Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E2EFF/A314847C484911F0BF070370C4F9AE02/BstI9X1UOpeC2KfJbaTh3tvDwws.mft
File:                     BstI9X1UOpeC2KfJbaTh3tvDwws.mft (raw, json)
Hash identifier:          Z4pKaf970mMLtG8hFSxAJ1tiJZEaQ7GsrZBjp6MzQCw=
Subject key identifier:   F2:3C:CF:67:3C:98:A9:39:C3:D7:71:76:1D:52:3A:49:40:06:CD:D0
Authority key identifier: 06:CB:48:F5:7D:54:3A:97:82:D8:A7:C9:6D:A4:E1:DE:DB:C3:C3:0B
Certificate issuer:       /CN=A91E2EFF/serialNumber=06CB48F57D543A9782D8A7C96DA4E1DEDBC3C30B
Certificate serial:       D8
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BstI9X1UOpeC2KfJbaTh3tvDwws.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E2EFF/A314847C484911F0BF070370C4F9AE02/BstI9X1UOpeC2KfJbaTh3tvDwws.mft
Manifest number:          D2
Signing time:             Fri 17 Jul 2026 07:58:38 +0000
Manifest this update:     Fri 17 Jul 2026 07:58:37 +0000
Manifest next update:     Fri 24 Jul 2026 07:58:37 +0000
Files and hashes:         1: BstI9X1UOpeC2KfJbaTh3tvDwws.crl (hash: t4jsj8AkFWXr+p+ocfeiFkg0emha9OzTf0pe+s6E+6c=)
                          2: 7B744F9C754311F1B2D369B17FA30FBC.roa (hash: 6h+dViv9HHF043rn54yjzvjKc8Qv6o5bk2lEUKwA0u0=)
                          3: 6BB1AB46753D11F192ADDCCA7EA30FBC.roa (hash: 54hEOegvqKHFu2sFkesEF7BLwvXcxGU9hQJpTA8Y7Js=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91E2EFF/A314847C484911F0BF070370C4F9AE02/BstI9X1UOpeC2KfJbaTh3tvDwws.crl
                          rsync://rpki.apnic.net/member_repository/A91E2EFF/A314847C484911F0BF070370C4F9AE02/BstI9X1UOpeC2KfJbaTh3tvDwws.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BstI9X1UOpeC2KfJbaTh3tvDwws.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 24 Jul 2026 07:58:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 216 (0xd8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E2EFF, serialNumber=06CB48F57D543A9782D8A7C96DA4E1DEDBC3C30B
        Validity
            Not Before: Jul 17 07:58:37 2026 GMT
            Not After : Jul 24 07:58:37 2026 GMT
        Subject: CN=6a59e0ad-7f0c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:91:bc:3c:b1:79:e6:09:96:09:4b:d7:76:a8:
                    77:52:38:83:4b:a7:80:bb:6b:03:19:6d:26:53:d1:
                    a2:df:a3:d4:d5:91:f7:ff:94:2a:cd:80:fa:94:39:
                    d5:f2:84:64:53:12:90:f9:7d:2b:44:33:4c:69:26:
                    9b:f6:02:67:cf:fd:cf:1e:be:74:21:5f:8f:66:af:
                    db:11:48:30:22:4e:88:94:97:00:e4:23:08:12:17:
                    a4:42:74:86:2a:95:4f:97:18:d5:0f:f4:77:12:ef:
                    47:21:f0:f6:91:ec:51:32:b9:06:4d:09:c8:2b:db:
                    0b:97:c7:b7:63:40:e9:92:ac:c9:74:dd:ae:91:84:
                    f0:d5:a0:f8:a5:52:76:90:e7:52:f3:01:9d:c6:75:
                    7a:0e:f7:99:ca:61:ef:16:81:f2:c1:6c:9d:35:c4:
                    42:67:47:48:c4:d4:67:3f:50:8e:67:8a:58:72:fa:
                    c4:39:cf:4b:ee:ff:f1:bc:9b:18:ea:95:5d:e7:17:
                    33:3f:d8:1b:2d:74:bb:e9:14:5a:88:08:15:7b:f2:
                    d5:67:45:92:d7:94:01:a1:72:16:73:1e:2e:67:12:
                    63:e7:ce:3d:5f:af:0a:4a:2c:a4:05:3f:da:36:46:
                    6e:d5:88:25:85:e7:ff:9f:f4:d9:d4:17:a5:27:f1:
