
Manifest
$ rpki-client -vvf rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
File: NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft (raw, json)
Hash identifier: vmAeG/y3f7PBZwWfnQz7VLvq/XoSWL4YnteEzjXVM08=
Subject key identifier: 14:23:6D:B6:A9:95:31:8C:BB:A1:73:E0:28:CF:64:40:2E:45:C8:7E
Authority key identifier: 34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22
Certificate issuer: /CN=A90DC5BE/serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22
Certificate serial: 4809
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
Subject info access: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
Manifest number: 475A
Signing time: Sat 23 Aug 2025 14:50:08 +0000
Manifest this update: Sat 23 Aug 2025 14:50:08 +0000
Manifest next update: Sat 30 Aug 2025 14:50:08 +0000
Files and hashes: 1: NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl (hash: JRn9qVuua90JJbgvdyJSXFAXDJ4iHm7JvoxLJq5+7+I=)
2: CVjwl8rkKX3ycoLkGD468UJMj34.cer (hash: dIUmjSrIjTBexv9/ceLPC3WswXZRCQ+E7X3cPIrgsiw=)
3: yMD7hwR0w-hMq4NZfEaoYsR_iII.cer (hash: 9PPfP/K0Uf+S7J39zhXXnRpHgv6uH4LNhJd4TezIBSI=)
4: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer (hash: vp1tRoe4NsXHyQT0OHKIj2r+bs3aEldVk7YOXioMzPc=)
5: Tidv6UgTpdcIr4ZtYdYhNA_AUbI.cer (hash: a08n2HW5nibBBiTwza8V+WtqK6Yxby9U6HH3/Nqtoa4=)
6: NaP2H8Xf8ZLB2Qx0q4LHol1-Ftg.cer (hash: ZF1RlRehUcyZpIoR/bVaAFymoj2e9ILKyQaE+joIDZE=)
7: GHL5iLZXI3g3mSN-VU28xuSdFLA.cer (hash: EBPO+j383ZTZL3W25SBCuUDnWsryeNl/oCk3sCJDyPg=)
8: gf1WPMaGXeAtpqg_KgHxFhEdD_o.cer (hash: l5cZo0NCnOAN61PmPRwxJ+3G1YfnO8hR1ET4LiGF0Gg=)
9: yNpkCWcTSBB928ixg_VavykxJVY.cer (hash: gihqpRCjg2rI9ASnRe9SEx4bmJeI8d1jCVD9TrUB2P0=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl
rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 30 Aug 2025 14:50:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18441 (0x4809)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22
Validity
Not Before: Aug 23 14:50:08 2025 GMT
Not After : Aug 30 14:50:08 2025 GMT
Subject: CN=68a9d520-ca8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:db:ff:f0:54:42:5e:8b:64:33:26:ff:a8:a9:
e3:e6:b3:f2:e6:26:b0:ef:13:a7:5d:95:61:ec:3b:
a1:ea:bc:f2:a4:a5:d7:fd:bd:b6:ba:b6:c9:22:e7:
3f:23:64:ba:81:ba:3a:8a:9f:4f:d4:bf:9d:50:11:
ab:f3:46:a5:ba:b0:d6:cc:cf:85:39:10:78:09:ae:
cd:6a:28:3e:18:07:d7:d5:4e:87:39:95:d8:c1:23:
7a:fc:38:dd:2b:9e:84:e2:c3:77:4d:14:9a:c6:8b:
51:a3:00:d8:d8:5c:cc:45:43:40:9d:09:5b:dd:24:
b3:77:a1:34:45:6d:dc:b0:b8:82:78:7c:c7:72:73:
1d:8b:57:a6:a7:b0:86:7e:a8:35:b1:93:2f:85:66:
a1:be:9f:7b:83:e3:58:bb:3b:31:3e:f2:b4:c4:29:
c6:f8:6e:15:fc:6e:a4:e7:77:4e:c4:ca:3b:f4:fd:
f9:be:7d:c6:bb:b3:4d:62:33:9e:69:1f:a8:0a:e4:
90:98:3e:21:66:8c:a0:f0:c0:01:79:b5:e1:df:19:
93:e7:25:d6:45:77:fe:fd:11:0d:65:d9:e9:10:71:
d2:98:2e:cf:ff:d3:03:a2:7c:12:4f:7e:4e:a6:7b:
a5:4f:31:33:c3:ad:5c:3e:9b:11:30:96:d8:8b:89:
dd:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:23:6D:B6:A9:95:31:8C:BB:A1:73:E0:28:CF:64:40:2E:45:C8:7E
