Manifest
$ rpki-client -vvf rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
File: mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft (raw, json)
Hash identifier: avMP8qKOjAYA8ykU8o32FO0gDTUrjfbC9rq6TuwseiU=
Subject key identifier: D6:82:29:E1:22:C0:4F:CF:44:F1:55:3B:6C:D4:4C:88:B5:66:56:FE
Authority key identifier: 98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
Certificate issuer: /CN=apnic-rpki-root-intermediate/serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
Certificate serial: 039D
Authority info access: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
Subject info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
Manifest number: 01C9
Signing time: Fri 02 May 2025 05:53:59 +0000
Manifest this update: Fri 02 May 2025 05:53:59 +0000
Manifest next update: Mon 09 Jun 2025 05:53:59 +0000
Files and hashes: 1: mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl (hash: j3GZ+0AZ4iNCkbvfjPrlJA9hJx+9vyznYIMHNwcQd2s=)
2: DmWk9f02tb1o6zySNAiXjJB6p58.cer (hash: f5O/J7LFGu/Ot9Z0LkMmyXiBH0SnxZeSKXYT5wQmDj8=)
3: dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer (hash: eP4qfl3F9HuQpIWk8Yf8MxdPbPXzWcQspuwhmRioGD4=)
4: NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer (hash: x4mFJOMmynkwTyJAqeOPLl/8JsviT9ztJe/+Vjo6VFw=)
5: DPzneFf88B852ZpitKpi5hWedvg.cer (hash: /MHS3Sit3L4L/hosPfsdjiBL9WFnsioWd9nUWmUkMwI=)
6: lqhe9LjK9dTDWhV_ThJe5JS6-Tk.cer (hash: /2yzJwAtTJqt8ivA3yv6yDv5Ialu5ubqlmHKX9paiSo=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 13 May 2025 23:16:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 925 (0x39d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=apnic-rpki-root-intermediate, serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
Validity
Not Before: May 2 05:53:59 2025 GMT
Not After : Jun 9 05:53:59 2025 GMT
Subject: CN=68145df7-4483
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:b6:4d:dd:0c:46:9e:0c:e1:55:4d:c0:6a:79:
db:ec:8b:e5:6e:8e:e1:fd:c0:65:5f:f9:8d:22:bc:
6a:73:d3:58:ef:34:a4:f9:13:6b:9b:3a:64:4b:2c:
26:d3:ce:7b:52:91:70:4d:ca:de:68:27:16:f2:5f:
18:a1:02:f8:68:1e:e3:83:dc:52:17:62:7c:6f:dd:
43:8a:a0:81:25:f8:2e:e4:a3:e5:92:33:f8:c1:4e:
54:a1:92:d7:ee:1c:79:db:dc:1e:4e:71:3a:14:9b:
57:56:10:76:c7:2a:7e:b3:e9:2e:d6:a1:ff:d9:b1:
98:bd:dd:88:b8:57:67:91:11:40:e6:82:f9:29:55:
d3:ff:5a:18:73:13:92:e1:34:95:6c:db:13:6f:0b:
4a:fe:9d:bb:71:de:0e:e1:ec:a7:5f:95:e9:90:fe:
6b:4a:96:6a:a7:19:2f:3d:d8:ce:49:19:f6:23:fb:
2e:e7:b0:22:8f:87:64:33:20:7d:d4:a6:a7:21:25:
95:f6:40:2f:78:13:4d:ea:1c:d9:2c:70:37:a1:5c:
58:05:6a:e9:8b:11:97:89:47:e6:7e:65:3c:5b:10:
27:58:d6:cc:98:aa:be:de:d7:df:86:b0:82:3c:0f:
24:8c:a6:7d:b4:69:c9:b3:b8:c8:01:1a:4a:82:1b:
42:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:82:29:E1:22:C0:4F:CF:44:F1:55:3B:6C:D4:4C:88:B5:66:56:FE
X509v3 Authority Key Identifier:
