Manifest

$ rpki-client -vvf rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
File:                     mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft (raw, json)
Hash identifier:          72dABGIGOW4eH8lCXeRMoG9QABnL23cKR038EapsfBM=
Subject key identifier:   16:44:4C:10:00:93:9A:82:B1:55:DA:8F:61:30:6F:16:9D:9A:41:8C
Authority key identifier: 98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
Certificate issuer:       /CN=apnic-rpki-root-intermediate/serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
Certificate serial:       048B
Authority info access:    rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
Subject info access:      rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
Manifest number:          0240
Signing time:             Tue 30 Jun 2026 00:06:05 +0000
Manifest this update:     Tue 30 Jun 2026 00:06:04 +0000
Manifest next update:     Fri 07 Aug 2026 00:06:04 +0000
Files and hashes:         1: mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl (hash: J5+beSoH1B0sM9DLHOIcucHQCe+Kflqbh63xAGlc31o=)
                          2: DmWk9f02tb1o6zySNAiXjJB6p58.cer (hash: HvBVoi7peyVruKoMqA8m9fc5aNSsi6jivmqKbRjnsQc=)
                          3: dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer (hash: 9esG+JrqkjzOy8uXb4VQpyMgiPvK2LrT0Jm7CrCwNOo=)
                          4: NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer (hash: WVmxsOlDF0xat6+qJEYw0FI7gJpo7ipvHNwUyCZPWe8=)
                          5: DPzneFf88B852ZpitKpi5hWedvg.cer (hash: ATgve2070Q2HLMuJxZG7RNiDFEa3mcphfB0TKoFQiZY=)
                          6: lqhe9LjK9dTDWhV_ThJe5JS6-Tk.cer (hash: 2wvSf3mvkmBJarrorgDD4c1VL/vS28rDRIDRnYLdNAA=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 25 Jul 2026 22:49:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1163 (0x48b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=apnic-rpki-root-intermediate, serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
        Validity
            Not Before: Jun 30 00:06:04 2026 GMT
            Not After : Aug  7 00:06:04 2026 GMT
        Subject: CN=6a43086d-33ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:60:3a:4e:26:e3:62:89:2b:d6:e5:2b:36:f0:
                    64:5a:c0:e7:9b:3b:29:1f:27:f8:63:65:5d:5e:7d:
                    1a:dd:03:53:c4:81:cb:99:fb:81:86:a9:47:ed:f5:
                    ed:32:ea:ec:80:a3:0f:df:9c:46:fc:1e:bd:7a:16:
                    76:47:72:e1:0d:46:4d:63:c1:70:ec:04:2f:c3:e4:
                    35:45:c2:95:e2:4c:55:7a:6c:7a:f4:fc:15:a5:a0:
                    34:e3:78:84:7c:44:0d:4c:15:52:5e:fe:c9:67:2c:
                    9c:84:b9:07:b6:b2:49:53:fd:1e:bd:b7:c5:cb:3b:
                    02:e5:b3:40:0b:ea:88:2a:65:36:02:49:19:87:45:
                    bd:79:6b:72:42:ac:9a:ab:e8:d1:1d:e6:c7:f8:a4:
                    84:eb:71:90:4c:96:d3:41:80:82:ce:fb:87:bf:e1:
                    d3:44:d8:df:95:f3:03:ad:1c:da:ad:96:11:bf:fd:
                    b9:86:8a:81:9d:95:09:c6:70:85:79:51:35:9f:7f:
                    cf:15:f7:22:30:7d:11:0b:5a:54:c2:3a:0a:aa:ae:
                    2c:ee:67:61:a8:fb:80:c1:47:e3:6e:fa:ad:81:59:
                    e8:63:66:ca:d0:91:ff:2f:68:57:49:e2:65:33:41:
                    d4:be:fd:03:53:c7:4b:67:ff:26:4a:06:50:42:2a:
                    30:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:44:4C:10:00:93:9A:82:B1:55:DA:8F:61:30:6F:16:9D:9A:41:8C
            X509v3 Authority Key Identifier:
                keyid:98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         c1:d1:f9:9e:67:c3:61:17:88:ab:7a:48:01:21:eb:ea:47:1e:
         f2:5f:7a:58:db:93:0c:b7:75:cd:4c:62:b5:27:5c:1d:96:c7:
         ba:57:23:43:d8:8f:f6:1c:48:22:3a:af:5c:78:37:e9:35:4e:
         52:76:0b:2f:c1:eb:ca:28:62:67:fe:9d:3d:85:b0:4b:84:99:
         22:82:a9:87:bf:e0:ba:36:37:17:30:38:1e:e8:48:0e:c5:2c:
         e7:23:ce:19:e4:2d:0e:1c:c3:e2:ca:63:ed:8f:c8:85:8f:05:
         ed:16:f4:e4:90:53:cc:65:53:e8:5b:2c:77:5f:47:87:d0:85:
         b9:98:56:66:f2:dc:6c:73:8a:ef:a5:5c:38:d2:3f:7e:27:8a:
         32:6f:57:30:5a:16:b5:53:e4:90:c0:ca:e0:b7:2e:a9:4b:30:
         be:4e:bd:3c:7d:e8:43:9d:0b:79:55:bf:79:ad:6a:8e:ca:d1:
         19:20:1c:1d:98:f3:c5:28:81:0f:f2:a0:56:3b:e2:24:a3:58:
         77:7f:12:d0:86:9f:ac:8b:5c:9f:25:25:fa:2b:8a:f2:ee:b2:
         31:83:25:2f:83:c6:68:c5:61:0a:ba:d8:3d:fc:91:d2:7e:02:
         f1:b4:d2:5e:49:aa:55:ed:43:28:d1:6e:77:48:56:c2:eb:9e:
         62:2f:44:37
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgICBIswDQYJKoZIhvcNAQELBQAwWjElMCMGA1UEAxMcYXBu
aWMtcnBraS1yb290LWludGVybWVkaWF0ZTExMC8GA1UEBRMoOTgxNDJDOUQwQjQx
QTNCOUZCNjAzRDc2OTg0ODIzNkZEMUYzMTkyNDAeFw0yNjA2MzAwMDA2MDRaFw0y
NjA4MDcwMDA2MDRaMBgxFjAUBgNVBAMTDTZhNDMwODZkLTMzYWMwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6YDpOJuNiiSvW5Ss28GRawOebOykfJ/hj
ZV1efRrdA1PEgcuZ+4GGqUft9e0y6uyAow/fnEb8Hr16FnZHcuENRk1jwXDsBC/D
5DVFwpXiTFV6bHr0/BWloDTjeIR8RA1MFVJe/slnLJyEuQe2sklT/R69t8XLOwLl
s0AL6ogqZTYCSRmHRb15a3JCrJqr6NEd5sf4pITrcZBMltNBgILO+4e/4dNE2N+V
8wOtHNqtlhG//bmGioGdlQnGcIV5UTWff88V9yIwfRELWlTCOgqqrizuZ2Go+4DB
R+Nu+q2BWehjZsrQkf8vaFdJ4mUzQdS+/QNTx0tn/yZKBlBCKjDbAgMBAAGjggJP
MIICSzAdBgNVHQ4EFgQUFkRMEACTmoKxVdqPYTBvFp2aQYwwHwYDVR0jBBgwFoAU
mBQsnQtBo7n7YD12mEgjb9HzGSQwDgYDVR0PAQH/BAQDAgeAMHMGA1UdHwRsMGow
aKBmoGSGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJF
MEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9tQlFzblF0Qm83bjdZRDEybUVnamI5
SHpHU1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5LzgzOERCMjE0MTY2NTExRTJCM0JDMjg2
MTcyRkQxRkYyL21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdTUS5jZXIwSgYDVR0g
AQH/BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5h
cG5pYy5uZXQvUlBLSS9DUFMucGRmMH4GCCsGAQUFBwELBHIwcDBuBggrBgEFBQcw
C4ZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5Lzk4MDY1MkUwQjc3
RTExRTdBOTZBMzk1MjFBNEY0RkI0L21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdT
US5tZnQwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAw
BgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQDB0fmeZ8NhF4irekgB
IevqRx7yX3pY25MMt3XNTGK1J1wdlse6VyND2I/2HEgiOq9ceDfpNU5SdgsvwevK
KGJn/p09hbBLhJkigqmHv+C6NjcXMDge6EgOxSznI84Z5C0OHMPiymPtj8iFjwXt
FvTkkFPMZVPoWyx3X0eH0IW5mFZm8txsc4rvpVw40j9+J4oyb1cwWha1U+SQwMrg
ty6pSzC+Tr08fehDnQt5Vb95rWqOytEZIBwdmPPFKIEP8qBWO+Iko1h3fxLQhp+s
i1yfJSX6K4ry7rIxgyUvg8ZoxWEKutg9/JHSfgLxtNJeSapV7UMo0W53SFbC655i
L0Q3
-----END CERTIFICATE-----
Generated at Wed Jul 1 11:00:42 2026 by rpki-client