Manifest
$ rpki-client -vvf rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
File: mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft (raw, json)
Hash identifier: qwToSTmTjpCTIS/F9hTpJqfkuC0hNQ1EgvKExORJqLM=
Subject key identifier: 52:64:E3:80:00:76:36:3D:CB:03:5F:52:73:1E:C1:D5:88:8A:0C:5A
Authority key identifier: 98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
Certificate issuer: /CN=apnic-rpki-root-intermediate/serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
Certificate serial: 03DD
Authority info access: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
Subject info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
Manifest number: 01E9
Signing time: Thu 16 Oct 2025 23:12:04 +0000
Manifest this update: Thu 16 Oct 2025 23:12:03 +0000
Manifest next update: Sun 23 Nov 2025 23:12:03 +0000
Files and hashes: 1: mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl (hash: WzOci1tRqlB/T3bEElhZoW9lx17dCklCzs2jcM+j+Ow=)
2: DmWk9f02tb1o6zySNAiXjJB6p58.cer (hash: F5ea2PHEdnp8OkhTCvVxp73LXDgcVsjPpcfj7fYDYic=)
3: dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer (hash: MPGdm/cymRvhZW5M9V17PiIfz9Der6PHC2DwP0+JqjE=)
4: NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer (hash: NNRmCkUau9X02u79Px3QwcTodHbkWW+WmHkQngETnp4=)
5: DPzneFf88B852ZpitKpi5hWedvg.cer (hash: igs+reot5kgJsxddRxiEafN+gdbkJ3sE/yj3o/R2hck=)
6: lqhe9LjK9dTDWhV_ThJe5JS6-Tk.cer (hash: QLuyYGFjHOfjGkdX50x1QKWUDmxdxeES20sT+ydLol4=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 22 Nov 2025 22:58:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 989 (0x3dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=apnic-rpki-root-intermediate, serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
Validity
Not Before: Oct 16 23:12:03 2025 GMT
Not After : Nov 23 23:12:03 2025 GMT
Subject: CN=68f17bc3-aca4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a7:05:22:f3:06:f4:5c:67:40:5d:c1:e5:c9:
b4:bf:1d:d6:0b:2d:6b:cd:98:48:53:6f:52:af:ea:
c2:0a:a9:b6:76:1f:f6:2f:75:7a:db:12:e2:1d:36:
76:4b:58:99:9f:23:9c:b8:e9:7a:87:6c:2b:36:58:
5c:52:7f:b4:a8:5d:e8:96:ab:ab:46:38:28:1e:f8:
01:cc:b3:a4:ae:02:30:2e:5b:e0:70:c8:88:11:b9:
41:ae:8d:10:48:17:03:37:4a:05:34:83:47:b2:84:
42:95:cd:8f:93:a7:d5:01:ac:46:3b:0d:83:94:03:
5a:36:ca:be:00:a0:30:f4:70:40:89:bf:4e:13:1e:
ee:39:cf:37:ca:8b:0c:49:0e:85:78:78:ab:81:f8:
b0:6b:ec:42:00:43:c4:51:15:72:ab:48:f4:82:34:
c0:0b:6c:13:e1:d0:05:e2:82:ec:2d:50:49:f9:ea:
21:a0:8f:b4:10:df:ad:ac:8c:73:1b:f0:9e:ab:10:
0d:f3:ac:2f:f1:04:03:2c:5a:bb:e1:6b:cd:a9:a5:
7b:8a:2b:06:0d:a0:e0:a4:c0:d6:27:b2:3e:c4:f0:
6b:6d:0a:46:0b:d7:52:a8:97:72:86:51:bd:22:49:
13:59:3d:37:a4:2b:eb:79:c3:a7:fe:2e:24:64:f5:
a1:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:64:E3:80:00:76:36:3D:CB:03:5F:52:73:1E:C1:D5:88:8A:0C:5A
X509v3 Authority Key Identifier:
