
$ rpki-client -vvf rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
File: NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft (raw, json)
Hash identifier: XNYAuvhtv+bOm4/vstkHhNV+n/f9eCSbltUo46V3ZSE=
Subject key identifier: 01:23:86:F9:73:18:20:0E:F8:90:63:C8:C6:33:A1:BE:9C:48:C6:AC
Authority key identifier: 34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22
Certificate issuer: /CN=A90DC5BE/serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22
Certificate serial: 4C0B
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
Subject info access: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
Manifest number: 4B46
Signing time: Sun 12 Jul 2026 02:50:11 +0000
Manifest this update: Sun 12 Jul 2026 02:50:10 +0000
Manifest next update: Sun 19 Jul 2026 02:50:10 +0000
Files and hashes: 1: NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl (hash: gwmwNpCEhECAbfWdUMJ3+ikRDxJezJWWM9h9mJYCQ44=)
2: NaP2H8Xf8ZLB2Qx0q4LHol1-Ftg.cer (hash: IkSuUU7ZWS/JW8FM1z4r+u5UkK4TPFlbZKL6zIaBvUw=)
3: GHL5iLZXI3g3mSN-VU28xuSdFLA.cer (hash: m47+BAuEPyhZwLckC0gdvrJPZh1uimGWoBLYXZjyP3s=)
4: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer (hash: Tj0DMc17GIlsrNOPo2Vrd8QYbq2oFDge8erwmAtJhmI=)
5: yMD7hwR0w-hMq4NZfEaoYsR_iII.cer (hash: gk69FcDJVfnMVDAPpkly9FYmRvv1My0o9FTRcFxsV+4=)
6: gf1WPMaGXeAtpqg_KgHxFhEdD_o.cer (hash: l5cZo0NCnOAN61PmPRwxJ+3G1YfnO8hR1ET4LiGF0Gg=)
7: Tidv6UgTpdcIr4ZtYdYhNA_AUbI.cer (hash: D+f82NqHOXX+gsbqchoR8C6o8P1bkW7IXideKsJzx+U=)
8: yNpkCWcTSBB928ixg_VavykxJVY.cer (hash: 7LlC/Thv3K3ldgRtVocDRf7FXSGXuQd9aYtJXeGWXow=)
9: CVjwl8rkKX3ycoLkGD468UJMj34.cer (hash: Rcb9yIZz7YIKD8PtnrnxPR64gvvH07YAhXdMB3XP/OA=)
10: 7sFGJFcUG4P9PfwliWp2Aj3oRzk.cer (hash: vKRegTYpP6Q4sKTEn3qYiflxyO8Q+1eOJ1tvz7oQ69o=)
11: Erbl4Y99wQAc4IrxPdBNc8YOm5w.cer (hash: +S+jLZmqvsxjRO9HUtO3lUkaQPoZYi1woNnTGp4+JPA=)
12: hH8uEuq1BqUBCZRCB7HXAmZ38Js.cer (hash: GZKUTMvEU2v6QtpY7LVbQt7xtQeoTFLXXWOJzks3wco=)
13: OQnM9p1_GhfcoBh4-uBuw5s447w.cer (hash: dheRiRgVpRQ/DT7YDIA6NP8Jb2BhQkOd97ylQTa/NVI=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl
rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 19 Jul 2026 02:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19467 (0x4c0b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22
Validity
Not Before: Jul 12 02:50:10 2026 GMT
Not After : Jul 19 02:50:10 2026 GMT
Subject: CN=6a5300e3-b094
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:e5:ed:bb:2a:8c:54:86:88:88:95:9c:5a:7a:
21:45:e9:f9:bf:15:b2:c0:5d:59:91:f7:46:b3:3b:
fc:02:2e:a6:28:4f:e7:53:32:a8:a8:30:fa:9c:05:
e1:d7:3f:17:96:3e:03:52:a9:db:ff:0b:e4:77:5a:
22:7a:d6:e2:f4:be:43:10:14:d2:43:b6:b4:00:0a:
48:24:b5:5e:45:bf:52:b5:3d:b2:ae:2c:e6:13:16:
57:4f:41:6d:58:6a:63:09:f5:63:4a:51:cc:e5:1b:
4f:c6:4e:ca:33:84:05:c2:fb:18:0c:ae:8a:2d:b6:
24:e5:bf:19:c2:f6:f3:d5:99:02:0a:f5:0a:5d:58:
a8:89:18:af:5f:5a:7b:81:4f:fc:34:d2:37:c1:12:
57:43:36:57:43:7a:be:e4:7f:c0:91:fb:48:77:27:
99:6b:95:94:69:a9:37:c7:d5:f0:a4:77:e4:79:80:
16:21:a2:3c:90:83:d9:91:a0:b0:6a:4e:be:53:bd:
78:65:8e:e5:a2:9a:10:d2:5a:88:1e:5b:e1:94:94:
08:80:c8:4e:70:cd:ea:9d:1a:bf:a1:d6:f4:76:c9:
54:71:ac:fc:ae:a9:36:7a:1d:27:75:fe:3b:29:dd:
fd:27:73:06:bb:80:cc:6a:d9:5b:46:bd:18:43:0b:
3b:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:23:86:F9:73:18:20:0E:F8:90:63:C8:C6:33:A1:BE:9C:48:C6:AC
X509v3 Authority Key Identifier:
keyid:34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
77:66:d8:93:3a:3d:fd:5f:57:1e:2d:87:60:16:a5:98:40:22:
06:86:f5:04:91:b8:91:9d:01:da:49:89:59:3f:45:3e:99:5a:
82:f9:0d:a9:53:68:fc:d5:64:89:15:ab:3e:75:45:72:91:89:
86:0c:3d:82:16:03:e5:a4:35:cf:37:33:a0:30:6c:87:22:d9:
31:78:ac:46:4f:e3:72:e3:40:54:13:50:9f:ad:82:13:89:1d:
b5:73:1f:b8:7a:2f:15:4d:54:2e:88:ee:88:5f:d3:0d:c3:83:
2e:08:5a:ee:4a:db:20:50:13:24:b5:c8:55:ff:c5:20:a2:92:
f0:da:eb:18:43:4e:11:56:6a:3d:aa:e8:e1:6e:fa:df:fe:3e:
bf:24:52:16:2c:ab:84:57:30:30:8e:a2:f9:7a:86:7a:09:c1:
90:df:db:c4:40:5e:5c:e0:e6:a2:58:72:3c:9c:d3:4b:26:a6:
cf:a9:cb:ec:f3:54:2d:c7:a4:8f:88:65:f7:eb:ff:1b:1e:82:
d4:7a:c6:a7:07:a1:b1:2a:3c:1d:5b:e2:73:af:88:9e:2d:e7:
1e:0b:3a:87:96:8e:06:48:8a:46:8a:04:f2:19:df:ac:9c:e0:
fc:71:cb:ab:78:30:40:5b:8f:8e:1c:e1:25:ff:9e:11:bb:51:
5f:36:dd:de
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgICTAswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDM0OEY5QjlCOTJBNzJDQ0ZEMzZGM0M3MEYzNTY3NTcz
M0NDOEVBMjIwHhcNMjYwNzEyMDI1MDEwWhcNMjYwNzE5MDI1MDEwWjAYMRYwFAYD
VQQDEw02YTUzMDBlMy1iMDk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz+XtuyqMVIaIiJWcWnohRen5vxWywF1ZkfdGszv8Ai6mKE/nUzKoqDD6nAXh
1z8Xlj4DUqnb/wvkd1oietbi9L5DEBTSQ7a0AApIJLVeRb9StT2yrizmExZXT0Ft
WGpjCfVjSlHM5RtPxk7KM4QFwvsYDK6KLbYk5b8Zwvbz1ZkCCvUKXVioiRivX1p7
gU/8NNI3wRJXQzZXQ3q+5H/AkftIdyeZa5WUaak3x9XwpHfkeYAWIaI8kIPZkaCw
ak6+U714ZY7lopoQ0lqIHlvhlJQIgMhOcM3qnRq/odb0dslUcaz8rqk2eh0ndf47
Kd39J3MGu4DMatlbRr0YQws70wIDAQABo4ICTzCCAkswHQYDVR0OBBYEFAEjhvlz
GCAO+JBjyMYzob6cSMasMB8GA1UdIwQYMBaAFDSPm5uSpyzP0288cPNWdXM8yOoi
MA4GA1UdDwEB/wQEAwIHgDBzBgNVHR8EbDBqMGigZqBkhmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjQxRkU2MTAxRDY2MTFFMkE2MkY4NzdDNzJG
RDFGRjIvTkktYm01S25MTV9UYnp4dzgxWjFjenpJNmlJLmNybDB+BggrBgEFBQcB
AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np
dG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9OSS1ibTVLbkxN
X1Rienh3ODFaMWN6ekk2aUkuY2VyMEoGA1UdIAEB/wRAMD4wPAYIKwYBBQUHDgIw
MDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMubmV0L1JQS0kvQ1BTLnBk
ZjB+BggrBgEFBQcBCwRyMHAwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5hcG5p
Yy5uZXQvcmVwb3NpdG9yeS9CNDFGRTYxMDFENjYxMUUyQTYyRjg3N0M3MkZEMUZG
Mi9OSS1ibTVLbkxNX1Rienh3ODFaMWN6ekk2aUkubWZ0MBUGCCsGAQUFBwEIAQH/
BAYwBKACBQAwIQYIKwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkq
hkiG9w0BAQsFAAOCAQEAd2bYkzo9/V9XHi2HYBalmEAiBob1BJG4kZ0B2kmJWT9F
PplagvkNqVNo/NVkiRWrPnVFcpGJhgw9ghYD5aQ1zzczoDBshyLZMXisRk/jcuNA
VBNQn62CE4kdtXMfuHovFU1ULojuiF/TDcODLgha7krbIFATJLXIVf/FIKKS8Nrr
GENOEVZqParo4W763/4+vyRSFiyrhFcwMI6i+XqGegnBkN/bxEBeXODmolhyPJzT
Syamz6nL7PNULcekj4hl9+v/Gx6C1HrGpwehsSo8HVvic6+Ini3nHgs6h5aOBkiK
RooE8hnfrJzg/HHLq3gwQFuPjhzhJf+eEbtRXzbd3g==
-----END CERTIFICATE-----
Generated at Sun Jul 12 07:24:44 2026 by rpki-client