Manifest
$ rpki-client -vvf rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
File: NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft (raw, json)
Hash identifier: 2xpkDLQpYz27Ihadl3sNOJHnJTyM53gkXGZBPzoWqbg=
Subject key identifier: 2A:35:31:E3:5A:EF:F0:21:18:42:8F:CE:F0:FD:17:C6:BF:AB:01:B0
Authority key identifier: 34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22
Certificate issuer: /CN=A90DC5BE/serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22
Certificate serial: 476F
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
Subject info access: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
Manifest number: 46C1
Signing time: Thu 03 Jul 2025 14:50:10 +0000
Manifest this update: Thu 03 Jul 2025 14:50:09 +0000
Manifest next update: Thu 10 Jul 2025 14:50:09 +0000
Files and hashes: 1: NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl (hash: ziCtDxAK/u1nyBHZjwA0q0lHn556Uob2LKlChZkCZqo=)
2: CVjwl8rkKX3ycoLkGD468UJMj34.cer (hash: dIUmjSrIjTBexv9/ceLPC3WswXZRCQ+E7X3cPIrgsiw=)
3: yMD7hwR0w-hMq4NZfEaoYsR_iII.cer (hash: 9PPfP/K0Uf+S7J39zhXXnRpHgv6uH4LNhJd4TezIBSI=)
4: GHL5iLZXI3g3mSN-VU28xuSdFLA.cer (hash: EBPO+j383ZTZL3W25SBCuUDnWsryeNl/oCk3sCJDyPg=)
5: Tidv6UgTpdcIr4ZtYdYhNA_AUbI.cer (hash: a08n2HW5nibBBiTwza8V+WtqK6Yxby9U6HH3/Nqtoa4=)
6: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer (hash: vp1tRoe4NsXHyQT0OHKIj2r+bs3aEldVk7YOXioMzPc=)
7: gf1WPMaGXeAtpqg_KgHxFhEdD_o.cer (hash: lK432uTKMzI/MWDWDCT/5eSJfdDwnCex4YbKV+8mZxI=)
8: NaP2H8Xf8ZLB2Qx0q4LHol1-Ftg.cer (hash: ZF1RlRehUcyZpIoR/bVaAFymoj2e9ILKyQaE+joIDZE=)
9: yNpkCWcTSBB928ixg_VavykxJVY.cer (hash: gihqpRCjg2rI9ASnRe9SEx4bmJeI8d1jCVD9TrUB2P0=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl
rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 10 Jul 2025 03:15:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18287 (0x476f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22
Validity
Not Before: Jul 3 14:50:09 2025 GMT
Not After : Jul 10 14:50:09 2025 GMT
Subject: CN=686698a1-19ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:19:68:8b:91:94:da:b7:c4:68:49:03:a3:a6:
9b:15:79:f3:c8:9b:75:0c:1a:c1:85:ea:3c:30:a8:
ed:9f:fc:5a:91:c0:d8:b1:ad:18:6a:90:f5:25:6b:
8d:f2:10:0f:f9:65:7d:99:04:fd:85:3c:3c:85:fe:
9f:e6:fc:64:1b:02:01:43:e8:5e:3b:19:26:d9:ad:
84:6d:f9:b4:6b:dd:56:16:68:26:5d:06:fe:4e:50:
7d:e4:23:79:c2:28:be:f0:72:8a:f8:57:04:0c:3c:
85:5b:17:72:4d:c7:1e:c6:9f:f2:bb:7a:44:54:57:
01:11:52:47:37:be:72:5e:11:0d:69:69:b9:56:5f:
b3:13:4c:61:f3:68:3a:0f:52:95:c6:c1:7f:82:97:
d7:29:ee:e3:7f:62:61:4a:73:ea:30:6e:51:22:6f:
aa:71:d3:cf:2e:1a:c0:ca:71:a0:63:70:66:cc:9a:
07:05:23:22:a1:ec:2c:7f:53:74:8a:93:3d:c4:31:
08:9d:9b:6e:0c:42:7e:49:93:13:80:fa:34:8b:9d:
a5:7c:13:34:df:71:a6:2b:4f:42:74:69:c3:e8:8f:
ad:fc:4a:c7:6e:21:06:90:31:56:88:73:e0:04:81:
23:dc:24:db:90:d0:55:0b:5a:ac:a1:b9:b1:ca:0b:
50:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:35:31:E3:5A:EF:F0:21:18:42:8F:CE:F0:FD:17:C6:BF:AB:01:B0
