Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A7369/B1D61942487F11EEA80A024CC4F9AE02/-Q4hD858Z6Lysy3hTusFoEsNEOE.mft
File:                     -Q4hD858Z6Lysy3hTusFoEsNEOE.mft (raw, json)
Hash identifier:          +CfsXWmp59CHVNgrYAzvZs3kHeNOKN7u9ZaK/7+VjZQ=
Subject key identifier:   8A:BE:B8:C7:E3:F6:8D:6C:93:BA:1F:B2:A8:42:EA:4C:45:B0:14:FA
Authority key identifier: F9:0E:21:0F:CE:7C:67:A2:F2:B3:2D:E1:4E:EB:05:A0:4B:0D:10:E1
Certificate issuer:       /CN=A91A7369/serialNumber=F90E210FCE7C67A2F2B32DE14EEB05A04B0D10E1
Certificate serial:       0228
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-Q4hD858Z6Lysy3hTusFoEsNEOE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A7369/B1D61942487F11EEA80A024CC4F9AE02/-Q4hD858Z6Lysy3hTusFoEsNEOE.mft
Manifest number:          0220
Signing time:             Fri 17 Jul 2026 03:44:41 +0000
Manifest this update:     Fri 17 Jul 2026 03:44:41 +0000
Manifest next update:     Fri 24 Jul 2026 03:44:41 +0000
Files and hashes:         1: -Q4hD858Z6Lysy3hTusFoEsNEOE.crl (hash: KQJyagbjex0yj4dtV9vuCP4Wpo68aJFiCFHgnscGYjA=)
                          2: A99E5658488011EE8113A766C4F9AE02.roa (hash: PrGqSAcgp1HdiIpn0vqqOgThVUF4Ys8AxQ1iGGW7VmI=)
                          3: 10A3333E3BAC11F1B91923E195833773.roa (hash: qv+5geqvZuNiYk7aYI5fXtMxpLW2mBJm6HRn38gC5D4=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91A7369/B1D61942487F11EEA80A024CC4F9AE02/-Q4hD858Z6Lysy3hTusFoEsNEOE.crl
                          rsync://rpki.apnic.net/member_repository/A91A7369/B1D61942487F11EEA80A024CC4F9AE02/-Q4hD858Z6Lysy3hTusFoEsNEOE.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-Q4hD858Z6Lysy3hTusFoEsNEOE.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 24 Jul 2026 03:44:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 552 (0x228)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A7369, serialNumber=F90E210FCE7C67A2F2B32DE14EEB05A04B0D10E1
        Validity
            Not Before: Jul 17 03:44:41 2026 GMT
            Not After : Jul 24 03:44:41 2026 GMT
        Subject: CN=6a59a529-0d2a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:5b:f0:2f:42:12:fa:4a:25:b5:47:7f:0c:15:
                    c0:f7:90:91:34:19:d1:aa:d2:39:f6:a2:f1:d6:75:
                    7c:15:c9:cf:c0:aa:85:e1:8a:59:6f:3c:50:1e:6a:
                    c9:d9:59:73:ea:5b:53:f7:be:ec:d8:57:f5:8a:d3:
                    fb:89:04:cd:4c:9a:86:65:9b:da:b0:47:7e:0c:75:
                    61:3f:79:a0:5b:1c:2f:64:9e:ed:ea:ae:8f:58:b1:
                    f7:01:a9:2d:8a:13:57:f1:47:08:6e:2c:29:71:38:
                    dc:c8:27:7c:84:cb:64:57:bd:b1:ef:66:47:fd:58:
                    2c:e9:b6:a6:90:5f:e9:99:ee:a6:83:d3:82:55:88:
                    72:ae:27:12:00:05:74:96:00:16:70:96:b6:5f:ad:
                    44:ef:f2:0e:ed:17:84:28:ce:e4:92:1b:65:c3:7e:
                    6f:63:b5:14:40:54:ac:84:12:f1:e4:22:b0:a3:b8:
                    cf:35:3a:14:66:8b:8f:4a:f7:53:ab:fe:2c:36:d6:
                    56:9d:e0:e5:0c:61:82:66:cc:4b:d7:88:2e:12:75:
                    98:4b:c6:f9:7e:1e:b1:ca:09:d7:98:b7:a7:1e:d9:
                    dd:56:07:d4:80:d3:ab:56:01:31:2d:78:6a:01:be:
                    b4:9f:86:ca:6c:5c:ef:96:9c:01:cd:44:12:a2:54:
                    55:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:BE:B8:C7:E3:F6:8D:6C:93:BA:1F:B2:A8:42:EA:4C:45:B0:14:FA
            X509v3 Authority Key Identifier:
                keyid:F9:0E:21:0F:CE:7C:67:A2:F2:B3:2D:E1:4E:EB:05:A0:4B:0D:10:E1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A7369/B1D61942487F11EEA80A024CC4F9AE02/-Q4hD858Z6Lysy3hTusFoEsNEOE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-Q4hD858Z6Lysy3hTusFoEsNEOE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A7369/B1D61942487F11EEA80A024CC4F9AE02/-Q4hD858Z6Lysy3hTusFoEsNEOE.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:a3:5a:e4:d1:66:e7:64:89:61:d8:20:d1:b9:90:c2:14:45:
         64:c7:67:51:c3:29:18:ee:fe:21:80:14:5a:5a:cb:f2:ac:5d:
         0d:62:d3:36:06:f3:1f:27:cf:bc:45:dc:be:23:44:df:d1:c5:
         68:43:fc:f7:ab:5b:05:d1:71:61:cc:fe:cc:fb:4e:31:95:99:
         67:1c:75:44:d8:fa:6e:a6:10:69:66:78:46:80:81:2d:af:3d:
         58:06:94:db:2b:f5:f1:2b:ad:dc:60:2d:a5:0c:4c:8d:b9:c0:
         15:4f:9c:70:b2:c2:9a:72:ab:e5:f6:d2:a9:9a:b6:a3:59:31:
         53:e1:f4:8b:94:e3:78:31:0c:52:c6:82:fa:30:e8:de:42:b1:
         92:28:d0:23:2a:b0:17:19:f3:0d:fb:f0:69:3f:2e:af:81:3c:
         a1:ca:c6:93:2b:c7:9f:aa:70:c2:76:c5:db:27:cb:10:23:fc:
         52:ce:5a:81:33:dd:68:00:27:b2:08:86:94:67:87:1c:5a:1a:
         90:22:2f:97:22:55:08:20:af:b0:09:13:a2:f5:e2:b2:7c:35:
         b1:93:2c:13:6a:05:76:85:d5:5c:08:61:ca:9f:e5:44:d6:2f:
         25:2c:37:e6:40:4b:21:02:69:d5:ed:38:c0:35:98:41:5e:38:
         2a:6d:f7:79
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICAigwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTczNjkxMTAvBgNVBAUTKEY5MEUyMTBGQ0U3QzY3QTJGMkIzMkRFMTRFRUIwNUEw
NEIwRDEwRTEwHhcNMjYwNzE3MDM0NDQxWhcNMjYwNzI0MDM0NDQxWjAYMRYwFAYD
VQQDEw02YTU5YTUyOS0wZDJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsVvwL0IS+koltUd/DBXA95CRNBnRqtI59qLx1nV8FcnPwKqF4YpZbzxQHmrJ
2Vlz6ltT977s2Ff1itP7iQTNTJqGZZvasEd+DHVhP3mgWxwvZJ7t6q6PWLH3Aakt
ihNX8UcIbiwpcTjcyCd8hMtkV72x72ZH/Vgs6bamkF/pme6mg9OCVYhyricSAAV0
lgAWcJa2X61E7/IO7ReEKM7kkhtlw35vY7UUQFSshBLx5CKwo7jPNToUZouPSvdT
q/4sNtZWneDlDGGCZsxL14guEnWYS8b5fh6xygnXmLenHtndVgfUgNOrVgExLXhq
Ab60n4bKbFzvlpwBzUQSolRVCwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFIq+uMfj
9o1sk7ofsqhC6kxFsBT6MB8GA1UdIwQYMBaAFPkOIQ/OfGei8rMt4U7rBaBLDRDh
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNzM2OS9CMUQ2MTk0MjQ4
N0YxMUVFQTgwQTAyNENDNEY5QUUwMi8tUTRoRDg1OFo2THlzeTNoVHVzRm9Fc05F
T0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLy1RNGhEODU4WjZMeXN5M2hUdXNGb0VzTkVPRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
NzM2OS9CMUQ2MTk0MjQ4N0YxMUVFQTgwQTAyNENDNEY5QUUwMi8tUTRoRDg1OFo2
THlzeTNoVHVzRm9Fc05FT0UubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEAVKNa5NFm52SJYdgg0bmQwhRFZMdnUcMpGO7+IYAUWlrL8qxdDWLTNgbzHyfP
vEXcviNE39HFaEP896tbBdFxYcz+zPtOMZWZZxx1RNj6bqYQaWZ4RoCBLa89WAaU
2yv18Sut3GAtpQxMjbnAFU+ccLLCmnKr5fbSqZq2o1kxU+H0i5TjeDEMUsaC+jDo
3kKxkijQIyqwFxnzDfvwaT8ur4E8ocrGkyvHn6pwwnbF2yfLECP8Us5agTPdaAAn
sgiGlGeHHFoakCIvlyJVCCCvsAkTovXisnw1sZMsE2oFdoXVXAhhyp/lRNYvJSw3
5kBLIQJp1e04wDWYQV44Km33eQ==
-----END CERTIFICATE-----
Generated at Sat Jul 18 12:06:53 2026 by rpki-client