Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A911CC61/331D1418DA3E11F08FD1E8388ED3641D/BHSTfnmp1nM1PqvYLEuEJLbGgw0.mft
File:                     BHSTfnmp1nM1PqvYLEuEJLbGgw0.mft (raw, json)
Hash identifier:          Q9gLe3UUyRTqZWf1M3pMRpUiyveTg1pWcjdTvhnSO+g=
Subject key identifier:   AB:D7:C1:E4:2D:7C:A4:6E:28:C8:A0:B9:ED:35:A3:21:81:C1:51:7E
Authority key identifier: 04:74:93:7E:79:A9:D6:73:35:3E:AB:D8:2C:4B:84:24:B6:C6:83:0D
Certificate issuer:       /CN=A911CC61/serialNumber=0474937E79A9D673353EABD82C4B8424B6C6830D
Certificate serial:       77
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BHSTfnmp1nM1PqvYLEuEJLbGgw0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A911CC61/331D1418DA3E11F08FD1E8388ED3641D/BHSTfnmp1nM1PqvYLEuEJLbGgw0.mft
Manifest number:          6C
Signing time:             Mon 29 Jun 2026 08:42:37 +0000
Manifest this update:     Mon 29 Jun 2026 08:42:37 +0000
Manifest next update:     Mon 06 Jul 2026 08:42:37 +0000
Files and hashes:         1: BHSTfnmp1nM1PqvYLEuEJLbGgw0.crl (hash: mgAzY8fJC0pbWlcQ2yLzP0KzJiwqwJzZn7iWJAqmKfg=)
                          2: 9C1B70121D1A11F1A275F377103D8C67.roa (hash: y0kiR2bauMVDFaqNZbNEH9+p4Ybcw1shQXfdJNNrqvI=)
                          3: 8FEAA0421D1A11F19DA5ED77103D8C67.roa (hash: dEk3degjNLUiA3kpAMrU5suBNlrDXd9oTzhhHbGgPc0=)
                          4: 8EE78F481D1A11F19DA5ED77103D8C67.roa (hash: FtCatlAW9Re17rwqCuc7Yn9ywx696GppCQCdjrmZAlM=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A911CC61/331D1418DA3E11F08FD1E8388ED3641D/BHSTfnmp1nM1PqvYLEuEJLbGgw0.crl
                          rsync://rpki.apnic.net/member_repository/A911CC61/331D1418DA3E11F08FD1E8388ED3641D/BHSTfnmp1nM1PqvYLEuEJLbGgw0.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BHSTfnmp1nM1PqvYLEuEJLbGgw0.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 06 Jul 2026 08:42:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 119 (0x77)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A911CC61, serialNumber=0474937E79A9D673353EABD82C4B8424B6C6830D
        Validity
            Not Before: Jun 29 08:42:37 2026 GMT
            Not After : Jul  6 08:42:37 2026 GMT
        Subject: CN=6a422ffd-c2b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:66:37:1d:d1:c4:9d:62:95:c8:e9:5f:05:af:
                    e2:bb:86:03:52:78:93:ea:3b:e8:18:61:50:bf:b4:
                    2a:4b:62:6f:9d:de:c7:1b:3c:12:15:d3:5a:18:5f:
                    bf:47:c9:c4:5e:f2:da:2b:56:31:9c:3b:d6:cd:46:
                    a8:47:e8:1a:d2:ab:4f:4f:ee:ad:58:88:47:59:16:
                    45:bb:6a:83:19:9c:da:e3:20:e2:83:b6:31:6b:70:
                    6b:97:d0:96:57:a9:e9:9c:20:2b:94:88:13:95:71:
                    ec:ec:76:d9:d0:b0:fc:ca:0c:4a:c2:c6:24:f2:7a:
                    4b:71:f8:8f:6e:15:09:aa:f7:81:5d:e1:0d:9f:10:
                    f5:e3:fd:26:0a:07:bb:00:a1:d8:0b:79:0a:ec:b4:
                    53:ee:71:d9:34:81:93:49:8c:88:5f:9a:62:fd:76:
                    4e:b7:2b:d4:ae:a2:43:ed:f6:48:ef:c2:59:04:e8:
                    9b:33:a0:89:20:a0:47:b6:00:a4:5d:2a:57:c8:4e:
                    d8:06:82:18:e1:4f:41:0d:c1:12:9b:c5:59:a3:e7:
                    de:51:95:74:b9:32:0b:4b:db:e5:35:5d:17:26:77:
                    0f:93:02:df:5c:96:ae:b1:8a:67:42:88:05:2a:41:
                    5d:df:71:b9:54:1b:0c:cf:3b:40:aa:2b:50:90:3b:
