
$ rpki-client -vvf rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
File: NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft (raw, json)
Hash identifier: W8lEtkbEWGBK650F3hoIrTWVHjD2af7fzYut29dzD34=
Subject key identifier: 7E:A6:AB:71:68:6C:30:8B:BA:33:5C:21:64:C8:77:C3:F8:0B:7F:31
Authority key identifier: 34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22
Certificate issuer: /CN=A90DC5BE/serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22
Certificate serial: 4BF1
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
Subject info access: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
Manifest number: 4B2D
Signing time: Sat 04 Jul 2026 14:50:12 +0000
Manifest this update: Sat 04 Jul 2026 14:50:11 +0000
Manifest next update: Sat 11 Jul 2026 14:50:11 +0000
Files and hashes: 1: NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl (hash: clCEvp9ZbXPlr/ozKIqFb3kJz1fqBCLLP6H/1kTA2wE=)
2: yMD7hwR0w-hMq4NZfEaoYsR_iII.cer (hash: gk69FcDJVfnMVDAPpkly9FYmRvv1My0o9FTRcFxsV+4=)
3: Tidv6UgTpdcIr4ZtYdYhNA_AUbI.cer (hash: D+f82NqHOXX+gsbqchoR8C6o8P1bkW7IXideKsJzx+U=)
4: 7sFGJFcUG4P9PfwliWp2Aj3oRzk.cer (hash: vKRegTYpP6Q4sKTEn3qYiflxyO8Q+1eOJ1tvz7oQ69o=)
5: NaP2H8Xf8ZLB2Qx0q4LHol1-Ftg.cer (hash: nxeMRNlbBg0Hn1rklz8FQpXMsQvmCCIn7C88WB0VjZg=)
6: gf1WPMaGXeAtpqg_KgHxFhEdD_o.cer (hash: l5cZo0NCnOAN61PmPRwxJ+3G1YfnO8hR1ET4LiGF0Gg=)
7: CVjwl8rkKX3ycoLkGD468UJMj34.cer (hash: Rcb9yIZz7YIKD8PtnrnxPR64gvvH07YAhXdMB3XP/OA=)
8: yNpkCWcTSBB928ixg_VavykxJVY.cer (hash: 7LlC/Thv3K3ldgRtVocDRf7FXSGXuQd9aYtJXeGWXow=)
9: GHL5iLZXI3g3mSN-VU28xuSdFLA.cer (hash: m47+BAuEPyhZwLckC0gdvrJPZh1uimGWoBLYXZjyP3s=)
10: OQnM9p1_GhfcoBh4-uBuw5s447w.cer (hash: dheRiRgVpRQ/DT7YDIA6NP8Jb2BhQkOd97ylQTa/NVI=)
11: Erbl4Y99wQAc4IrxPdBNc8YOm5w.cer (hash: +S+jLZmqvsxjRO9HUtO3lUkaQPoZYi1woNnTGp4+JPA=)
12: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer (hash: Tj0DMc17GIlsrNOPo2Vrd8QYbq2oFDge8erwmAtJhmI=)
13: hH8uEuq1BqUBCZRCB7HXAmZ38Js.cer (hash: GZKUTMvEU2v6QtpY7LVbQt7xtQeoTFLXXWOJzks3wco=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl
rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 11 Jul 2026 14:50:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19441 (0x4bf1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22
Validity
Not Before: Jul 4 14:50:11 2026 GMT
Not After : Jul 11 14:50:11 2026 GMT
Subject: CN=6a491da4-7495
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:1e:08:0a:be:43:29:42:02:f1:c6:35:56:b5:
17:f0:e5:f9:e6:c2:e4:a5:c1:6a:46:1d:80:f9:bb:
e6:23:ca:50:e8:a4:af:1d:c6:7c:01:7a:23:30:1a:
3a:94:91:ab:6c:b5:59:4e:5c:85:56:c2:9a:e4:30:
be:15:d9:4f:a3:91:e8:a6:e4:ce:0e:6a:6c:ba:69:
af:56:90:b1:7f:3e:cf:cb:25:dd:4e:c4:9a:f2:8a:
49:b1:66:f3:10:dc:a1:57:75:61:a3:3f:70:4f:4a:
3a:83:3e:6a:35:c4:8b:47:df:05:49:6a:68:1b:f0:
1a:40:0c:6f:69:65:82:50:5f:25:4d:3a:9b:17:09:
28:c9:7c:f7:ba:01:4c:69:ea:5d:1c:04:2f:93:0d:
13:22:09:47:c6:48:2f:ec:86:1b:05:95:92:3d:f8:
e1:6c:27:ee:e0:c9:50:75:d6:7c:eb:da:c6:0d:0d:
df:a7:31:fb:bc:b1:ed:af:8a:26:20:77:b4:d5:fa:
20:73:52:02:f1:f2:a4:c8:68:1b:59:e9:67:b5:6d:
