Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft
File:                     IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft (raw, json)
Hash identifier:          GNQKrHw9Oe0Ccpk9T89oef8TmIetmWzEINWvXjKfMhw=
Subject key identifier:   AF:2F:DE:7A:58:9E:A3:A2:91:7B:96:7F:BA:2B:95:0E:C0:D8:0B:B2
Authority key identifier: 21:64:DD:59:A6:15:D5:F2:E3:39:3E:72:09:8A:73:AD:86:8E:78:DA
Certificate issuer:       /CN=A91EA409/serialNumber=2164DD59A615D5F2E3393E72098A73AD868E78DA
Certificate serial:       0147
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IWTdWaYV1fLjOT5yCYpzrYaOeNo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft
Manifest number:          0142
Signing time:             Fri 17 Jul 2026 06:31:57 +0000
Manifest this update:     Fri 17 Jul 2026 06:31:57 +0000
Manifest next update:     Fri 24 Jul 2026 06:31:57 +0000
Files and hashes:         1: IWTdWaYV1fLjOT5yCYpzrYaOeNo.crl (hash: eQS5fV5hqz55IqdJ47JZIyGFK9J9MvYMmukII7zbZKo=)
                          2: E9F177B89D9C11EFA9526A6CC4F9AE02.roa (hash: aIh23/3y8xgm3k9QGKPnGbqB42NXH2OLUXREX9l30Z4=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.crl
                          rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IWTdWaYV1fLjOT5yCYpzrYaOeNo.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 24 Jul 2026 06:31:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 327 (0x147)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91EA409, serialNumber=2164DD59A615D5F2E3393E72098A73AD868E78DA
        Validity
            Not Before: Jul 17 06:31:57 2026 GMT
            Not After : Jul 24 06:31:57 2026 GMT
        Subject: CN=6a59cc5d-aea6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:f2:0b:07:c7:97:c4:fb:45:c5:cd:1c:60:54:
                    71:4c:eb:ef:f3:82:62:77:b6:ab:66:3c:44:e6:5e:
                    c5:8e:00:d8:74:24:99:12:8c:ca:96:39:c2:20:de:
                    1b:15:8e:18:99:1f:46:80:87:85:e3:e9:ad:3d:e8:
                    2a:77:a7:96:93:68:2f:75:72:5e:7d:c3:87:c5:77:
                    cb:a4:48:ed:75:cc:0e:99:20:98:a4:49:43:09:a2:
                    74:b0:ec:b1:35:3a:4b:f7:19:14:9f:30:f3:56:b3:
                    36:ff:dc:cc:2d:71:70:76:a2:76:4a:06:03:57:e2:
                    50:d4:10:4e:4e:db:c6:6f:2f:17:1c:d3:00:25:58:
                    af:a5:58:4c:c9:9e:f1:c5:5b:eb:f3:24:83:6b:5f:
                    0f:cf:91:60:ca:6d:66:64:1f:ef:ed:c8:a2:4c:1f:
                    2c:29:f3:50:73:60:2d:78:c5:41:cf:dd:42:4d:3c:
                    d9:e1:b5:c3:71:a1:78:be:26:52:eb:31:35:11:c1:
                    09:cc:06:41:6d:2f:a1:91:48:d9:e5:68:4d:86:29:
                    ef:57:e8:62:39:1f:e0:fe:52:79:11:b6:10:1a:e9:
                    9b:6d:e2:1e:8d:95:87:8b:ee:73:f6:a4:b2:ac:56:
                    c0:af:81:5b:5a:c7:b7:d6:dd:02:b5:b1:91:6b:3a:
                    bf:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:2F:DE:7A:58:9E:A3:A2:91:7B:96:7F:BA:2B:95:0E:C0:D8:0B:B2
