Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9147B4B/E156A04CCF3811EF8484E92FC4F9AE02/yHfN8i0ltuM_xeSVvlXlnQqUmH4.mft
File:                     yHfN8i0ltuM_xeSVvlXlnQqUmH4.mft (raw, json)
Hash identifier:          i0KaRacu2sNZeXq/Hjl7iqtL3kTdaXaP2vv67rwCLCY=
Subject key identifier:   A1:FA:4D:4F:C3:6A:29:8B:93:BA:0A:5E:77:A0:B2:81:E6:F7:CC:88
Authority key identifier: C8:77:CD:F2:2D:25:B6:E3:3F:C5:E4:95:BE:55:E5:9D:0A:94:98:7E
Certificate issuer:       /CN=A9147B4B/serialNumber=C877CDF22D25B6E33FC5E495BE55E59D0A94987E
Certificate serial:       0143
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yHfN8i0ltuM_xeSVvlXlnQqUmH4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9147B4B/E156A04CCF3811EF8484E92FC4F9AE02/yHfN8i0ltuM_xeSVvlXlnQqUmH4.mft
Manifest number:          0123
Signing time:             Fri 17 Jul 2026 06:58:34 +0000
Manifest this update:     Fri 17 Jul 2026 06:58:34 +0000
Manifest next update:     Fri 24 Jul 2026 06:58:34 +0000
Files and hashes:         1: yHfN8i0ltuM_xeSVvlXlnQqUmH4.crl (hash: bzfvzbzYBR8omuI02A3yqfH5Xr8+25FJe9UFbyl2BIo=)
                          2: 7CC84384BCB711F0BD57E909C4F9AE02.roa (hash: yNjcbXSQe954tG4iPQoh2HGC3/zMHGuxKNsySG8+1DI=)
                          3: 7D3521CABCB711F08B02E909C4F9AE02.roa (hash: XFH0Q1KpeOYZLCrrHNLmbgTNMLaKVPfV4xztcVnCyR8=)
                          4: 7C5A543CBCB711F08806E909C4F9AE02.roa (hash: Otxavzn9wqai7bz3j2wOAOhJHM7zPHSQjLLYM4IbP1Q=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9147B4B/E156A04CCF3811EF8484E92FC4F9AE02/yHfN8i0ltuM_xeSVvlXlnQqUmH4.crl
                          rsync://rpki.apnic.net/member_repository/A9147B4B/E156A04CCF3811EF8484E92FC4F9AE02/yHfN8i0ltuM_xeSVvlXlnQqUmH4.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yHfN8i0ltuM_xeSVvlXlnQqUmH4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 24 Jul 2026 06:58:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 323 (0x143)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9147B4B, serialNumber=C877CDF22D25B6E33FC5E495BE55E59D0A94987E
        Validity
            Not Before: Jul 17 06:58:34 2026 GMT
            Not After : Jul 24 06:58:34 2026 GMT
        Subject: CN=6a59d29a-9572
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:e7:72:a2:ac:0a:dc:53:ad:de:53:0f:02:f3:
                    67:17:8a:d3:e2:1d:5e:57:ef:49:6b:cd:92:0e:54:
                    19:dd:5c:5e:1f:43:17:a9:ad:34:aa:44:08:c8:d4:
                    3d:a3:35:c4:7a:e2:00:5a:a7:07:f0:5a:e1:12:c8:
                    99:2c:09:b5:19:17:5c:dd:29:1d:80:ea:5e:9b:df:
                    65:5d:45:df:12:55:9c:df:18:28:3b:1b:40:0f:5e:
                    cd:8f:91:2e:7c:60:e7:93:89:b1:13:48:03:14:a2:
                    49:0e:77:8c:9e:ac:39:19:b1:72:02:97:b3:9f:c9:
                    96:ce:f3:92:ef:d4:5b:1b:9f:60:50:82:ff:29:73:
                    d0:08:f5:ae:7d:25:c9:e1:f1:21:49:94:18:1f:9a:
                    b6:89:16:e3:1d:9e:02:b8:4c:ae:01:67:f9:1e:5f:
                    65:32:8b:da:a5:06:fd:20:ea:05:e4:b2:7d:24:b3:
                    78:17:70:78:ec:67:b5:00:13:78:19:09:c1:53:ac:
                    d3:e2:c9:f1:83:19:3e:eb:37:2a:c8:82:96:2e:9b:
                    65:1c:16:bc:17:e6:56:e3:c3:2b:3e:1b:d5:00:33:
                    3b:f7:6e:2e:2d:71:b6:3f:25:2a:ca:60:2e:31:85:
                    c3:2f:c6:af:76:85:78:ae:c5:08:be:77:9b:b6:57:
                    7d:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:FA:4D:4F:C3:6A:29:8B:93:BA:0A:5E:77:A0:B2:81:E6:F7:CC:88
            X509v3 Authority Key Identifier:
                keyid:C8:77:CD:F2:2D:25:B6:E3:3F:C5:E4:95:BE:55:E5:9D:0A:94:98:7E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9147B4B/E156A04CCF3811EF8484E92FC4F9AE02/yHfN8i0ltuM_xeSVvlXlnQqUmH4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yHfN8i0ltuM_xeSVvlXlnQqUmH4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9147B4B/E156A04CCF3811EF8484E92FC4F9AE02/yHfN8i0ltuM_xeSVvlXlnQqUmH4.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:61:50:1f:e0:4c:2b:46:1e:aa:f1:51:09:43:6e:24:ed:d5:
         1d:1b:da:26:98:fa:19:d4:2d:d5:26:3b:41:26:dc:40:38:c4:
         c5:ff:c2:3f:b0:23:07:ec:ee:06:bf:db:94:b0:ce:91:0f:b7:
         6f:ad:2b:8c:20:4d:34:f1:89:e9:87:c8:d4:29:4b:8f:5e:f1:
         dd:56:59:8e:1e:75:6f:23:64:1f:9c:02:9b:63:f4:18:42:ed:
         17:71:85:e3:5f:12:ff:ec:1c:1f:68:ec:4d:07:03:98:5c:4b:
         13:f4:14:98:ad:05:ec:40:1c:8a:b5:b9:4e:ce:5c:c2:6e:6c:
         4f:8c:2f:2a:f4:28:71:51:33:be:7b:00:f6:25:8a:d0:98:20:
         93:9e:2b:ad:31:80:49:4c:25:7e:6f:32:1e:ee:24:58:f7:2f:
         ac:39:74:75:32:ba:0a:37:e4:12:8c:38:47:20:da:b2:97:d1:
         14:e8:6a:1d:04:d7:b1:70:21:9b:11:89:bf:2a:d3:0d:c2:ef:
         bd:29:06:52:35:8b:8f:25:3e:91:88:ad:bd:0a:3b:3a:34:04:
         31:58:31:b6:6b:ec:aa:ff:c6:a3:7b:58:48:56:a5:d0:14:e9:
         4d:43:29:00:4a:47:ae:39:b6:9d:98:4c:86:90:e6:7a:4d:05:
         9c:34:94:cf
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICAUMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDdCNEIxMTAvBgNVBAUTKEM4NzdDREYyMkQyNUI2RTMzRkM1RTQ5NUJFNTVFNTlE
MEE5NDk4N0UwHhcNMjYwNzE3MDY1ODM0WhcNMjYwNzI0MDY1ODM0WjAYMRYwFAYD
VQQDEw02YTU5ZDI5YS05NTcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvudyoqwK3FOt3lMPAvNnF4rT4h1eV+9Ja82SDlQZ3VxeH0MXqa00qkQIyNQ9
ozXEeuIAWqcH8FrhEsiZLAm1GRdc3SkdgOpem99lXUXfElWc3xgoOxtAD17Nj5Eu
fGDnk4mxE0gDFKJJDneMnqw5GbFyApezn8mWzvOS79RbG59gUIL/KXPQCPWufSXJ
4fEhSZQYH5q2iRbjHZ4CuEyuAWf5Hl9lMovapQb9IOoF5LJ9JLN4F3B47Ge1ABN4
GQnBU6zT4snxgxk+6zcqyIKWLptlHBa8F+ZW48MrPhvVADM7924uLXG2PyUqymAu
MYXDL8avdoV4rsUIvnebtld9XwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFKH6TU/D
aimLk7oKXnegsoHm98yIMB8GA1UdIwQYMBaAFMh3zfItJbbjP8Xklb5V5Z0KlJh+
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0N0I0Qi9FMTU2QTA0Q0NG
MzgxMUVGODQ4NEU5MkZDNEY5QUUwMi95SGZOOGkwbHR1TV94ZVNWdmxYbG5RcVVt
SDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3lIZk44aTBsdHVNX3hlU1Z2bFhsblFxVW1INC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
N0I0Qi9FMTU2QTA0Q0NGMzgxMUVGODQ4NEU5MkZDNEY5QUUwMi95SGZOOGkwbHR1
TV94ZVNWdmxYbG5RcVVtSDQubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEAGWFQH+BMK0YeqvFRCUNuJO3VHRvaJpj6GdQt1SY7QSbcQDjExf/CP7AjB+zu
Br/blLDOkQ+3b60rjCBNNPGJ6YfI1ClLj17x3VZZjh51byNkH5wCm2P0GELtF3GF
418S/+wcH2jsTQcDmFxLE/QUmK0F7EAcirW5Ts5cwm5sT4wvKvQocVEzvnsA9iWK
0Jggk54rrTGASUwlfm8yHu4kWPcvrDl0dTK6CjfkEow4RyDaspfRFOhqHQTXsXAh
mxGJvyrTDcLvvSkGUjWLjyU+kYitvQo7OjQEMVgxtmvsqv/Go3tYSFal0BTpTUMp
AEpHrjm2nZhMhpDmek0FnDSUzw==
-----END CERTIFICATE-----
Generated at Sat Jul 18 01:50:56 2026 by rpki-client