
$ rpki-client -vvf rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
File: NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft (raw, json)
Hash identifier: CXZ3sFps9DUr8Hi0TvBjUs1oWSrh9+msfnHeeCPh7M4=
Subject key identifier: 12:1D:DE:1C:60:74:72:A5:A1:3C:24:60:22:0C:7D:04:BE:45:5D:C2
Authority key identifier: 34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22
Certificate issuer: /CN=A90DC5BE/serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22
Certificate serial: 4BFC
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
Subject info access: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
Manifest number: 4B37
Signing time: Tue 07 Jul 2026 14:50:12 +0000
Manifest this update: Tue 07 Jul 2026 14:50:12 +0000
Manifest next update: Tue 14 Jul 2026 14:50:12 +0000
Files and hashes: 1: NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl (hash: UXlAg+pirMFuSbBqpF8Gd9DXa6g1RockyowsS8q2aVw=)
2: 7sFGJFcUG4P9PfwliWp2Aj3oRzk.cer (hash: vKRegTYpP6Q4sKTEn3qYiflxyO8Q+1eOJ1tvz7oQ69o=)
3: yNpkCWcTSBB928ixg_VavykxJVY.cer (hash: 7LlC/Thv3K3ldgRtVocDRf7FXSGXuQd9aYtJXeGWXow=)
4: gf1WPMaGXeAtpqg_KgHxFhEdD_o.cer (hash: l5cZo0NCnOAN61PmPRwxJ+3G1YfnO8hR1ET4LiGF0Gg=)
5: NaP2H8Xf8ZLB2Qx0q4LHol1-Ftg.cer (hash: IkSuUU7ZWS/JW8FM1z4r+u5UkK4TPFlbZKL6zIaBvUw=)
6: GHL5iLZXI3g3mSN-VU28xuSdFLA.cer (hash: m47+BAuEPyhZwLckC0gdvrJPZh1uimGWoBLYXZjyP3s=)
7: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer (hash: Tj0DMc17GIlsrNOPo2Vrd8QYbq2oFDge8erwmAtJhmI=)
8: Tidv6UgTpdcIr4ZtYdYhNA_AUbI.cer (hash: D+f82NqHOXX+gsbqchoR8C6o8P1bkW7IXideKsJzx+U=)
9: CVjwl8rkKX3ycoLkGD468UJMj34.cer (hash: Rcb9yIZz7YIKD8PtnrnxPR64gvvH07YAhXdMB3XP/OA=)
10: yMD7hwR0w-hMq4NZfEaoYsR_iII.cer (hash: gk69FcDJVfnMVDAPpkly9FYmRvv1My0o9FTRcFxsV+4=)
11: OQnM9p1_GhfcoBh4-uBuw5s447w.cer (hash: dheRiRgVpRQ/DT7YDIA6NP8Jb2BhQkOd97ylQTa/NVI=)
12: Erbl4Y99wQAc4IrxPdBNc8YOm5w.cer (hash: +S+jLZmqvsxjRO9HUtO3lUkaQPoZYi1woNnTGp4+JPA=)
13: hH8uEuq1BqUBCZRCB7HXAmZ38Js.cer (hash: GZKUTMvEU2v6QtpY7LVbQt7xtQeoTFLXXWOJzks3wco=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl
rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 14 Jul 2026 14:50:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19452 (0x4bfc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22
Validity
Not Before: Jul 7 14:50:12 2026 GMT
Not After : Jul 14 14:50:12 2026 GMT
Subject: CN=6a4d1224-3b18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:16:9b:6a:5f:1e:46:24:29:60:e6:60:79:76:
72:4f:d3:0d:a1:05:0b:4b:e0:f6:10:8a:43:bf:33:
9a:f8:a1:9f:95:69:94:4f:e2:5e:5c:68:21:c5:c6:
51:d8:75:b7:9c:15:8c:23:bb:79:0c:43:71:7e:8a:
d9:e3:15:01:dd:e7:b6:23:f1:7b:3c:fb:db:2c:24:
9e:0e:44:0c:45:12:34:7a:61:4a:47:be:80:4d:97:
5c:f5:10:dd:d8:8b:e3:84:91:3b:5a:3f:7e:b5:dc:
ad:b4:48:50:eb:29:29:ac:36:cf:28:04:d2:83:49:
b4:c9:db:b4:c8:fc:20:e4:6f:68:b1:cb:6a:f5:2f:
17:a9:d5:fa:92:3f:62:84:48:97:38:bb:20:6b:b0:
60:8f:31:62:75:ce:65:4c:e1:30:c3:8d:f4:71:bf:
e6:fd:ec:f1:e1:16:8c:30:18:8c:81:79:be:f1:3d:
1b:f6:82:73:94:ac:c0:7c:06:99:3f:0c:0f:d0:7d:
24:fc:8f:00:74:22:aa:c8:d1:ab:82:65:7d:64:23:
