Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft
File:                     cq-668ns3aLu0tSbE-YEjqPkHmA.mft (raw, json)
Hash identifier:          IZm1/qW8J6Hmv8+v1DRhJ7Eq0w9fjRTs4P6HN0EvDDs=
Subject key identifier:   AA:44:71:1A:63:1E:15:68:6A:C2:66:25:E0:64:91:8A:85:D2:9E:19
Authority key identifier: 72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60
Certificate issuer:       /CN=A91FDD4D/serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60
Certificate serial:       22A1
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft
Manifest number:          224A
Signing time:             Tue 14 Jul 2026 15:55:13 +0000
Manifest this update:     Tue 14 Jul 2026 15:55:13 +0000
Manifest next update:     Tue 21 Jul 2026 15:55:13 +0000
Files and hashes:         1: cq-668ns3aLu0tSbE-YEjqPkHmA.crl (hash: oyfGQGXz4jdBgUrngAIAaEDEA3CAX4AeFbvpyLU7jOo=)
                          2: 0FB07E54D28311EDB1655152C4F9AE02.roa (hash: 3IlwneiT3OIjV7tuhT2g5I0grdOyE91JkHSLmUB2BEY=)
                          3: EEFB07CCB8A311ED8F694046C4F9AE02.roa (hash: V2GgiDiVdp7icGNp8uei2QdYQy4qfASwmRrufFn1mxg=)
                          4: E50E6E14B63411EDB4416786C4F9AE02.roa (hash: KYaSzwf1L2QkO+jOOMTkJ2kvbpBzCO+jKOwM50VbrBw=)
                          5: E9DE96C44C3611EEA9D59630C4F9AE02.roa (hash: v4lm1t03b9gy+zkyAg0MsXuQLEziIg1Uau5peZt74RY=)
                          6: AB9E7432714911EEBF95153CC4F9AE02.roa (hash: Bbmi/J5Lpn7aHAntaVp/ckgJSOlUGXUjQqXrthSWKgU=)
                          7: 1C628A90671411EEA0040661C4F9AE02.roa (hash: M0M27e7jpHMqjXXvltEuadHWRQl0UpCUB3Q3dSoBa+I=)
                          8: 0F0824DED28311EDB1655152C4F9AE02.roa (hash: YxBTBicabikn08Aqg/dvf+PsgRQVrImZt4AAt8rvHnc=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl
                          rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 21 Jul 2026 15:55:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8865 (0x22a1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91FDD4D, serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60
        Validity
            Not Before: Jul 14 15:55:13 2026 GMT
            Not After : Jul 21 15:55:13 2026 GMT
        Subject: CN=6a565be1-5e0f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:24:ab:f7:11:13:c2:ac:b1:8d:e8:5e:9e:aa:
                    de:d6:52:d6:2e:d7:6d:0c:26:bc:71:d1:81:b9:e4:
                    bc:45:ca:c7:d6:5d:ef:7b:dd:6d:9d:dd:08:ff:fd:
                    7b:70:ea:d3:a0:92:fb:b9:1f:8b:5b:73:47:2d:ff:
                    5d:df:04:24:36:d3:72:f7:bd:d7:64:ce:be:f3:98:
                    f1:0c:92:e5:f3:64:68:9b:29:d5:82:ef:a2:01:c5:
                    f8:1e:ab:51:e3:89:d3:e1:6f:ea:b2:a8:29:be:59:
                    ee:f6:9e:62:91:cb:e7:0d:08:e9:c4:26:c4:43:cd:
                    dc:d4:5b:96:41:4e:05:92:6c:77:d3:be:56:aa:23:
                    c3:42:77:f6:81:4d:8f:fa:24:ef:1f:8c:1f:95:85:
                    a6:43:fa:b4:62:6b:04:a7:54:55:72:6f:91:46:fc:
                    52:57:77:6d:bd:21:5d:2f:7b:de:d3:e9:50:ef:00:
                    f2:4a:52:b5:ac:0e:17:00:85:59:59:28:45:65:d4:
