Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9198267/02C86EAA78CB11EA820D7274C4F9AE02/OPsGr2SfQA9ROZSTW-335JJwyKo.mft
File:                     OPsGr2SfQA9ROZSTW-335JJwyKo.mft (raw, json)
Hash identifier:          RiZGfgna5ELEvpRkGvfZMnJZ2Z+YzjGBpG0Inikt8fw=
Subject key identifier:   98:3A:A7:EB:10:3E:80:BA:F9:87:21:EA:B0:C8:F1:F2:26:D1:59:5B
Authority key identifier: 38:FB:06:AF:64:9F:40:0F:51:39:94:93:5B:ED:F7:E4:92:70:C8:AA
Certificate issuer:       /CN=A9198267/serialNumber=38FB06AF649F400F513994935BEDF7E49270C8AA
Certificate serial:       0ADB
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OPsGr2SfQA9ROZSTW-335JJwyKo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9198267/02C86EAA78CB11EA820D7274C4F9AE02/OPsGr2SfQA9ROZSTW-335JJwyKo.mft
Manifest number:          0ACA
Signing time:             Sat 04 Jul 2026 19:34:00 +0000
Manifest this update:     Sat 04 Jul 2026 19:34:00 +0000
Manifest next update:     Sat 11 Jul 2026 19:34:00 +0000
Files and hashes:         1: OPsGr2SfQA9ROZSTW-335JJwyKo.crl (hash: 6LtzIFYiidGJ4HyU7Pw/PXNoMPxaa30y7SXL9LoWPsQ=)
                          2: 2F43EE7278CC11EAB69DAC75C4F9AE02.roa (hash: RCg1Rl9BMePurgmT4FLJMdQ57mTRP5HppFNnGUt/YQk=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9198267/02C86EAA78CB11EA820D7274C4F9AE02/OPsGr2SfQA9ROZSTW-335JJwyKo.crl
                          rsync://rpki.apnic.net/member_repository/A9198267/02C86EAA78CB11EA820D7274C4F9AE02/OPsGr2SfQA9ROZSTW-335JJwyKo.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OPsGr2SfQA9ROZSTW-335JJwyKo.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 11 Jul 2026 19:33:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2779 (0xadb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9198267, serialNumber=38FB06AF649F400F513994935BEDF7E49270C8AA
        Validity
            Not Before: Jul  4 19:34:00 2026 GMT
            Not After : Jul 11 19:34:00 2026 GMT
        Subject: CN=6a496028-9bd6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:ca:71:be:4b:a6:61:4d:ee:9e:e5:90:6e:4f:
                    24:3c:e5:d2:d2:9b:fb:a8:e3:10:fe:42:c4:58:8d:
                    ca:71:6a:eb:b5:51:be:86:a2:bb:e5:86:93:aa:0a:
                    57:ba:db:37:b7:c8:50:c3:26:a6:63:bb:6d:c5:c6:
                    11:84:2c:39:6b:ba:d5:fa:6f:e4:3d:24:07:ec:57:
                    44:bd:d5:14:61:a4:24:17:26:4b:76:a5:79:08:36:
                    26:57:94:98:19:e8:5d:80:a8:e5:4c:62:cb:d8:66:
                    b7:6a:08:6a:73:62:be:f0:60:84:89:51:34:59:9e:
                    a6:0c:db:47:41:16:dd:44:74:be:d0:b8:1a:65:a3:
                    c3:62:00:82:01:3d:a2:1d:5b:70:bf:1f:e9:d5:27:
                    bb:10:90:52:8b:91:f9:f2:87:4d:34:61:93:3f:8e:
                    e0:4b:ee:07:74:fd:40:ec:37:c1:d9:20:1d:9b:1d:
                    74:f6:ed:12:7b:80:13:8c:a9:78:80:9e:97:68:81:
                    f0:58:a4:33:82:19:fd:ac:92:b2:de:b2:17:60:dd:
                    ef:9e:f8:22:78:35:36:15:3c:d8:d8:7d:25:14:0b:
                    c7:71:06:e3:82:c8:67:07:ac:33:fa:49:92:03:69:
                    91:96:07:0e:fc:f6:c9:16:de:52:6e:51:b0:86:b7:
                    77:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:3A:A7:EB:10:3E:80:BA:F9:87:21:EA:B0:C8:F1:F2:26:D1:59:5B
            X509v3 Authority Key Identifier:
                keyid:38:FB:06:AF:64:9F:40:0F:51:39:94:93:5B:ED:F7:E4:92:70:C8:AA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9198267/02C86EAA78CB11EA820D7274C4F9AE02/OPsGr2SfQA9ROZSTW-335JJwyKo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OPsGr2SfQA9ROZSTW-335JJwyKo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9198267/02C86EAA78CB11EA820D7274C4F9AE02/OPsGr2SfQA9ROZSTW-335JJwyKo.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:93:cd:b2:07:13:4e:02:fc:e6:80:72:14:f2:83:0e:fc:dd:
         bf:d5:b5:df:58:c2:de:bc:c5:36:8c:01:87:2a:e5:3d:e9:04:
         0a:23:59:b9:90:ac:03:65:53:f1:32:e7:8a:2d:84:03:8d:54:
         e9:0e:2e:52:43:f9:f5:71:70:9d:3d:39:42:30:68:fb:2e:ac:
         2b:da:e7:49:a5:5e:c7:b4:6e:37:74:09:16:0d:8b:d8:57:7b:
         bc:93:3d:99:30:38:a5:9b:c0:0c:02:a9:2c:69:7d:59:4c:f8:
         37:98:b2:a8:4b:c0:bd:17:e8:48:2d:99:d2:45:fa:0f:30:81:
         e2:96:18:30:c8:e1:af:ed:16:21:c5:d6:a7:2c:30:87:27:20:
         a9:5b:88:47:14:24:1e:03:f5:c4:31:08:90:ef:f9:a0:8c:fc:
         46:c7:e2:60:f5:46:51:44:f6:6c:2f:a1:c8:ae:ca:19:23:25:
         64:b7:41:45:15:4b:e6:ee:10:07:bb:96:26:a4:63:4d:ec:2a:
         57:06:10:04:de:3c:15:3b:55:0d:69:6f:40:63:cc:08:8b:7e:
         18:33:38:0b:b0:d6:c7:36:86:95:80:46:a2:4b:32:fd:e0:a3:
         6e:08:92:8e:42:18:0d:61:82:dc:eb:c4:ca:4f:83:e2:2e:69:
         d5:b8:50:dc
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICCtswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTgyNjcxMTAvBgNVBAUTKDM4RkIwNkFGNjQ5RjQwMEY1MTM5OTQ5MzVCRURGN0U0
OTI3MEM4QUEwHhcNMjYwNzA0MTkzNDAwWhcNMjYwNzExMTkzNDAwWjAYMRYwFAYD
VQQDEw02YTQ5NjAyOC05YmQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAjspxvkumYU3unuWQbk8kPOXS0pv7qOMQ/kLEWI3KcWrrtVG+hqK75YaTqgpX
uts3t8hQwyamY7ttxcYRhCw5a7rV+m/kPSQH7FdEvdUUYaQkFyZLdqV5CDYmV5SY
GehdgKjlTGLL2Ga3aghqc2K+8GCEiVE0WZ6mDNtHQRbdRHS+0LgaZaPDYgCCAT2i
HVtwvx/p1Se7EJBSi5H58odNNGGTP47gS+4HdP1A7DfB2SAdmx109u0Se4ATjKl4
gJ6XaIHwWKQzghn9rJKy3rIXYN3vnvgieDU2FTzY2H0lFAvHcQbjgshnB6wz+kmS
A2mRlgcO/PbJFt5SblGwhrd3CwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFJg6p+sQ
PoC6+Ych6rDI8fIm0VlbMB8GA1UdIwQYMBaAFDj7Bq9kn0APUTmUk1vt9+SScMiq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5ODI2Ny8wMkM4NkVBQTc4
Q0IxMUVBODIwRDcyNzRDNEY5QUUwMi9PUHNHcjJTZlFBOVJPWlNUVy0zMzVKSnd5
S28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09Qc0dyMlNmUUE5Uk9aU1RXLTMzNUpKd3lLby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
ODI2Ny8wMkM4NkVBQTc4Q0IxMUVBODIwRDcyNzRDNEY5QUUwMi9PUHNHcjJTZlFB
OVJPWlNUVy0zMzVKSnd5S28ubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEAHZPNsgcTTgL85oByFPKDDvzdv9W131jC3rzFNowBhyrlPekECiNZuZCsA2VT
8TLnii2EA41U6Q4uUkP59XFwnT05QjBo+y6sK9rnSaVex7RuN3QJFg2L2Fd7vJM9
mTA4pZvADAKpLGl9WUz4N5iyqEvAvRfoSC2Z0kX6DzCB4pYYMMjhr+0WIcXWpyww
hycgqVuIRxQkHgP1xDEIkO/5oIz8RsfiYPVGUUT2bC+hyK7KGSMlZLdBRRVL5u4Q
B7uWJqRjTewqVwYQBN48FTtVDWlvQGPMCIt+GDM4C7DWxzaGlYBGoksy/eCjbgiS
jkIYDWGC3OvEyk+D4i5p1bhQ3A==
-----END CERTIFICATE-----
Generated at Sun Jul 5 07:55:22 2026 by rpki-client