Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91FD64D/370786C8999411ED8567311FC4F9AE02/tLGKJT-2KTQ3EWY13d0ZlCi2jVs.mft
File:                     tLGKJT-2KTQ3EWY13d0ZlCi2jVs.mft (raw, json)
Hash identifier:          hLQaEVFS0nUKj9pxQOP2tYG5IXTbwkU9xsBWY+xup1A=
Subject key identifier:   A8:12:1C:3E:1E:88:80:04:34:7C:E6:4B:F2:80:52:DE:F4:27:90:74
Authority key identifier: B4:B1:8A:25:3F:B6:29:34:37:11:66:35:DD:DD:19:94:28:B6:8D:5B
Certificate issuer:       /CN=A91FD64D/serialNumber=B4B18A253FB6293437116635DDDD199428B68D5B
Certificate serial:       0297
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tLGKJT-2KTQ3EWY13d0ZlCi2jVs.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91FD64D/370786C8999411ED8567311FC4F9AE02/tLGKJT-2KTQ3EWY13d0ZlCi2jVs.mft
Manifest number:          028C
Signing time:             Fri 03 Jul 2026 02:23:46 +0000
Manifest this update:     Fri 03 Jul 2026 02:23:45 +0000
Manifest next update:     Fri 10 Jul 2026 02:23:45 +0000
Files and hashes:         1: tLGKJT-2KTQ3EWY13d0ZlCi2jVs.crl (hash: JScxBPJ7Hp0q0gcyS2uRQhFUN5oOnVtAMraN9wWQafY=)
                          2: 66D00EB2449C11EE86105C41C4F9AE02.roa (hash: GxVSXWzE6du6WMtXT3WxN39pt4kQtD831phFtQ55DeU=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91FD64D/370786C8999411ED8567311FC4F9AE02/tLGKJT-2KTQ3EWY13d0ZlCi2jVs.crl
                          rsync://rpki.apnic.net/member_repository/A91FD64D/370786C8999411ED8567311FC4F9AE02/tLGKJT-2KTQ3EWY13d0ZlCi2jVs.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tLGKJT-2KTQ3EWY13d0ZlCi2jVs.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 10 Jul 2026 02:23:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 663 (0x297)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91FD64D, serialNumber=B4B18A253FB6293437116635DDDD199428B68D5B
        Validity
            Not Before: Jul  3 02:23:45 2026 GMT
            Not After : Jul 10 02:23:45 2026 GMT
        Subject: CN=6a471d32-2d3b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:33:ab:f6:23:8d:7f:f7:c2:4a:06:03:16:e4:
                    62:4b:1d:d3:32:cb:2d:d4:8a:95:aa:11:68:45:b9:
                    13:14:c4:01:e3:36:f3:36:d8:2f:2b:5c:76:e3:61:
                    54:e3:6f:68:95:0a:d6:94:a8:fb:c4:0b:0d:9a:5b:
                    a7:0b:55:11:42:23:46:f4:e2:2e:10:65:b6:c4:26:
                    6c:d5:75:7f:66:73:69:eb:2e:1a:35:e5:80:15:e0:
                    54:7f:df:a3:85:01:09:90:4b:bc:0b:d1:08:c1:59:
                    63:0e:95:be:e9:aa:d8:07:62:fd:33:43:2a:bd:53:
                    92:9e:d3:e1:c2:f6:a7:91:3e:c9:f8:bc:e2:55:35:
                    70:ed:f5:2f:01:b6:53:8b:9a:60:5b:03:99:e5:2d:
                    a6:8d:78:c9:b8:ac:2e:c1:4b:33:ce:2b:a5:a8:90:
                    37:ef:95:fe:d8:0c:f8:26:16:66:3f:65:7f:6d:47:
                    6a:50:3d:16:60:ef:fd:78:70:ce:bc:6a:c6:46:f5:
                    d8:7c:53:e0:1b:26:72:49:d7:0d:17:cc:fe:e7:67:
                    c8:6d:61:b2:da:ec:51:3d:d0:1e:71:be:f5:ae:11:
                    e4:42:6e:70:4e:b8:5b:44:4d:a3:89:4e:c9:96:ef:
                    cb:67:e3:70:c9:3a:bf:4a:de:02:fc:46:e4:8c:37:
