Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9157DAE/61666C0ED68911E8B6811433C4F9AE02/4bgHrCt0Vfux4xYGjR0BcSYLscc.mft
File:                     4bgHrCt0Vfux4xYGjR0BcSYLscc.mft (raw, json)
Hash identifier:          GujW0S9WzQreQ7FdA4s4DAqyXFfZHLSI66yjD7hjLjg=
Subject key identifier:   DD:14:D7:9D:EA:B6:47:26:B9:5D:FE:AE:9F:C6:85:6E:8D:48:C5:DC
Authority key identifier: E1:B8:07:AC:2B:74:55:FB:B1:E3:16:06:8D:1D:01:71:26:0B:B1:C7
Certificate issuer:       /CN=A9157DAE/serialNumber=E1B807AC2B7455FBB1E316068D1D0171260BB1C7
Certificate serial:       14CE
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4bgHrCt0Vfux4xYGjR0BcSYLscc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9157DAE/61666C0ED68911E8B6811433C4F9AE02/4bgHrCt0Vfux4xYGjR0BcSYLscc.mft
Manifest number:          1386
Signing time:             Sun 12 Jul 2026 16:57:36 +0000
Manifest this update:     Sun 12 Jul 2026 16:57:36 +0000
Manifest next update:     Sun 19 Jul 2026 16:57:36 +0000
Files and hashes:         1: 4bgHrCt0Vfux4xYGjR0BcSYLscc.crl (hash: 7PeGPLkBXjW5ksBus/RWeW/XOHPVQh9wi1P1jQGh/Wc=)
                          2: D17E9426B24211EFBBDC2164C4F9AE02.roa (hash: Ww46Lbl6UjA/CXqKqzqylfENifJWkFzcJuiq1+uDY3g=)
                          3: AD7B2798CDCA11F096B9035EC4F9AE02.roa (hash: 1rrUr85BF/sY2udLImZ0ePN2Kgi1s7SnmiZY7CqnRO0=)
                          4: A8949F64D86E11E982BA0712C4F9AE02.roa (hash: 4ErdLc5I6Vjk6uLExe07aYdEJVnOiI+wzbQvVUiYi2A=)
                          5: F99AFAFE1D5411EA921E0351C4F9AE02.roa (hash: 0nXqFu4Qi3Igds5cTks5iZ4dhntuRJvANiDD3hyPktU=)
                          6: ABBD7288621E11F1B46C43227047A888.roa (hash: XkYX6vbb6wu0I6LyLg7rmDrKGG169XYV0z/dzuJsV18=)
                          7: 8E6CF9C8E59911E98D355932C4F9AE02.roa (hash: 0JqXWVNYYl5QUi3Ff44dnxQVqYfsFqTw62wHqYfZBwc=)
                          8: 1F8378E6BCBD11EBAC9A4744C4F9AE02.roa (hash: WxVTSI5IqBCtDZMa9uJVKr0/nWjqcu853MnRjiV9FJM=)
                          9: 0038D872072E11EB8914E540C4F9AE02.roa (hash: BfVI3TFyV6fOpgoDG6kN2cNefVnef49M3JRzF9OGVQ8=)
                          10: C21FA1CE080511EAA9457C67C4F9AE02.roa (hash: jlJ7Tld2dLSNm+vxLU+DB4uapMo/I9nK2H7uiQod+hI=)
                          11: 6A5222E2B8CA11F0AEF0BA3CC4F9AE02.roa (hash: DErQ3o7TiaR6Xkm9YVkxrmIyVyHa9Hd4DAj359Ovfp8=)
                          12: A6A4A20E89B911EC8FDB572DC4F9AE02.roa (hash: 9gF1aAdFHEDmuDddG9VCS6z/7V4hA5cH16J97sGtqmY=)
                          13: 9EE31802996B11E9B3FEED46C4F9AE02.roa (hash: Y0tv3S5qBpizFf7zS7O2Gepf7bo7jWIy8poU5vPkGKI=)
                          14: 4D6A840A5D9611F1BD5FE02C96833773.roa (hash: d3z49JgJZXiieN6MWgLeD2K+u7C1Gr2j766YBYQR8LI=)
