Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91982EF/FC650B72B71D11EF8982C40CC4F9AE02/hxl_1UbcMVIxEd2TkLG6Pz1wJlY.mft
File:                     hxl_1UbcMVIxEd2TkLG6Pz1wJlY.mft (raw, json)
Hash identifier:          1EP8M6Eef1f+IxRr/4/BRJ68+4ZX7e19iEayncwEdtA=
Subject key identifier:   1D:5E:F6:39:A8:B3:8A:8B:38:70:BA:1B:FE:FB:5D:4D:EB:F0:88:F2
Authority key identifier: 87:19:7F:D5:46:DC:31:52:31:11:DD:93:90:B1:BA:3F:3D:70:26:56
Certificate issuer:       /CN=A91982EF/serialNumber=87197FD546DC31523111DD9390B1BA3F3D702656
Certificate serial:       0155
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hxl_1UbcMVIxEd2TkLG6Pz1wJlY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91982EF/FC650B72B71D11EF8982C40CC4F9AE02/hxl_1UbcMVIxEd2TkLG6Pz1wJlY.mft
Manifest number:          0134
Signing time:             Sun 05 Jul 2026 06:23:27 +0000
Manifest this update:     Sun 05 Jul 2026 06:23:27 +0000
Manifest next update:     Sun 12 Jul 2026 06:23:27 +0000
Files and hashes:         1: hxl_1UbcMVIxEd2TkLG6Pz1wJlY.crl (hash: 3P+GJ56NcIMDP4dHXsTeVhU6r6itv+H4bMKgIouh5wQ=)
                          2: 1A3A1E2C287D11F18C83C945A7833773.roa (hash: Ga/vGf3pYAE0aZeA1OVe1QY6DoiwmNjQ7QadAkBsWIc=)
                          3: F33309A2B72011EFB3A5D772C4F9AE02.roa (hash: HYHec9orOca+00gsDqMx8Gss9C7gqHvPJgzKMMmNDKk=)
                          4: 3A8C7518B72111EFA9A92F26C4F9AE02.roa (hash: wy1fO8emrrb11LIF29YjzsQF2VR/akidMRTHMxAcTfI=)
                          5: 98AEAB84B72111EF8A087D30C4F9AE02.roa (hash: j2Hz+mynGpqLJnmZlqehevWYxoqbcW99ZISJiOfwTiY=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91982EF/FC650B72B71D11EF8982C40CC4F9AE02/hxl_1UbcMVIxEd2TkLG6Pz1wJlY.crl
                          rsync://rpki.apnic.net/member_repository/A91982EF/FC650B72B71D11EF8982C40CC4F9AE02/hxl_1UbcMVIxEd2TkLG6Pz1wJlY.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hxl_1UbcMVIxEd2TkLG6Pz1wJlY.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 12 Jul 2026 06:23:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 341 (0x155)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91982EF, serialNumber=87197FD546DC31523111DD9390B1BA3F3D702656
        Validity
            Not Before: Jul  5 06:23:27 2026 GMT
            Not After : Jul 12 06:23:27 2026 GMT
        Subject: CN=6a49f85f-43e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:58:9e:d1:d4:97:66:ab:f6:6b:eb:54:13:ce:
                    22:55:65:de:bf:dd:ff:6e:4e:04:2a:03:34:e4:8b:
                    61:d7:2c:49:f1:d7:6b:90:65:ae:4b:09:10:c4:ca:
                    c7:46:a4:64:c4:7a:22:86:e9:45:f1:65:f8:4b:84:
                    3d:42:e1:0f:a7:c6:0b:ce:fc:85:2c:9b:94:c4:ac:
                    ea:73:30:f1:70:bb:74:ac:e5:34:19:3d:ce:9b:ef:
                    62:84:52:4d:01:0d:a8:39:4f:56:f8:3d:44:bc:ab:
                    71:0b:0a:37:68:fa:30:55:ca:02:19:83:e2:58:69:
                    b1:88:da:b0:e6:aa:e6:61:38:3c:f1:fa:eb:41:74:
                    c3:22:ef:ac:f9:b7:d0:02:b7:c3:f6:e1:67:47:a9:
                    16:cf:c6:09:35:37:77:dd:fe:11:d0:1a:93:5d:29:
                    57:1e:76:4e:92:62:3e:12:82:5b:c3:af:bf:25:b6:
                    61:50:19:2c:90:aa:79:b4:37:eb:6b:e6:60:00:25:
                    5f:74:63:e7:14:e5:b1:78:8b:3b:75:58:74:23:5d:
                    18:22:62:94:56:4d:e5:93:af:f3:84:86:61:10:d6:
                    2c:0a:ca:08:e0:10:c8:e5:11:bb:11:7b:a1:df:d6:
                    f8:6e:7e:61:7e:70:5f:ae:52:5e:7a:22:e1:8d:2f:
                    c3:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:5E:F6:39:A8:B3:8A:8B:38:70:BA:1B:FE:FB:5D:4D:EB:F0:88:F2
            X509v3 Authority Key Identifier:
                keyid:87:19:7F:D5:46:DC:31:52:31:11:DD:93:90:B1:BA:3F:3D:70:26:56

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91982EF/FC650B72B71D11EF8982C40CC4F9AE02/hxl_1UbcMVIxEd2TkLG6Pz1wJlY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hxl_1UbcMVIxEd2TkLG6Pz1wJlY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91982EF/FC650B72B71D11EF8982C40CC4F9AE02/hxl_1UbcMVIxEd2TkLG6Pz1wJlY.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:1a:54:18:5f:c9:8f:72:d1:07:f3:cb:0f:91:b0:54:f1:80:
         fc:2e:97:3b:78:65:35:c6:89:66:2a:2d:46:dd:b5:22:23:6c:
         f2:11:31:da:b9:68:a6:91:e1:8c:2e:81:f8:d9:ad:57:3e:65:
         17:4e:3e:b3:d5:cf:78:4a:11:c9:fd:79:a5:be:a6:32:3a:9c:
         8d:79:0e:9b:7f:ff:0f:8c:c2:b3:e4:af:d1:38:28:d4:97:c0:
         2d:3f:4f:73:7e:a1:91:51:14:eb:aa:ff:67:88:11:33:b7:b8:
         ee:c8:b3:7d:1d:f9:a9:a7:7d:b0:7d:85:7f:a7:15:49:0c:fd:
         fe:c0:4a:8c:43:bb:b1:a8:45:08:17:f1:94:10:f1:6c:07:70:
         fd:2d:79:59:98:97:e7:f9:a0:c9:2d:14:bd:4f:04:65:b5:5c:
         35:e2:d3:ba:5d:1a:28:2a:ac:b1:48:29:8c:c2:4b:97:14:1c:
         dc:8a:e1:6f:cc:75:cd:21:c8:3c:2d:db:7c:75:4e:ff:c5:5f:
         5f:d7:54:5e:97:df:1a:e0:b6:c1:5f:d3:0b:81:62:75:1f:0d:
         4e:17:24:c5:7e:d0:e6:74:11:52:92:e0:9f:d6:2d:b6:66:29:
         ac:22:29:64:c5:15:57:bd:99:a9:c6:60:15:de:83:4a:0d:3a:
         b6:e9:ae:d0
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICAVUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTgyRUYxMTAvBgNVBAUTKDg3MTk3RkQ1NDZEQzMxNTIzMTExREQ5MzkwQjFCQTNG
M0Q3MDI2NTYwHhcNMjYwNzA1MDYyMzI3WhcNMjYwNzEyMDYyMzI3WjAYMRYwFAYD
VQQDEw02YTQ5Zjg1Zi00M2U4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAylie0dSXZqv2a+tUE84iVWXev93/bk4EKgM05Ith1yxJ8ddrkGWuSwkQxMrH
RqRkxHoihulF8WX4S4Q9QuEPp8YLzvyFLJuUxKzqczDxcLt0rOU0GT3Om+9ihFJN
AQ2oOU9W+D1EvKtxCwo3aPowVcoCGYPiWGmxiNqw5qrmYTg88frrQXTDIu+s+bfQ
ArfD9uFnR6kWz8YJNTd33f4R0BqTXSlXHnZOkmI+EoJbw6+/JbZhUBkskKp5tDfr
a+ZgACVfdGPnFOWxeIs7dVh0I10YImKUVk3lk6/zhIZhENYsCsoI4BDI5RG7EXuh
39b4bn5hfnBfrlJeeiLhjS/D4QIDAQABo4ICczCCAm8wHQYDVR0OBBYEFB1e9jmo
s4qLOHC6G/77XU3r8IjyMB8GA1UdIwQYMBaAFIcZf9VG3DFSMRHdk5Cxuj89cCZW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5ODJFRi9GQzY1MEI3MkI3
MUQxMUVGODk4MkM0MENDNEY5QUUwMi9oeGxfMVViY01WSXhFZDJUa0xHNlB6MXdK
bFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h4bF8xVWJjTVZJeEVkMlRrTEc2UHoxd0psWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
ODJFRi9GQzY1MEI3MkI3MUQxMUVGODk4MkM0MENDNEY5QUUwMi9oeGxfMVViY01W
SXhFZDJUa0xHNlB6MXdKbFkubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEAkRpUGF/Jj3LRB/PLD5GwVPGA/C6XO3hlNcaJZiotRt21IiNs8hEx2rloppHh
jC6B+NmtVz5lF04+s9XPeEoRyf15pb6mMjqcjXkOm3//D4zCs+Sv0Tgo1JfALT9P
c36hkVEU66r/Z4gRM7e47sizfR35qad9sH2Ff6cVSQz9/sBKjEO7sahFCBfxlBDx
bAdw/S15WZiX5/mgyS0UvU8EZbVcNeLTul0aKCqssUgpjMJLlxQc3Irhb8x1zSHI
PC3bfHVO/8VfX9dUXpffGuC2wV/TC4FidR8NThckxX7Q5nQRUpLgn9YttmYprCIp
ZMUVV72ZqcZgFd6DSg06tumu0A==
-----END CERTIFICATE-----
Generated at Mon Jul 6 21:09:58 2026 by rpki-client