
$ rpki-client -vvf rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
File: NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft (raw, json)
Hash identifier: Ae8Y/wYO0oW6DyNlPslvYmwF1sH3s1AjK0J6PIFpUBE=
Subject key identifier: EC:7D:88:32:AC:84:4A:D3:2F:54:ED:74:BE:64:4E:D0:7F:B0:EF:CE
Authority key identifier: 34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22
Certificate issuer: /CN=A90DC5BE/serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22
Certificate serial: 4BE8
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
Subject info access: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
Manifest number: 4B24
Signing time: Wed 01 Jul 2026 15:04:58 +0000
Manifest this update: Wed 01 Jul 2026 15:04:58 +0000
Manifest next update: Wed 08 Jul 2026 15:04:58 +0000
Files and hashes: 1: NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl (hash: Od3HQaIaaxp0htnI+TZ39AoTIgqeekAraNVu54jNHy8=)
2: yNpkCWcTSBB928ixg_VavykxJVY.cer (hash: 7LlC/Thv3K3ldgRtVocDRf7FXSGXuQd9aYtJXeGWXow=)
3: 7sFGJFcUG4P9PfwliWp2Aj3oRzk.cer (hash: vKRegTYpP6Q4sKTEn3qYiflxyO8Q+1eOJ1tvz7oQ69o=)
4: NaP2H8Xf8ZLB2Qx0q4LHol1-Ftg.cer (hash: nxeMRNlbBg0Hn1rklz8FQpXMsQvmCCIn7C88WB0VjZg=)
5: gf1WPMaGXeAtpqg_KgHxFhEdD_o.cer (hash: l5cZo0NCnOAN61PmPRwxJ+3G1YfnO8hR1ET4LiGF0Gg=)
6: OQnM9p1_GhfcoBh4-uBuw5s447w.cer (hash: dheRiRgVpRQ/DT7YDIA6NP8Jb2BhQkOd97ylQTa/NVI=)
7: GHL5iLZXI3g3mSN-VU28xuSdFLA.cer (hash: m47+BAuEPyhZwLckC0gdvrJPZh1uimGWoBLYXZjyP3s=)
8: CVjwl8rkKX3ycoLkGD468UJMj34.cer (hash: Rcb9yIZz7YIKD8PtnrnxPR64gvvH07YAhXdMB3XP/OA=)
9: yMD7hwR0w-hMq4NZfEaoYsR_iII.cer (hash: gk69FcDJVfnMVDAPpkly9FYmRvv1My0o9FTRcFxsV+4=)
10: hH8uEuq1BqUBCZRCB7HXAmZ38Js.cer (hash: GZKUTMvEU2v6QtpY7LVbQt7xtQeoTFLXXWOJzks3wco=)
11: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer (hash: Tj0DMc17GIlsrNOPo2Vrd8QYbq2oFDge8erwmAtJhmI=)
12: Tidv6UgTpdcIr4ZtYdYhNA_AUbI.cer (hash: D+f82NqHOXX+gsbqchoR8C6o8P1bkW7IXideKsJzx+U=)
13: Erbl4Y99wQAc4IrxPdBNc8YOm5w.cer (hash: +S+jLZmqvsxjRO9HUtO3lUkaQPoZYi1woNnTGp4+JPA=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl
rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 08 Jul 2026 15:04:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19432 (0x4be8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22
Validity
Not Before: Jul 1 15:04:58 2026 GMT
Not After : Jul 8 15:04:58 2026 GMT
Subject: CN=6a452c9a-d9ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c2:c5:dd:d0:53:6b:a3:0c:ab:85:4f:32:fc:
df:78:38:6e:b4:31:08:70:80:ba:2a:4b:ea:b8:ce:
80:46:ed:43:2d:87:8a:90:78:9d:9a:5c:20:ad:f9:
7c:e7:53:84:cb:4d:bd:d7:93:bf:ba:f9:71:f8:84:
b2:fd:05:db:4e:8a:b6:d0:39:98:4d:bb:e6:5f:a5:
9c:80:0d:b9:7e:56:8a:da:b1:2f:ac:9e:27:b8:b3:
81:09:8b:68:16:20:69:cc:fe:e9:54:1f:63:95:c0:
39:78:d5:18:bb:86:94:64:dd:e6:e7:11:3d:52:e3:
3e:63:2a:f4:4b:a3:f1:72:56:cb:e1:39:28:1d:c4:
2d:5a:54:8b:f2:57:86:70:3e:0f:b6:8d:8d:41:be:
6b:ea:e0:16:ee:47:0d:46:4b:03:b7:f8:43:7a:3e:
f7:60:7e:48:10:d4:07:60:3d:f1:c1:0a:99:2f:22:
82:78:c3:d8:3c:b4:21:aa:26:3c:39:b2:43:aa:f7:
7b:cd:5f:a0:36:04:ff:d0:b4:a0:66:60:0f:62:72:
