
$ rpki-client -vvf rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
File: NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft (raw, json)
Hash identifier: wbQ4c9N1JfFSGUsEJv30POj1qp8DtwIcE8YSQWitZEY=
Subject key identifier: 98:BD:ED:5F:39:54:E6:7E:6A:10:AF:6E:30:97:22:18:13:43:49:3B
Authority key identifier: 34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22
Certificate issuer: /CN=A90DC5BE/serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22
Certificate serial: 4C00
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
Subject info access: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
Manifest number: 4B3B
Signing time: Thu 09 Jul 2026 02:50:13 +0000
Manifest this update: Thu 09 Jul 2026 02:50:13 +0000
Manifest next update: Thu 16 Jul 2026 02:50:13 +0000
Files and hashes: 1: NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl (hash: jFrzB/W2v91E98Ry0CrxnIMWarMHnAAaAP1Pb0gMoOQ=)
2: GHL5iLZXI3g3mSN-VU28xuSdFLA.cer (hash: m47+BAuEPyhZwLckC0gdvrJPZh1uimGWoBLYXZjyP3s=)
3: CVjwl8rkKX3ycoLkGD468UJMj34.cer (hash: Rcb9yIZz7YIKD8PtnrnxPR64gvvH07YAhXdMB3XP/OA=)
4: 7sFGJFcUG4P9PfwliWp2Aj3oRzk.cer (hash: vKRegTYpP6Q4sKTEn3qYiflxyO8Q+1eOJ1tvz7oQ69o=)
5: gf1WPMaGXeAtpqg_KgHxFhEdD_o.cer (hash: l5cZo0NCnOAN61PmPRwxJ+3G1YfnO8hR1ET4LiGF0Gg=)
6: Erbl4Y99wQAc4IrxPdBNc8YOm5w.cer (hash: +S+jLZmqvsxjRO9HUtO3lUkaQPoZYi1woNnTGp4+JPA=)
7: OQnM9p1_GhfcoBh4-uBuw5s447w.cer (hash: dheRiRgVpRQ/DT7YDIA6NP8Jb2BhQkOd97ylQTa/NVI=)
8: Tidv6UgTpdcIr4ZtYdYhNA_AUbI.cer (hash: D+f82NqHOXX+gsbqchoR8C6o8P1bkW7IXideKsJzx+U=)
9: hH8uEuq1BqUBCZRCB7HXAmZ38Js.cer (hash: GZKUTMvEU2v6QtpY7LVbQt7xtQeoTFLXXWOJzks3wco=)
10: yMD7hwR0w-hMq4NZfEaoYsR_iII.cer (hash: gk69FcDJVfnMVDAPpkly9FYmRvv1My0o9FTRcFxsV+4=)
11: NaP2H8Xf8ZLB2Qx0q4LHol1-Ftg.cer (hash: IkSuUU7ZWS/JW8FM1z4r+u5UkK4TPFlbZKL6zIaBvUw=)
12: yNpkCWcTSBB928ixg_VavykxJVY.cer (hash: 7LlC/Thv3K3ldgRtVocDRf7FXSGXuQd9aYtJXeGWXow=)
13: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer (hash: Tj0DMc17GIlsrNOPo2Vrd8QYbq2oFDge8erwmAtJhmI=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl
rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 16 Jul 2026 02:50:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19456 (0x4c00)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22
Validity
Not Before: Jul 9 02:50:13 2026 GMT
Not After : Jul 16 02:50:13 2026 GMT
Subject: CN=6a4f0c65-8633
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:5b:dd:4c:6b:20:c6:45:d7:65:fd:0e:c4:b5:
4d:e7:08:8f:8d:3e:a7:79:7e:05:ae:ad:54:ce:3e:
08:ad:46:1e:19:73:1c:37:32:59:b2:a2:42:e4:30:
41:aa:ed:08:fd:b5:e4:1c:2e:4b:fa:59:5c:92:27:
db:be:44:8f:a3:ec:0e:63:80:a7:51:2a:30:dc:d0:
44:02:de:dd:35:a6:e3:53:25:7f:f0:ae:42:76:f9:
e2:14:a6:fd:68:1f:76:01:cd:72:b9:42:8d:e1:60:
f7:40:40:a8:14:69:ee:20:8a:b3:53:e8:ca:3e:97:
b7:9a:9a:54:43:ab:9b:82:9e:44:ac:4c:2a:14:cc:
0d:ec:11:ba:07:2d:44:7b:50:d1:84:9f:01:bc:10:
6c:c6:9d:7b:96:1c:d0:ed:6e:52:2d:c5:62:92:40:
81:ed:57:5f:77:84:b0:fc:59:2a:9e:90:f3:ad:29:
ea:18:82:e1:24:da:bb:53:46:e0:14:38:1f:75:1d:
71:03:fe:a6:60:89:dc:df:f2:76:0c:61:bb:d0:7a:
