Manifest
$ rpki-client -vvf rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
File: NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft (raw, json)
Hash identifier: +ow4gHyCBkGvJfRXLJLOLYmOMa/lJumI/VlIo7z+R8c=
Subject key identifier: 86:79:6C:91:81:DB:C1:7D:71:20:18:20:EE:DB:D1:46:09:71:7C:36
Authority key identifier: 34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22
Certificate issuer: /CN=A90DC5BE/serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22
Certificate serial: 46D8
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
Subject info access: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
Manifest number: 462E
Signing time: Fri 16 May 2025 02:50:10 +0000
Manifest this update: Fri 16 May 2025 02:50:09 +0000
Manifest next update: Fri 23 May 2025 02:50:09 +0000
Files and hashes: 1: NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl (hash: wm9h5XPYbcnKoBdr3zazmIeyewrNzkullB7zn62QZm8=)
2: CVjwl8rkKX3ycoLkGD468UJMj34.cer (hash: dIUmjSrIjTBexv9/ceLPC3WswXZRCQ+E7X3cPIrgsiw=)
3: yMD7hwR0w-hMq4NZfEaoYsR_iII.cer (hash: N0F8HE1OKVKKKHAEjBQrKcxyApq01oZoxtlct6NIs44=)
4: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer (hash: vp1tRoe4NsXHyQT0OHKIj2r+bs3aEldVk7YOXioMzPc=)
5: GHL5iLZXI3g3mSN-VU28xuSdFLA.cer (hash: EBPO+j383ZTZL3W25SBCuUDnWsryeNl/oCk3sCJDyPg=)
6: gf1WPMaGXeAtpqg_KgHxFhEdD_o.cer (hash: lK432uTKMzI/MWDWDCT/5eSJfdDwnCex4YbKV+8mZxI=)
7: NaP2H8Xf8ZLB2Qx0q4LHol1-Ftg.cer (hash: ZF1RlRehUcyZpIoR/bVaAFymoj2e9ILKyQaE+joIDZE=)
8: Tidv6UgTpdcIr4ZtYdYhNA_AUbI.cer (hash: wPpie+ThAR/1TthkCM7hgEd/wJa4M0QWrfReez52vcc=)
9: yNpkCWcTSBB928ixg_VavykxJVY.cer (hash: yeZNkJNHC+qtIscVm8AAik64XQjEl1j01cQ1Y6MWxhE=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl
rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 23 May 2025 02:50:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18136 (0x46d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22
Validity
Not Before: May 16 02:50:09 2025 GMT
Not After : May 23 02:50:09 2025 GMT
Subject: CN=6826a7e1-1ed8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:a0:01:ef:48:52:7d:f6:06:87:7d:41:79:63:
56:38:4c:e6:e0:5f:c0:e3:73:08:8a:75:90:f8:a6:
6d:ef:e0:00:9b:a7:66:18:5b:b5:35:d1:40:a6:b1:
14:e8:2c:a0:c1:fc:a5:29:85:f3:5e:6e:56:f1:ce:
9a:68:bb:a8:a8:3f:62:94:37:19:dd:b2:19:57:bf:
1a:0b:c4:39:e8:76:e4:2f:5d:82:9c:bf:01:f2:b4:
cc:d9:2c:0d:4f:fb:35:46:41:78:97:9d:3b:10:73:
4a:8b:9c:14:62:9d:cb:bb:8f:d8:d2:41:b8:6d:56:
c4:87:b7:34:ec:56:2e:f9:7f:01:33:e6:f8:38:14:
56:f0:7c:20:70:95:68:18:11:d4:16:dc:9e:d3:82:
a2:9b:9d:b8:db:d6:27:39:89:79:cf:db:06:59:16:
11:a2:22:6d:67:fb:48:c6:76:42:bd:93:d1:12:f7:
5e:db:d8:cd:2b:b9:43:4f:30:53:46:03:9b:17:0c:
da:36:4b:31:5b:9a:83:6b:b3:a1:21:bd:77:59:6e:
26:64:d6:96:35:e9:58:36:bb:49:55:a0:6d:10:0c:
a2:be:5e:e6:a1:52:eb:65:76:81:d3:6d:6d:c9:dd:
1a:28:45:55:57:eb:9b:76:df:c0:40:a2:01:de:29:
9c:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:79:6C:91:81:DB:C1:7D:71:20:18:20:EE:DB:D1:46:09:71:7C:36