                          15: 161983C2B9EB11EDB53AC21BC4F9AE02.roa (hash: ux2ARJ/bgr7if6KwYjchysUxhnA8D8TRZk6Lw4d52aw=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9157DAE/61666C0ED68911E8B6811433C4F9AE02/4bgHrCt0Vfux4xYGjR0BcSYLscc.crl
                          rsync://rpki.apnic.net/member_repository/A9157DAE/61666C0ED68911E8B6811433C4F9AE02/4bgHrCt0Vfux4xYGjR0BcSYLscc.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4bgHrCt0Vfux4xYGjR0BcSYLscc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 19 Jul 2026 16:57:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5326 (0x14ce)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9157DAE, serialNumber=E1B807AC2B7455FBB1E316068D1D0171260BB1C7
        Validity
            Not Before: Jul 12 16:57:36 2026 GMT
            Not After : Jul 19 16:57:36 2026 GMT
        Subject: CN=6a53c780-2bda
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:72:85:14:66:97:ab:bc:1b:8b:64:18:1e:50:
                    af:b6:bd:f5:da:82:cc:f2:f7:ef:9f:82:48:e9:40:
                    54:70:12:6b:38:1e:3e:1c:a1:d0:99:5a:11:0b:57:
                    cc:39:c0:03:ae:ef:03:83:04:c4:7e:31:c9:38:d5:
                    e7:45:18:a9:f2:70:71:1d:10:74:b7:c5:86:e5:96:
                    88:a0:0a:33:93:dd:09:51:e8:d6:99:40:d1:e5:f9:
                    e3:44:ae:2a:d0:9c:8e:3e:f7:a4:02:66:81:20:c2:
                    0e:3c:9b:a2:fa:64:91:97:30:68:c3:03:f1:ef:d1:
                    22:4f:df:5f:70:e2:d6:74:a7:23:aa:f6:2c:5c:58:
                    db:d4:e0:3e:22:12:fe:3e:d5:5c:e9:e9:05:e2:55:
                    4e:01:91:10:7d:d5:50:ea:c4:c6:d1:03:af:32:3c:
                    2a:fb:fb:bd:35:d2:40:4c:96:a2:db:4b:a0:de:8d:
                    58:93:8c:67:c5:f6:34:1e:06:30:9c:ed:a3:d9:18:
                    c6:79:39:23:91:36:32:c4:8f:08:f9:8e:c2:36:64:
                    9d:6c:90:6c:31:b0:3d:d2:11:35:3b:a3:c9:e2:a4:
                    e4:b8:2f:f2:8b:26:df:6a:5d:0a:53:fa:ab:6c:b4:
                    d9:46:78:f0:32:3c:b9:18:db:2a:b3:0c:67:0e:54:
                    38:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:14:D7:9D:EA:B6:47:26:B9:5D:FE:AE:9F:C6:85:6E:8D:48:C5:DC
            X509v3 Authority Key Identifier:
                keyid:E1:B8:07:AC:2B:74:55:FB:B1:E3:16:06:8D:1D:01:71:26:0B:B1:C7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9157DAE/61666C0ED68911E8B6811433C4F9AE02/4bgHrCt0Vfux4xYGjR0BcSYLscc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4bgHrCt0Vfux4xYGjR0BcSYLscc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157DAE/61666C0ED68911E8B6811433C4F9AE02/4bgHrCt0Vfux4xYGjR0BcSYLscc.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:49:63:30:b1:07:3b:b7:e2:10:14:6e:52:e4:03:e5:5a:2f:
         36:eb:b3:fa:75:fc:00:77:b7:18:3d:a6:16:28:cd:ef:93:ef:
         a4:dd:6b:45:f5:54:6d:d0:2e:3e:db:be:3f:0f:04:91:8e:81:
         61:2e:82:f6:ee:11:8e:45:85:0f:8c:4b:5e:69:c0:db:92:24:
         96:e2:24:c4:8a:dd:27:f1:84:d3:6e:b8:3f:63:31:22:d4:29:
         8b:e4:89:01:fc:e2:9c:5e:8e:c1:87:ff:db:45:7a:0f:e2:ce:
         b3:6f:91:d8:9a:53:6d:ef:92:1c:b6:5f:48:39:69:08:d1:c1:
         94:8b:f5:45:03:d5:63:09:8d:25:43:c4:05:09:50:eb:47:a3:
         90:8d:23:eb:8d:84:2c:7a:1e:7b:4b:9e:c3:d3:cf:09:5d:44:
         b3:56:de:bc:dc:2b:24:ff:21:a5:95:c7:87:3f:1d:b1:0c:96:
         f7:20:37:e3:fe:de:c7:ff:f4:87:0f:4c:09:0f:37:16:98:79:
         6a:aa:bd:a9:36:b5:d5:cd:d6:1f:01:20:db:a4:74:20:11:f1:
         71:a3:7a:71:0b:e2:05:60:f4:5d:d0:6f:ec:80:ad:57:b2:73:
         23:09:6f:98:3d:a5:46:c4:32:56:ab:c2:fb:0f:da:12:8b:46:
         44:74:7f:06
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICFM4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTdEQUUxMTAvBgNVBAUTKEUxQjgwN0FDMkI3NDU1RkJCMUUzMTYwNjhEMUQwMTcx
MjYwQkIxQzcwHhcNMjYwNzEyMTY1NzM2WhcNMjYwNzE5MTY1NzM2WjAYMRYwFAYD
VQQDEw02YTUzYzc4MC0yYmRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2nKFFGaXq7wbi2QYHlCvtr312oLM8vfvn4JI6UBUcBJrOB4+HKHQmVoRC1fM
OcADru8DgwTEfjHJONXnRRip8nBxHRB0t8WG5ZaIoAozk90JUejWmUDR5fnjRK4q
0JyOPvekAmaBIMIOPJui+mSRlzBowwPx79EiT99fcOLWdKcjqvYsXFjb1OA+IhL+
PtVc6ekF4lVOAZEQfdVQ6sTG0QOvMjwq+/u9NdJATJai20ug3o1Yk4xnxfY0HgYw
nO2j2RjGeTkjkTYyxI8I+Y7CNmSdbJBsMbA90hE1O6PJ4qTkuC/yiybfal0KU/qr
bLTZRnjwMjy5GNsqswxnDlQ4qwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFN0U153q
tkcmuV3+rp/GhW6NSMXcMB8GA1UdIwQYMBaAFOG4B6wrdFX7seMWBo0dAXEmC7HH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0RBRS82MTY2NkMwRUQ2
ODkxMUU4QjY4MTE0MzNDNEY5QUUwMi80YmdIckN0MFZmdXg0eFlHalIwQmNTWUxz
Y2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRiZ0hyQ3QwVmZ1eDR4WUdqUjBCY1NZTHNjYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
N0RBRS82MTY2NkMwRUQ2ODkxMUU4QjY4MTE0MzNDNEY5QUUwMi80YmdIckN0MFZm
dXg0eFlHalIwQmNTWUxzY2MubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEAP0ljMLEHO7fiEBRuUuQD5VovNuuz+nX8AHe3GD2mFijN75PvpN1rRfVUbdAu
Ptu+Pw8EkY6BYS6C9u4RjkWFD4xLXmnA25IkluIkxIrdJ/GE0264P2MxItQpi+SJ
AfzinF6OwYf/20V6D+LOs2+R2JpTbe+SHLZfSDlpCNHBlIv1RQPVYwmNJUPEBQlQ
60ejkI0j642ELHoee0uew9PPCV1Es1bevNwrJP8hpZXHhz8dsQyW9yA34/7ex//0
hw9MCQ83Fph5aqq9qTa11c3WHwEg26R0IBHxcaN6cQviBWD0XdBv7ICtV7JzIwlv
mD2lRsQyVqvC+w/aEotGRHR/Bg==
-----END CERTIFICATE-----
Generated at Mon Jul 13 14:14:45 2026 by rpki-client