keyid:98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
23:8b:58:32:3e:8c:93:32:c1:be:77:69:ee:8d:89:2e:cd:c2:
05:2a:20:d8:c8:f6:65:eb:bb:36:74:ac:4e:e2:ca:06:73:4f:
cd:7d:d9:e8:dc:0c:b1:bd:fe:13:57:92:fd:3d:ca:19:9a:a9:
01:82:86:3f:58:58:3a:57:64:98:2d:81:3f:62:ab:f4:4e:16:
1a:83:28:bd:83:77:a4:ee:8f:c7:fe:8a:f0:01:0d:38:8f:7e:
5f:fe:56:a4:73:3e:5b:f0:31:4a:58:fa:2c:a2:46:54:3c:4b:
50:e8:9e:e6:0d:1b:9e:e9:03:e7:cd:a9:d1:24:d6:de:b1:a5:
b3:6c:87:aa:53:59:66:be:c0:15:6c:db:6b:21:11:a3:1b:20:
0e:d3:94:37:39:7e:b2:60:f8:4b:25:59:0f:95:a5:db:df:5b:
91:c3:83:72:27:16:0f:33:eb:23:9a:8f:3a:cd:c1:05:46:45:
8a:88:10:1d:ed:f6:cc:99:6e:69:99:9b:e6:da:8d:98:84:e9:
17:70:fb:b8:7a:51:71:21:6e:10:85:29:81:41:16:e5:de:7e:
31:7f:d9:ca:f2:0c:bf:f4:11:25:1b:62:4a:31:67:99:1f:bf:
9c:50:c3:b4:e2:db:f5:60:3a:cd:87:65:86:dd:c2:b0:18:b6:
97:bf:1e:94
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgICA90wDQYJKoZIhvcNAQELBQAwWjElMCMGA1UEAxMcYXBu
aWMtcnBraS1yb290LWludGVybWVkaWF0ZTExMC8GA1UEBRMoOTgxNDJDOUQwQjQx
QTNCOUZCNjAzRDc2OTg0ODIzNkZEMUYzMTkyNDAeFw0yNTEwMTYyMzEyMDNaFw0y
NTExMjMyMzEyMDNaMBgxFjAUBgNVBAMTDTY4ZjE3YmMzLWFjYTQwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCopwUi8wb0XGdAXcHlybS/HdYLLWvNmEhT
b1Kv6sIKqbZ2H/YvdXrbEuIdNnZLWJmfI5y46XqHbCs2WFxSf7SoXeiWq6tGOCge
+AHMs6SuAjAuW+BwyIgRuUGujRBIFwM3SgU0g0eyhEKVzY+Tp9UBrEY7DYOUA1o2
yr4AoDD0cECJv04THu45zzfKiwxJDoV4eKuB+LBr7EIAQ8RRFXKrSPSCNMALbBPh
0AXiguwtUEn56iGgj7QQ362sjHMb8J6rEA3zrC/xBAMsWrvha82ppXuKKwYNoOCk
wNYnsj7E8GttCkYL11Kol3KGUb0iSRNZPTekK+t5w6f+LiRk9aH5AgMBAAGjggJP
MIICSzAdBgNVHQ4EFgQUUmTjgAB2Nj3LA19Scx7B1YiKDFowHwYDVR0jBBgwFoAU
mBQsnQtBo7n7YD12mEgjb9HzGSQwDgYDVR0PAQH/BAQDAgeAMHMGA1UdHwRsMGow
aKBmoGSGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJF
MEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9tQlFzblF0Qm83bjdZRDEybUVnamI5
SHpHU1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5LzgzOERCMjE0MTY2NTExRTJCM0JDMjg2
MTcyRkQxRkYyL21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdTUS5jZXIwSgYDVR0g
AQH/BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5h
cG5pYy5uZXQvUlBLSS9DUFMucGRmMH4GCCsGAQUFBwELBHIwcDBuBggrBgEFBQcw
C4ZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5Lzk4MDY1MkUwQjc3
RTExRTdBOTZBMzk1MjFBNEY0RkI0L21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdT
US5tZnQwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAw
BgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQAji1gyPoyTMsG+d2nu
jYkuzcIFKiDYyPZl67s2dKxO4soGc0/Nfdno3Ayxvf4TV5L9PcoZmqkBgoY/WFg6
V2SYLYE/Yqv0ThYagyi9g3ek7o/H/orwAQ04j35f/lakcz5b8DFKWPosokZUPEtQ
6J7mDRue6QPnzanRJNbesaWzbIeqU1lmvsAVbNtrIRGjGyAO05Q3OX6yYPhLJVkP
laXb31uRw4NyJxYPM+sjmo86zcEFRkWKiBAd7fbMmW5pmZvm2o2YhOkXcPu4elFx
IW4QhSmBQRbl3n4xf9nK8gy/9BElG2JKMWeZH7+cUMO04tv1YDrNh2WG3cKwGLaX
vx6U
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:31:08 2025 by rpki-client