Manifest
$ rpki-client -vvf rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
File: mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft (raw, json)
Hash identifier: v8UKBclwm2k+g5FLS2ont6QnJbhs+h3HxtJrLHPRKGY=
Subject key identifier: 9E:33:E5:03:C0:DF:2B:EA:93:E7:16:41:25:83:25:0B:E5:17:AE:7D
Authority key identifier: 98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
Certificate issuer: /CN=apnic-rpki-root-intermediate/serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
Certificate serial: 0439
Authority info access: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
Subject info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
Manifest number: 0217
Signing time: Mon 23 Mar 2026 22:29:45 +0000
Manifest this update: Mon 23 Mar 2026 22:29:45 +0000
Manifest next update: Thu 30 Apr 2026 22:29:45 +0000
Files and hashes: 1: mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl (hash: 1qeNltmO0s//kIvD+bmP0kaZwGwiS+t4LQYkcOTSfwA=)
2: DmWk9f02tb1o6zySNAiXjJB6p58.cer (hash: HvBVoi7peyVruKoMqA8m9fc5aNSsi6jivmqKbRjnsQc=)
3: dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer (hash: JV4MZB2dlaumUyndY15IrBl5MOwQQOl0oTJLLKB2Nkk=)
4: NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer (hash: WVmxsOlDF0xat6+qJEYw0FI7gJpo7ipvHNwUyCZPWe8=)
5: DPzneFf88B852ZpitKpi5hWedvg.cer (hash: Ruoq0B1BTnhUXAO5yEkBp8G+tJeDt1HJZYuzo5dhBik=)
6: lqhe9LjK9dTDWhV_ThJe5JS6-Tk.cer (hash: NvSQdOpjbNko8KZoxWdKOdTzk9Rg1mZxrALiFCau4lU=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 05 Apr 2026 23:18:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1081 (0x439)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=apnic-rpki-root-intermediate, serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
Validity
Not Before: Mar 23 22:29:45 2026 GMT
Not After : Apr 30 22:29:45 2026 GMT
Subject: CN=69c1bed9-3ced
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:6a:ca:2a:bb:ba:78:f0:c7:93:9a:81:30:1a:
fd:00:fa:07:08:04:50:0a:6a:8f:f7:6b:39:fa:4b:
77:45:55:30:ee:0e:49:f3:fc:ce:11:3a:62:9a:6c:
be:19:4d:e0:e3:0a:a5:0c:40:67:50:34:f9:b9:c7:
97:8f:2d:79:9a:2c:6e:a8:1b:3e:26:26:3f:69:b6:
a7:2b:71:61:dd:56:07:9b:70:4f:91:96:ea:4d:97:
04:05:12:de:ae:19:92:f8:75:c6:14:89:ac:8e:e0:
98:94:da:b8:fa:49:94:e9:51:27:50:a0:de:08:dd:
11:16:a4:c9:92:6d:f8:04:c7:f4:79:73:5e:af:74:
4d:a6:11:27:45:a4:96:fe:81:6e:ea:69:96:9c:f5:
c3:5f:23:0a:b9:51:12:25:24:41:b2:41:81:90:16:
90:0d:0e:5b:8a:63:ee:05:b5:f2:33:20:cd:6d:cb:
b5:de:f1:9b:ae:3c:bd:60:a7:1e:41:bb:13:12:3c:
78:25:9a:65:1d:02:ea:9a:96:37:5d:02:fc:6d:d5:
07:da:8e:fa:50:b4:8c:bb:01:d9:d0:db:66:6c:ad:
cc:a6:8b:3b:d7:5d:4a:cb:2e:47:b2:0d:7b:fe:c6:
f1:0b:76:e2:16:3c:04:42:65:4d:20:13:8d:b5:0b:
70:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:33:E5:03:C0:DF:2B:EA:93:E7:16:41:25:83:25:0B:E5:17:AE:7D
X509v3 Authority Key Identifier:
