Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.mft
File:                     MnDzrNlx7t-EYXVI9y5R4ipQPPg.mft (raw, json)
Hash identifier:          cH8vLZa8MuaZBmufLX1GNjJMFw2i8jM4P7cc93Mvi7U=
Subject key identifier:   3E:DE:14:4D:B1:9C:6D:38:A4:93:2D:C0:B9:B2:26:A1:AC:F9:72:87
Authority key identifier: 32:70:F3:AC:D9:71:EE:DF:84:61:75:48:F7:2E:51:E2:2A:50:3C:F8
Certificate issuer:       /CN=A91DA023/serialNumber=3270F3ACD971EEDF84617548F72E51E22A503CF8
Certificate serial:       3550
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.mft
Manifest number:          3550
Signing time:             Sat 04 Jul 2026 15:03:31 +0000
Manifest this update:     Sat 04 Jul 2026 15:03:30 +0000
Manifest next update:     Sat 11 Jul 2026 15:03:30 +0000
Files and hashes:         1: MnDzrNlx7t-EYXVI9y5R4ipQPPg.crl (hash: h2zsNRsfrbzn1Gi4zrEpCP8wqLrN8k8Jyn0X5GoGXTU=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.crl
                          rsync://rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 11 Jul 2026 15:03:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13648 (0x3550)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91DA023, serialNumber=3270F3ACD971EEDF84617548F72E51E22A503CF8
        Validity
            Not Before: Jul  4 15:03:30 2026 GMT
            Not After : Jul 11 15:03:30 2026 GMT
        Subject: CN=6a4920c3-c520
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:85:d3:6b:e3:ef:58:dd:54:8d:1c:e3:0f:8b:
                    d1:c4:e3:a1:9e:ad:8f:5d:84:81:36:28:03:52:26:
                    1e:d9:77:07:aa:c8:eb:34:f1:05:97:00:02:23:7c:
                    76:03:10:e3:7b:0a:89:74:ac:67:53:2b:72:16:50:
                    a7:79:fc:6d:8f:10:6e:5e:8e:9d:91:3a:d7:07:26:
                    c0:c6:9c:aa:03:c2:d4:0e:6f:fd:2c:99:d6:6a:cc:
                    fe:6d:0e:9b:2e:0e:d9:f0:c3:64:f1:2d:23:3c:83:
                    28:f0:cb:f5:81:ee:1a:75:1e:2a:a6:e1:a4:55:3b:
                    1f:1e:55:7d:1e:d7:d6:53:60:38:c7:f6:a7:10:db:
                    39:31:ec:bd:7d:7a:3e:64:89:6f:54:8a:73:99:01:
                    1c:ae:73:9d:72:a3:c7:9d:a3:bf:6f:0a:38:c2:ec:
                    43:a5:14:ab:15:b5:5e:1b:f6:45:8b:b9:3c:b1:e4:
                    0b:47:15:a6:41:d5:76:bd:c7:ca:a5:f3:c0:d0:c5:
                    cf:7c:65:ad:5a:20:38:75:68:5a:ab:10:55:a9:28:
                    e0:ad:b0:7c:30:f8:25:de:32:0a:2d:03:76:44:db:
                    89:8c:1c:ed:37:3a:81:73:ac:be:db:2b:31:5f:a1:
                    16:b5:c3:3c:79:29:16:72:0e:cd:db:b3:04:55:4e:
                    3c:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:DE:14:4D:B1:9C:6D:38:A4:93:2D:C0:B9:B2:26:A1:AC:F9:72:87
            X509v3 Authority Key Identifier:
                keyid:32:70:F3:AC:D9:71:EE:DF:84:61:75:48:F7:2E:51:E2:2A:50:3C:F8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:bb:72:32:e9:12:59:d6:c6:66:1d:cd:97:b5:7a:dc:cb:c4:
         28:7d:56:e3:55:21:9f:da:82:b2:9d:52:42:9d:cd:05:56:e0:
         7e:0b:7c:57:ec:37:28:da:87:86:97:c0:98:22:49:74:5f:ab:
         50:11:b0:8c:02:33:d4:cf:e3:a1:df:8b:ff:79:28:aa:14:5b:
         9e:b3:ae:af:ea:66:a0:b4:ab:06:c4:8f:61:c4:e0:0b:1d:5b:
         f7:72:c7:6d:f7:71:8d:06:b2:00:1c:cd:ff:5c:a7:f6:ad:4e:
         df:7e:db:3b:5a:17:a6:29:2d:4f:3e:ff:5d:57:17:2f:d6:64:
         42:5b:80:9e:4c:31:6f:6a:1e:a6:a1:85:4f:63:ed:9f:65:c0:
         cd:39:fc:30:a1:f8:25:60:1b:07:32:00:93:6e:47:31:37:28:
         33:00:11:2f:22:a8:3c:da:d5:e9:59:fd:98:76:ea:c6:f8:fd:
         2e:4f:e2:63:46:5c:73:e8:f3:76:65:f2:42:9b:53:6a:3b:d4:
         57:07:6d:97:da:33:e2:f5:dc:82:03:96:8a:ea:bc:f0:08:45:
         3b:1e:55:b7:da:70:6d:22:5d:66:fd:87:9f:70:f6:fd:eb:48:
         bd:f4:5b:fe:c9:e5:5e:12:84:e7:02:e2:24:eb:14:9f:1e:97:
         83:9c:cb:55
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICNVAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REEwMjMxMTAvBgNVBAUTKDMyNzBGM0FDRDk3MUVFREY4NDYxNzU0OEY3MkU1MUUy
MkE1MDNDRjgwHhcNMjYwNzA0MTUwMzMwWhcNMjYwNzExMTUwMzMwWjAYMRYwFAYD
VQQDEw02YTQ5MjBjMy1jNTIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA04XTa+PvWN1UjRzjD4vRxOOhnq2PXYSBNigDUiYe2XcHqsjrNPEFlwACI3x2
AxDjewqJdKxnUytyFlCnefxtjxBuXo6dkTrXBybAxpyqA8LUDm/9LJnWasz+bQ6b
Lg7Z8MNk8S0jPIMo8Mv1ge4adR4qpuGkVTsfHlV9HtfWU2A4x/anENs5Mey9fXo+
ZIlvVIpzmQEcrnOdcqPHnaO/bwo4wuxDpRSrFbVeG/ZFi7k8seQLRxWmQdV2vcfK
pfPA0MXPfGWtWiA4dWhaqxBVqSjgrbB8MPgl3jIKLQN2RNuJjBztNzqBc6y+2ysx
X6EWtcM8eSkWcg7N27MEVU48TQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFD7eFE2x
nG04pJMtwLmyJqGs+XKHMB8GA1UdIwQYMBaAFDJw86zZce7fhGF1SPcuUeIqUDz4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQTAyMy82RjE3MkRGMDFE
QTAxMUUyQTFDM0E2OTEwOEIwMkNEMi9NbkR6ck5seDd0LUVZWFZJOXk1UjRpcFFQ
UGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01uRHpyTmx4N3QtRVlYVkk5eTVSNGlwUVBQZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
QTAyMy82RjE3MkRGMDFEQTAxMUUyQTFDM0E2OTEwOEIwMkNEMi9NbkR6ck5seDd0
LUVZWFZJOXk1UjRpcFFQUGcubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEAmLtyMukSWdbGZh3Nl7V63MvEKH1W41Uhn9qCsp1SQp3NBVbgfgt8V+w3KNqH
hpfAmCJJdF+rUBGwjAIz1M/jod+L/3koqhRbnrOur+pmoLSrBsSPYcTgCx1b93LH
bfdxjQayABzN/1yn9q1O337bO1oXpiktTz7/XVcXL9ZkQluAnkwxb2oepqGFT2Pt
n2XAzTn8MKH4JWAbBzIAk25HMTcoMwARLyKoPNrV6Vn9mHbqxvj9Lk/iY0Zcc+jz
dmXyQptTajvUVwdtl9oz4vXcggOWiuq88AhFOx5Vt9pwbSJdZv2Hn3D2/etIvfRb
/snlXhKE5wLiJOsUnx6Xg5zLVQ==
-----END CERTIFICATE-----
Generated at Sun Jul 5 08:40:26 2026 by rpki-client