Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91DCCB3/41FD6016895C11EA890C6343C4F9AE02/yq3LrMUbKkZS3XMHTygsM00BAnc.mft
File:                     yq3LrMUbKkZS3XMHTygsM00BAnc.mft (raw, json)
Hash identifier:          gTR7llgvCohSdesE85LOyKssrO8G2PhnLAUL7l2a824=
Subject key identifier:   1F:D8:08:87:0A:5D:0E:41:92:17:85:1F:68:A5:C3:E3:48:AF:3C:48
Authority key identifier: CA:AD:CB:AC:C5:1B:2A:46:52:DD:73:07:4F:28:2C:33:4D:01:02:77
Certificate issuer:       /CN=A91DCCB3/serialNumber=CAADCBACC51B2A4652DD73074F282C334D010277
Certificate serial:       0A73
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yq3LrMUbKkZS3XMHTygsM00BAnc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91DCCB3/41FD6016895C11EA890C6343C4F9AE02/yq3LrMUbKkZS3XMHTygsM00BAnc.mft
Manifest number:          0A6A
Signing time:             Sat 04 Jul 2026 19:44:29 +0000
Manifest this update:     Sat 04 Jul 2026 19:44:28 +0000
Manifest next update:     Sat 11 Jul 2026 19:44:28 +0000
Files and hashes:         1: yq3LrMUbKkZS3XMHTygsM00BAnc.crl (hash: a8q9Ho+1d1jEbCgqNQllFxFtAcz6MYMJ6FQN3SZI6Ac=)
                          2: 57EE11D0895D11EA81B43245C4F9AE02.roa (hash: VjRNecW0vXmHI7IX4ZkzrAT4JcWtKoRZ3oauY1DQFzQ=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91DCCB3/41FD6016895C11EA890C6343C4F9AE02/yq3LrMUbKkZS3XMHTygsM00BAnc.crl
                          rsync://rpki.apnic.net/member_repository/A91DCCB3/41FD6016895C11EA890C6343C4F9AE02/yq3LrMUbKkZS3XMHTygsM00BAnc.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yq3LrMUbKkZS3XMHTygsM00BAnc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 11 Jul 2026 19:44:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2675 (0xa73)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91DCCB3, serialNumber=CAADCBACC51B2A4652DD73074F282C334D010277
        Validity
            Not Before: Jul  4 19:44:28 2026 GMT
            Not After : Jul 11 19:44:28 2026 GMT
        Subject: CN=6a49629d-1b9b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:b2:c2:b2:2a:5d:b2:64:ad:92:73:ef:4c:d5:
                    93:cb:d0:c0:f1:5a:0f:92:09:e7:60:34:e4:9e:dc:
                    c1:dd:ba:8a:86:2b:9a:3a:f8:e2:a4:8f:22:0e:b7:
                    70:85:97:35:22:73:49:61:4e:7f:f1:ae:c0:38:a5:
                    4d:1a:13:d5:6f:ae:e0:c8:a6:e9:b2:1b:f7:fa:62:
                    37:25:e8:02:39:f6:55:27:a5:33:1b:3a:0f:30:72:
                    c8:ba:30:1d:25:5e:58:64:c0:c9:36:62:9d:30:af:
                    65:9f:96:1f:e9:2a:63:89:3d:25:a9:18:ec:32:de:
                    2f:ef:2e:5e:e4:3b:66:4c:42:2e:f6:e7:9c:0e:8c:
                    d7:ec:89:31:72:86:ec:d3:72:40:cf:65:8c:12:ec:
                    05:8f:52:55:4f:35:c4:8b:09:0a:93:0d:ea:58:52:
                    e7:f8:c8:4c:6c:4f:68:cd:43:dc:b1:01:e2:9a:4f:
                    ea:cc:c6:bd:a5:74:6c:db:96:9e:7b:07:36:e8:4b:
                    e1:5e:87:6e:30:51:35:fb:91:df:e8:29:10:6a:0c:
                    fd:90:6f:62:9e:28:33:43:3b:68:0d:11:3c:db:69:
                    35:4c:41:5d:42:08:a3:23:f1:20:46:22:83:9f:17:
                    58:61:58:72:08:01:25:70:66:39:17:a1:6a:69:54:
                    bc:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:D8:08:87:0A:5D:0E:41:92:17:85:1F:68:A5:C3:E3:48:AF:3C:48
            X509v3 Authority Key Identifier:
                keyid:CA:AD:CB:AC:C5:1B:2A:46:52:DD:73:07:4F:28:2C:33:4D:01:02:77

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91DCCB3/41FD6016895C11EA890C6343C4F9AE02/yq3LrMUbKkZS3XMHTygsM00BAnc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yq3LrMUbKkZS3XMHTygsM00BAnc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DCCB3/41FD6016895C11EA890C6343C4F9AE02/yq3LrMUbKkZS3XMHTygsM00BAnc.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:da:81:5e:f2:d2:eb:e6:86:55:cb:54:d3:01:f8:80:2e:66:
         fa:23:79:b2:05:35:51:64:3e:99:7b:02:90:1c:f0:46:e5:95:
         37:f7:b8:04:14:7b:a0:fb:a1:27:d0:f5:5a:2a:36:b9:31:8b:
         1b:a1:38:3c:67:75:bd:01:d9:1a:57:6f:6e:be:25:df:15:26:
         40:fc:3c:85:de:7b:7c:8e:1a:1a:b2:47:c7:d7:78:c6:7c:00:
         b4:ad:f1:cf:e4:4a:71:7c:b2:a3:38:a8:f5:45:fe:35:a0:37:
         b2:a9:83:de:47:b0:df:86:2d:4c:40:8e:cf:1e:94:82:27:9f:
         21:20:31:14:2c:74:37:2c:48:ef:38:8d:16:97:30:ce:61:9e:
         60:c8:d4:96:ba:42:93:b7:5a:49:49:6b:06:f2:ed:64:86:09:
         cc:05:a8:f4:88:95:e8:eb:ad:fc:dd:45:b9:ce:09:94:b5:e0:
         89:15:9c:0f:e1:98:a9:0f:8c:a0:aa:36:f0:d0:4a:0c:f1:db:
         5f:7c:13:50:27:ea:97:77:29:54:3d:d5:3f:ae:87:00:23:b0:
         ee:02:c9:f7:cf:a7:38:da:4b:ab:5b:5b:aa:0d:49:81:79:9e:
         4e:70:ea:5f:59:54:be:41:71:00:16:f9:1c:f0:87:eb:b5:6c:
         3f:c7:5d:48
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICCnMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RENDQjMxMTAvBgNVBAUTKENBQURDQkFDQzUxQjJBNDY1MkRENzMwNzRGMjgyQzMz
NEQwMTAyNzcwHhcNMjYwNzA0MTk0NDI4WhcNMjYwNzExMTk0NDI4WjAYMRYwFAYD
VQQDEw02YTQ5NjI5ZC0xYjliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt7LCsipdsmStknPvTNWTy9DA8VoPkgnnYDTkntzB3bqKhiuaOvjipI8iDrdw
hZc1InNJYU5/8a7AOKVNGhPVb67gyKbpshv3+mI3JegCOfZVJ6UzGzoPMHLIujAd
JV5YZMDJNmKdMK9ln5Yf6SpjiT0lqRjsMt4v7y5e5DtmTEIu9uecDozX7Ikxcobs
03JAz2WMEuwFj1JVTzXEiwkKkw3qWFLn+MhMbE9ozUPcsQHimk/qzMa9pXRs25ae
ewc26EvhXoduMFE1+5Hf6CkQagz9kG9inigzQztoDRE822k1TEFdQgijI/EgRiKD
nxdYYVhyCAElcGY5F6FqaVS8+wIDAQABo4ICczCCAm8wHQYDVR0OBBYEFB/YCIcK
XQ5BkheFH2ilw+NIrzxIMB8GA1UdIwQYMBaAFMqty6zFGypGUt1zB08oLDNNAQJ3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQ0NCMy80MUZENjAxNjg5
NUMxMUVBODkwQzYzNDNDNEY5QUUwMi95cTNMck1VYktrWlMzWE1IVHlnc00wMEJB
bmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3lxM0xyTVViS2taUzNYTUhUeWdzTTAwQkFuYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
Q0NCMy80MUZENjAxNjg5NUMxMUVBODkwQzYzNDNDNEY5QUUwMi95cTNMck1VYktr
WlMzWE1IVHlnc00wMEJBbmMubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEAp9qBXvLS6+aGVctU0wH4gC5m+iN5sgU1UWQ+mXsCkBzwRuWVN/e4BBR7oPuh
J9D1Wio2uTGLG6E4PGd1vQHZGldvbr4l3xUmQPw8hd57fI4aGrJHx9d4xnwAtK3x
z+RKcXyyozio9UX+NaA3sqmD3kew34YtTECOzx6UgiefISAxFCx0NyxI7ziNFpcw
zmGeYMjUlrpCk7daSUlrBvLtZIYJzAWo9IiV6Out/N1Fuc4JlLXgiRWcD+GYqQ+M
oKo28NBKDPHbX3wTUCfql3cpVD3VP66HACOw7gLJ98+nONpLq1tbqg1JgXmeTnDq
X1lUvkFxABb5HPCH67VsP8ddSA==
-----END CERTIFICATE-----
Generated at Sun Jul 5 08:38:28 2026 by rpki-client