keyid:98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
03:16:d6:ec:45:51:da:f7:20:7a:b8:6b:cf:04:ed:f1:7f:d4:
8f:09:87:1d:ad:10:41:bb:9e:1f:eb:2b:60:53:ee:e8:4a:96:
63:fd:f1:f5:0d:88:f7:0d:f9:07:1e:d5:f6:91:77:17:1e:9d:
97:6d:d4:4f:10:a7:3a:25:e9:66:86:85:7f:64:76:89:fb:d1:
83:de:ee:0d:2f:d2:a3:0e:a6:ea:03:2a:d6:08:46:46:d9:51:
eb:7a:91:b8:35:19:61:48:d1:a8:29:f1:8f:ad:f3:b2:9d:1d:
64:ac:f7:b0:8a:d2:07:d5:5f:a8:d1:78:69:c4:17:fe:76:cd:
c1:64:cd:18:1b:69:b4:0b:ff:d1:79:de:99:dd:16:b4:b9:d6:
b9:8a:4c:e7:1e:4d:f9:70:ca:d4:22:da:3f:64:41:fe:32:0c:
2e:42:a2:18:07:a1:62:47:6c:4a:79:a6:a9:b3:23:3b:d9:2a:
5a:2a:3a:8b:2a:b2:e0:08:25:4a:b4:88:e1:c4:56:f0:86:9a:
a9:77:b7:33:7b:ee:76:f4:56:f2:34:67:63:1a:86:1e:d7:8b:
e6:e4:ce:36:2d:3f:35:6e:54:16:3c:74:08:26:48:3a:c9:be:
f2:0d:9b:d9:e5:1b:c8:f9:db:b2:64:fc:5e:2b:29:7e:bc:bb:
fb:4b:b4:9a
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgICA50wDQYJKoZIhvcNAQELBQAwWjElMCMGA1UEAxMcYXBu
aWMtcnBraS1yb290LWludGVybWVkaWF0ZTExMC8GA1UEBRMoOTgxNDJDOUQwQjQx
QTNCOUZCNjAzRDc2OTg0ODIzNkZEMUYzMTkyNDAeFw0yNTA1MDIwNTUzNTlaFw0y
NTA2MDkwNTUzNTlaMBgxFjAUBgNVBAMTDTY4MTQ1ZGY3LTQ0ODMwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDetk3dDEaeDOFVTcBqedvsi+VujuH9wGVf
+Y0ivGpz01jvNKT5E2ubOmRLLCbTzntSkXBNyt5oJxbyXxihAvhoHuOD3FIXYnxv
3UOKoIEl+C7ko+WSM/jBTlShktfuHHnb3B5OcToUm1dWEHbHKn6z6S7Wof/ZsZi9
3Yi4V2eREUDmgvkpVdP/WhhzE5LhNJVs2xNvC0r+nbtx3g7h7KdflemQ/mtKlmqn
GS892M5JGfYj+y7nsCKPh2QzIH3UpqchJZX2QC94E03qHNkscDehXFgFaumLEZeJ
R+Z+ZTxbECdY1syYqr7e19+GsII8DySMpn20acmzuMgBGkqCG0LlAgMBAAGjggJP
MIICSzAdBgNVHQ4EFgQU1oIp4SLAT89E8VU7bNRMiLVmVv4wHwYDVR0jBBgwFoAU
mBQsnQtBo7n7YD12mEgjb9HzGSQwDgYDVR0PAQH/BAQDAgeAMHMGA1UdHwRsMGow
aKBmoGSGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJF
MEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9tQlFzblF0Qm83bjdZRDEybUVnamI5
SHpHU1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5LzgzOERCMjE0MTY2NTExRTJCM0JDMjg2
MTcyRkQxRkYyL21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdTUS5jZXIwSgYDVR0g
AQH/BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5h
cG5pYy5uZXQvUlBLSS9DUFMucGRmMH4GCCsGAQUFBwELBHIwcDBuBggrBgEFBQcw
C4ZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5Lzk4MDY1MkUwQjc3
RTExRTdBOTZBMzk1MjFBNEY0RkI0L21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdT
US5tZnQwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAw
BgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQADFtbsRVHa9yB6uGvP
BO3xf9SPCYcdrRBBu54f6ytgU+7oSpZj/fH1DYj3DfkHHtX2kXcXHp2XbdRPEKc6
JelmhoV/ZHaJ+9GD3u4NL9KjDqbqAyrWCEZG2VHrepG4NRlhSNGoKfGPrfOynR1k
rPewitIH1V+o0XhpxBf+ds3BZM0YG2m0C//Red6Z3Ra0uda5ikznHk35cMrUIto/
ZEH+MgwuQqIYB6FiR2xKeaapsyM72SpaKjqLKrLgCCVKtIjhxFbwhpqpd7cze+52
9FbyNGdjGoYe14vm5M42LT81blQWPHQIJkg6yb7yDZvZ5RvI+duyZPxeKyl+vLv7
S7Sa
-----END CERTIFICATE-----
Generated at Sun May 4 18:02:29 2025 by rpki-client