keyid:98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
32:fd:79:00:72:62:2e:30:a4:56:8f:87:58:82:cd:c1:1c:30:
f4:3c:41:8d:36:3e:f2:af:54:71:94:72:6b:2a:b5:c8:cd:cb:
fc:f5:6d:d2:a9:31:37:25:d6:c1:1f:fc:80:81:0d:09:10:24:
81:f8:52:a3:08:ba:60:07:31:f6:21:d5:c7:d9:6c:fc:11:bb:
f1:93:54:ac:f2:18:7b:a2:0d:de:10:7c:ec:bb:20:df:27:5b:
f1:2f:62:69:b4:08:3e:7e:23:38:65:ee:c1:ca:40:96:38:52:
a7:31:3c:a0:80:cf:09:fe:42:77:a3:68:05:e5:7c:92:44:8e:
ba:75:28:bc:0b:60:d1:e8:61:c9:2a:d4:b8:9a:d4:b7:08:0d:
8a:6d:72:a5:8b:93:77:5b:a4:a6:cc:3c:bc:d7:fc:b8:9c:4d:
b0:e9:47:22:ba:22:95:9e:cd:cf:f9:e8:64:63:27:49:db:68:
9e:d5:f5:ab:fa:3a:6a:14:7f:5e:ff:bc:99:74:10:0a:75:08:
3a:0e:2c:68:e0:94:cb:02:0a:9d:5a:d9:55:fd:ff:93:21:f1:
f6:5a:83:15:cd:e5:9e:d2:b1:84:53:cc:7d:65:7f:ad:b6:b2:
77:6d:80:b1:1c:37:a1:0b:e9:e5:b1:41:c2:5a:13:13:d8:c9:
39:9c:5d:72
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgICBDkwDQYJKoZIhvcNAQELBQAwWjElMCMGA1UEAxMcYXBu
aWMtcnBraS1yb290LWludGVybWVkaWF0ZTExMC8GA1UEBRMoOTgxNDJDOUQwQjQx
QTNCOUZCNjAzRDc2OTg0ODIzNkZEMUYzMTkyNDAeFw0yNjAzMjMyMjI5NDVaFw0y
NjA0MzAyMjI5NDVaMBgxFjAUBgNVBAMTDTY5YzFiZWQ5LTNjZWQwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQChasoqu7p48MeTmoEwGv0A+gcIBFAKao/3
azn6S3dFVTDuDknz/M4ROmKabL4ZTeDjCqUMQGdQNPm5x5ePLXmaLG6oGz4mJj9p
tqcrcWHdVgebcE+RlupNlwQFEt6uGZL4dcYUiayO4JiU2rj6SZTpUSdQoN4I3REW
pMmSbfgEx/R5c16vdE2mESdFpJb+gW7qaZac9cNfIwq5URIlJEGyQYGQFpANDluK
Y+4FtfIzIM1ty7Xe8ZuuPL1gpx5BuxMSPHglmmUdAuqaljddAvxt1QfajvpQtIy7
AdnQ22ZsrcymizvXXUrLLkeyDXv+xvELduIWPARCZU0gE421C3DrAgMBAAGjggJP
MIICSzAdBgNVHQ4EFgQUnjPlA8DfK+qT5xZBJYMlC+UXrn0wHwYDVR0jBBgwFoAU
mBQsnQtBo7n7YD12mEgjb9HzGSQwDgYDVR0PAQH/BAQDAgeAMHMGA1UdHwRsMGow
aKBmoGSGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJF
MEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9tQlFzblF0Qm83bjdZRDEybUVnamI5
SHpHU1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5LzgzOERCMjE0MTY2NTExRTJCM0JDMjg2
MTcyRkQxRkYyL21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdTUS5jZXIwSgYDVR0g
AQH/BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5h
cG5pYy5uZXQvUlBLSS9DUFMucGRmMH4GCCsGAQUFBwELBHIwcDBuBggrBgEFBQcw
C4ZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5Lzk4MDY1MkUwQjc3
RTExRTdBOTZBMzk1MjFBNEY0RkI0L21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdT
US5tZnQwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAw
BgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQAy/XkAcmIuMKRWj4dY
gs3BHDD0PEGNNj7yr1RxlHJrKrXIzcv89W3SqTE3JdbBH/yAgQ0JECSB+FKjCLpg
BzH2IdXH2Wz8Ebvxk1Ss8hh7og3eEHzsuyDfJ1vxL2JptAg+fiM4Ze7BykCWOFKn
MTyggM8J/kJ3o2gF5XySRI66dSi8C2DR6GHJKtS4mtS3CA2KbXKli5N3W6SmzDy8
1/y4nE2w6UciuiKVns3P+ehkYydJ22ie1fWr+jpqFH9e/7yZdBAKdQg6Dixo4JTL
AgqdWtlV/f+TIfH2WoMVzeWe0rGEU8x9ZX+ttrJ3bYCxHDehC+nlsUHCWhMT2Mk5
nF1y
-----END CERTIFICATE-----
Generated at Wed Mar 25 21:24:42 2026 by rpki-client