Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A917C0F3/60E207BCD0B911EFA0848825C4F9AE02/oOoqcgysMcg3X1Vs-Uv--NERafY.mft
File:                     oOoqcgysMcg3X1Vs-Uv--NERafY.mft (raw, json)
Hash identifier:          mOT9RYvHeb9PpRSU6R4eky7Mz/dJUXfdIZXNzouQJqU=
Subject key identifier:   F5:D5:F8:DC:F7:34:A4:60:6C:3D:3D:1E:8A:90:59:C3:64:FD:4C:DC
Authority key identifier: A0:EA:2A:72:0C:AC:31:C8:37:5F:55:6C:F9:4B:FE:F8:D1:11:69:F6
Certificate issuer:       /CN=A917C0F3/serialNumber=A0EA2A720CAC31C8375F556CF94BFEF8D11169F6
Certificate serial:       0121
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oOoqcgysMcg3X1Vs-Uv--NERafY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917C0F3/60E207BCD0B911EFA0848825C4F9AE02/oOoqcgysMcg3X1Vs-Uv--NERafY.mft
Manifest number:          011D
Signing time:             Fri 17 Jul 2026 06:59:22 +0000
Manifest this update:     Fri 17 Jul 2026 06:59:21 +0000
Manifest next update:     Fri 24 Jul 2026 06:59:21 +0000
Files and hashes:         1: oOoqcgysMcg3X1Vs-Uv--NERafY.crl (hash: TV4CxqOGAfNQOoGwBWenUTGH2XmGjxZCH7K/AOGAsDo=)
                          2: 02F0D9DED0BA11EFA8B5A526C4F9AE02.roa (hash: 06+m6dabyyzbZGIT4hkbr4VpURLEsXpwD3ACUIi95cM=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A917C0F3/60E207BCD0B911EFA0848825C4F9AE02/oOoqcgysMcg3X1Vs-Uv--NERafY.crl
                          rsync://rpki.apnic.net/member_repository/A917C0F3/60E207BCD0B911EFA0848825C4F9AE02/oOoqcgysMcg3X1Vs-Uv--NERafY.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oOoqcgysMcg3X1Vs-Uv--NERafY.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 24 Jul 2026 06:59:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 289 (0x121)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917C0F3, serialNumber=A0EA2A720CAC31C8375F556CF94BFEF8D11169F6
        Validity
            Not Before: Jul 17 06:59:21 2026 GMT
            Not After : Jul 24 06:59:21 2026 GMT
        Subject: CN=6a59d2ca-b8c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:03:38:20:fe:5c:e9:b9:5e:14:6c:93:c9:0e:
                    08:37:1d:37:f4:a3:f5:c6:81:55:14:b7:9b:fd:ea:
                    09:89:75:2e:c1:20:19:d2:b3:01:21:5a:c3:54:60:
                    b1:65:ec:b0:90:38:2f:f8:1d:12:15:9a:0e:5d:e5:
                    02:52:a2:cb:61:87:a1:8c:8a:02:4d:ed:bb:fa:45:
                    14:a3:4f:b3:5a:96:ed:3a:71:f1:4d:1b:88:6a:52:
                    32:6c:8f:70:db:29:2c:15:f4:95:aa:a5:f5:4e:98:
                    e4:dc:1c:a6:a1:ba:66:f7:5d:0a:0d:b8:b2:fd:dc:
                    33:15:3f:9c:75:54:62:2b:69:33:6d:a8:9c:e6:28:
                    83:6a:db:4b:cf:59:2c:1f:56:b1:5a:08:8e:c5:82:
                    17:dc:54:d7:37:23:d2:09:33:3f:a9:14:bf:2a:36:
                    8b:55:b0:84:a0:4d:6e:d3:8a:8f:8b:ad:d2:02:75:
                    c0:2c:3f:fc:1a:f1:bb:6d:7b:98:fb:40:d7:6a:e2:
                    88:98:a6:d5:46:86:0d:e3:94:33:a2:ca:08:f4:fd:
                    ab:ae:a4:de:d5:80:c9:c2:a9:2d:f4:e3:82:d6:1c:
                    10:1a:b0:17:c1:41:ae:cd:b9:f9:d4:df:12:03:71:
                    0a:46:7d:1f:78:34:55:a8:62:a6:8b:9c:cc:db:1e:
                    97:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:D5:F8:DC:F7:34:A4:60:6C:3D:3D:1E:8A:90:59:C3:64:FD:4C:DC
            X509v3 Authority Key Identifier:
                keyid:A0:EA:2A:72:0C:AC:31:C8:37:5F:55:6C:F9:4B:FE:F8:D1:11:69:F6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917C0F3/60E207BCD0B911EFA0848825C4F9AE02/oOoqcgysMcg3X1Vs-Uv--NERafY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oOoqcgysMcg3X1Vs-Uv--NERafY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C0F3/60E207BCD0B911EFA0848825C4F9AE02/oOoqcgysMcg3X1Vs-Uv--NERafY.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:19:9f:96:83:81:0a:a9:41:d3:6d:37:67:4a:d8:81:1c:17:
         89:f7:f6:6c:19:88:e9:02:71:43:0b:52:36:df:fc:81:ab:9a:
         23:03:16:ab:aa:9c:75:7c:d3:97:6d:2c:ae:3b:ea:ef:67:14:
         d4:83:60:c6:5c:0a:8b:2b:15:fc:d8:ab:39:a0:6d:59:bf:e5:
         22:4d:14:d0:4b:c0:65:31:ca:0a:86:55:75:d4:2a:b4:49:3a:
         f5:b6:0d:21:13:20:53:94:c9:10:f9:c7:43:6b:13:8f:c2:4f:
         ba:a8:e9:a5:f2:e7:46:48:ae:1d:b4:53:b6:3d:7e:f9:d7:c2:
         17:31:50:aa:9c:09:34:a9:51:3a:7e:36:1b:b9:b8:b3:64:0e:
         f3:b6:ca:cd:39:17:11:d2:26:1c:b8:f5:0c:c9:0a:a6:f7:d3:
         dd:42:67:35:db:7d:de:cf:6d:6d:94:c1:0e:12:f3:d7:1d:dc:
         e5:4b:01:e8:de:39:97:f1:ae:1d:1f:83:8b:8a:d5:1f:b5:3f:
         ff:f3:fa:1e:da:83:38:e2:af:3b:1e:02:ae:81:d1:7b:71:3a:
         52:9a:cf:5c:ae:2b:bd:37:89:ad:41:dd:e3:c7:8e:62:58:77:
         96:88:08:1b:dd:f4:6a:fa:e6:e3:9f:9e:99:58:4b:2b:cf:67:
         01:b2:db:fa
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICASEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0MwRjMxMTAvBgNVBAUTKEEwRUEyQTcyMENBQzMxQzgzNzVGNTU2Q0Y5NEJGRUY4
RDExMTY5RjYwHhcNMjYwNzE3MDY1OTIxWhcNMjYwNzI0MDY1OTIxWjAYMRYwFAYD
VQQDEw02YTU5ZDJjYS1iOGM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzgM4IP5c6bleFGyTyQ4INx039KP1xoFVFLeb/eoJiXUuwSAZ0rMBIVrDVGCx
ZeywkDgv+B0SFZoOXeUCUqLLYYehjIoCTe27+kUUo0+zWpbtOnHxTRuIalIybI9w
2yksFfSVqqX1Tpjk3Bymobpm910KDbiy/dwzFT+cdVRiK2kzbaic5iiDattLz1ks
H1axWgiOxYIX3FTXNyPSCTM/qRS/KjaLVbCEoE1u04qPi63SAnXALD/8GvG7bXuY
+0DXauKImKbVRoYN45QzosoI9P2rrqTe1YDJwqkt9OOC1hwQGrAXwUGuzbn51N8S
A3EKRn0feDRVqGKmi5zM2x6XRwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFPXV+Nz3
NKRgbD09HoqQWcNk/UzcMB8GA1UdIwQYMBaAFKDqKnIMrDHIN19VbPlL/vjREWn2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QzBGMy82MEUyMDdCQ0Qw
QjkxMUVGQTA4NDg4MjVDNEY5QUUwMi9vT29xY2d5c01jZzNYMVZzLVV2LS1ORVJh
ZlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29Pb3FjZ3lzTWNnM1gxVnMtVXYtLU5FUmFmWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
QzBGMy82MEUyMDdCQ0QwQjkxMUVGQTA4NDg4MjVDNEY5QUUwMi9vT29xY2d5c01j
ZzNYMVZzLVV2LS1ORVJhZlkubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEALBmfloOBCqlB0203Z0rYgRwXiff2bBmI6QJxQwtSNt/8gauaIwMWq6qcdXzT
l20srjvq72cU1INgxlwKiysV/NirOaBtWb/lIk0U0EvAZTHKCoZVddQqtEk69bYN
IRMgU5TJEPnHQ2sTj8JPuqjppfLnRkiuHbRTtj1++dfCFzFQqpwJNKlROn42G7m4
s2QO87bKzTkXEdImHLj1DMkKpvfT3UJnNdt93s9tbZTBDhLz1x3c5UsB6N45l/Gu
HR+Di4rVH7U///P6HtqDOOKvOx4CroHRe3E6UprPXK4rvTeJrUHd48eOYlh3logI
G930avrm45+emVhLK89nAbLb+g==
-----END CERTIFICATE-----
Generated at Sat Jul 18 09:31:51 2026 by rpki-client