Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9194C0D/A470785E575411EE940CD954C4F9AE02/os0QpH7XI-HEi19Q1oDPT2f8sdM.mft
File:                     os0QpH7XI-HEi19Q1oDPT2f8sdM.mft (raw, json)
Hash identifier:          9lv5FiJsc0zZqsf9GGZ3BmtwoZavZP5WzTQyzdo4onE=
Subject key identifier:   32:6C:25:A7:B9:50:DC:9A:DA:2D:A2:77:57:D3:59:96:54:B7:70:0D
Authority key identifier: A2:CD:10:A4:7E:D7:23:E1:C4:8B:5F:50:D6:80:CF:4F:67:FC:B1:D3
Certificate issuer:       /CN=A9194C0D/serialNumber=A2CD10A47ED723E1C48B5F50D680CF4F67FCB1D3
Certificate serial:       0229
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/os0QpH7XI-HEi19Q1oDPT2f8sdM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9194C0D/A470785E575411EE940CD954C4F9AE02/os0QpH7XI-HEi19Q1oDPT2f8sdM.mft
Manifest number:          0220
Signing time:             Fri 17 Jul 2026 03:51:23 +0000
Manifest this update:     Fri 17 Jul 2026 03:51:22 +0000
Manifest next update:     Fri 24 Jul 2026 03:51:22 +0000
Files and hashes:         1: os0QpH7XI-HEi19Q1oDPT2f8sdM.crl (hash: CaXY9CKTv6Z+RknhpLlmA2EmaKhKeWyR/vscj9uRiUc=)
                          2: 9D5E6AF8600F11EE98AFFB11C4F9AE02.roa (hash: jt/Em4DLUT3Wo1hryGzSXiSThIZtCbpBQGAGGsyRT4Y=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9194C0D/A470785E575411EE940CD954C4F9AE02/os0QpH7XI-HEi19Q1oDPT2f8sdM.crl
                          rsync://rpki.apnic.net/member_repository/A9194C0D/A470785E575411EE940CD954C4F9AE02/os0QpH7XI-HEi19Q1oDPT2f8sdM.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/os0QpH7XI-HEi19Q1oDPT2f8sdM.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 24 Jul 2026 03:51:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 553 (0x229)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9194C0D, serialNumber=A2CD10A47ED723E1C48B5F50D680CF4F67FCB1D3
        Validity
            Not Before: Jul 17 03:51:22 2026 GMT
            Not After : Jul 24 03:51:22 2026 GMT
        Subject: CN=6a59a6bb-d7e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:25:8d:1f:c7:c0:d7:4a:e3:98:ee:2b:f0:7d:
                    fc:02:aa:7e:12:e9:31:91:dd:58:b8:e5:7f:07:3c:
                    b0:12:79:2b:01:d0:b8:0d:5f:49:8e:d7:20:10:36:
                    be:aa:21:b7:38:92:45:a5:eb:da:29:8a:bc:a1:3c:
                    20:c3:4f:7d:a8:88:b4:ac:aa:b9:c4:a6:76:d1:de:
                    a1:a1:0d:a6:89:ac:e0:89:d2:f7:72:95:0c:dd:ed:
                    77:25:f4:cd:3a:f1:b5:92:83:6f:8f:6a:dc:f7:70:
                    58:c1:8c:04:44:36:71:f3:c5:73:d4:8f:f5:e6:7f:
                    9b:8c:df:30:5b:55:6a:56:10:13:d5:5d:92:39:ef:
                    bf:83:3d:37:f4:cc:31:ed:ed:7c:74:08:78:40:90:
                    68:11:10:b5:a1:75:08:c8:cf:a6:18:e8:9f:71:a7:
                    60:e5:09:96:89:fa:b0:e7:2b:44:59:a3:df:32:17:
                    2a:67:a6:53:47:5a:49:fe:24:65:0a:60:6d:35:8f:
                    8f:4b:8c:9f:fd:a9:b4:d5:d8:51:87:3b:14:83:b9:
                    1a:4b:2c:6d:9f:b5:fc:eb:cf:55:e1:14:1c:49:ed:
                    a9:cd:1c:6a:9b:bd:f6:aa:8a:a5:b2:56:2c:d2:32:
                    37:31:e4:b0:58:7f:7c:1d:3b:44:71:3f:c1:97:61:
                    0c:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:6C:25:A7:B9:50:DC:9A:DA:2D:A2:77:57:D3:59:96:54:B7:70:0D
            X509v3 Authority Key Identifier:
                keyid:A2:CD:10:A4:7E:D7:23:E1:C4:8B:5F:50:D6:80:CF:4F:67:FC:B1:D3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9194C0D/A470785E575411EE940CD954C4F9AE02/os0QpH7XI-HEi19Q1oDPT2f8sdM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/os0QpH7XI-HEi19Q1oDPT2f8sdM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9194C0D/A470785E575411EE940CD954C4F9AE02/os0QpH7XI-HEi19Q1oDPT2f8sdM.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:b4:d5:52:34:d0:15:7f:6e:55:bd:56:28:2b:9d:af:fb:2e:
         37:39:eb:b7:89:8b:54:e6:00:18:08:a4:df:2f:7a:db:4d:64:
         8e:bd:65:b1:82:16:01:ea:fd:00:1a:df:84:90:64:b0:8e:3c:
         39:fd:2d:ad:bd:98:8e:26:f2:17:d1:7e:19:9c:d9:a0:40:49:
         80:70:13:c3:de:95:fb:49:b5:4f:05:0c:c8:54:f6:4d:72:17:
         f6:e0:c4:be:e1:44:9c:59:c9:29:b0:9f:92:c9:90:40:d6:48:
         53:92:1e:bf:9e:1e:21:e8:f0:cb:44:32:d0:fc:8d:c1:c1:59:
         d4:6d:79:f2:eb:af:d7:72:8d:62:12:6c:73:47:18:ec:98:2d:
         18:a3:c9:cc:29:1d:ab:77:9b:87:5b:17:90:63:4d:60:f5:ae:
         c8:2c:2b:dd:26:18:36:6a:9d:e5:d7:81:b1:7b:35:27:ae:4a:
         f7:6f:15:da:63:ca:d3:87:1b:01:25:0d:e2:1c:db:38:6b:4d:
         b9:e5:8e:4d:8d:f2:a6:15:4e:11:d3:f8:a5:8e:fd:17:d7:fb:
         de:12:77:9e:5c:80:96:33:6f:70:1a:0e:f0:51:e2:84:a6:17:
         5c:a7:c2:bd:3b:76:b6:fd:a6:5a:0a:97:92:81:11:19:7f:40:
         c8:74:f0:81
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICAikwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTRDMEQxMTAvBgNVBAUTKEEyQ0QxMEE0N0VENzIzRTFDNDhCNUY1MEQ2ODBDRjRG
NjdGQ0IxRDMwHhcNMjYwNzE3MDM1MTIyWhcNMjYwNzI0MDM1MTIyWjAYMRYwFAYD
VQQDEw02YTU5YTZiYi1kN2UyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxyWNH8fA10rjmO4r8H38Aqp+Eukxkd1YuOV/BzywEnkrAdC4DV9JjtcgEDa+
qiG3OJJFpevaKYq8oTwgw099qIi0rKq5xKZ20d6hoQ2miazgidL3cpUM3e13JfTN
OvG1koNvj2rc93BYwYwERDZx88Vz1I/15n+bjN8wW1VqVhAT1V2SOe+/gz039Mwx
7e18dAh4QJBoERC1oXUIyM+mGOifcadg5QmWifqw5ytEWaPfMhcqZ6ZTR1pJ/iRl
CmBtNY+PS4yf/am01dhRhzsUg7kaSyxtn7X8689V4RQcSe2pzRxqm732qoqlslYs
0jI3MeSwWH98HTtEcT/Bl2EMFQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFDJsJae5
UNya2i2id1fTWZZUt3ANMB8GA1UdIwQYMBaAFKLNEKR+1yPhxItfUNaAz09n/LHT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NEMwRC9BNDcwNzg1RTU3
NTQxMUVFOTQwQ0Q5NTRDNEY5QUUwMi9vczBRcEg3WEktSEVpMTlRMW9EUFQyZjhz
ZE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL29zMFFwSDdYSS1IRWkxOVExb0RQVDJmOHNkTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
NEMwRC9BNDcwNzg1RTU3NTQxMUVFOTQwQ0Q5NTRDNEY5QUUwMi9vczBRcEg3WEkt
SEVpMTlRMW9EUFQyZjhzZE0ubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEAFrTVUjTQFX9uVb1WKCudr/suNznrt4mLVOYAGAik3y96201kjr1lsYIWAer9
ABrfhJBksI48Of0trb2YjibyF9F+GZzZoEBJgHATw96V+0m1TwUMyFT2TXIX9uDE
vuFEnFnJKbCfksmQQNZIU5Iev54eIejwy0Qy0PyNwcFZ1G158uuv13KNYhJsc0cY
7JgtGKPJzCkdq3ebh1sXkGNNYPWuyCwr3SYYNmqd5deBsXs1J65K928V2mPK04cb
ASUN4hzbOGtNueWOTY3yphVOEdP4pY79F9f73hJ3nlyAljNvcBoO8FHihKYXXKfC
vTt2tv2mWgqXkoERGX9AyHTwgQ==
-----END CERTIFICATE-----
Generated at Sat Jul 18 03:28:22 2026 by rpki-client