
$ rpki-client -vvf rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
File: NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft (raw, json)
Hash identifier: c/U+4PrfbLCmke1SAd6clL+89NH/wHk2lEpwZQC4R9U=
Subject key identifier: B0:9C:B0:4D:67:4F:F1:49:83:89:5B:80:CE:4E:FE:81:84:5D:1A:E3
Authority key identifier: 34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22
Certificate issuer: /CN=A90DC5BE/serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22
Certificate serial: 4C1D
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
Subject info access: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
Manifest number: 4B58
Signing time: Sat 18 Jul 2026 02:50:11 +0000
Manifest this update: Sat 18 Jul 2026 02:50:11 +0000
Manifest next update: Sat 25 Jul 2026 02:50:11 +0000
Files and hashes: 1: NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl (hash: YcaMO8OUDpmz7+H1jV45XaBm4N8zRGsik8rtJIE/pMg=)
2: GHL5iLZXI3g3mSN-VU28xuSdFLA.cer (hash: m47+BAuEPyhZwLckC0gdvrJPZh1uimGWoBLYXZjyP3s=)
3: OQnM9p1_GhfcoBh4-uBuw5s447w.cer (hash: dheRiRgVpRQ/DT7YDIA6NP8Jb2BhQkOd97ylQTa/NVI=)
4: NaP2H8Xf8ZLB2Qx0q4LHol1-Ftg.cer (hash: IkSuUU7ZWS/JW8FM1z4r+u5UkK4TPFlbZKL6zIaBvUw=)
5: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer (hash: Tj0DMc17GIlsrNOPo2Vrd8QYbq2oFDge8erwmAtJhmI=)
6: yMD7hwR0w-hMq4NZfEaoYsR_iII.cer (hash: gk69FcDJVfnMVDAPpkly9FYmRvv1My0o9FTRcFxsV+4=)
7: CVjwl8rkKX3ycoLkGD468UJMj34.cer (hash: Rcb9yIZz7YIKD8PtnrnxPR64gvvH07YAhXdMB3XP/OA=)
8: gf1WPMaGXeAtpqg_KgHxFhEdD_o.cer (hash: l5cZo0NCnOAN61PmPRwxJ+3G1YfnO8hR1ET4LiGF0Gg=)
9: hH8uEuq1BqUBCZRCB7HXAmZ38Js.cer (hash: GZKUTMvEU2v6QtpY7LVbQt7xtQeoTFLXXWOJzks3wco=)
10: 7sFGJFcUG4P9PfwliWp2Aj3oRzk.cer (hash: vKRegTYpP6Q4sKTEn3qYiflxyO8Q+1eOJ1tvz7oQ69o=)
11: yNpkCWcTSBB928ixg_VavykxJVY.cer (hash: 7LlC/Thv3K3ldgRtVocDRf7FXSGXuQd9aYtJXeGWXow=)
12: Erbl4Y99wQAc4IrxPdBNc8YOm5w.cer (hash: +S+jLZmqvsxjRO9HUtO3lUkaQPoZYi1woNnTGp4+JPA=)
13: Tidv6UgTpdcIr4ZtYdYhNA_AUbI.cer (hash: D+f82NqHOXX+gsbqchoR8C6o8P1bkW7IXideKsJzx+U=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl
rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 Jul 2026 02:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19485 (0x4c1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22
Validity
Not Before: Jul 18 02:50:11 2026 GMT
Not After : Jul 25 02:50:11 2026 GMT
Subject: CN=6a5ae9e3-b287
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:d5:e9:1c:d2:2a:85:cd:08:07:3b:fd:ea:74:
37:12:56:96:32:2b:90:a5:41:3f:06:6e:3c:55:a0:
a1:fb:b5:9b:96:d9:7a:14:c1:8a:93:c9:45:bf:46:
9c:f1:89:73:a8:4d:b1:8b:48:da:13:9c:09:39:c9:
ce:07:cc:db:49:4e:b5:2b:99:a7:b1:3d:d0:66:70:
8f:3a:2b:c0:b3:fc:ac:eb:68:bf:a5:e2:99:6e:3b:
3c:2d:a3:7a:53:22:6d:d1:88:b6:da:77:d2:15:3f:
71:70:f2:1f:7b:13:ae:93:3c:df:ba:ed:ca:55:2b:
e3:30:0c:4e:ef:8f:01:f7:3f:c3:c4:fa:d3:5f:ef:
4c:a5:f9:bd:8e:be:e4:61:1d:2b:db:85:3a:0a:62:
8a:63:27:db:01:78:6c:a0:e4:ea:ae:24:68:a0:09:
4d:e7:7b:d0:12:d7:eb:5a:8a:7a:e7:e8:da:cd:f4:
0f:88:0f:23:82:89:12:1c:3d:d6:5f:19:b2:fd:d3:
95:dc:35:0d:0f:33:16:7b:ea:c7:35:02:c3:ad:40:
