Manifest
$ rpki-client -vvf rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
File: NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft (raw, json)
Hash identifier: Or41MmpDiqDuNWx8eXcp+c2TQErYlraR2bwBf9Qs1kQ=
Subject key identifier: 91:84:CC:B7:29:8C:F8:6F:C2:53:67:CE:4A:D6:A4:E0:F4:A6:D8:26
Authority key identifier: 34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22
Certificate issuer: /CN=A90DC5BE/serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22
Certificate serial: 47FD
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
Subject info access: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
Manifest number: 474E
Signing time: Tue 19 Aug 2025 14:50:08 +0000
Manifest this update: Tue 19 Aug 2025 14:50:08 +0000
Manifest next update: Tue 26 Aug 2025 14:50:08 +0000
Files and hashes: 1: NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl (hash: qfoPG3hGeqTKE3dNEAsEzv8Y/RULA1aH0XjuoLXFWRY=)
2: CVjwl8rkKX3ycoLkGD468UJMj34.cer (hash: dIUmjSrIjTBexv9/ceLPC3WswXZRCQ+E7X3cPIrgsiw=)
3: yMD7hwR0w-hMq4NZfEaoYsR_iII.cer (hash: 9PPfP/K0Uf+S7J39zhXXnRpHgv6uH4LNhJd4TezIBSI=)
4: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer (hash: vp1tRoe4NsXHyQT0OHKIj2r+bs3aEldVk7YOXioMzPc=)
5: Tidv6UgTpdcIr4ZtYdYhNA_AUbI.cer (hash: a08n2HW5nibBBiTwza8V+WtqK6Yxby9U6HH3/Nqtoa4=)
6: NaP2H8Xf8ZLB2Qx0q4LHol1-Ftg.cer (hash: ZF1RlRehUcyZpIoR/bVaAFymoj2e9ILKyQaE+joIDZE=)
7: GHL5iLZXI3g3mSN-VU28xuSdFLA.cer (hash: EBPO+j383ZTZL3W25SBCuUDnWsryeNl/oCk3sCJDyPg=)
8: gf1WPMaGXeAtpqg_KgHxFhEdD_o.cer (hash: l5cZo0NCnOAN61PmPRwxJ+3G1YfnO8hR1ET4LiGF0Gg=)
9: yNpkCWcTSBB928ixg_VavykxJVY.cer (hash: gihqpRCjg2rI9ASnRe9SEx4bmJeI8d1jCVD9TrUB2P0=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl
rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 26 Aug 2025 14:50:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18429 (0x47fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22
Validity
Not Before: Aug 19 14:50:08 2025 GMT
Not After : Aug 26 14:50:08 2025 GMT
Subject: CN=68a48f20-ff74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:21:6b:f3:eb:ac:9a:8d:21:23:67:93:e3:93:
19:40:6d:c9:0e:02:74:ee:34:f8:d6:bc:90:76:64:
0d:7b:02:04:c4:0b:9f:a6:1a:c1:ba:35:9b:5b:fd:
35:bd:f2:3e:77:a8:96:ba:e6:e1:81:07:b4:16:c3:
a1:a2:c0:fc:3b:49:fd:03:59:c2:a1:ae:8b:da:02:
3c:58:5d:6f:c4:a3:12:73:f9:a9:b5:29:b7:b0:f0:
b2:d9:a1:d1:40:ef:09:67:55:6a:fa:8f:04:1b:3b:
b1:3a:a4:22:2a:e0:a7:2e:a0:e8:0c:4d:53:b0:52:
b2:3f:ef:2c:91:a7:2e:93:7e:8a:24:d9:70:0c:29:
92:56:2d:d8:9d:b6:58:c5:3d:84:05:99:4a:74:e1:
af:c6:0f:0e:c7:a2:74:a9:27:4c:7b:5b:25:03:5c:
74:10:91:5a:92:51:39:33:65:fb:b2:45:39:03:20:
4a:6a:3f:af:ac:cc:15:bc:5f:f9:e9:92:99:6d:d8:
61:46:2c:76:23:45:4e:77:b9:c1:e8:d6:b7:1d:c3:
22:d6:a6:c9:e7:ae:87:b8:5f:3c:66:1f:45:b5:25:
c5:0c:da:50:22:9e:d9:15:c7:80:9a:2f:ef:73:ba:
dc:ae:5f:08:ad:19:99:53:f6:fb:d5:c6:af:ba:65:
3c:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:84:CC:B7:29:8C:F8:6F:C2:53:67:CE:4A:D6:A4:E0:F4:A6:D8:26