                    61:1c:70:6d:58:f2:d5:dd:27:4b:a0:d4:19:52:bd:
                    0b:db:16:18:d5:74:ff:3c:d2:14:24:50:8b:b5:ea:
                    f1:d9:e2:5f:f5:03:4d:bf:6c:ae:14:02:fa:c0:b1:
                    d1:81:14:bf:36:e3:87:62:7c:b0:92:ce:ca:f0:46:
                    78:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:44:71:1A:63:1E:15:68:6A:C2:66:25:E0:64:91:8A:85:D2:9E:19
            X509v3 Authority Key Identifier:
                keyid:72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         ce:86:24:39:15:a6:db:be:c0:75:11:62:26:e1:51:41:57:25:
         0f:f9:08:09:2d:70:4b:04:b8:0c:89:63:58:d0:1b:e3:1b:ce:
         cb:9b:b4:c3:b6:d2:00:37:39:95:9e:84:a6:67:95:04:3f:93:
         b9:0d:6b:45:05:c8:6c:80:32:c5:d5:46:a2:f8:c6:35:61:63:
         ca:e0:c4:7d:cc:50:21:00:e9:7f:40:43:dd:fc:8a:02:0b:c0:
         f4:7b:a1:30:d9:75:55:4a:e2:f6:c1:1a:72:c3:78:0f:57:b2:
         20:3d:06:f7:62:39:88:83:fd:a7:0c:d4:85:26:18:15:b8:7f:
         19:13:49:1c:e7:94:89:13:87:51:19:d4:85:98:4d:92:47:91:
         49:ee:f3:9c:7a:84:23:db:74:0c:73:8e:26:c1:06:86:33:15:
         52:3e:73:04:d6:56:67:86:1b:1b:c9:76:d4:54:7e:51:d7:8c:
         6e:aa:2d:2d:70:15:b6:01:15:f5:41:52:2b:e1:fc:46:3f:82:
         53:4f:16:48:c1:6b:36:cc:b6:8a:b0:e5:ca:49:6d:5c:e4:8d:
         47:e0:21:1c:27:cd:25:5b:84:4f:e5:15:eb:8a:56:6b:b7:79:
         12:8c:1e:59:d6:81:26:03:ee:bf:6f:3c:29:b0:69:b0:55:3f:
         01:52:0c:d0
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICIqEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkRENEQxMTAvBgNVBAUTKDcyQUZCQUVCQzlFQ0REQTJFRUQyRDQ5QjEzRTYwNDhF
QTNFNDFFNjAwHhcNMjYwNzE0MTU1NTEzWhcNMjYwNzIxMTU1NTEzWjAYMRYwFAYD
VQQDEw02YTU2NWJlMS01ZTBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxSSr9xETwqyxjehenqre1lLWLtdtDCa8cdGBueS8RcrH1l3ve91tnd0I//17
cOrToJL7uR+LW3NHLf9d3wQkNtNy973XZM6+85jxDJLl82RomynVgu+iAcX4HqtR
44nT4W/qsqgpvlnu9p5ikcvnDQjpxCbEQ83c1FuWQU4Fkmx3075WqiPDQnf2gU2P
+iTvH4wflYWmQ/q0YmsEp1RVcm+RRvxSV3dtvSFdL3ve0+lQ7wDySlK1rA4XAIVZ
WShFZdRhHHBtWPLV3SdLoNQZUr0L2xYY1XT/PNIUJFCLterx2eJf9QNNv2yuFAL6
wLHRgRS/NuOHYnywks7K8EZ4eQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFKpEcRpj
HhVoasJmJeBkkYqF0p4ZMB8GA1UdIwQYMBaAFHKvuuvJ7N2i7tLUmxPmBI6j5B5g
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREQ0RC9CQUUxMDhDNEVB
NjAxMUU1ODgxNTc3MENDNEY5QUUwMi9jcS02NjhuczNhTHUwdFNiRS1ZRWpxUGtI
bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2NxLTY2OG5zM2FMdTB0U2JFLVlFanFQa0htQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
REQ0RC9CQUUxMDhDNEVBNjAxMUU1ODgxNTc3MENDNEY5QUUwMi9jcS02NjhuczNh
THUwdFNiRS1ZRWpxUGtIbUEubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEAzoYkORWm277AdRFiJuFRQVclD/kICS1wSwS4DIljWNAb4xvOy5u0w7bSADc5
lZ6EpmeVBD+TuQ1rRQXIbIAyxdVGovjGNWFjyuDEfcxQIQDpf0BD3fyKAgvA9Huh
MNl1VUri9sEacsN4D1eyID0G92I5iIP9pwzUhSYYFbh/GRNJHOeUiROHURnUhZhN
kkeRSe7znHqEI9t0DHOOJsEGhjMVUj5zBNZWZ4YbG8l21FR+UdeMbqotLXAVtgEV
9UFSK+H8Rj+CU08WSMFrNsy2irDlykltXOSNR+AhHCfNJVuET+UV64pWa7d5Eowe
WdaBJgPuv288KbBpsFU/AVIM0A==
-----END CERTIFICATE-----
Generated at Thu Jul 16 11:44:14 2026 by rpki-client