a2:57:30:8b:fa:96:83:f8:9f:13:0d:b5:1d:b7:80:
86:a5:a2:ba:bd:5d:52:60:9b:f7:82:4a:1c:00:2b:
47:dd:a0:fb:b1:e7:04:ad:17:0b:19:16:fb:be:ee:
62:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:9C:B0:4D:67:4F:F1:49:83:89:5B:80:CE:4E:FE:81:84:5D:1A:E3
X509v3 Authority Key Identifier:
keyid:34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
1e:11:51:e8:66:50:2e:f3:3c:a7:ec:c4:60:14:0a:f8:4f:95:
16:e0:68:5c:06:c8:21:3d:96:0e:71:23:27:e2:cc:6f:72:a8:
15:74:c2:d7:f1:d6:1e:37:ba:bb:18:dd:4f:a4:3d:36:d0:65:
41:f1:c2:ad:fe:9a:4a:fb:96:1d:f1:9a:7f:5b:96:4a:57:b5:
f5:75:70:93:a0:4c:dc:0c:0c:5a:2c:a7:a6:71:f6:05:5a:86:
35:cf:35:a3:8b:20:37:79:ca:24:cd:75:a1:8e:fd:a5:ca:7a:
da:1a:69:e0:30:56:64:3a:c4:57:36:92:1c:df:9d:d6:a1:ae:
1a:c8:4b:f4:cb:8c:26:74:5a:1f:fa:ba:da:18:d4:1a:3e:ba:
c9:c8:33:3b:94:59:f0:79:38:5d:12:dd:54:b1:d4:eb:74:ca:
02:1f:13:a2:f4:5f:8a:f2:1e:1d:ca:eb:34:a7:f7:ab:7f:00:
a5:29:64:7f:c5:58:7e:9c:b9:ab:dc:66:af:05:80:16:ec:0d:
ce:f5:c9:c5:65:86:3c:8e:43:39:38:be:98:4a:ac:11:fc:6d:
2e:b7:57:d6:ac:c1:97:98:52:41:34:52:d3:7f:5a:71:ff:89:
76:3e:37:6b:00:9a:fe:37:54:3d:f1:87:56:1a:de:4f:c1:27:
42:ef:b6:5b
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgICTB0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDM0OEY5QjlCOTJBNzJDQ0ZEMzZGM0M3MEYzNTY3NTcz
M0NDOEVBMjIwHhcNMjYwNzE4MDI1MDExWhcNMjYwNzI1MDI1MDExWjAYMRYwFAYD
VQQDEw02YTVhZTllMy1iMjg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2dXpHNIqhc0IBzv96nQ3ElaWMiuQpUE/Bm48VaCh+7Wbltl6FMGKk8lFv0ac
8YlzqE2xi0jaE5wJOcnOB8zbSU61K5mnsT3QZnCPOivAs/ys62i/peKZbjs8LaN6
UyJt0Yi22nfSFT9xcPIfexOukzzfuu3KVSvjMAxO748B9z/DxPrTX+9Mpfm9jr7k
YR0r24U6CmKKYyfbAXhsoOTqriRooAlN53vQEtfrWop65+jazfQPiA8jgokSHD3W
Xxmy/dOV3DUNDzMWe+rHNQLDrUCiVzCL+paD+J8TDbUdt4CGpaK6vV1SYJv3gkoc
ACtH3aD7secErRcLGRb7vu5ijwIDAQABo4ICTzCCAkswHQYDVR0OBBYEFLCcsE1n
T/FJg4lbgM5O/oGEXRrjMB8GA1UdIwQYMBaAFDSPm5uSpyzP0288cPNWdXM8yOoi
MA4GA1UdDwEB/wQEAwIHgDBzBgNVHR8EbDBqMGigZqBkhmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjQxRkU2MTAxRDY2MTFFMkE2MkY4NzdDNzJG
RDFGRjIvTkktYm01S25MTV9UYnp4dzgxWjFjenpJNmlJLmNybDB+BggrBgEFBQcB
AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np
dG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9OSS1ibTVLbkxN
X1Rienh3ODFaMWN6ekk2aUkuY2VyMEoGA1UdIAEB/wRAMD4wPAYIKwYBBQUHDgIw
MDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMubmV0L1JQS0kvQ1BTLnBk
ZjB+BggrBgEFBQcBCwRyMHAwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5hcG5p
Yy5uZXQvcmVwb3NpdG9yeS9CNDFGRTYxMDFENjYxMUUyQTYyRjg3N0M3MkZEMUZG
Mi9OSS1ibTVLbkxNX1Rienh3ODFaMWN6ekk2aUkubWZ0MBUGCCsGAQUFBwEIAQH/
BAYwBKACBQAwIQYIKwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkq
hkiG9w0BAQsFAAOCAQEAHhFR6GZQLvM8p+zEYBQK+E+VFuBoXAbIIT2WDnEjJ+LM
b3KoFXTC1/HWHje6uxjdT6Q9NtBlQfHCrf6aSvuWHfGaf1uWSle19XVwk6BM3AwM
WiynpnH2BVqGNc81o4sgN3nKJM11oY79pcp62hpp4DBWZDrEVzaSHN+d1qGuGshL
9MuMJnRaH/q62hjUGj66ycgzO5RZ8Hk4XRLdVLHU63TKAh8TovRfivIeHcrrNKf3
q38ApSlkf8VYfpy5q9xmrwWAFuwNzvXJxWWGPI5DOTi+mEqsEfxtLrdX1qzBl5hS
QTRS039acf+Jdj43awCa/jdUPfGHVhreT8EnQu+2Ww==
-----END CERTIFICATE-----
Generated at Sat Jul 18 11:17:01 2026 by rpki-client