OTZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtAdiXvZ6EKxXBJre8HPj0p21/fS/PzvTMDLX2j30rhX3CtPfZ9XGmUmiOpSh
3USV2gRJHMn5xGmfNXVaJ9NNNLgHhpSjOANWlKrcfTzJls+TveNSd5T232gAQrlk
Xlno/pAnXYjC4gRFijANQZJJJN0vsWZKIEX20olXi2dH7StjQmGiAyunclFvSpkV
zY2NpDA2ruoMz3Yu9NVP+PJKwloRSQpV8J9+eglGB34fUvhXLC5PTS+KbWKZowyI
R5rrZuZOEhAZUOtZO523/hpEe4zAg6jgGgKO0FL3szfekrJd7/YLv45ewtBLinSJ
QnTp+G7qkO3jIWQIjfv+wpltkwIDAQABo4ICTzCCAkswHQYDVR0OBBYEFDXbqcko
RcnB9wsAX7O554L4uhqSMB8GA1UdIwQYMBaAFDSPm5uSpyzP0288cPNWdXM8yOoi
MA4GA1UdDwEB/wQEAwIHgDBzBgNVHR8EbDBqMGigZqBkhmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjQxRkU2MTAxRDY2MTFFMkE2MkY4NzdDNzJG
RDFGRjIvTkktYm01S25MTV9UYnp4dzgxWjFjenpJNmlJLmNybDB+BggrBgEFBQcB
AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np
dG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9OSS1ibTVLbkxN
X1Rienh3ODFaMWN6ekk2aUkuY2VyMEoGA1UdIAEB/wRAMD4wPAYIKwYBBQUHDgIw
MDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMubmV0L1JQS0kvQ1BTLnBk
ZjB+BggrBgEFBQcBCwRyMHAwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5hcG5p
Yy5uZXQvcmVwb3NpdG9yeS9CNDFGRTYxMDFENjYxMUUyQTYyRjg3N0M3MkZEMUZG
Mi9OSS1ibTVLbkxNX1Rienh3ODFaMWN6ekk2aUkubWZ0MBUGCCsGAQUFBwEIAQH/
BAYwBKACBQAwIQYIKwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkq
hkiG9w0BAQsFAAOCAQEABmMptIFHHmM2ceht/Y5hrB+eCNRWfOR04LsX6IBhKF1n
TTqnM6Zuh1rReJa51oA7WkEwn9bOI2Hxkg9M8KSgzncZ0eBckmRf0/pNoov8vKBu
uemFsC95UlugWgYbsVLqPkfHRbkN8V/i5S/DsKD1yTiaKmsDBvwfpkbgP0ULz0rB
B04Zdy5LmCRv/DjUCEGVUOAs34ty1r5vFPxVfauQz2qH5wirN20/Y03bfX0ppFdQ
Hz4RIlsXJOHrJ4P8XqFs20i6leR9E0/ShQ7iCLwv/NSB41wIvQlht/dzjoo+1fGl
YWcyelmh2X8OxrfyXTYz2PhebhectVwO/jltTiFCEw==
-----END CERTIFICATE-----
Generated at Fri Apr 24 16:44:25 2026 by rpki-client