Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7B89/41BE4F44D9A011F093130E0768D3641D/XnhkKwPMN-Jv1BXn12G-SEc2xWY.mft
File:                     XnhkKwPMN-Jv1BXn12G-SEc2xWY.mft (raw, json)
Hash identifier:          GNzV+0JX2PKd5Zpxb08S2TEWR/s34W3WN1CKw1Bv3Ag=
Subject key identifier:   D1:C8:94:4D:07:4B:22:8E:BB:C5:A0:39:65:2D:B4:BA:73:5B:17:D0
Authority key identifier: 5E:78:64:2B:03:CC:37:E2:6F:D4:15:E7:D7:61:BE:48:47:36:C5:66
Certificate issuer:       /CN=A91E7B89/serialNumber=5E78642B03CC37E26FD415E7D761BE484736C566
Certificate serial:       6A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XnhkKwPMN-Jv1BXn12G-SEc2xWY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E7B89/41BE4F44D9A011F093130E0768D3641D/XnhkKwPMN-Jv1BXn12G-SEc2xWY.mft
Manifest number:          66
Signing time:             Mon 29 Jun 2026 08:41:50 +0000
Manifest this update:     Mon 29 Jun 2026 08:41:49 +0000
Manifest next update:     Mon 06 Jul 2026 08:41:49 +0000
Files and hashes:         1: XnhkKwPMN-Jv1BXn12G-SEc2xWY.crl (hash: ZIrUWlaNrNi7RAxR1n2DCyCqY/TQnL/EplNazrL0Oew=)
                          2: 72480DC0D9A111F0989DD75268D3641D.roa (hash: /m7dePdPhCd+iFe1dsv0pa92EOKO9ZVeLTSq8mVj9oY=)
                          3: 1BD6E18E1D1A11F1B8E79D60103D8C67.roa (hash: FWUBzi+iodYXnW4vMdTTKwC/KG79KdBqlOoiZl/TPEw=)
                          4: 1C61CBFA1D1A11F1B8E79D60103D8C67.roa (hash: wYka0Jo+ri8cUtmDcLdxLnFG7gW5TQTaHwdh/jeTkn4=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91E7B89/41BE4F44D9A011F093130E0768D3641D/XnhkKwPMN-Jv1BXn12G-SEc2xWY.crl
                          rsync://rpki.apnic.net/member_repository/A91E7B89/41BE4F44D9A011F093130E0768D3641D/XnhkKwPMN-Jv1BXn12G-SEc2xWY.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XnhkKwPMN-Jv1BXn12G-SEc2xWY.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 06 Jul 2026 08:41:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 106 (0x6a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E7B89, serialNumber=5E78642B03CC37E26FD415E7D761BE484736C566
        Validity
            Not Before: Jun 29 08:41:49 2026 GMT
            Not After : Jul  6 08:41:49 2026 GMT
        Subject: CN=6a422fce-ca66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:7e:a7:fe:9f:f9:48:26:3f:3e:07:18:ed:d6:
                    f1:33:92:29:bf:f1:c8:3d:2f:3e:da:49:af:b8:18:
                    2b:52:ea:24:04:50:f7:c7:97:35:e5:da:b6:2e:8e:
                    35:04:a7:c5:47:cf:5e:27:9e:47:f2:55:9c:98:86:
                    a7:4f:e6:53:7b:c7:92:af:2c:b6:b6:2e:d4:02:34:
                    ab:3f:5b:ec:b1:bd:13:ed:e3:96:f9:06:e1:d3:08:
                    44:ed:0c:85:22:07:4a:7f:54:be:64:2f:08:9e:4f:
                    7a:3d:4e:53:79:65:42:36:9b:9b:8e:32:ed:fa:28:
                    0e:30:ec:e8:62:fb:ae:b0:b3:f3:e3:ec:48:aa:0e:
                    49:88:6b:6c:b4:1f:28:f6:b3:7e:4d:86:8f:6e:6c:
                    64:4c:d5:0d:e3:fa:11:be:29:26:b2:c8:a8:15:cc:
                    7f:d4:b5:85:09:44:f4:bf:6a:56:2b:0c:61:7c:10:
                    12:80:c6:a7:84:62:6e:ca:24:88:93:15:61:ec:ff:
                    2d:0a:a5:79:cf:f5:18:34:62:ba:73:ab:cd:ef:f9:
                    ef:63:30:9a:2a:38:5f:fe:eb:ea:0b:28:bb:f9:51:
                    62:53:e4:26:25:5d:19:c8:f5:ca:31:5a:a5:ae:76:
                    a8:bf:1b:0e:e7:ec:ad:02:65:23:d4:fa:f9:74:b8:
