Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft
File:                     IRoCHoq99NvyBwgibMgyj9JBMd8.mft (raw, json)
Hash identifier:          zpHTvtS2BwwdyU3YpN7fRCocYOyaGmbO/TZs1IJ+toY=
Subject key identifier:   18:2F:BF:3A:4F:99:DF:46:ED:75:32:90:D6:1D:A4:21:01:F2:AE:B1
Authority key identifier: 21:1A:02:1E:8A:BD:F4:DB:F2:07:08:22:6C:C8:32:8F:D2:41:31:DF
Certificate issuer:       /CN=A9170F11/serialNumber=211A021E8ABDF4DBF20708226CC8328FD24131DF
Certificate serial:       015A
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft
Manifest number:          0148
Signing time:             Fri 17 Jul 2026 06:30:19 +0000
Manifest this update:     Fri 17 Jul 2026 06:30:19 +0000
Manifest next update:     Fri 24 Jul 2026 06:30:19 +0000
Files and hashes:         1: IRoCHoq99NvyBwgibMgyj9JBMd8.crl (hash: KD57/QLqEmY2grCpAXjEUJAIrohOIXn4ER/AIQ8Rxbw=)
                          2: 0029F6EAD41F11F0B1A47183C4F9AE02.roa (hash: F5fxp0etukBOn3CKrqqukvD42srMqVoYQvkoxd9V4Hk=)
                          3: 00926CA2D41F11F092947183C4F9AE02.roa (hash: wqkUfeM+QKVS8qmAEVsiC5c7QZ1bu80LeTA1QCGTnpw=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.crl
                          rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 24 Jul 2026 06:30:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 346 (0x15a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9170F11, serialNumber=211A021E8ABDF4DBF20708226CC8328FD24131DF
        Validity
            Not Before: Jul 17 06:30:19 2026 GMT
            Not After : Jul 24 06:30:19 2026 GMT
        Subject: CN=6a59cbfb-f6b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:34:4a:86:d5:cf:c4:77:13:d2:86:4a:ab:ac:
                    70:fb:c0:eb:ca:d0:e1:64:76:38:d2:f7:b9:07:d9:
                    99:99:58:12:13:28:70:06:b5:92:0b:49:01:93:3f:
                    b8:e1:8f:36:9c:bb:0f:95:2f:28:2a:98:b3:12:cc:
                    59:fc:1f:82:93:9e:de:42:ff:77:f6:47:c4:ad:f2:
                    18:53:72:56:f3:3a:0f:fc:1a:87:66:4c:8f:a5:2e:
                    9e:b8:7a:e2:bc:99:07:41:fd:25:61:4b:24:6b:20:
                    57:ba:2d:35:fe:43:af:66:4a:0f:42:6e:dd:f3:b9:
                    44:5e:ae:d4:fa:7f:31:44:b6:77:3b:96:d7:1b:a4:
                    d4:ee:16:9a:39:2e:86:13:b7:bc:e4:39:ae:b8:37:
                    3b:89:32:57:87:b9:c9:42:4b:7d:d5:2e:5f:78:bb:
                    1a:34:0a:a2:de:f4:5e:11:1c:33:a5:97:dc:d4:73:
                    ca:8f:ea:07:79:a9:f6:96:37:99:a5:e3:6c:cd:9e:
                    41:f7:9c:f0:dc:35:6b:9e:1b:b9:c9:8c:46:3a:fd:
                    a2:88:b3:d1:eb:56:3b:11:07:f1:8a:96:ee:65:07:
                    88:33:cf:03:e5:28:73:01:33:d1:bd:64:49:a5:1b:
                    d8:36:b0:e3:6f:92:b5:38:60:04:53:4c:08:07:22:
                    7a:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:2F:BF:3A:4F:99:DF:46:ED:75:32:90:D6:1D:A4:21:01:F2:AE:B1
            X509v3 Authority Key Identifier:
                keyid:21:1A:02:1E:8A:BD:F4:DB:F2:07:08:22:6C:C8:32:8F:D2:41:31:DF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:68:c1:6a:2f:76:6f:b2:db:7b:c6:d0:ef:f3:20:dc:eb:7f:
         c8:da:a3:dd:91:6d:b3:cc:57:8d:d4:e5:13:1b:2f:d2:17:15:
         f5:8a:e4:7d:37:d8:96:30:bf:20:bb:a6:09:7f:77:b1:b7:11:
         e0:29:ea:18:91:3e:63:e3:21:c3:cc:30:4c:50:29:85:ed:7f:
         86:73:43:d2:3f:ab:9c:99:8b:98:89:c8:56:83:2b:52:0a:e9:
         5d:66:3b:bb:bd:66:95:17:27:0f:54:00:9c:5c:4d:d4:a8:8e:
         64:b6:89:c0:58:37:89:41:8d:bb:a1:82:8b:18:b0:38:26:32:
         b5:67:7e:bd:8e:3f:73:dd:47:68:c8:e8:07:98:5e:bf:71:5d:
         cf:5b:a7:21:d5:1a:4a:0c:75:8e:3a:cb:c9:0c:09:33:cd:14:
         8d:79:14:19:47:c2:e9:32:fd:3f:86:8a:b4:d7:c1:61:cd:d2:
         59:87:3b:4e:cd:2d:db:fe:5a:96:fb:b1:bf:e3:b4:5b:74:fb:
         53:56:8b:38:27:da:63:38:13:a5:05:8c:b2:50:79:fb:4f:c6:
         20:05:2d:1c:4f:f8:0f:d1:11:02:f6:1f:d5:29:f3:f7:5f:5f:
         12:e9:ee:96:47:d7:5d:cd:35:11:31:3b:1f:1e:3b:32:18:2a:
         2c:c5:04:7d
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICAVowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzBGMTExMTAvBgNVBAUTKDIxMUEwMjFFOEFCREY0REJGMjA3MDgyMjZDQzgzMjhG
RDI0MTMxREYwHhcNMjYwNzE3MDYzMDE5WhcNMjYwNzI0MDYzMDE5WjAYMRYwFAYD
VQQDEw02YTU5Y2JmYi1mNmIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAjDRKhtXPxHcT0oZKq6xw+8DrytDhZHY40ve5B9mZmVgSEyhwBrWSC0kBkz+4
4Y82nLsPlS8oKpizEsxZ/B+Ck57eQv939kfErfIYU3JW8zoP/BqHZkyPpS6euHri
vJkHQf0lYUskayBXui01/kOvZkoPQm7d87lEXq7U+n8xRLZ3O5bXG6TU7haaOS6G
E7e85DmuuDc7iTJXh7nJQkt91S5feLsaNAqi3vReERwzpZfc1HPKj+oHean2ljeZ
peNszZ5B95zw3DVrnhu5yYxGOv2iiLPR61Y7EQfxipbuZQeIM88D5ShzATPRvWRJ
pRvYNrDjb5K1OGAEU0wIByJ6SQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFBgvvzpP
md9G7XUykNYdpCEB8q6xMB8GA1UdIwQYMBaAFCEaAh6KvfTb8gcIImzIMo/SQTHf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MEYxMS9FMTYzODkxMDlB
N0MxMUVGODQ5NTBEMzNDNEY5QUUwMi9JUm9DSG9xOTlOdnlCd2dpYk1neWo5SkJN
ZDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0lSb0NIb3E5OU52eUJ3Z2liTWd5ajlKQk1kOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MEYxMS9FMTYzODkxMDlBN0MxMUVGODQ5NTBEMzNDNEY5QUUwMi9JUm9DSG9xOTlO
dnlCd2dpYk1neWo5SkJNZDgubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEAkmjBai92b7Lbe8bQ7/Mg3Ot/yNqj3ZFts8xXjdTlExsv0hcV9YrkfTfYljC/
ILumCX93sbcR4CnqGJE+Y+Mhw8wwTFAphe1/hnND0j+rnJmLmInIVoMrUgrpXWY7
u71mlRcnD1QAnFxN1KiOZLaJwFg3iUGNu6GCixiwOCYytWd+vY4/c91HaMjoB5he
v3Fdz1unIdUaSgx1jjrLyQwJM80UjXkUGUfC6TL9P4aKtNfBYc3SWYc7Ts0t2/5a
lvuxv+O0W3T7U1aLOCfaYzgTpQWMslB5+0/GIAUtHE/4D9ERAvYf1Snz919fEunu
lkfXXc01ETE7Hx47MhgqLMUEfQ==
-----END CERTIFICATE-----
Generated at Sat Jul 18 03:30:17 2026 by rpki-client