                    66:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:12:1C:3E:1E:88:80:04:34:7C:E6:4B:F2:80:52:DE:F4:27:90:74
            X509v3 Authority Key Identifier:
                keyid:B4:B1:8A:25:3F:B6:29:34:37:11:66:35:DD:DD:19:94:28:B6:8D:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91FD64D/370786C8999411ED8567311FC4F9AE02/tLGKJT-2KTQ3EWY13d0ZlCi2jVs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tLGKJT-2KTQ3EWY13d0ZlCi2jVs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FD64D/370786C8999411ED8567311FC4F9AE02/tLGKJT-2KTQ3EWY13d0ZlCi2jVs.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:22:f8:e4:a2:96:c5:33:7d:70:bd:d3:60:9f:91:a0:48:14:
         28:cc:a9:38:ae:16:a7:6f:07:ff:6d:0c:f2:04:3b:90:fa:be:
         9c:cd:c9:d3:ab:21:4e:ca:b4:a1:91:55:e0:c1:a0:2f:4f:06:
         8a:30:7c:a3:ca:1d:4b:6d:e2:22:21:96:11:c8:df:35:10:fc:
         f9:05:d5:65:92:e8:c2:15:9f:b4:6c:f4:0d:50:da:4a:e1:a3:
         6e:4d:b6:b2:c9:d3:4a:10:be:a0:ca:e0:bd:4f:e5:4a:df:6d:
         1a:a3:b5:8d:fc:c5:df:39:a5:7f:6d:6d:9f:32:4f:61:18:66:
         70:f3:27:e4:53:b1:51:9f:59:3c:78:a7:12:88:52:51:c6:b6:
         c8:9a:5d:bb:06:4a:b6:0c:66:0b:d0:da:3b:0e:52:7e:52:ff:
         0e:83:cb:f7:45:77:f8:7b:df:19:09:8c:da:22:2d:65:f3:01:
         1c:f0:85:f2:82:66:0a:78:fa:2a:d5:36:5e:1f:b9:f1:f5:d8:
         b2:8b:55:6b:90:2a:9a:4e:d9:56:a3:38:11:e9:66:d7:8a:46:
         af:06:b2:d2:a1:64:b4:45:a8:50:36:3c:78:9e:a7:1b:f3:67:
         70:08:0b:62:e2:f1:04:80:88:18:08:30:36:e6:57:78:51:76:
         61:dd:64:b2
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICApcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkQ2NEQxMTAvBgNVBAUTKEI0QjE4QTI1M0ZCNjI5MzQzNzExNjYzNUREREQxOTk0
MjhCNjhENUIwHhcNMjYwNzAzMDIyMzQ1WhcNMjYwNzEwMDIyMzQ1WjAYMRYwFAYD
VQQDEw02YTQ3MWQzMi0yZDNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnjOr9iONf/fCSgYDFuRiSx3TMsst1IqVqhFoRbkTFMQB4zbzNtgvK1x242FU
429olQrWlKj7xAsNmlunC1URQiNG9OIuEGW2xCZs1XV/ZnNp6y4aNeWAFeBUf9+j
hQEJkEu8C9EIwVljDpW+6arYB2L9M0MqvVOSntPhwvankT7J+LziVTVw7fUvAbZT
i5pgWwOZ5S2mjXjJuKwuwUszziulqJA375X+2Az4JhZmP2V/bUdqUD0WYO/9eHDO
vGrGRvXYfFPgGyZySdcNF8z+52fIbWGy2uxRPdAecb71rhHkQm5wTrhbRE2jiU7J
lu/LZ+NwyTq/St4C/EbkjDdmfQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFKgSHD4e
iIAENHzmS/KAUt70J5B0MB8GA1UdIwQYMBaAFLSxiiU/tik0NxFmNd3dGZQoto1b
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRDY0RC8zNzA3ODZDODk5
OTQxMUVEODU2NzMxMUZDNEY5QUUwMi90TEdLSlQtMktUUTNFV1kxM2QwWmxDaTJq
VnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RMR0tKVC0yS1RRM0VXWTEzZDBabENpMmpWcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
RDY0RC8zNzA3ODZDODk5OTQxMUVEODU2NzMxMUZDNEY5QUUwMi90TEdLSlQtMktU
UTNFV1kxM2QwWmxDaTJqVnMubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEAhCL45KKWxTN9cL3TYJ+RoEgUKMypOK4Wp28H/20M8gQ7kPq+nM3J06shTsq0
oZFV4MGgL08GijB8o8odS23iIiGWEcjfNRD8+QXVZZLowhWftGz0DVDaSuGjbk22
ssnTShC+oMrgvU/lSt9tGqO1jfzF3zmlf21tnzJPYRhmcPMn5FOxUZ9ZPHinEohS
Uca2yJpduwZKtgxmC9DaOw5SflL/DoPL90V3+HvfGQmM2iItZfMBHPCF8oJmCnj6
KtU2Xh+58fXYsotVa5Aqmk7ZVqM4Eelm14pGrway0qFktEWoUDY8eJ6nG/NncAgL
YuLxBICIGAgwNuZXeFF2Yd1ksg==
-----END CERTIFICATE-----
Generated at Sat Jul 4 16:08:42 2026 by rpki-client