af:f9:90:52:dc:ce:53:b8:1a:db:50:3a:4b:67:41:
be:91:ef:d1:0e:00:8f:b2:a8:bf:94:e2:66:2a:1b:
e1:9a:d1:18:87:80:93:ca:fd:b8:8f:e6:04:4a:5d:
c7:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:1D:DE:1C:60:74:72:A5:A1:3C:24:60:22:0C:7D:04:BE:45:5D:C2
X509v3 Authority Key Identifier:
keyid:34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
4c:3a:92:5b:f5:92:6b:72:2e:ae:47:66:a7:df:c0:b7:95:51:
31:b9:c3:01:61:2a:22:b8:c3:65:16:83:6c:53:c0:2d:2e:e2:
39:45:dc:80:f5:57:bd:1b:9f:8c:03:4d:f4:f3:f2:e1:98:82:
c8:18:d7:d0:82:d6:99:ee:34:b3:49:26:eb:9a:27:c0:5c:71:
bb:c5:7c:b7:3c:0d:7e:a8:81:a6:5a:a5:93:c2:e4:29:ce:ad:
82:2e:69:c6:57:f3:86:84:d7:b5:20:a2:d2:5a:89:a8:1b:a7:
c1:d8:20:5a:77:84:22:37:82:54:c3:8d:a9:52:10:62:af:39:
39:ca:46:f4:84:f9:92:3d:97:67:eb:4e:07:c6:f0:03:9d:47:
14:80:41:f2:70:27:e6:a5:2d:10:9c:ca:22:0f:c0:54:4b:22:
53:08:cf:a7:32:df:9c:7a:ad:1c:02:a5:4b:7f:46:1b:b0:c9:
58:7e:c1:5b:24:a2:a3:bd:35:c8:4c:95:63:34:91:bc:8e:34:
e0:7b:4d:cd:cf:e6:dd:1d:80:dc:17:29:cd:19:81:e6:6c:5c:
2e:3e:a5:f8:84:23:e3:5e:27:19:f5:f7:74:32:72:26:16:0b:
cd:3f:8d:f6:02:b8:44:a3:2b:0c:25:6f:d6:b1:ab:22:b5:25:
5e:cf:ed:75
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgICS/wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDM0OEY5QjlCOTJBNzJDQ0ZEMzZGM0M3MEYzNTY3NTcz
M0NDOEVBMjIwHhcNMjYwNzA3MTQ1MDEyWhcNMjYwNzE0MTQ1MDEyWjAYMRYwFAYD
VQQDEw02YTRkMTIyNC0zYjE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtBabal8eRiQpYOZgeXZyT9MNoQULS+D2EIpDvzOa+KGflWmUT+JeXGghxcZR
2HW3nBWMI7t5DENxforZ4xUB3ee2I/F7PPvbLCSeDkQMRRI0emFKR76ATZdc9RDd
2IvjhJE7Wj9+tdyttEhQ6ykprDbPKATSg0m0ydu0yPwg5G9osctq9S8XqdX6kj9i
hEiXOLsga7BgjzFidc5lTOEww430cb/m/ezx4RaMMBiMgXm+8T0b9oJzlKzAfAaZ
PwwP0H0k/I8AdCKqyNGrgmV9ZCOv+ZBS3M5TuBrbUDpLZ0G+ke/RDgCPsqi/lOJm
KhvhmtEYh4CTyv24j+YESl3HUQIDAQABo4ICTzCCAkswHQYDVR0OBBYEFBId3hxg
dHKloTwkYCIMfQS+RV3CMB8GA1UdIwQYMBaAFDSPm5uSpyzP0288cPNWdXM8yOoi
MA4GA1UdDwEB/wQEAwIHgDBzBgNVHR8EbDBqMGigZqBkhmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjQxRkU2MTAxRDY2MTFFMkE2MkY4NzdDNzJG
RDFGRjIvTkktYm01S25MTV9UYnp4dzgxWjFjenpJNmlJLmNybDB+BggrBgEFBQcB
AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np
dG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9OSS1ibTVLbkxN
X1Rienh3ODFaMWN6ekk2aUkuY2VyMEoGA1UdIAEB/wRAMD4wPAYIKwYBBQUHDgIw
MDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMubmV0L1JQS0kvQ1BTLnBk
ZjB+BggrBgEFBQcBCwRyMHAwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5hcG5p
Yy5uZXQvcmVwb3NpdG9yeS9CNDFGRTYxMDFENjYxMUUyQTYyRjg3N0M3MkZEMUZG
Mi9OSS1ibTVLbkxNX1Rienh3ODFaMWN6ekk2aUkubWZ0MBUGCCsGAQUFBwEIAQH/
BAYwBKACBQAwIQYIKwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkq
hkiG9w0BAQsFAAOCAQEATDqSW/WSa3Iurkdmp9/At5VRMbnDAWEqIrjDZRaDbFPA
LS7iOUXcgPVXvRufjANN9PPy4ZiCyBjX0ILWme40s0km65onwFxxu8V8tzwNfqiB
plqlk8LkKc6tgi5pxlfzhoTXtSCi0lqJqBunwdggWneEIjeCVMONqVIQYq85OcpG
9IT5kj2XZ+tOB8bwA51HFIBB8nAn5qUtEJzKIg/AVEsiUwjPpzLfnHqtHAKlS39G
G7DJWH7BWySio701yEyVYzSRvI404HtNzc/m3R2A3BcpzRmB5mxcLj6l+IQj414n
GfX3dDJyJhYLzT+N9gK4RKMrDCVv1rGrIrUlXs/tdQ==
-----END CERTIFICATE-----
Generated at Wed Jul 8 03:36:52 2026 by rpki-client