Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A914D9C3/45CC82CC806911EF82C9773CC4F9AE02/HlwQfv0DzxPSFKOaaizo3a0wRw4.mft
File:                     HlwQfv0DzxPSFKOaaizo3a0wRw4.mft (raw, json)
Hash identifier:          /Aa6DV4o41SVErEEHZNx/MJNhkkfGAaKdAurJlcgwxY=
Subject key identifier:   C7:93:68:C7:17:8D:DF:58:C0:86:3F:74:20:90:E7:68:B6:54:98:25
Authority key identifier: 1E:5C:10:7E:FD:03:CF:13:D2:14:A3:9A:6A:2C:E8:DD:AD:30:47:0E
Certificate issuer:       /CN=A914D9C3/serialNumber=1E5C107EFD03CF13D214A39A6A2CE8DDAD30470E
Certificate serial:       0157
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HlwQfv0DzxPSFKOaaizo3a0wRw4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A914D9C3/45CC82CC806911EF82C9773CC4F9AE02/HlwQfv0DzxPSFKOaaizo3a0wRw4.mft
Manifest number:          0152
Signing time:             Wed 15 Jul 2026 06:17:23 +0000
Manifest this update:     Wed 15 Jul 2026 06:17:23 +0000
Manifest next update:     Wed 22 Jul 2026 06:17:23 +0000
Files and hashes:         1: HlwQfv0DzxPSFKOaaizo3a0wRw4.crl (hash: uklP0kUb81Eet1oOEuQLfgdCIdYzoUn8MPewEglaG5Q=)
                          2: F7B3707C806911EF8C30A03DC4F9AE02.roa (hash: aiqE7GBN+l3YOlzTvalxpxvHOLBHG0Z/5JCvpwlar2o=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A914D9C3/45CC82CC806911EF82C9773CC4F9AE02/HlwQfv0DzxPSFKOaaizo3a0wRw4.crl
                          rsync://rpki.apnic.net/member_repository/A914D9C3/45CC82CC806911EF82C9773CC4F9AE02/HlwQfv0DzxPSFKOaaizo3a0wRw4.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HlwQfv0DzxPSFKOaaizo3a0wRw4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 22 Jul 2026 06:17:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 343 (0x157)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A914D9C3, serialNumber=1E5C107EFD03CF13D214A39A6A2CE8DDAD30470E
        Validity
            Not Before: Jul 15 06:17:23 2026 GMT
            Not After : Jul 22 06:17:23 2026 GMT
        Subject: CN=6a5725f3-6253
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:ae:c1:5f:f5:d4:18:3c:2b:4b:17:60:c9:1a:
                    27:42:97:e1:ad:14:57:a9:48:3a:24:9c:80:53:16:
                    7a:96:01:84:b0:7f:8f:67:a1:0c:a2:fb:a2:fe:d8:
                    2a:bc:79:12:cb:85:08:dd:7d:dd:07:0a:49:35:f3:
                    b3:f7:81:40:e9:35:66:b7:2f:01:f0:a9:8a:83:f3:
                    5e:45:6d:fc:ca:f5:ac:be:ed:55:1b:73:86:0a:e2:
                    75:c6:71:b4:6f:50:ab:c2:51:1a:37:c3:08:4c:d2:
                    82:9a:94:8b:3f:74:65:1f:95:81:3e:05:d1:85:87:
                    2f:f9:68:88:91:76:7e:86:02:04:ff:eb:f8:2d:93:
                    bd:72:34:b9:02:db:9f:70:90:0f:62:ff:f5:98:c2:
                    68:00:a2:8c:82:0f:a2:0f:3d:0f:46:ec:0d:33:c6:
                    06:af:9a:0e:d5:d7:32:27:fe:b7:db:73:8e:a6:8c:
                    fe:51:0d:e5:9d:4c:6b:c3:6e:3a:89:bc:71:e5:31:
                    df:e7:e9:d3:af:05:06:76:02:a6:01:a9:0d:2c:c1:
                    fa:15:e9:29:5e:c5:71:2e:ab:69:8c:89:4b:83:dc:
                    ed:85:ae:96:4b:fb:bd:fc:d8:68:0f:d4:03:b4:a5:
                    81:80:20:05:48:30:4d:4d:bd:84:3b:c6:f7:c7:48:
                    f1:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:93:68:C7:17:8D:DF:58:C0:86:3F:74:20:90:E7:68:B6:54:98:25
            X509v3 Authority Key Identifier:
                keyid:1E:5C:10:7E:FD:03:CF:13:D2:14:A3:9A:6A:2C:E8:DD:AD:30:47:0E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A914D9C3/45CC82CC806911EF82C9773CC4F9AE02/HlwQfv0DzxPSFKOaaizo3a0wRw4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HlwQfv0DzxPSFKOaaizo3a0wRw4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914D9C3/45CC82CC806911EF82C9773CC4F9AE02/HlwQfv0DzxPSFKOaaizo3a0wRw4.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:4d:f8:40:29:c1:a8:c8:1a:1d:f7:76:5e:a2:4c:51:aa:be:
         19:19:ec:ba:6e:43:cc:83:c1:b0:87:7b:5a:c7:72:7a:6c:95:
         8d:61:d1:89:67:2c:bf:8c:e4:10:9c:06:e3:ac:f5:1a:ba:ca:
         27:86:02:5c:1c:a4:97:96:c4:4f:15:7d:3e:20:dd:72:7e:35:
         2c:ff:5f:ae:30:07:d6:37:c3:48:80:13:b1:5b:01:e9:40:fb:
         58:6b:71:cf:7a:d3:9d:f4:07:34:bf:d2:e3:e7:a3:08:6d:c4:
         9d:ff:19:1a:12:dd:d4:54:8e:bb:47:04:b0:fc:ed:c4:8f:88:
         75:58:56:6a:73:ed:a0:48:95:92:9c:fe:08:ae:40:e6:d2:fe:
         72:29:93:81:0f:21:ef:b2:49:8c:3f:80:3b:64:dd:03:d5:6b:
         83:25:8c:29:aa:fd:38:f1:8a:2a:3c:9d:e3:66:56:05:ef:c6:
         f1:c8:b5:01:68:1d:fd:4e:45:5f:3c:d7:af:9d:fc:6f:7b:7b:
         42:f1:82:78:7f:09:ba:81:24:72:80:32:f1:2d:f7:e6:4a:43:
         2a:5a:9f:b2:2a:48:bf:40:21:e7:25:10:22:01:23:62:25:bc:
         39:fd:3f:93:3e:4f:7b:75:1a:bd:22:11:16:5a:67:e1:4d:0f:
         a0:a9:af:a3
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICAVcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEQ5QzMxMTAvBgNVBAUTKDFFNUMxMDdFRkQwM0NGMTNEMjE0QTM5QTZBMkNFOERE
QUQzMDQ3MEUwHhcNMjYwNzE1MDYxNzIzWhcNMjYwNzIyMDYxNzIzWjAYMRYwFAYD
VQQDEw02YTU3MjVmMy02MjUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApa7BX/XUGDwrSxdgyRonQpfhrRRXqUg6JJyAUxZ6lgGEsH+PZ6EMovui/tgq
vHkSy4UI3X3dBwpJNfOz94FA6TVmty8B8KmKg/NeRW38yvWsvu1VG3OGCuJ1xnG0
b1CrwlEaN8MITNKCmpSLP3RlH5WBPgXRhYcv+WiIkXZ+hgIE/+v4LZO9cjS5Atuf
cJAPYv/1mMJoAKKMgg+iDz0PRuwNM8YGr5oO1dcyJ/6323OOpoz+UQ3lnUxrw246
ibxx5THf5+nTrwUGdgKmAakNLMH6FekpXsVxLqtpjIlLg9ztha6WS/u9/NhoD9QD
tKWBgCAFSDBNTb2EO8b3x0jxQQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFMeTaMcX
jd9YwIY/dCCQ52i2VJglMB8GA1UdIwQYMBaAFB5cEH79A88T0hSjmmos6N2tMEcO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RDlDMy80NUNDODJDQzgw
NjkxMUVGODJDOTc3M0NDNEY5QUUwMi9IbHdRZnYwRHp4UFNGS09hYWl6bzNhMHdS
dzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0hsd1FmdjBEenhQU0ZLT2FhaXpvM2Ewd1J3NC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
RDlDMy80NUNDODJDQzgwNjkxMUVGODJDOTc3M0NDNEY5QUUwMi9IbHdRZnYwRHp4
UFNGS09hYWl6bzNhMHdSdzQubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEACk34QCnBqMgaHfd2XqJMUaq+GRnsum5DzIPBsId7WsdyemyVjWHRiWcsv4zk
EJwG46z1GrrKJ4YCXBykl5bETxV9PiDdcn41LP9frjAH1jfDSIATsVsB6UD7WGtx
z3rTnfQHNL/S4+ejCG3Enf8ZGhLd1FSOu0cEsPztxI+IdVhWanPtoEiVkpz+CK5A
5tL+cimTgQ8h77JJjD+AO2TdA9VrgyWMKar9OPGKKjyd42ZWBe/G8ci1AWgd/U5F
XzzXr538b3t7QvGCeH8JuoEkcoAy8S335kpDKlqfsipIv0Ah5yUQIgEjYiW8Of0/
kz5Pe3UavSIRFlpn4U0PoKmvow==
-----END CERTIFICATE-----
Generated at Wed Jul 15 09:17:39 2026 by rpki-client