X509v3 Authority Key Identifier:
keyid:34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
8d:af:03:8c:5c:3a:0e:a0:b5:af:75:9f:0d:11:8e:ca:fa:38:
08:1f:8f:de:ae:e3:69:bb:1c:d3:c7:76:56:94:24:9c:15:fb:
cf:a1:8c:98:a2:8d:d6:b5:c1:e4:85:fe:fa:47:10:2d:97:c6:
59:76:aa:17:6c:39:e5:af:4e:95:98:77:31:90:45:1a:46:5a:
f7:f7:1e:20:3d:e5:03:b9:f6:a0:2f:f4:9a:bc:af:c8:78:d2:
4f:71:17:6c:e2:44:88:5e:2b:a1:ce:4c:01:67:c2:19:8a:ad:
9e:4d:a7:be:b4:47:23:ac:16:d2:33:ed:cd:cc:90:2d:8c:aa:
57:d5:81:4d:fa:bd:56:3a:18:a5:6d:42:cd:fd:00:3f:e5:87:
8c:f5:d6:ef:fa:55:62:2f:5b:a7:b8:ff:1b:3e:f9:17:92:08:
38:8c:67:a0:23:a6:a8:49:2a:b7:02:97:21:dc:33:d3:7c:1e:
c0:b3:6d:82:43:9e:79:69:5c:1b:26:f4:a0:0d:66:53:31:1a:
a7:e1:2e:47:90:7f:d3:5c:ed:1b:aa:5e:bd:00:ad:74:e9:b4:
18:41:16:ba:dd:fe:d8:ae:40:18:9d:7b:c3:73:5f:1f:aa:9e:
1d:52:e8:0b:f4:ec:2a:74:b2:9a:3a:29:f5:3b:d1:fd:0b:80:
9f:92:e3:f7
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgICRtgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDM0OEY5QjlCOTJBNzJDQ0ZEMzZGM0M3MEYzNTY3NTcz
M0NDOEVBMjIwHhcNMjUwNTE2MDI1MDA5WhcNMjUwNTIzMDI1MDA5WjAYMRYwFAYD
VQQDEw02ODI2YTdlMS0xZWQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2qAB70hSffYGh31BeWNWOEzm4F/A43MIinWQ+KZt7+AAm6dmGFu1NdFAprEU
6CygwfylKYXzXm5W8c6aaLuoqD9ilDcZ3bIZV78aC8Q56HbkL12CnL8B8rTM2SwN
T/s1RkF4l507EHNKi5wUYp3Lu4/Y0kG4bVbEh7c07FYu+X8BM+b4OBRW8HwgcJVo
GBHUFtye04Kim52429YnOYl5z9sGWRYRoiJtZ/tIxnZCvZPREvde29jNK7lDTzBT
RgObFwzaNksxW5qDa7OhIb13WW4mZNaWNelYNrtJVaBtEAyivl7moVLrZXaB021t
yd0aKEVVV+ubdt/AQKIB3imcvQIDAQABo4IChzCCAoMwHQYDVR0OBBYEFIZ5bJGB
28F9cSAYIO7b0UYJcXw2MB8GA1UdIwQYMBaAFDSPm5uSpyzP0288cPNWdXM8yOoi
MA4GA1UdDwEB/wQEAwIHgDBzBgNVHR8EbDBqMGigZqBkhmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjQxRkU2MTAxRDY2MTFFMkE2MkY4NzdDNzJG
RDFGRjIvTkktYm01S25MTV9UYnp4dzgxWjFjenpJNmlJLmNybDB+BggrBgEFBQcB
AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np
dG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9OSS1ibTVLbkxN
X1Rienh3ODFaMWN6ekk2aUkuY2VyMEoGA1UdIAEB/wRAMD4wPAYIKwYBBQUHDgIw
MDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMubmV0L1JQS0kvQ1BTLnBk
ZjCBtQYIKwYBBQUHAQsEgagwgaUwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNDFGRTYxMDFENjYxMUUyQTYyRjg3N0M3MkZE
MUZGMi9OSS1ibTVLbkxNX1Rienh3ODFaMWN6ekk2aUkubWZ0MDMGCCsGAQUFBzAN
hidodHRwczovL3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYB
BQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIA
AgUAMA0GCSqGSIb3DQEBCwUAA4IBAQCNrwOMXDoOoLWvdZ8NEY7K+jgIH4/eruNp
uxzTx3ZWlCScFfvPoYyYoo3WtcHkhf76RxAtl8ZZdqoXbDnlr06VmHcxkEUaRlr3
9x4gPeUDufagL/SavK/IeNJPcRds4kSIXiuhzkwBZ8IZiq2eTae+tEcjrBbSM+3N
zJAtjKpX1YFN+r1WOhilbULN/QA/5YeM9dbv+lViL1unuP8bPvkXkgg4jGegI6ao
SSq3Apch3DPTfB7As22CQ555aVwbJvSgDWZTMRqn4S5HkH/TXO0bql69AK106bQY
QRa63f7YrkAYnXvDc18fqp4dUugL9OwqdLKaOin1O9H9C4CfkuP3
-----END CERTIFICATE-----
Generated at Fri May 16 09:33:27 2025 by rpki-client