Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft
File:                     bOklSpy_oHBCJDc13OT79-VGEWY.mft (raw, json)
Hash identifier:          AZI8FrGNg0tLBTbr+S1kZCaEHOLi4q2Lc29RF37uN7M=
Subject key identifier:   36:52:13:A4:38:EB:5B:C5:37:3C:DC:8E:31:E6:AE:65:96:DC:A8:09
Authority key identifier: 6C:E9:25:4A:9C:BF:A0:70:42:24:37:35:DC:E4:FB:F7:E5:46:11:66
Certificate issuer:       /CN=A91454F3/serialNumber=6CE9254A9CBFA07042243735DCE4FBF7E5461166
Certificate serial:       0D16
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft
Manifest number:          0D0D
Signing time:             Sat 04 Jul 2026 18:17:54 +0000
Manifest this update:     Sat 04 Jul 2026 18:17:54 +0000
Manifest next update:     Sat 11 Jul 2026 18:17:54 +0000
Files and hashes:         1: bOklSpy_oHBCJDc13OT79-VGEWY.crl (hash: U0bArRcRTbTu0+ZGERYoi3Pw+tCzwyqQC4OjRCFn4u8=)
                          2: 9DDA09EC05DC11EA9B6B0560C4F9AE02.roa (hash: jOASJy08cQtiHT2anaDk0d4CR9FN0kGkmWrO2dstaFQ=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.crl
                          rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 11 Jul 2026 18:17:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3350 (0xd16)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91454F3, serialNumber=6CE9254A9CBFA07042243735DCE4FBF7E5461166
        Validity
            Not Before: Jul  4 18:17:54 2026 GMT
            Not After : Jul 11 18:17:54 2026 GMT
        Subject: CN=6a494e52-4b82
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:41:84:1a:e3:56:18:c3:59:2d:86:07:39:05:
                    5d:e3:5f:b6:87:f9:c9:8e:86:85:e5:ff:4d:36:38:
                    d1:c6:72:cc:43:28:6d:9d:f3:65:ee:09:3c:74:c7:
                    52:fc:5c:f2:af:6a:6a:51:22:66:fa:46:c2:b0:90:
                    9b:d7:8a:64:8f:74:1c:df:56:27:e2:e4:b6:82:f2:
                    cd:2d:f4:01:46:37:fc:d4:52:db:13:58:9f:7c:12:
                    40:ac:79:98:99:b7:94:2f:fb:29:ec:94:f5:67:cf:
                    12:49:02:6e:d2:af:1a:de:5f:78:4e:86:41:db:a1:
                    b1:b2:35:34:d6:da:a5:c1:63:e5:3e:63:4e:9c:e6:
                    27:8e:87:82:04:d1:56:99:d3:a1:37:13:93:49:00:
                    ce:a9:eb:da:d7:84:e0:04:7b:fd:a0:da:4a:cd:74:
                    9b:ea:65:4c:75:31:bb:b4:74:6e:c5:31:f0:33:1f:
                    f6:5b:17:0a:50:c3:bc:32:d4:f9:20:7d:fd:c6:5d:
                    b8:56:0a:f5:c1:ea:40:dd:73:df:5e:b5:ba:83:e5:
                    5e:f8:48:1e:66:5b:a5:1a:a9:bf:8e:60:be:f0:31:
                    4f:3e:a3:18:d8:ba:8f:aa:e2:9f:2a:36:55:9a:ab:
                    1e:41:71:a9:d6:98:c8:fc:a1:bc:de:5f:e9:ad:5d:
                    1c:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:52:13:A4:38:EB:5B:C5:37:3C:DC:8E:31:E6:AE:65:96:DC:A8:09
