Manifest

$ rpki-client -vvf rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
File:                     mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft (raw, json)
Hash identifier:          N7+CS6GVzaI//TD/7ERVz/v2rxqa/91yCezIJuv6dac=
Subject key identifier:   5F:02:40:83:02:14:A3:06:A0:B4:DD:30:C9:55:65:B2:86:07:0F:DE
Authority key identifier: 98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
Certificate issuer:       /CN=apnic-rpki-root-intermediate/serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
Certificate serial:       03A7
Authority info access:    rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
Subject info access:      rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
Manifest number:          01CE
Signing time:             Tue 01 Jul 2025 22:51:05 +0000
Manifest this update:     Tue 01 Jul 2025 22:51:04 +0000
Manifest next update:     Fri 08 Aug 2025 22:51:04 +0000
Files and hashes:         1: mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl (hash: wsFpJp7yvUAtyK0efV+BTl061C3WGbBmvkn2orweJsE=)
                          2: DmWk9f02tb1o6zySNAiXjJB6p58.cer (hash: F5ea2PHEdnp8OkhTCvVxp73LXDgcVsjPpcfj7fYDYic=)
                          3: dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer (hash: +k7xRgkulgEmi+wdxK+342dse6ZUs2N/qn+g+5logHM=)
                          4: NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer (hash: x4mFJOMmynkwTyJAqeOPLl/8JsviT9ztJe/+Vjo6VFw=)
                          5: DPzneFf88B852ZpitKpi5hWedvg.cer (hash: /MHS3Sit3L4L/hosPfsdjiBL9WFnsioWd9nUWmUkMwI=)
                          6: lqhe9LjK9dTDWhV_ThJe5JS6-Tk.cer (hash: /2yzJwAtTJqt8ivA3yv6yDv5Ialu5ubqlmHKX9paiSo=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 10 Jul 2025 03:15:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 935 (0x3a7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=apnic-rpki-root-intermediate, serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
        Validity
            Not Before: Jul  1 22:51:04 2025 GMT
            Not After : Aug  8 22:51:04 2025 GMT
        Subject: CN=68646658-0d77
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:9c:28:6a:4c:22:fb:c4:83:a8:06:f8:33:bb:
                    5f:0c:b7:32:62:0d:5b:85:93:14:30:0e:d6:3f:f5:
                    5f:ff:72:e3:8d:6a:b0:76:26:98:a1:ff:23:77:f2:
                    90:16:67:28:5d:49:e5:37:c8:0b:b4:d7:61:31:e3:
                    5b:f1:83:73:5d:84:4d:b2:bb:3d:8c:df:2e:2d:82:
                    70:f5:aa:35:6a:95:8a:7a:df:f4:69:01:1c:b5:b0:
                    2a:cd:4e:cb:37:fe:0b:83:69:44:59:ad:6e:73:ba:
                    70:07:75:39:3a:c3:47:d8:01:e0:27:fe:1d:89:d5:
                    26:9e:43:45:d6:31:d7:f7:38:77:9b:5b:df:9e:60:
                    66:29:14:8d:12:10:f5:27:f3:85:b9:e1:57:4a:76:
                    d0:3c:90:57:21:f3:ef:09:8d:d6:75:2a:9d:c3:83:
                    c3:f5:c8:3b:08:1f:e5:5b:d5:6b:c0:e1:4e:49:3b:
                    d3:99:93:f0:33:27:a1:b1:18:97:2d:e5:25:57:1e:
                    db:f5:5b:ee:f2:e5:95:a3:56:23:24:8f:ca:7f:93:
                    79:26:ed:55:33:69:00:dd:8b:c3:f3:ee:53:a2:4a:
                    c8:63:06:86:07:1a:1f:f3:e2:a4:65:fe:9b:9d:41:
                    16:59:9e:aa:aa:a1:7a:22:78:73:86:03:60:28:51:
                    58:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:02:40:83:02:14:A3:06:A0:B4:DD:30:C9:55:65:B2:86:07:0F:DE
            X509v3 Authority Key Identifier:
                keyid:98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:4c:01:d8:ea:63:2c:1b:4d:4c:8d:01:6e:4a:0f:04:52:df:
         4d:ca:56:ef:ac:61:9a:c8:5d:06:86:08:25:d9:d1:c0:b5:fa:
         c4:e9:34:8e:c3:20:6f:c3:27:fd:53:ac:06:ab:94:af:4d:cb:
         9b:f9:7f:f4:23:0e:15:fb:5c:c5:0d:3e:08:0a:ac:f1:d9:38:
         78:c0:1e:6d:9b:94:b0:29:15:f5:64:a5:67:71:65:90:4b:50:
         a9:b6:6a:f1:b2:b6:7d:61:dd:58:05:b0:f4:3b:ee:07:f9:65:
         cc:f6:66:15:17:72:22:24:b6:3e:22:e1:ef:5e:24:34:fe:0f:
         6d:a3:8d:53:51:ed:69:2b:ce:bd:65:7a:ab:30:a8:e1:fa:24:
         b5:5f:6d:61:06:c6:72:42:34:27:07:cc:49:bb:65:24:74:21:
         27:e2:ff:cc:13:be:55:ac:0d:8f:ab:32:ba:7b:17:cf:ee:35:
         e3:10:aa:9e:b1:72:a6:f1:cb:4c:62:74:6d:bd:9c:e3:74:2d:
         b4:dc:f7:53:3e:8c:c0:15:c7:32:5b:15:10:a1:61:92:db:0c:
         45:72:e5:3e:90:b0:d9:55:05:63:b6:5f:90:70:23:93:89:e1:
         49:80:39:ab:7e:16:71:86:77:b4:89:c4:7a:48:10:9e:56:68:
         21:72:e5:24
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgICA6cwDQYJKoZIhvcNAQELBQAwWjElMCMGA1UEAxMcYXBu
aWMtcnBraS1yb290LWludGVybWVkaWF0ZTExMC8GA1UEBRMoOTgxNDJDOUQwQjQx
QTNCOUZCNjAzRDc2OTg0ODIzNkZEMUYzMTkyNDAeFw0yNTA3MDEyMjUxMDRaFw0y
NTA4MDgyMjUxMDRaMBgxFjAUBgNVBAMTDTY4NjQ2NjU4LTBkNzcwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCnChqTCL7xIOoBvgzu18MtzJiDVuFkxQw
DtY/9V//cuONarB2Jpih/yN38pAWZyhdSeU3yAu012Ex41vxg3NdhE2yuz2M3y4t
gnD1qjVqlYp63/RpARy1sCrNTss3/guDaURZrW5zunAHdTk6w0fYAeAn/h2J1Sae
Q0XWMdf3OHebW9+eYGYpFI0SEPUn84W54VdKdtA8kFch8+8JjdZ1Kp3Dg8P1yDsI
H+Vb1WvA4U5JO9OZk/AzJ6GxGJct5SVXHtv1W+7y5ZWjViMkj8p/k3km7VUzaQDd
i8Pz7lOiSshjBoYHGh/z4qRl/pudQRZZnqqqoXoieHOGA2AoUVh/AgMBAAGjggJP
MIICSzAdBgNVHQ4EFgQUXwJAgwIUowagtN0wyVVlsoYHD94wHwYDVR0jBBgwFoAU
mBQsnQtBo7n7YD12mEgjb9HzGSQwDgYDVR0PAQH/BAQDAgeAMHMGA1UdHwRsMGow
aKBmoGSGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJF
MEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9tQlFzblF0Qm83bjdZRDEybUVnamI5
SHpHU1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5LzgzOERCMjE0MTY2NTExRTJCM0JDMjg2
MTcyRkQxRkYyL21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdTUS5jZXIwSgYDVR0g
AQH/BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5h
cG5pYy5uZXQvUlBLSS9DUFMucGRmMH4GCCsGAQUFBwELBHIwcDBuBggrBgEFBQcw
C4ZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5Lzk4MDY1MkUwQjc3
RTExRTdBOTZBMzk1MjFBNEY0RkI0L21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdT
US5tZnQwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAw
BgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQByTAHY6mMsG01MjQFu
Sg8EUt9NylbvrGGayF0Ghggl2dHAtfrE6TSOwyBvwyf9U6wGq5SvTcub+X/0Iw4V
+1zFDT4ICqzx2Th4wB5tm5SwKRX1ZKVncWWQS1CptmrxsrZ9Yd1YBbD0O+4H+WXM
9mYVF3IiJLY+IuHvXiQ0/g9to41TUe1pK869ZXqrMKjh+iS1X21hBsZyQjQnB8xJ
u2UkdCEn4v/ME75VrA2PqzK6exfP7jXjEKqesXKm8ctMYnRtvZzjdC203PdTPozA
FccyWxUQoWGS2wxFcuU+kLDZVQVjtl+QcCOTieFJgDmrfhZxhne0icR6SBCeVmgh
cuUk
-----END CERTIFICATE-----
Generated at Thu Jul 3 05:13:09 2025 by rpki-client