X509v3 Authority Key Identifier:
keyid:34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
92:0d:15:29:00:d3:81:d0:a9:3f:e2:cb:8f:59:4d:b6:54:2a:
91:43:3d:74:5a:6c:a6:11:a2:a5:68:96:ef:e5:6c:1d:7f:9a:
72:e9:cd:9f:d3:fb:a4:42:42:9a:d5:81:e1:86:2a:1a:eb:d1:
1f:a0:9a:45:57:5a:22:e3:e4:2c:f5:99:47:f9:6e:75:47:df:
eb:a5:4d:cb:10:61:b0:40:92:cc:71:60:9e:58:0c:4a:60:bb:
71:43:93:35:23:53:ba:fa:a6:5b:a7:5e:dc:9b:86:9c:91:68:
0e:ef:99:35:ac:ae:48:a0:f5:88:60:53:43:d4:0e:3f:3c:e6:
d9:b2:aa:10:0f:2f:58:d0:37:17:8d:6e:56:21:90:46:51:96:
1a:b6:ef:6f:85:33:4a:d4:31:96:66:fb:7e:71:66:91:b7:6e:
7c:95:b2:0a:cc:b9:ae:88:f7:dd:72:3b:d5:6b:a1:5a:64:90:
ea:15:b1:d4:70:da:7c:5c:28:d5:86:ff:81:5e:33:20:cf:31:
fe:7e:26:bf:9a:c7:11:e6:5e:c2:dd:66:a2:79:de:72:f8:e8:
d9:1a:ce:7d:eb:3b:68:d4:b4:13:2c:c4:98:f2:ff:b4:76:16:
86:50:81:34:90:40:f2:27:c1:dc:2c:5a:1e:43:c3:5b:74:df:
aa:ff:48:b4
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgICSAkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDM0OEY5QjlCOTJBNzJDQ0ZEMzZGM0M3MEYzNTY3NTcz
M0NDOEVBMjIwHhcNMjUwODIzMTQ1MDA4WhcNMjUwODMwMTQ1MDA4WjAYMRYwFAYD
VQQDEw02OGE5ZDUyMC1jYThlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxNv/8FRCXotkMyb/qKnj5rPy5iaw7xOnXZVh7Duh6rzypKXX/b22urbJIuc/
I2S6gbo6ip9P1L+dUBGr80alurDWzM+FORB4Ca7Naig+GAfX1U6HOZXYwSN6/Djd
K56E4sN3TRSaxotRowDY2FzMRUNAnQlb3SSzd6E0RW3csLiCeHzHcnMdi1emp7CG
fqg1sZMvhWahvp97g+NYuzsxPvK0xCnG+G4V/G6k53dOxMo79P35vn3Gu7NNYjOe
aR+oCuSQmD4hZoyg8MABebXh3xmT5yXWRXf+/RENZdnpEHHSmC7P/9MDonwST35O
pnulTzEzw61cPpsRMJbYi4ndWwIDAQABo4IChzCCAoMwHQYDVR0OBBYEFBQjbbap
lTGMu6Fz4CjPZEAuRch+MB8GA1UdIwQYMBaAFDSPm5uSpyzP0288cPNWdXM8yOoi
MA4GA1UdDwEB/wQEAwIHgDBzBgNVHR8EbDBqMGigZqBkhmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjQxRkU2MTAxRDY2MTFFMkE2MkY4NzdDNzJG
RDFGRjIvTkktYm01S25MTV9UYnp4dzgxWjFjenpJNmlJLmNybDB+BggrBgEFBQcB
AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np
dG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9OSS1ibTVLbkxN
X1Rienh3ODFaMWN6ekk2aUkuY2VyMEoGA1UdIAEB/wRAMD4wPAYIKwYBBQUHDgIw
MDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMubmV0L1JQS0kvQ1BTLnBk
ZjCBtQYIKwYBBQUHAQsEgagwgaUwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNDFGRTYxMDFENjYxMUUyQTYyRjg3N0M3MkZE
MUZGMi9OSS1ibTVLbkxNX1Rienh3ODFaMWN6ekk2aUkubWZ0MDMGCCsGAQUFBzAN
hidodHRwczovL3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYB
BQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIA
AgUAMA0GCSqGSIb3DQEBCwUAA4IBAQCSDRUpANOB0Kk/4suPWU22VCqRQz10Wmym
EaKlaJbv5Wwdf5py6c2f0/ukQkKa1YHhhioa69EfoJpFV1oi4+Qs9ZlH+W51R9/r
pU3LEGGwQJLMcWCeWAxKYLtxQ5M1I1O6+qZbp17cm4ackWgO75k1rK5IoPWIYFND
1A4/PObZsqoQDy9Y0DcXjW5WIZBGUZYatu9vhTNK1DGWZvt+cWaRt258lbIKzLmu
iPfdcjvVa6FaZJDqFbHUcNp8XCjVhv+BXjMgzzH+fia/mscR5l7C3Waied5y+OjZ
Gs596zto1LQTLMSY8v+0dhaGUIE0kEDyJ8HcLFoeQ8NbdN+q/0i0
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:25:54 2025 by rpki-client