X509v3 Authority Key Identifier:
keyid:34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
97:06:ee:8a:8f:0b:95:0e:15:a5:36:ba:13:0e:5c:43:68:c4:
8a:aa:7e:eb:b8:1e:24:f8:3e:fd:cc:6c:f4:21:1a:b3:4c:cf:
88:76:03:55:c9:cc:31:c7:34:11:c0:e1:f4:44:b1:02:ad:a5:
8a:68:04:41:5b:28:f5:25:63:2a:89:80:ed:be:c3:bd:ef:aa:
31:ed:16:c1:57:ed:e9:88:8f:57:30:81:b4:f6:47:e1:2b:ee:
fc:58:42:2d:35:24:aa:0e:ba:e1:b0:5f:cd:19:93:fe:c7:16:
a4:db:b7:1a:93:79:8a:dc:46:a6:4c:bd:c3:10:d4:f1:1a:07:
04:db:da:13:5a:cd:f1:7a:7f:25:8e:13:51:24:20:c4:a2:44:
08:fa:9a:b5:23:37:f9:85:ae:bd:67:5c:3c:7d:43:d1:80:4d:
87:25:6c:2d:d7:be:bc:9e:e2:6f:21:d0:7d:62:a9:8e:a2:4f:
5b:1a:12:11:09:03:fa:df:ce:5a:b8:76:84:44:cb:14:a0:c3:
8c:44:a8:7c:bb:ed:0d:ee:35:e1:fd:77:19:fd:fe:2e:3a:93:
ee:fe:47:38:67:ab:7f:9b:69:5e:b2:13:08:f4:ec:db:07:43:
3a:89:22:2b:48:f9:c3:8e:d8:02:78:c8:b4:4b:1a:9e:7c:d3:
a7:1a:c4:8d
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgICR/0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDM0OEY5QjlCOTJBNzJDQ0ZEMzZGM0M3MEYzNTY3NTcz
M0NDOEVBMjIwHhcNMjUwODE5MTQ1MDA4WhcNMjUwODI2MTQ1MDA4WjAYMRYwFAYD
VQQDEw02OGE0OGYyMC1mZjc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvyFr8+usmo0hI2eT45MZQG3JDgJ07jT41ryQdmQNewIExAufphrBujWbW/01
vfI+d6iWuubhgQe0FsOhosD8O0n9A1nCoa6L2gI8WF1vxKMSc/mptSm3sPCy2aHR
QO8JZ1Vq+o8EGzuxOqQiKuCnLqDoDE1TsFKyP+8skacuk36KJNlwDCmSVi3YnbZY
xT2EBZlKdOGvxg8Ox6J0qSdMe1slA1x0EJFaklE5M2X7skU5AyBKaj+vrMwVvF/5
6ZKZbdhhRix2I0VOd7nB6Na3HcMi1qbJ566HuF88Zh9FtSXFDNpQIp7ZFceAmi/v
c7rcrl8IrRmZU/b71cavumU8+QIDAQABo4IChzCCAoMwHQYDVR0OBBYEFJGEzLcp
jPhvwlNnzkrWpOD0ptgmMB8GA1UdIwQYMBaAFDSPm5uSpyzP0288cPNWdXM8yOoi
MA4GA1UdDwEB/wQEAwIHgDBzBgNVHR8EbDBqMGigZqBkhmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjQxRkU2MTAxRDY2MTFFMkE2MkY4NzdDNzJG
RDFGRjIvTkktYm01S25MTV9UYnp4dzgxWjFjenpJNmlJLmNybDB+BggrBgEFBQcB
AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np
dG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9OSS1ibTVLbkxN
X1Rienh3ODFaMWN6ekk2aUkuY2VyMEoGA1UdIAEB/wRAMD4wPAYIKwYBBQUHDgIw
MDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMubmV0L1JQS0kvQ1BTLnBk
ZjCBtQYIKwYBBQUHAQsEgagwgaUwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNDFGRTYxMDFENjYxMUUyQTYyRjg3N0M3MkZE
MUZGMi9OSS1ibTVLbkxNX1Rienh3ODFaMWN6ekk2aUkubWZ0MDMGCCsGAQUFBzAN
hidodHRwczovL3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYB
BQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIA
AgUAMA0GCSqGSIb3DQEBCwUAA4IBAQCXBu6KjwuVDhWlNroTDlxDaMSKqn7ruB4k
+D79zGz0IRqzTM+IdgNVycwxxzQRwOH0RLECraWKaARBWyj1JWMqiYDtvsO976ox
7RbBV+3piI9XMIG09kfhK+78WEItNSSqDrrhsF/NGZP+xxak27cak3mK3EamTL3D
ENTxGgcE29oTWs3xen8ljhNRJCDEokQI+pq1Izf5ha69Z1w8fUPRgE2HJWwt1768
nuJvIdB9YqmOok9bGhIRCQP6385auHaERMsUoMOMRKh8u+0N7jXh/XcZ/f4uOpPu
/kc4Z6t/m2leshMI9OzbB0M6iSIrSPnDjtgCeMi0SxqefNOnGsSN
-----END CERTIFICATE-----
Generated at Tue Aug 19 17:28:21 2025 by rpki-client