b9:c2:f9:02:35:f2:83:0e:77:c7:e0:0a:7b:e7:76:
2e:30:e9:59:5a:68:cc:ae:44:c2:0b:63:8b:de:e4:
cb:b5:c0:a8:98:35:4c:d2:37:82:6e:40:f6:46:e0:
04:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:BD:ED:5F:39:54:E6:7E:6A:10:AF:6E:30:97:22:18:13:43:49:3B
X509v3 Authority Key Identifier:
keyid:34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
5d:bf:e0:fd:31:17:4b:3d:c5:6a:7c:5e:88:56:b4:41:cb:78:
47:ed:43:46:b4:92:b4:d5:52:dc:2d:27:93:c8:51:12:ca:b3:
ef:84:70:1e:f0:c6:06:4a:36:ce:08:0b:ad:b3:30:19:b7:e6:
75:a5:7e:f2:0d:2d:f6:4b:4a:d0:22:5b:a1:4f:be:29:c7:f1:
fd:e9:1c:9c:41:f5:bc:62:f0:82:40:62:a6:c7:d3:e3:b6:70:
5c:a2:7c:82:37:68:88:38:40:2c:93:cb:43:7e:d1:04:b6:4a:
4b:e4:1d:98:fd:64:e7:42:e2:cb:3f:d7:0d:a3:9d:74:c9:98:
82:74:75:5b:9c:f6:29:44:0a:16:f3:1f:d1:ff:bc:bc:69:bf:
42:0f:94:2b:bb:f1:27:8c:ee:5c:c3:58:61:28:82:12:25:73:
cd:0b:cc:1c:96:16:a9:cd:4f:85:28:bd:11:3d:69:ac:b9:73:
0e:5d:7d:2c:c6:31:f2:90:f6:42:44:e9:de:02:30:ef:72:0b:
e7:7a:e0:60:8a:c7:63:d1:71:7b:35:25:12:af:ff:c7:be:19:
c3:1a:71:a7:ca:87:66:bb:3c:34:89:93:23:39:bb:3c:fa:b7:
4e:57:f9:41:91:a5:d3:bd:53:ad:4e:0d:c3:38:c2:17:8a:90:
4b:83:75:30
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgICTAAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDM0OEY5QjlCOTJBNzJDQ0ZEMzZGM0M3MEYzNTY3NTcz
M0NDOEVBMjIwHhcNMjYwNzA5MDI1MDEzWhcNMjYwNzE2MDI1MDEzWjAYMRYwFAYD
VQQDEw02YTRmMGM2NS04NjMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwlvdTGsgxkXXZf0OxLVN5wiPjT6neX4Frq1Uzj4IrUYeGXMcNzJZsqJC5DBB
qu0I/bXkHC5L+llckifbvkSPo+wOY4CnUSow3NBEAt7dNabjUyV/8K5CdvniFKb9
aB92Ac1yuUKN4WD3QECoFGnuIIqzU+jKPpe3mppUQ6ubgp5ErEwqFMwN7BG6By1E
e1DRhJ8BvBBsxp17lhzQ7W5SLcVikkCB7Vdfd4Sw/FkqnpDzrSnqGILhJNq7U0bg
FDgfdR1xA/6mYInc3/J2DGG70Hq5wvkCNfKDDnfH4Ap753YuMOlZWmjMrkTCC2OL
3uTLtcComDVM0jeCbkD2RuAEbQIDAQABo4ICTzCCAkswHQYDVR0OBBYEFJi97V85
VOZ+ahCvbjCXIhgTQ0k7MB8GA1UdIwQYMBaAFDSPm5uSpyzP0288cPNWdXM8yOoi
MA4GA1UdDwEB/wQEAwIHgDBzBgNVHR8EbDBqMGigZqBkhmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjQxRkU2MTAxRDY2MTFFMkE2MkY4NzdDNzJG
RDFGRjIvTkktYm01S25MTV9UYnp4dzgxWjFjenpJNmlJLmNybDB+BggrBgEFBQcB
AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np
dG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9OSS1ibTVLbkxN
X1Rienh3ODFaMWN6ekk2aUkuY2VyMEoGA1UdIAEB/wRAMD4wPAYIKwYBBQUHDgIw
MDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMubmV0L1JQS0kvQ1BTLnBk
ZjB+BggrBgEFBQcBCwRyMHAwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5hcG5p
Yy5uZXQvcmVwb3NpdG9yeS9CNDFGRTYxMDFENjYxMUUyQTYyRjg3N0M3MkZEMUZG
Mi9OSS1ibTVLbkxNX1Rienh3ODFaMWN6ekk2aUkubWZ0MBUGCCsGAQUFBwEIAQH/
BAYwBKACBQAwIQYIKwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkq
hkiG9w0BAQsFAAOCAQEAXb/g/TEXSz3FanxeiFa0Qct4R+1DRrSStNVS3C0nk8hR
Esqz74RwHvDGBko2zggLrbMwGbfmdaV+8g0t9ktK0CJboU++Kcfx/ekcnEH1vGLw
gkBipsfT47ZwXKJ8gjdoiDhALJPLQ37RBLZKS+QdmP1k50Liyz/XDaOddMmYgnR1
W5z2KUQKFvMf0f+8vGm/Qg+UK7vxJ4zuXMNYYSiCEiVzzQvMHJYWqc1PhSi9ET1p
rLlzDl19LMYx8pD2QkTp3gIw73IL53rgYIrHY9FxezUlEq//x74Zwxpxp8qHZrs8
NImTIzm7PPq3Tlf5QZGl071TrU4NwzjCF4qQS4N1MA==
-----END CERTIFICATE-----
Generated at Thu Jul 9 04:59:53 2026 by rpki-client