Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91CAFC4/BC6062DCAF8A11EA8542D85FC4F9AE02/bxP1UQCfJIptmHQ2AE6FeVFWkns.mft
File:                     bxP1UQCfJIptmHQ2AE6FeVFWkns.mft (raw, json)
Hash identifier:          riYU4BBNCJ5+AVLCtWrkAdNRxLFogB+n5PYSoSrDuqw=
Subject key identifier:   DA:86:48:6A:0F:35:56:1F:52:A0:6A:88:1D:07:F0:8B:53:6D:6D:75
Authority key identifier: 6F:13:F5:51:00:9F:24:8A:6D:98:74:36:00:4E:85:79:51:56:92:7B
Certificate issuer:       /CN=A91CAFC4/serialNumber=6F13F551009F248A6D987436004E85795156927B
Certificate serial:       09D5
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bxP1UQCfJIptmHQ2AE6FeVFWkns.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91CAFC4/BC6062DCAF8A11EA8542D85FC4F9AE02/bxP1UQCfJIptmHQ2AE6FeVFWkns.mft
Manifest number:          09BF
Signing time:             Mon 06 Jul 2026 20:24:27 +0000
Manifest this update:     Mon 06 Jul 2026 20:24:26 +0000
Manifest next update:     Mon 13 Jul 2026 20:24:26 +0000
Files and hashes:         1: bxP1UQCfJIptmHQ2AE6FeVFWkns.crl (hash: qjx2zd0DDPmv56R7cDeuJxvQO1o+bMBk6EOvf+HMxCE=)
                          2: D2039A56AABC11EEA0370F2CC4F9AE02.roa (hash: ynhPE5wAgaVqH7nCW5tR8ne/clm5wNEfqCy2a6X1yEk=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91CAFC4/BC6062DCAF8A11EA8542D85FC4F9AE02/bxP1UQCfJIptmHQ2AE6FeVFWkns.crl
                          rsync://rpki.apnic.net/member_repository/A91CAFC4/BC6062DCAF8A11EA8542D85FC4F9AE02/bxP1UQCfJIptmHQ2AE6FeVFWkns.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bxP1UQCfJIptmHQ2AE6FeVFWkns.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 13 Jul 2026 20:24:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2517 (0x9d5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91CAFC4, serialNumber=6F13F551009F248A6D987436004E85795156927B
        Validity
            Not Before: Jul  6 20:24:26 2026 GMT
            Not After : Jul 13 20:24:26 2026 GMT
        Subject: CN=6a4c0efa-c812
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:3e:75:5a:72:e3:03:be:ea:6c:df:53:fc:67:
                    0a:6f:6b:b9:34:97:54:ed:48:f7:67:46:01:7f:f9:
                    be:7a:30:5f:eb:03:17:ea:7d:61:34:76:48:b7:06:
                    ec:fd:3c:f9:ab:89:11:10:53:fa:3d:1b:b8:e7:21:
                    30:cb:e3:42:ec:af:12:6b:a1:de:b4:cb:0f:39:f4:
                    09:e5:7e:3f:46:79:2a:b0:98:01:6a:12:49:82:52:
                    60:65:38:5b:6c:56:36:7b:7d:b7:bf:7d:0c:15:8e:
                    24:3f:74:2b:fa:27:4c:b8:47:08:2e:48:01:32:86:
                    9f:01:27:76:e6:53:84:e0:f9:b5:ec:f6:1f:2e:9d:
                    9f:24:03:d2:c0:b4:a9:bf:ee:bb:cd:d0:17:8a:ee:
                    52:5e:95:c2:0f:30:f9:93:13:df:59:cf:40:fa:fe:
                    48:7d:2b:3d:52:44:c7:cc:6e:1b:28:04:49:5d:60:
                    8e:3f:6c:ed:06:7c:ad:fc:b8:5e:0e:ec:4d:6c:a7:
                    9b:1c:df:03:3e:20:d7:36:b1:ab:26:ce:27:39:c2:
                    56:30:8a:34:da:fc:5c:66:98:3a:cc:73:09:f8:83:
                    9d:fd:e2:8a:ce:78:db:32:05:8a:91:e9:42:a2:f0:
                    8c:41:ea:5f:57:33:6f:b0:79:fc:ef:c9:85:27:70:
                    36:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:86:48:6A:0F:35:56:1F:52:A0:6A:88:1D:07:F0:8B:53:6D:6D:75
            X509v3 Authority Key Identifier:
                keyid:6F:13:F5:51:00:9F:24:8A:6D:98:74:36:00:4E:85:79:51:56:92:7B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91CAFC4/BC6062DCAF8A11EA8542D85FC4F9AE02/bxP1UQCfJIptmHQ2AE6FeVFWkns.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bxP1UQCfJIptmHQ2AE6FeVFWkns.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CAFC4/BC6062DCAF8A11EA8542D85FC4F9AE02/bxP1UQCfJIptmHQ2AE6FeVFWkns.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:3b:11:f4:d4:dc:95:12:b9:ff:c1:81:5f:e6:97:0c:66:a9:
         45:20:12:71:bb:78:a0:81:ee:27:37:56:22:79:82:35:97:96:
         96:c5:25:07:5d:71:8c:05:d0:ff:ec:2b:18:df:52:1b:7c:62:
         cc:0e:ea:87:f8:b7:25:dd:63:32:59:b5:c8:b9:2c:68:08:ee:
         9b:0a:80:93:66:fa:eb:95:5c:3b:ed:21:96:35:14:12:e4:60:
         35:7f:62:f3:4c:9e:e1:7c:53:00:53:f2:cf:40:eb:d8:52:5c:
         e3:75:e0:43:af:62:36:05:49:ae:ea:64:53:6a:85:ba:b8:74:
         8f:9b:95:92:0c:c6:84:c9:97:43:12:90:46:4e:4e:d5:ac:b4:
         69:82:28:40:28:47:e1:be:4b:10:76:11:7b:e1:09:8b:c2:92:
         ab:c9:2f:40:75:6e:0f:38:02:b5:83:17:d2:5b:b8:36:e9:dc:
         3b:21:f7:24:8a:b2:85:34:91:2d:78:1c:f1:2e:30:d6:af:32:
         4b:c4:0b:c6:9a:e4:d1:61:40:30:f0:a5:52:6e:e3:b3:cd:1f:
         91:17:96:64:b4:20:e4:67:20:db:54:eb:88:19:77:d1:0a:e5:
         58:83:73:bc:c1:d2:92:3f:de:7c:00:e1:6f:62:ac:42:60:a2:
         56:e9:55:7f
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICCdUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0FGQzQxMTAvBgNVBAUTKDZGMTNGNTUxMDA5RjI0OEE2RDk4NzQzNjAwNEU4NTc5
NTE1NjkyN0IwHhcNMjYwNzA2MjAyNDI2WhcNMjYwNzEzMjAyNDI2WjAYMRYwFAYD
VQQDEw02YTRjMGVmYS1jODEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApT51WnLjA77qbN9T/GcKb2u5NJdU7Uj3Z0YBf/m+ejBf6wMX6n1hNHZItwbs
/Tz5q4kREFP6PRu45yEwy+NC7K8Sa6HetMsPOfQJ5X4/RnkqsJgBahJJglJgZThb
bFY2e323v30MFY4kP3Qr+idMuEcILkgBMoafASd25lOE4Pm17PYfLp2fJAPSwLSp
v+67zdAXiu5SXpXCDzD5kxPfWc9A+v5IfSs9UkTHzG4bKARJXWCOP2ztBnyt/Lhe
DuxNbKebHN8DPiDXNrGrJs4nOcJWMIo02vxcZpg6zHMJ+IOd/eKKznjbMgWKkelC
ovCMQepfVzNvsHn878mFJ3A2dwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFNqGSGoP
NVYfUqBqiB0H8ItTbW11MB8GA1UdIwQYMBaAFG8T9VEAnySKbZh0NgBOhXlRVpJ7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQUZDNC9CQzYwNjJEQ0FG
OEExMUVBODU0MkQ4NUZDNEY5QUUwMi9ieFAxVVFDZkpJcHRtSFEyQUU2RmVWRldr
bnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2J4UDFVUUNmSklwdG1IUTJBRTZGZVZGV2tucy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
QUZDNC9CQzYwNjJEQ0FGOEExMUVBODU0MkQ4NUZDNEY5QUUwMi9ieFAxVVFDZkpJ
cHRtSFEyQUU2RmVWRldrbnMubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEAHTsR9NTclRK5/8GBX+aXDGapRSAScbt4oIHuJzdWInmCNZeWlsUlB11xjAXQ
/+wrGN9SG3xizA7qh/i3Jd1jMlm1yLksaAjumwqAk2b665VcO+0hljUUEuRgNX9i
80ye4XxTAFPyz0Dr2FJc43XgQ69iNgVJrupkU2qFurh0j5uVkgzGhMmXQxKQRk5O
1ay0aYIoQChH4b5LEHYRe+EJi8KSq8kvQHVuDzgCtYMX0lu4NuncOyH3JIqyhTSR
LXgc8S4w1q8yS8QLxprk0WFAMPClUm7js80fkReWZLQg5Gcg21TriBl30QrlWINz
vMHSkj/efADhb2KsQmCiVulVfw==
-----END CERTIFICATE-----
Generated at Wed Jul 8 14:37:07 2026 by rpki-client