X509v3 Authority Key Identifier:
keyid:34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
75:32:fc:a1:60:e5:0e:44:b0:f9:6f:dd:86:46:55:08:67:ad:
26:e0:5f:9d:d2:e3:e6:a4:44:0b:4e:a5:ba:89:da:f4:f8:7e:
e3:1a:a7:32:b7:4a:77:5c:92:64:27:fc:2d:8d:c9:fc:8e:63:
31:9d:35:b3:20:09:5d:39:fc:5f:14:60:36:53:dc:0f:1f:a7:
ff:6a:c0:0a:cf:de:cf:36:29:52:51:05:20:3b:6e:dc:8a:67:
64:31:6f:0a:77:b6:6a:45:e8:c7:c5:a2:f8:a9:3d:cf:29:9d:
74:d4:2a:73:55:0a:cf:ed:71:ba:16:1d:9a:09:da:50:4d:d8:
c9:53:da:29:33:fe:ac:89:0c:1a:82:4b:aa:43:fb:6f:bb:20:
85:bf:6d:ec:1e:9d:b0:6a:1c:56:bf:6c:23:f0:c5:ce:43:7c:
02:d9:57:12:62:77:2c:00:67:fb:52:5e:13:c5:96:c2:c3:7d:
2a:93:90:5e:4e:60:34:fb:e3:f8:2d:a9:90:28:8c:50:32:cd:
f6:1b:b2:d4:38:50:e4:13:a4:c7:db:e9:52:b1:17:af:5f:f0:
2c:3e:de:c3:dc:77:0b:30:6d:b6:19:4b:05:ac:19:30:5d:f1:
cb:3e:1e:92:07:30:77:77:66:28:f0:1c:7b:ef:17:08:19:51:
a9:cf:6a:cf
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgICR28wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDM0OEY5QjlCOTJBNzJDQ0ZEMzZGM0M3MEYzNTY3NTcz
M0NDOEVBMjIwHhcNMjUwNzAzMTQ1MDA5WhcNMjUwNzEwMTQ1MDA5WjAYMRYwFAYD
VQQDEw02ODY2OThhMS0xOWFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4hloi5GU2rfEaEkDo6abFXnzyJt1DBrBheo8MKjtn/xakcDYsa0YapD1JWuN
8hAP+WV9mQT9hTw8hf6f5vxkGwIBQ+heOxkm2a2Ebfm0a91WFmgmXQb+TlB95CN5
wii+8HKK+FcEDDyFWxdyTccexp/yu3pEVFcBEVJHN75yXhENaWm5Vl+zE0xh82g6
D1KVxsF/gpfXKe7jf2JhSnPqMG5RIm+qcdPPLhrAynGgY3BmzJoHBSMioewsf1N0
ipM9xDEInZtuDEJ+SZMTgPo0i52lfBM033GmK09CdGnD6I+t/ErHbiEGkDFWiHPg
BIEj3CTbkNBVC1qsobmxygtQbQIDAQABo4IChzCCAoMwHQYDVR0OBBYEFCo1MeNa
7/AhGEKPzvD9F8a/qwGwMB8GA1UdIwQYMBaAFDSPm5uSpyzP0288cPNWdXM8yOoi
MA4GA1UdDwEB/wQEAwIHgDBzBgNVHR8EbDBqMGigZqBkhmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjQxRkU2MTAxRDY2MTFFMkE2MkY4NzdDNzJG
RDFGRjIvTkktYm01S25MTV9UYnp4dzgxWjFjenpJNmlJLmNybDB+BggrBgEFBQcB
AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np
dG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9OSS1ibTVLbkxN
X1Rienh3ODFaMWN6ekk2aUkuY2VyMEoGA1UdIAEB/wRAMD4wPAYIKwYBBQUHDgIw
MDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMubmV0L1JQS0kvQ1BTLnBk
ZjCBtQYIKwYBBQUHAQsEgagwgaUwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNDFGRTYxMDFENjYxMUUyQTYyRjg3N0M3MkZE
MUZGMi9OSS1ibTVLbkxNX1Rienh3ODFaMWN6ekk2aUkubWZ0MDMGCCsGAQUFBzAN
hidodHRwczovL3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYB
BQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIA
AgUAMA0GCSqGSIb3DQEBCwUAA4IBAQB1MvyhYOUORLD5b92GRlUIZ60m4F+d0uPm
pEQLTqW6idr0+H7jGqcyt0p3XJJkJ/wtjcn8jmMxnTWzIAldOfxfFGA2U9wPH6f/
asAKz97PNilSUQUgO27cimdkMW8Kd7ZqRejHxaL4qT3PKZ101CpzVQrP7XG6Fh2a
CdpQTdjJU9opM/6siQwagkuqQ/tvuyCFv23sHp2wahxWv2wj8MXOQ3wC2VcSYncs
AGf7Ul4TxZbCw30qk5BeTmA0++P4LamQKIxQMs32G7LUOFDkE6TH2+lSsRevX/As
Pt7D3HcLMG22GUsFrBkwXfHLPh6SBzB3d2Yo8Bx77xcIGVGpz2rP
-----END CERTIFICATE-----
Generated at Fri Jul 4 08:16:20 2025 by rpki-client