71:34:5c:c4:4d:cd:50:30:12:8a:50:69:e0:9b:5e:
8f:2f:9a:ac:28:1e:56:a2:a2:59:b1:4b:f7:de:e6:
18:c9:ce:57:11:c0:9e:74:f5:00:d5:3e:0b:9d:cd:
41:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:7D:88:32:AC:84:4A:D3:2F:54:ED:74:BE:64:4E:D0:7F:B0:EF:CE
X509v3 Authority Key Identifier:
keyid:34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
23:07:23:2b:89:de:0f:4c:51:a6:60:ef:b1:ba:93:a6:c0:ea:
86:51:a9:8c:22:4a:64:45:84:31:04:b2:5d:8c:60:31:68:04:
49:43:09:66:e0:9a:bb:ef:b2:7a:29:cb:70:d3:47:53:cd:6f:
46:cd:c0:e4:e4:f2:c0:69:e1:ab:cf:aa:49:12:5b:cd:3a:02:
f1:b5:ee:c7:60:59:8b:58:ee:f2:89:28:a1:0d:d0:f8:eb:a6:
98:f6:4c:7b:8a:4a:c4:e5:e6:54:23:6d:62:e1:7b:f9:eb:dd:
8e:2f:9c:e2:7d:a2:cc:b7:f6:7a:27:8a:83:54:1f:d7:ee:6b:
fd:1b:2b:93:40:a1:cd:8c:d0:97:45:41:96:37:67:60:c7:23:
25:9e:85:ce:01:34:34:fd:a4:f2:63:b9:95:3a:82:6e:d1:e7:
b3:2b:92:56:11:0a:bc:41:a9:4b:61:73:52:b8:77:e0:9c:17:
05:21:8b:30:6d:95:1d:57:df:d1:c7:00:1c:f9:f7:af:c2:d2:
09:c2:12:96:3e:c8:46:73:68:66:a5:53:d4:71:23:5b:62:ff:
6a:21:cd:45:a7:59:b2:03:f3:5e:f2:30:43:e8:ce:7e:0b:7d:
ac:6c:f2:fb:13:eb:a7:70:bb:06:8e:b4:0a:99:c4:25:81:e4:
a2:35:b0:9c
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgICS+gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDM0OEY5QjlCOTJBNzJDQ0ZEMzZGM0M3MEYzNTY3NTcz
M0NDOEVBMjIwHhcNMjYwNzAxMTUwNDU4WhcNMjYwNzA4MTUwNDU4WjAYMRYwFAYD
VQQDEw02YTQ1MmM5YS1kOWVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArMLF3dBTa6MMq4VPMvzfeDhutDEIcIC6KkvquM6ARu1DLYeKkHidmlwgrfl8
51OEy02915O/uvlx+ISy/QXbToq20DmYTbvmX6WcgA25flaK2rEvrJ4nuLOBCYto
FiBpzP7pVB9jlcA5eNUYu4aUZN3m5xE9UuM+Yyr0S6PxclbL4TkoHcQtWlSL8leG
cD4Pto2NQb5r6uAW7kcNRksDt/hDej73YH5IENQHYD3xwQqZLyKCeMPYPLQhqiY8
ObJDqvd7zV+gNgT/0LSgZmAPYnJxNFzETc1QMBKKUGngm16PL5qsKB5WoqJZsUv3
3uYYyc5XEcCedPUA1T4Lnc1BowIDAQABo4ICTzCCAkswHQYDVR0OBBYEFOx9iDKs
hErTL1TtdL5kTtB/sO/OMB8GA1UdIwQYMBaAFDSPm5uSpyzP0288cPNWdXM8yOoi
MA4GA1UdDwEB/wQEAwIHgDBzBgNVHR8EbDBqMGigZqBkhmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjQxRkU2MTAxRDY2MTFFMkE2MkY4NzdDNzJG
RDFGRjIvTkktYm01S25MTV9UYnp4dzgxWjFjenpJNmlJLmNybDB+BggrBgEFBQcB
AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np
dG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9OSS1ibTVLbkxN
X1Rienh3ODFaMWN6ekk2aUkuY2VyMEoGA1UdIAEB/wRAMD4wPAYIKwYBBQUHDgIw
MDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMubmV0L1JQS0kvQ1BTLnBk
ZjB+BggrBgEFBQcBCwRyMHAwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5hcG5p
Yy5uZXQvcmVwb3NpdG9yeS9CNDFGRTYxMDFENjYxMUUyQTYyRjg3N0M3MkZEMUZG
Mi9OSS1ibTVLbkxNX1Rienh3ODFaMWN6ekk2aUkubWZ0MBUGCCsGAQUFBwEIAQH/
BAYwBKACBQAwIQYIKwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkq
hkiG9w0BAQsFAAOCAQEAIwcjK4neD0xRpmDvsbqTpsDqhlGpjCJKZEWEMQSyXYxg
MWgESUMJZuCau++yeinLcNNHU81vRs3A5OTywGnhq8+qSRJbzToC8bXux2BZi1ju
8okooQ3Q+OummPZMe4pKxOXmVCNtYuF7+evdji+c4n2izLf2eieKg1Qf1+5r/Rsr
k0ChzYzQl0VBljdnYMcjJZ6FzgE0NP2k8mO5lTqCbtHnsyuSVhEKvEGpS2FzUrh3
4JwXBSGLMG2VHVff0ccAHPn3r8LSCcISlj7IRnNoZqVT1HEjW2L/aiHNRadZsgPz
XvIwQ+jOfgt9rGzy+xPrp3C7Bo60CpnEJYHkojWwnA==
-----END CERTIFICATE-----
Generated at Wed Jul 1 23:31:24 2026 by rpki-client