                    9e:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:D7:C1:E4:2D:7C:A4:6E:28:C8:A0:B9:ED:35:A3:21:81:C1:51:7E
            X509v3 Authority Key Identifier:
                keyid:04:74:93:7E:79:A9:D6:73:35:3E:AB:D8:2C:4B:84:24:B6:C6:83:0D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A911CC61/331D1418DA3E11F08FD1E8388ED3641D/BHSTfnmp1nM1PqvYLEuEJLbGgw0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BHSTfnmp1nM1PqvYLEuEJLbGgw0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911CC61/331D1418DA3E11F08FD1E8388ED3641D/BHSTfnmp1nM1PqvYLEuEJLbGgw0.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:46:cf:ea:95:61:7f:d2:d6:44:09:f6:49:77:9d:70:8f:15:
         d6:78:72:c2:f5:28:b8:60:50:c9:66:c5:2a:1a:71:c6:4f:14:
         55:21:e3:6c:0d:49:de:21:7b:f2:b3:61:95:53:6e:ae:cd:12:
         25:76:24:68:46:1a:90:7a:77:5c:ad:1d:d0:d9:98:9f:aa:92:
         9e:19:f1:8d:3c:af:3b:ba:c6:65:97:b1:bf:2a:6a:73:4c:64:
         0e:7a:91:9a:db:a9:c8:3c:6f:0a:c3:45:67:ba:de:33:7e:01:
         b0:8a:8d:61:2a:92:58:74:77:e4:a3:f4:8c:88:12:28:44:47:
         d7:6a:80:4e:0d:fa:fe:21:37:ca:13:7b:23:d1:42:81:74:7f:
         8b:fa:f3:6a:9e:6f:04:15:7d:1c:17:80:e5:a9:25:1d:c9:43:
         b1:a0:c0:1a:69:b6:ee:89:e7:c5:9e:f1:f2:36:8d:ea:26:2a:
         03:54:b4:1c:f0:f9:ad:97:e1:61:c2:6f:7f:95:16:b9:6b:51:
         e7:b6:66:97:31:1e:be:3c:1f:b9:38:e7:b9:2e:70:f4:38:17:
         8d:6f:d4:d8:b1:8b:e1:65:fb:22:51:d8:bc:8b:d2:3e:2d:74:
         78:42:1c:c5:96:91:cd:68:8f:f0:d3:b0:7f:1a:5e:9f:fe:3d:
         d2:71:c2:c3
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgIBdzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
Q0M2MTExMC8GA1UEBRMoMDQ3NDkzN0U3OUE5RDY3MzM1M0VBQkQ4MkM0Qjg0MjRC
NkM2ODMwRDAeFw0yNjA2MjkwODQyMzdaFw0yNjA3MDYwODQyMzdaMBgxFjAUBgNV
BAMTDTZhNDIyZmZkLWMyYjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDuZjcd0cSdYpXI6V8Fr+K7hgNSeJPqO+gYYVC/tCpLYm+d3scbPBIV01oYX79H
ycRe8torVjGcO9bNRqhH6BrSq09P7q1YiEdZFkW7aoMZnNrjIOKDtjFrcGuX0JZX
qemcICuUiBOVcezsdtnQsPzKDErCxiTyektx+I9uFQmq94Fd4Q2fEPXj/SYKB7sA
odgLeQrstFPucdk0gZNJjIhfmmL9dk63K9SuokPt9kjvwlkE6JszoIkgoEe2AKRd
KlfITtgGghjhT0ENwRKbxVmj595RlXS5MgtL2+U1XRcmdw+TAt9clq6ximdCiAUq
QV3fcblUGwzPO0CqK1CQO56DAgMBAAGjggJzMIICbzAdBgNVHQ4EFgQUq9fB5C18
pG4oyKC57TWjIYHBUX4wHwYDVR0jBBgwFoAUBHSTfnmp1nM1PqvYLEuEJLbGgw0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFDQzYxLzMzMUQxNDE4REEz
RTExRjA4RkQxRTgzODhFRDM2NDFEL0JIU1Rmbm1wMW5NMVBxdllMRXVFSkxiR2d3
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvQkhTVGZubXAxbk0xUHF2WUxFdUVKTGJHZ3cwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgZAGCCsGAQUFBwELBIGDMIGAMH4GCCsGAQUFBzAL
hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFD
QzYxLzMzMUQxNDE4REEzRTExRjA4RkQxRTgzODhFRDM2NDFEL0JIU1Rmbm1wMW5N
MVBxdllMRXVFSkxiR2d3MC5tZnQwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr
BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB
AQAxRs/qlWF/0tZECfZJd51wjxXWeHLC9Si4YFDJZsUqGnHGTxRVIeNsDUneIXvy
s2GVU26uzRIldiRoRhqQendcrR3Q2ZifqpKeGfGNPK87usZll7G/KmpzTGQOepGa
26nIPG8Kw0Vnut4zfgGwio1hKpJYdHfko/SMiBIoREfXaoBODfr+ITfKE3sj0UKB
dH+L+vNqnm8EFX0cF4DlqSUdyUOxoMAaabbuiefFnvHyNo3qJioDVLQc8Pmtl+Fh
wm9/lRa5a1HntmaXMR6+PB+5OOe5LnD0OBeNb9TYsYvhZfsiUdi8i9I+LXR4QhzF
lpHNaI/w07B/Gl6f/j3SccLD
-----END CERTIFICATE-----
Generated at Wed Jul 1 08:26:44 2026 by rpki-client