                    97:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:C8:94:4D:07:4B:22:8E:BB:C5:A0:39:65:2D:B4:BA:73:5B:17:D0
            X509v3 Authority Key Identifier:
                keyid:5E:78:64:2B:03:CC:37:E2:6F:D4:15:E7:D7:61:BE:48:47:36:C5:66

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E7B89/41BE4F44D9A011F093130E0768D3641D/XnhkKwPMN-Jv1BXn12G-SEc2xWY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XnhkKwPMN-Jv1BXn12G-SEc2xWY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7B89/41BE4F44D9A011F093130E0768D3641D/XnhkKwPMN-Jv1BXn12G-SEc2xWY.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:d4:12:26:f8:cf:a9:c7:69:59:97:45:f1:44:d3:c5:8d:63:
         1a:a6:0a:63:d3:84:cf:49:c6:dd:3b:60:6d:a7:e5:a5:d6:c7:
         97:7b:1c:b6:fa:ec:fe:2f:2b:7c:63:74:41:20:79:e5:31:94:
         de:34:e9:b9:b2:8c:77:c7:78:7b:f5:a6:cc:11:70:1e:59:4b:
         ba:5a:9a:0c:38:a8:31:63:54:28:90:20:c7:ed:29:45:6b:2e:
         12:90:b2:f1:a4:ec:ac:49:5e:84:64:cd:65:7e:75:ea:0a:ec:
         c5:14:0b:66:90:43:bb:aa:fc:31:cc:94:a0:5c:c4:dd:2e:87:
         9b:00:4f:45:78:d4:70:55:68:81:cf:88:85:83:ad:a9:9d:47:
         51:2a:0e:ac:7e:c9:d1:31:31:e8:c2:22:fc:27:10:45:8d:a3:
         2f:b9:d5:50:12:eb:ba:0e:85:86:c9:19:6c:0e:4a:be:3a:c5:
         4b:ac:bb:fe:9d:46:b0:3a:6b:6a:16:45:89:88:3e:99:83:c8:
         73:c4:74:b0:b6:53:ad:1a:ed:38:ab:a7:e4:81:94:0c:d7:6a:
         04:61:5b:c9:d4:31:94:5f:e7:5e:cb:85:fc:2f:97:41:f8:37:
         77:f7:ba:8b:01:92:01:d8:1c:96:bb:a8:18:51:63:0d:c2:3f:
         5e:53:6e:eb
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgIBajANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
N0I4OTExMC8GA1UEBRMoNUU3ODY0MkIwM0NDMzdFMjZGRDQxNUU3RDc2MUJFNDg0
NzM2QzU2NjAeFw0yNjA2MjkwODQxNDlaFw0yNjA3MDYwODQxNDlaMBgxFjAUBgNV
BAMTDTZhNDIyZmNlLWNhNjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC+fqf+n/lIJj8+Bxjt1vEzkim/8cg9Lz7aSa+4GCtS6iQEUPfHlzXl2rYujjUE
p8VHz14nnkfyVZyYhqdP5lN7x5KvLLa2LtQCNKs/W+yxvRPt45b5BuHTCETtDIUi
B0p/VL5kLwieT3o9TlN5ZUI2m5uOMu36KA4w7Ohi+66ws/Pj7EiqDkmIa2y0Hyj2
s35Nho9ubGRM1Q3j+hG+KSayyKgVzH/UtYUJRPS/alYrDGF8EBKAxqeEYm7KJIiT
FWHs/y0KpXnP9Rg0Yrpzq83v+e9jMJoqOF/+6+oLKLv5UWJT5CYlXRnI9coxWqWu
dqi/Gw7n7K0CZSPU+vl0uJdfAgMBAAGjggJzMIICbzAdBgNVHQ4EFgQU0ciUTQdL
Io67xaA5ZS20unNbF9AwHwYDVR0jBBgwFoAUXnhkKwPMN+Jv1BXn12G+SEc2xWYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU3Qjg5LzQxQkU0RjQ0RDlB
MDExRjA5MzEzMEUwNzY4RDM2NDFEL1huaGtLd1BNTi1KdjFCWG4xMkctU0VjMnhX
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvWG5oa0t3UE1OLUp2MUJYbjEyRy1TRWMyeFdZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgZAGCCsGAQUFBwELBIGDMIGAMH4GCCsGAQUFBzAL
hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU3
Qjg5LzQxQkU0RjQ0RDlBMDExRjA5MzEzMEUwNzY4RDM2NDFEL1huaGtLd1BNTi1K
djFCWG4xMkctU0VjMnhXWS5tZnQwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr
BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB
AQB31BIm+M+px2lZl0XxRNPFjWMapgpj04TPScbdO2Btp+Wl1seXexy2+uz+Lyt8
Y3RBIHnlMZTeNOm5sox3x3h79abMEXAeWUu6WpoMOKgxY1QokCDH7SlFay4SkLLx
pOysSV6EZM1lfnXqCuzFFAtmkEO7qvwxzJSgXMTdLoebAE9FeNRwVWiBz4iFg62p
nUdRKg6sfsnRMTHowiL8JxBFjaMvudVQEuu6DoWGyRlsDkq+OsVLrLv+nUawOmtq
FkWJiD6Zg8hzxHSwtlOtGu04q6fkgZQM12oEYVvJ1DGUX+dey4X8L5dB+Dd397qL
AZIB2ByWu6gYUWMNwj9eU27r
-----END CERTIFICATE-----
Generated at Wed Jul 1 08:28:21 2026 by rpki-client