                    bc:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:3C:CF:67:3C:98:A9:39:C3:D7:71:76:1D:52:3A:49:40:06:CD:D0
            X509v3 Authority Key Identifier:
                keyid:06:CB:48:F5:7D:54:3A:97:82:D8:A7:C9:6D:A4:E1:DE:DB:C3:C3:0B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E2EFF/A314847C484911F0BF070370C4F9AE02/BstI9X1UOpeC2KfJbaTh3tvDwws.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BstI9X1UOpeC2KfJbaTh3tvDwws.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E2EFF/A314847C484911F0BF070370C4F9AE02/BstI9X1UOpeC2KfJbaTh3tvDwws.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:b0:ed:06:ba:30:33:6c:4d:63:69:9f:7a:b2:6c:f2:d5:a7:
         73:5a:68:ac:6c:38:58:6f:45:c7:b7:72:ed:aa:c0:88:95:7d:
         0f:fd:07:6f:5b:0f:e3:f6:cd:4d:f8:8c:f4:de:f4:21:ca:7f:
         44:47:58:20:0e:23:ca:90:f2:5c:18:a7:75:ec:01:eb:07:46:
         22:0f:49:6b:53:d1:18:53:ae:b0:96:73:92:7d:4d:8b:6a:a7:
         90:fe:f8:68:bc:bc:5c:73:9b:d8:1a:b0:67:bf:9c:bf:6d:ac:
         60:08:91:23:3c:60:bb:a2:4c:cd:53:e1:f7:32:f8:04:59:0e:
         10:3a:14:4a:f1:13:67:18:1b:36:94:22:02:5e:29:6e:bd:4f:
         19:5d:00:65:cf:62:97:d8:5e:f8:36:5b:f4:75:94:12:00:b3:
         51:de:c0:8b:b0:03:1c:be:48:0b:e6:ea:2d:42:1c:46:02:f3:
         cd:fc:ae:92:3a:6d:4d:6e:b9:5b:c2:0b:eb:5f:ad:fd:11:b8:
         31:ae:a2:29:2d:61:ec:9b:ea:65:31:19:31:69:18:4e:19:a7:
         8b:f2:67:9f:2a:eb:1a:fb:09:54:09:2a:a3:3c:f1:be:42:d8:
         32:4c:31:85:28:ab:d1:33:e2:b0:85:a9:bb:3a:e5:e7:50:8e:
         d4:0d:62:fe
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICANgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTJFRkYxMTAvBgNVBAUTKDA2Q0I0OEY1N0Q1NDNBOTc4MkQ4QTdDOTZEQTRFMURF
REJDM0MzMEIwHhcNMjYwNzE3MDc1ODM3WhcNMjYwNzI0MDc1ODM3WjAYMRYwFAYD
VQQDEw02YTU5ZTBhZC03ZjBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx5G8PLF55gmWCUvXdqh3UjiDS6eAu2sDGW0mU9Gi36PU1ZH3/5QqzYD6lDnV
8oRkUxKQ+X0rRDNMaSab9gJnz/3PHr50IV+PZq/bEUgwIk6IlJcA5CMIEhekQnSG
KpVPlxjVD/R3Eu9HIfD2kexRMrkGTQnIK9sLl8e3Y0DpkqzJdN2ukYTw1aD4pVJ2
kOdS8wGdxnV6DveZymHvFoHywWydNcRCZ0dIxNRnP1COZ4pYcvrEOc9L7v/xvJsY
6pVd5xczP9gbLXS76RRaiAgVe/LVZ0WS15QBoXIWcx4uZxJj5849X68KSiykBT/a
NkZu1Yglhef/n/TZ1BelJ/G8twIDAQABo4ICczCCAm8wHQYDVR0OBBYEFPI8z2c8
mKk5w9dxdh1SOklABs3QMB8GA1UdIwQYMBaAFAbLSPV9VDqXgtinyW2k4d7bw8ML
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMkVGRi9BMzE0ODQ3QzQ4
NDkxMUYwQkYwNzAzNzBDNEY5QUUwMi9Cc3RJOVgxVU9wZUMyS2ZKYmFUaDN0dkR3
d3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0JzdEk5WDFVT3BlQzJLZkpiYVRoM3R2RHd3cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
MkVGRi9BMzE0ODQ3QzQ4NDkxMUYwQkYwNzAzNzBDNEY5QUUwMi9Cc3RJOVgxVU9w
ZUMyS2ZKYmFUaDN0dkR3d3MubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEAX7DtBrowM2xNY2mferJs8tWnc1porGw4WG9Fx7dy7arAiJV9D/0Hb1sP4/bN
TfiM9N70Icp/REdYIA4jypDyXBindewB6wdGIg9Ja1PRGFOusJZzkn1Ni2qnkP74
aLy8XHOb2BqwZ7+cv22sYAiRIzxgu6JMzVPh9zL4BFkOEDoUSvETZxgbNpQiAl4p
br1PGV0AZc9il9he+DZb9HWUEgCzUd7Ai7ADHL5IC+bqLUIcRgLzzfyukjptTW65
W8IL61+t/RG4Ma6iKS1h7JvqZTEZMWkYThmni/JnnyrrGvsJVAkqozzxvkLYMkwx
hSir0TPisIWpuzrl51CO1A1i/g==
-----END CERTIFICATE-----
Generated at Sat Jul 18 04:31:37 2026 by rpki-client