            X509v3 Authority Key Identifier:
                keyid:6C:E9:25:4A:9C:BF:A0:70:42:24:37:35:DC:E4:FB:F7:E5:46:11:66

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:1d:15:b8:17:4a:99:dc:cb:66:a9:19:4c:92:17:6d:2c:7e:
         80:0e:56:b2:ee:06:a3:ea:bc:23:b9:43:1b:d1:01:2a:04:2e:
         4f:30:6a:e7:54:a0:eb:9c:b4:1e:7b:0f:31:bf:c8:9c:41:15:
         69:6c:b6:9a:de:3b:5f:aa:e2:6f:47:f7:94:1f:31:37:e5:70:
         4b:eb:5b:05:a8:2a:4d:0c:ba:93:1b:ae:9c:47:5d:ea:44:c7:
         5a:c5:35:00:d2:16:93:ac:35:29:3f:b7:ac:83:37:a9:79:8b:
         af:e2:98:4f:25:1e:8c:b0:2b:21:11:58:73:97:68:e1:02:93:
         d3:d6:20:fc:09:92:6a:cd:31:dc:b5:3c:1c:db:3f:5a:8e:ca:
         7e:61:84:99:4a:84:e5:90:c2:f6:f2:59:ef:96:3f:53:db:12:
         4a:ce:f4:6c:1b:fd:98:e5:f5:25:50:92:16:7a:cc:89:68:e4:
         73:ee:20:5b:da:c6:67:84:35:a5:a5:dd:ab:18:17:0f:96:86:
         3a:a6:15:a9:f6:f0:f8:d3:ab:0e:e6:b0:f8:23:65:27:b5:32:
         7d:4d:e7:e3:ab:53:c3:f1:e8:a3:6a:6f:45:f7:ec:c7:05:07:
         5f:28:b6:18:25:34:1f:7e:82:7c:a2:87:96:5a:d6:b4:9f:04:
         ee:6b:c1:89
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICDRYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDU0RjMxMTAvBgNVBAUTKDZDRTkyNTRBOUNCRkEwNzA0MjI0MzczNURDRTRGQkY3
RTU0NjExNjYwHhcNMjYwNzA0MTgxNzU0WhcNMjYwNzExMTgxNzU0WjAYMRYwFAYD
VQQDEw02YTQ5NGU1Mi00YjgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApkGEGuNWGMNZLYYHOQVd41+2h/nJjoaF5f9NNjjRxnLMQyhtnfNl7gk8dMdS
/Fzyr2pqUSJm+kbCsJCb14pkj3Qc31Yn4uS2gvLNLfQBRjf81FLbE1iffBJArHmY
mbeUL/sp7JT1Z88SSQJu0q8a3l94ToZB26GxsjU01tqlwWPlPmNOnOYnjoeCBNFW
mdOhNxOTSQDOqeva14TgBHv9oNpKzXSb6mVMdTG7tHRuxTHwMx/2WxcKUMO8MtT5
IH39xl24Vgr1wepA3XPfXrW6g+Ve+EgeZlulGqm/jmC+8DFPPqMY2LqPquKfKjZV
mqseQXGp1pjI/KG83l/prV0crwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFDZSE6Q4
61vFNzzcjjHmrmWW3KgJMB8GA1UdIwQYMBaAFGzpJUqcv6BwQiQ3Ndzk+/flRhFm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NTRGMy8xRUY3ODY2ODA1
REMxMUVBOTc0M0JBNUZDNEY5QUUwMi9iT2tsU3B5X29IQkNKRGMxM09UNzktVkdF
V1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JPa2xTcHlfb0hCQ0pEYzEzT1Q3OS1WR0VXWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
NTRGMy8xRUY3ODY2ODA1REMxMUVBOTc0M0JBNUZDNEY5QUUwMi9iT2tsU3B5X29I
QkNKRGMxM09UNzktVkdFV1kubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEAEx0VuBdKmdzLZqkZTJIXbSx+gA5Wsu4Go+q8I7lDG9EBKgQuTzBq51Sg65y0
HnsPMb/InEEVaWy2mt47X6rib0f3lB8xN+VwS+tbBagqTQy6kxuunEdd6kTHWsU1
ANIWk6w1KT+3rIM3qXmLr+KYTyUejLArIRFYc5do4QKT09Yg/AmSas0x3LU8HNs/
Wo7KfmGEmUqE5ZDC9vJZ75Y/U9sSSs70bBv9mOX1JVCSFnrMiWjkc+4gW9rGZ4Q1
paXdqxgXD5aGOqYVqfbw+NOrDuaw+CNlJ7UyfU3n46tTw/Hoo2pvRffsxwUHXyi2
GCU0H36CfKKHllrWtJ8E7mvBiQ==
-----END CERTIFICATE-----
Generated at Sun Jul 5 07:53:27 2026 by rpki-client