6a:0f:99:86:be:4f:70:1f:6c:30:dd:4b:78:8a:48:
83:bb:6b:87:a1:20:d7:ac:ac:5a:88:80:99:5c:b9:
ab:e6:1c:47:dd:5e:56:54:27:3a:b7:a0:d3:dc:4d:
cb:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:A6:AB:71:68:6C:30:8B:BA:33:5C:21:64:C8:77:C3:F8:0B:7F:31
X509v3 Authority Key Identifier:
keyid:34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
74:21:c9:3f:45:74:cf:f0:36:2f:16:b8:d2:9f:03:00:58:a5:
5f:0f:ba:51:1b:7f:52:5f:0a:0b:40:bc:b1:50:77:af:6c:1d:
0a:cf:5e:2c:3f:b3:ad:51:d8:1d:11:ab:07:3c:4d:e0:e7:da:
e2:8c:72:99:50:49:20:ff:42:e2:12:4b:cc:a6:05:7c:11:73:
08:21:95:d1:4b:a7:cf:e0:38:7f:5d:be:5d:84:e6:a6:f7:e3:
31:7c:3e:9e:06:76:1b:7c:1f:5e:48:c3:2d:2d:65:a1:af:22:
e0:c0:51:63:e6:51:cf:32:2f:06:db:fd:d0:0e:80:58:cc:d7:
61:a8:14:21:38:06:64:3b:14:db:4c:fc:4e:0d:c3:88:f5:d1:
44:86:44:8a:a8:65:8b:b0:13:97:cf:b5:cf:87:05:3d:6e:e4:
c5:28:c7:75:bd:5f:ac:ee:0b:7a:4d:75:ea:e9:a0:52:a5:42:
69:da:ac:46:61:61:12:8c:b8:4d:a5:fc:e6:8d:85:27:52:c0:
86:8d:5f:18:9f:9b:fe:93:de:c4:3d:7f:ad:92:ab:98:53:c8:
36:ed:0f:84:e0:da:f1:5b:f6:09:82:68:40:f9:08:28:da:0b:
4e:44:bc:db:cd:d0:72:15:7d:2d:c6:38:a1:45:3c:bc:a1:13:
cc:1c:19:84
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgICS/EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDM0OEY5QjlCOTJBNzJDQ0ZEMzZGM0M3MEYzNTY3NTcz
M0NDOEVBMjIwHhcNMjYwNzA0MTQ1MDExWhcNMjYwNzExMTQ1MDExWjAYMRYwFAYD
VQQDEw02YTQ5MWRhNC03NDk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAiB4ICr5DKUIC8cY1VrUX8OX55sLkpcFqRh2A+bvmI8pQ6KSvHcZ8AXojMBo6
lJGrbLVZTlyFVsKa5DC+FdlPo5HopuTODmpsummvVpCxfz7PyyXdTsSa8opJsWbz
ENyhV3Vhoz9wT0o6gz5qNcSLR98FSWpoG/AaQAxvaWWCUF8lTTqbFwkoyXz3ugFM
aepdHAQvkw0TIglHxkgv7IYbBZWSPfjhbCfu4MlQddZ869rGDQ3fpzH7vLHtr4om
IHe01fogc1IC8fKkyGgbWelntW1qD5mGvk9wH2ww3Ut4ikiDu2uHoSDXrKxaiICZ
XLmr5hxH3V5WVCc6t6DT3E3LcwIDAQABo4ICTzCCAkswHQYDVR0OBBYEFH6mq3Fo
bDCLujNcIWTId8P4C38xMB8GA1UdIwQYMBaAFDSPm5uSpyzP0288cPNWdXM8yOoi
MA4GA1UdDwEB/wQEAwIHgDBzBgNVHR8EbDBqMGigZqBkhmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjQxRkU2MTAxRDY2MTFFMkE2MkY4NzdDNzJG
RDFGRjIvTkktYm01S25MTV9UYnp4dzgxWjFjenpJNmlJLmNybDB+BggrBgEFBQcB
AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np
dG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9OSS1ibTVLbkxN
X1Rienh3ODFaMWN6ekk2aUkuY2VyMEoGA1UdIAEB/wRAMD4wPAYIKwYBBQUHDgIw
MDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMubmV0L1JQS0kvQ1BTLnBk
ZjB+BggrBgEFBQcBCwRyMHAwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5hcG5p
Yy5uZXQvcmVwb3NpdG9yeS9CNDFGRTYxMDFENjYxMUUyQTYyRjg3N0M3MkZEMUZG
Mi9OSS1ibTVLbkxNX1Rienh3ODFaMWN6ekk2aUkubWZ0MBUGCCsGAQUFBwEIAQH/
BAYwBKACBQAwIQYIKwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkq
hkiG9w0BAQsFAAOCAQEAdCHJP0V0z/A2Lxa40p8DAFilXw+6URt/Ul8KC0C8sVB3
r2wdCs9eLD+zrVHYHRGrBzxN4Ofa4oxymVBJIP9C4hJLzKYFfBFzCCGV0Uunz+A4
f12+XYTmpvfjMXw+ngZ2G3wfXkjDLS1loa8i4MBRY+ZRzzIvBtv90A6AWMzXYagU
ITgGZDsU20z8Tg3DiPXRRIZEiqhli7ATl8+1z4cFPW7kxSjHdb1frO4Lek116umg
UqVCadqsRmFhEoy4TaX85o2FJ1LAho1fGJ+b/pPexD1/rZKrmFPINu0PhODa8Vv2
CYJoQPkIKNoLTkS8283QchV9LcY4oUU8vKETzBwZhA==
-----END CERTIFICATE-----
Generated at Sun Jul 5 01:12:07 2026 by rpki-client