
$ rpki-client -vvf rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
File: NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft (raw, json)
Hash identifier: AhWmCPgNzNtq2hda/d5KRUrI8KTW4Ll0wHnFWEmiveg=
Subject key identifier: 44:4C:D0:AE:0F:DD:0F:79:74:00:8C:59:A1:EA:AA:E7:FF:9A:92:EE
Authority key identifier: 34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22
Certificate issuer: /CN=A90DC5BE/serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22
Certificate serial: 4C11
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
Subject info access: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
Manifest number: 4B4C
Signing time: Tue 14 Jul 2026 02:50:11 +0000
Manifest this update: Tue 14 Jul 2026 02:50:11 +0000
Manifest next update: Tue 21 Jul 2026 02:50:11 +0000
Files and hashes: 1: NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl (hash: LKWxSee2z5Ie2dHGuIX+tq2YlggJ34n/ogotda+C1G4=)
2: yNpkCWcTSBB928ixg_VavykxJVY.cer (hash: 7LlC/Thv3K3ldgRtVocDRf7FXSGXuQd9aYtJXeGWXow=)
3: 7sFGJFcUG4P9PfwliWp2Aj3oRzk.cer (hash: vKRegTYpP6Q4sKTEn3qYiflxyO8Q+1eOJ1tvz7oQ69o=)
4: NaP2H8Xf8ZLB2Qx0q4LHol1-Ftg.cer (hash: IkSuUU7ZWS/JW8FM1z4r+u5UkK4TPFlbZKL6zIaBvUw=)
5: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer (hash: Tj0DMc17GIlsrNOPo2Vrd8QYbq2oFDge8erwmAtJhmI=)
6: OQnM9p1_GhfcoBh4-uBuw5s447w.cer (hash: dheRiRgVpRQ/DT7YDIA6NP8Jb2BhQkOd97ylQTa/NVI=)
7: Erbl4Y99wQAc4IrxPdBNc8YOm5w.cer (hash: +S+jLZmqvsxjRO9HUtO3lUkaQPoZYi1woNnTGp4+JPA=)
8: hH8uEuq1BqUBCZRCB7HXAmZ38Js.cer (hash: GZKUTMvEU2v6QtpY7LVbQt7xtQeoTFLXXWOJzks3wco=)
9: yMD7hwR0w-hMq4NZfEaoYsR_iII.cer (hash: gk69FcDJVfnMVDAPpkly9FYmRvv1My0o9FTRcFxsV+4=)
10: gf1WPMaGXeAtpqg_KgHxFhEdD_o.cer (hash: l5cZo0NCnOAN61PmPRwxJ+3G1YfnO8hR1ET4LiGF0Gg=)
11: GHL5iLZXI3g3mSN-VU28xuSdFLA.cer (hash: m47+BAuEPyhZwLckC0gdvrJPZh1uimGWoBLYXZjyP3s=)
12: Tidv6UgTpdcIr4ZtYdYhNA_AUbI.cer (hash: D+f82NqHOXX+gsbqchoR8C6o8P1bkW7IXideKsJzx+U=)
13: CVjwl8rkKX3ycoLkGD468UJMj34.cer (hash: Rcb9yIZz7YIKD8PtnrnxPR64gvvH07YAhXdMB3XP/OA=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl
rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 21 Jul 2026 02:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19473 (0x4c11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22
Validity
Not Before: Jul 14 02:50:11 2026 GMT
Not After : Jul 21 02:50:11 2026 GMT
Subject: CN=6a55a3e3-a17d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:cc:9f:e5:91:86:84:fa:dd:3c:50:d9:16:8f:
0a:30:db:39:85:7a:a5:69:f2:82:5a:6c:8b:66:12:
f0:58:f6:67:47:7b:42:c2:bf:5a:39:f4:33:5e:ce:
2c:aa:dc:26:6f:a5:64:1b:6e:61:97:a7:60:b2:a1:
91:5e:cb:e9:36:35:e2:50:59:64:74:43:53:6c:e0:
0e:aa:ca:28:2f:94:a2:4e:6a:ed:85:73:64:1c:a9:
5b:5a:1c:da:77:4f:f9:e8:bd:56:eb:eb:33:49:71:
4d:7a:e3:3e:dc:9f:59:45:ad:7c:29:66:90:1b:fa:
56:86:61:f8:73:56:3f:a8:ed:6c:ff:c9:47:f0:28:
77:4b:43:b7:c9:bd:1a:84:01:c4:aa:7b:27:f3:6a:
9b:4c:c0:d3:d8:b7:36:d7:27:c2:c6:e5:81:4d:f4:
29:38:39:e4:bb:79:d3:87:b8:24:10:d8:65:d2:30:
5c:97:85:93:55:2e:b7:3d:16:59:cc:a9:50:1c:32:
67:b0:29:fb:af:9f:86:2e:32:7e:13:f0:87:dd:7b:
72:28:be:78:52:33:a4:55:90:af:e5:37:2e:e6:28:
cd:dc:c1:08:cd:32:af:12:73:b5:4f:3c:8c:44:58:
dc:05:fd:42:a8:b0:a3:ff:0f:d9:78:66:81:14:62:
f3:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:4C:D0:AE:0F:DD:0F:79:74:00:8C:59:A1:EA:AA:E7:FF:9A:92:EE
X509v3 Authority Key Identifier:
keyid:34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
70:c9:96:89:d3:a0:02:7c:44:6d:cf:c1:0d:df:d6:0f:87:73:
a7:19:e2:68:2e:19:c4:7b:88:68:6e:31:0a:fe:ea:f7:ef:b8:
0a:ac:2f:66:b3:02:92:54:0f:34:d8:8e:af:47:49:c1:ea:84:
8e:48:ea:1f:89:da:53:5f:78:73:d8:32:ef:bc:52:77:2f:82:
50:ab:cb:71:86:51:8b:e5:6f:d9:dc:89:6f:62:94:55:de:32:
37:91:34:7d:01:00:4c:20:1a:64:e2:37:6b:cd:39:06:05:59:
c7:df:6e:7d:f8:2a:fd:9b:3d:1b:78:46:1c:ce:da:7b:da:19:
f5:e7:30:8e:8d:84:75:0b:e3:a5:c6:85:89:3b:76:9a:01:46:
5f:6a:ca:9f:87:20:50:a9:3e:dd:54:42:2c:76:4c:78:75:f2:
43:79:25:a4:bc:3c:45:5b:e8:e1:ce:da:4a:eb:74:24:08:fa:
56:4e:f6:77:36:59:ab:f7:f4:31:ff:2e:0e:a7:e7:e2:8f:1a:
17:2c:01:ae:25:3b:81:c7:c1:e0:4a:95:6c:cb:fb:2f:cd:69:
f1:27:8c:cb:63:97:84:99:41:40:ee:99:c4:70:71:5f:77:23:
f2:27:ce:bb:a7:2e:56:3b:ef:f5:fa:14:67:55:52:db:a7:ef:
48:4d:f7:b7
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgICTBEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDM0OEY5QjlCOTJBNzJDQ0ZEMzZGM0M3MEYzNTY3NTcz
M0NDOEVBMjIwHhcNMjYwNzE0MDI1MDExWhcNMjYwNzIxMDI1MDExWjAYMRYwFAYD
VQQDEw02YTU1YTNlMy1hMTdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtMyf5ZGGhPrdPFDZFo8KMNs5hXqlafKCWmyLZhLwWPZnR3tCwr9aOfQzXs4s
qtwmb6VkG25hl6dgsqGRXsvpNjXiUFlkdENTbOAOqsooL5SiTmrthXNkHKlbWhza
d0/56L1W6+szSXFNeuM+3J9ZRa18KWaQG/pWhmH4c1Y/qO1s/8lH8Ch3S0O3yb0a
hAHEqnsn82qbTMDT2Lc21yfCxuWBTfQpODnku3nTh7gkENhl0jBcl4WTVS63PRZZ
zKlQHDJnsCn7r5+GLjJ+E/CH3XtyKL54UjOkVZCv5Tcu5ijN3MEIzTKvEnO1TzyM
RFjcBf1CqLCj/w/ZeGaBFGLzhQIDAQABo4ICTzCCAkswHQYDVR0OBBYEFERM0K4P
3Q95dACMWaHqquf/mpLuMB8GA1UdIwQYMBaAFDSPm5uSpyzP0288cPNWdXM8yOoi
MA4GA1UdDwEB/wQEAwIHgDBzBgNVHR8EbDBqMGigZqBkhmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjQxRkU2MTAxRDY2MTFFMkE2MkY4NzdDNzJG
RDFGRjIvTkktYm01S25MTV9UYnp4dzgxWjFjenpJNmlJLmNybDB+BggrBgEFBQcB
AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np
dG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9OSS1ibTVLbkxN
X1Rienh3ODFaMWN6ekk2aUkuY2VyMEoGA1UdIAEB/wRAMD4wPAYIKwYBBQUHDgIw
MDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMubmV0L1JQS0kvQ1BTLnBk
ZjB+BggrBgEFBQcBCwRyMHAwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5hcG5p
Yy5uZXQvcmVwb3NpdG9yeS9CNDFGRTYxMDFENjYxMUUyQTYyRjg3N0M3MkZEMUZG
Mi9OSS1ibTVLbkxNX1Rienh3ODFaMWN6ekk2aUkubWZ0MBUGCCsGAQUFBwEIAQH/
BAYwBKACBQAwIQYIKwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkq
hkiG9w0BAQsFAAOCAQEAcMmWidOgAnxEbc/BDd/WD4dzpxniaC4ZxHuIaG4xCv7q
9++4CqwvZrMCklQPNNiOr0dJweqEjkjqH4naU194c9gy77xSdy+CUKvLcYZRi+Vv
2dyJb2KUVd4yN5E0fQEATCAaZOI3a805BgVZx99uffgq/Zs9G3hGHM7ae9oZ9ecw
jo2EdQvjpcaFiTt2mgFGX2rKn4cgUKk+3VRCLHZMeHXyQ3klpLw8RVvo4c7aSut0
JAj6Vk72dzZZq/f0Mf8uDqfn4o8aFywBriU7gcfB4EqVbMv7L81p8SeMy2OXhJlB
QO6ZxHBxX3cj8ifOu6cuVjvv9foUZ1VS26fvSE33tw==
-----END CERTIFICATE-----
Generated at Tue Jul 14 07:41:38 2026 by rpki-client