            X509v3 Authority Key Identifier:
                keyid:21:64:DD:59:A6:15:D5:F2:E3:39:3E:72:09:8A:73:AD:86:8E:78:DA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IWTdWaYV1fLjOT5yCYpzrYaOeNo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:e9:f8:c2:da:77:80:c3:63:0e:92:af:eb:3f:0f:51:c6:14:
         38:c7:e2:5f:91:bb:70:9e:8d:ff:2d:c8:7e:74:b5:5c:47:48:
         f4:0b:81:e8:d3:ce:f3:97:d4:c5:8b:35:0e:af:ba:5a:4a:d5:
         25:53:d6:88:af:1b:6b:4c:b9:25:c3:c6:50:85:c6:c5:14:2b:
         ef:a4:28:8b:e7:67:71:9c:d0:d6:ce:37:ed:10:db:6c:56:fc:
         cc:38:78:33:42:d2:3e:cf:87:39:03:ab:49:08:76:8e:66:a5:
         cb:ce:6a:24:8a:5e:c8:ba:45:c4:53:d9:f2:14:bf:af:a2:b7:
         91:32:29:db:e8:ab:08:55:92:72:d6:a3:5f:31:1c:c7:2f:cc:
         cb:b3:b7:b1:81:33:2f:66:55:b7:7c:e2:27:5e:7f:c9:40:79:
         e5:d0:6d:cf:f9:66:94:df:bf:9c:dd:5b:13:e3:83:ff:4f:87:
         c8:ab:e2:79:3f:12:4a:6e:9e:b0:ad:0d:78:46:16:f2:b3:9d:
         51:8c:30:6c:fe:6c:86:1c:37:15:a3:f4:fa:48:ec:88:fa:3e:
         66:2d:36:ed:c3:6c:19:5b:54:87:7b:dc:0a:17:60:1c:22:b8:
         18:25:98:32:ee:c2:c2:2d:a8:9b:ac:ac:90:56:5d:9a:dc:25:
         f8:72:36:01
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICAUcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUE0MDkxMTAvBgNVBAUTKDIxNjRERDU5QTYxNUQ1RjJFMzM5M0U3MjA5OEE3M0FE
ODY4RTc4REEwHhcNMjYwNzE3MDYzMTU3WhcNMjYwNzI0MDYzMTU3WjAYMRYwFAYD
VQQDEw02YTU5Y2M1ZC1hZWE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqPILB8eXxPtFxc0cYFRxTOvv84Jid7arZjxE5l7FjgDYdCSZEozKljnCIN4b
FY4YmR9GgIeF4+mtPegqd6eWk2gvdXJefcOHxXfLpEjtdcwOmSCYpElDCaJ0sOyx
NTpL9xkUnzDzVrM2/9zMLXFwdqJ2SgYDV+JQ1BBOTtvGby8XHNMAJVivpVhMyZ7x
xVvr8ySDa18Pz5Fgym1mZB/v7ciiTB8sKfNQc2AteMVBz91CTTzZ4bXDcaF4viZS
6zE1EcEJzAZBbS+hkUjZ5WhNhinvV+hiOR/g/lJ5EbYQGumbbeIejZWHi+5z9qSy
rFbAr4FbWse31t0CtbGRazq/hwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFK8v3npY
nqOikXuWf7orlQ7A2AuyMB8GA1UdIwQYMBaAFCFk3VmmFdXy4zk+cgmKc62Gjnja
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTQwOS9GOTQ0RTNDQzlD
QUIxMUVGQUI1OTU1MTZDNEY5QUUwMi9JV1RkV2FZVjFmTGpPVDV5Q1lwenJZYU9l
Tm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0lXVGRXYVlWMWZMak9UNXlDWXB6cllhT2VOby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
QTQwOS9GOTQ0RTNDQzlDQUIxMUVGQUI1OTU1MTZDNEY5QUUwMi9JV1RkV2FZVjFm
TGpPVDV5Q1lwenJZYU9lTm8ubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEAEun4wtp3gMNjDpKv6z8PUcYUOMfiX5G7cJ6N/y3IfnS1XEdI9AuB6NPO85fU
xYs1Dq+6WkrVJVPWiK8ba0y5JcPGUIXGxRQr76Qoi+dncZzQ1s437RDbbFb8zDh4
M0LSPs+HOQOrSQh2jmaly85qJIpeyLpFxFPZ8hS/r6K3kTIp2+irCFWSctajXzEc
xy/My7O3sYEzL2ZVt3ziJ15/yUB55dBtz/lmlN+/nN1bE+OD/0+HyKvieT8SSm6e
sK0NeEYW8rOdUYwwbP5shhw3FaP0+kjsiPo+Zi027cNsGVtUh3vcChdgHCK4GCWY
Mu7Cwi2om6yskFZdmtwl+HI2AQ==
-----END CERTIFICATE-----
Generated at Sat Jul 18 04:34:47 2026 by rpki-client