Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.mft
File:                     AAji7r5sVfJZSUmkd_hne_9Kf-Q.mft (raw, json)
Hash identifier:          diVPmrUg+m8T6fw+Zs7DOixNQSMGwUg/fdgg8fB9Lt4=
Subject key identifier:   3F:C9:76:82:F4:F0:1E:0F:46:5B:D1:F2:77:DC:E5:1C:39:05:C2:17
Authority key identifier: 00:08:E2:EE:BE:6C:55:F2:59:49:49:A4:77:F8:67:7B:FF:4A:7F:E4
Certificate issuer:       /CN=A9170DF0/serialNumber=0008E2EEBE6C55F2594949A477F8677BFF4A7FE4
Certificate serial:       022D
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/AAji7r5sVfJZSUmkd_hne_9Kf-Q.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.mft
Manifest number:          0228
Signing time:             Fri 17 Jul 2026 03:36:58 +0000
Manifest this update:     Fri 17 Jul 2026 03:36:57 +0000
Manifest next update:     Fri 24 Jul 2026 03:36:57 +0000
Files and hashes:         1: AAji7r5sVfJZSUmkd_hne_9Kf-Q.crl (hash: HUA7sudmPW7VilfUM9BgqzzJnihOQLnUzDZ/omZSn0c=)
                          2: B022AC18368811EEB1BFE56AC4F9AE02.roa (hash: ChPU5idLRzFBAUfZXdVDn4ZS21EQnqWVbj2XL7b56XA=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.crl
                          rsync://rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/AAji7r5sVfJZSUmkd_hne_9Kf-Q.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 24 Jul 2026 03:36:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 557 (0x22d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9170DF0, serialNumber=0008E2EEBE6C55F2594949A477F8677BFF4A7FE4
        Validity
            Not Before: Jul 17 03:36:57 2026 GMT
            Not After : Jul 24 03:36:57 2026 GMT
        Subject: CN=6a59a359-bcce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:50:53:07:b4:40:27:ad:1d:9f:7e:26:4e:10:
                    7b:d0:97:e6:6c:bd:f3:71:97:87:d2:f9:71:8f:54:
                    98:a7:31:14:87:ae:bf:db:c7:92:c3:39:8f:82:5f:
                    9e:5c:34:18:6a:c9:8c:7e:dd:a4:0f:28:ea:3d:35:
                    d3:73:f8:70:51:e6:f7:33:70:c1:14:ce:be:0f:9c:
                    38:da:98:cd:be:c2:ef:53:f1:33:d2:0c:d4:c2:c3:
                    68:0b:44:bb:c4:47:ab:8d:a2:f8:62:2f:16:3f:78:
                    c5:c6:bd:07:19:3a:0d:c6:24:68:8c:1a:3a:bc:b4:
                    ad:03:da:2a:ab:c0:08:0b:92:99:77:bb:ce:a2:16:
                    fd:85:f8:57:3f:7a:a1:fa:94:b0:bb:af:a2:82:cf:
                    5a:5d:2d:0c:20:ea:9f:d3:8e:b6:62:83:08:b7:c1:
                    71:4b:00:4e:8b:ff:2a:60:37:52:e6:ca:ed:71:12:
                    30:01:4d:d0:37:02:c2:62:3a:69:6a:50:48:09:aa:
                    5f:af:c9:b9:92:25:18:83:9c:fa:9c:7d:7d:44:82:
                    80:4f:18:51:b2:75:a5:9a:4c:4b:ba:19:00:a7:76:
                    33:7f:6d:c5:dc:29:23:57:cf:ca:8e:2c:8c:ec:04:
                    a9:47:12:56:af:a4:b6:72:de:f8:4f:e8:4c:84:37:
                    67:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:C9:76:82:F4:F0:1E:0F:46:5B:D1:F2:77:DC:E5:1C:39:05:C2:17
            X509v3 Authority Key Identifier:
                keyid:00:08:E2:EE:BE:6C:55:F2:59:49:49:A4:77:F8:67:7B:FF:4A:7F:E4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/AAji7r5sVfJZSUmkd_hne_9Kf-Q.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:07:d4:5f:7f:f2:07:30:eb:25:b2:d4:68:1f:93:fc:f0:e7:
         f5:42:e4:58:e6:63:00:97:2f:b2:60:41:ed:f3:09:c6:98:62:
         ed:08:de:d9:0d:4c:08:c5:ee:d5:14:66:86:db:ff:dc:5e:64:
         65:7d:f7:92:96:90:48:89:c1:5e:b5:60:2f:a7:e0:3d:33:ec:
         ef:d5:42:f2:fd:8e:f4:f6:eb:90:76:59:9d:38:09:64:10:f3:
         e1:c2:f5:d3:1d:42:4b:14:72:bc:95:93:11:95:30:a6:cf:1d:
         64:d7:a1:39:87:2c:f0:c4:56:14:23:44:04:8a:08:d1:c9:b5:
         1e:a8:f3:fe:e0:d9:33:89:3f:8c:b6:43:00:0d:60:e9:ee:15:
         4d:c9:d1:01:35:f2:02:be:8b:54:29:2e:6d:11:6a:6e:d3:23:
         d2:53:5e:67:93:7c:c2:d6:ed:06:5b:fa:f8:51:00:80:29:12:
         3a:19:ec:ae:4f:70:02:75:31:f3:80:41:35:69:4b:eb:02:aa:
         91:ef:b1:cc:df:19:9d:7b:bb:fd:f8:b4:3d:89:73:6b:f4:1d:
         e8:a1:30:c7:a2:a4:77:f3:8d:78:60:76:6c:32:aa:b2:22:45:
         2b:dc:f9:8e:57:b3:9c:0d:87:8b:50:69:50:d2:d5:c2:05:45:
         9e:cc:d9:75
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICAi0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzBERjAxMTAvBgNVBAUTKDAwMDhFMkVFQkU2QzU1RjI1OTQ5NDlBNDc3Rjg2NzdC
RkY0QTdGRTQwHhcNMjYwNzE3MDMzNjU3WhcNMjYwNzI0MDMzNjU3WjAYMRYwFAYD
VQQDEw02YTU5YTM1OS1iY2NlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmlBTB7RAJ60dn34mThB70JfmbL3zcZeH0vlxj1SYpzEUh66/28eSwzmPgl+e
XDQYasmMft2kDyjqPTXTc/hwUeb3M3DBFM6+D5w42pjNvsLvU/Ez0gzUwsNoC0S7
xEerjaL4Yi8WP3jFxr0HGToNxiRojBo6vLStA9oqq8AIC5KZd7vOohb9hfhXP3qh
+pSwu6+igs9aXS0MIOqf0462YoMIt8FxSwBOi/8qYDdS5srtcRIwAU3QNwLCYjpp
alBICapfr8m5kiUYg5z6nH19RIKATxhRsnWlmkxLuhkAp3Yzf23F3CkjV8/KjiyM
7ASpRxJWr6S2ct74T+hMhDdn1wIDAQABo4ICczCCAm8wHQYDVR0OBBYEFD/JdoL0
8B4PRlvR8nfc5Rw5BcIXMB8GA1UdIwQYMBaAFAAI4u6+bFXyWUlJpHf4Z3v/Sn/k
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MERGMC81REVGQUNGMDM2
NDQxMUVFQUNFNUM3MkVDNEY5QUUwMi9BQWppN3I1c1ZmSlpTVW1rZF9obmVfOUtm
LVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0FBamk3cjVzVmZKWlNVbWtkX2huZV85S2YtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MERGMC81REVGQUNGMDM2NDQxMUVFQUNFNUM3MkVDNEY5QUUwMi9BQWppN3I1c1Zm
SlpTVW1rZF9obmVfOUtmLVEubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEAfgfUX3/yBzDrJbLUaB+T/PDn9ULkWOZjAJcvsmBB7fMJxphi7Qje2Q1MCMXu
1RRmhtv/3F5kZX33kpaQSInBXrVgL6fgPTPs79VC8v2O9PbrkHZZnTgJZBDz4cL1
0x1CSxRyvJWTEZUwps8dZNehOYcs8MRWFCNEBIoI0cm1Hqjz/uDZM4k/jLZDAA1g
6e4VTcnRATXyAr6LVCkubRFqbtMj0lNeZ5N8wtbtBlv6+FEAgCkSOhnsrk9wAnUx
84BBNWlL6wKqke+xzN8ZnXu7/fi0PYlza/Qd6KEwx6Kkd/ONeGB2bDKqsiJFK9z5
jleznA2Hi1BpUNLVwgVFnszZdQ==
-----END CERTIFICATE-----
Generated at Sat Jul 18 03:27:26 2026 by rpki-client