Manifest

$ rpki-client -vvf rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
File:                     mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft (raw, json)
Hash identifier:          ZcLRLg3QXTkICABq1DEJHiwdKJ0bIC7nTeH0z8w82Lo=
Subject key identifier:   96:AB:D1:9E:AE:2E:9F:D0:2E:94:2C:42:11:F0:1C:FF:6C:9B:69:A4
Authority key identifier: 98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
Certificate issuer:       /CN=apnic-rpki-root-intermediate/serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
Certificate serial:       042F
Authority info access:    rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
Subject info access:      rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
Manifest number:          0212
Signing time:             Fri 27 Feb 2026 01:00:46 +0000
Manifest this update:     Fri 27 Feb 2026 01:00:46 +0000
Manifest next update:     Mon 06 Apr 2026 01:00:46 +0000
Files and hashes:         1: mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl (hash: P2PgfkFYPbo2WGLgjCO5qk4G63GSkq9rJd9OWcm5zqI=)
                          2: DmWk9f02tb1o6zySNAiXjJB6p58.cer (hash: HvBVoi7peyVruKoMqA8m9fc5aNSsi6jivmqKbRjnsQc=)
                          3: dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer (hash: t9wW+0LJZcYVTzRW7+sBrIRdZJDnQGUiC0TyylBKfRk=)
                          4: NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer (hash: WVmxsOlDF0xat6+qJEYw0FI7gJpo7ipvHNwUyCZPWe8=)
                          5: DPzneFf88B852ZpitKpi5hWedvg.cer (hash: P6K0zKyLc67ALo4HUz26Wu79FaQGhidr09Wf7Dkl4qc=)
                          6: lqhe9LjK9dTDWhV_ThJe5JS6-Tk.cer (hash: NvSQdOpjbNko8KZoxWdKOdTzk9Rg1mZxrALiFCau4lU=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 05 Apr 2026 23:18:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1071 (0x42f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=apnic-rpki-root-intermediate, serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
        Validity
            Not Before: Feb 27 01:00:46 2026 GMT
            Not After : Apr  6 01:00:46 2026 GMT
        Subject: CN=69a0ecbe-7f4e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:97:5c:9f:26:f9:b6:e4:e2:81:e8:90:ee:a0:
                    48:55:be:c8:d9:d1:83:1c:0e:37:02:3e:d6:a9:ff:
                    c5:5a:1d:2d:bd:5f:77:68:8d:13:ce:a0:d2:c4:4d:
                    70:c0:ec:2a:a8:b4:d9:64:2d:18:78:6b:aa:72:f2:
                    d9:a1:42:ee:c7:5e:a9:75:51:80:8d:ec:ba:25:61:
                    50:9a:c2:61:00:64:02:55:02:fc:4a:91:2a:87:70:
                    3f:8b:73:4e:20:70:73:79:06:2a:ab:53:38:52:84:
                    0e:ec:e9:e6:22:2b:c4:78:a7:b6:6e:b9:1e:a2:90:
                    a2:2d:0b:63:1c:f6:75:d5:eb:9f:58:ca:40:3b:e2:
                    91:a3:86:06:09:d5:5c:f4:3d:08:e4:9d:12:39:38:
                    b2:da:74:95:97:64:14:54:fe:f4:70:27:e3:4c:b9:
                    2e:71:4b:f4:ba:de:dd:2e:a8:5b:ae:22:64:1c:ec:
                    2f:4f:34:f9:fd:2b:db:41:77:c9:32:18:b2:93:22:
                    51:49:9c:81:bf:bc:ac:7b:09:aa:1d:c3:07:c7:97:
                    0b:35:07:27:5f:d4:83:00:e6:23:5d:8f:ce:75:6f:
                    cc:9f:9d:63:b7:54:09:84:fa:42:a0:4b:ed:02:a1:
                    e8:f0:b5:9b:00:4c:4f:23:7d:46:ca:45:d5:9f:d7:
                    a6:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:AB:D1:9E:AE:2E:9F:D0:2E:94:2C:42:11:F0:1C:FF:6C:9B:69:A4
            X509v3 Authority Key Identifier:
                keyid:98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         dc:c5:3a:15:7a:16:1c:28:19:8a:2a:2f:eb:60:e0:3d:42:c6:
         c4:5e:52:fe:6b:97:45:cd:6a:37:49:bb:07:12:97:e6:c7:27:
         ea:74:05:46:e9:82:d8:fe:13:57:cb:52:22:52:67:f3:73:71:
         af:eb:73:57:7c:92:64:e7:42:d6:ca:9e:06:9e:2a:17:4b:76:
         f3:5b:78:ab:75:06:3a:5f:2d:d8:a0:bb:39:a5:20:23:05:d1:
         49:13:d2:d5:2c:09:f6:cd:04:de:cb:f2:ed:02:f0:fa:59:3d:
         10:39:91:05:6f:5a:6d:d5:dc:cd:cb:d0:1f:13:02:2e:f9:bb:
         b3:00:7c:0f:05:9f:1b:fa:17:d9:ae:85:92:5e:6c:33:48:0a:
         dc:97:09:23:88:07:6b:82:76:a3:ef:ff:cd:75:82:44:be:57:
         a8:93:2d:b5:67:94:78:0b:6f:b2:37:c2:19:5d:28:1d:cf:9e:
         1f:cf:bf:d1:12:70:9e:63:f3:f4:f6:63:8b:70:64:ea:30:d7:
         2f:74:9c:52:b8:db:a5:29:2d:df:f8:53:05:79:4e:8e:a2:9f:
         9a:15:59:01:61:a3:12:b8:5b:95:ec:bd:77:f0:a0:a4:4f:6f:
         e7:d4:6e:c5:70:a9:2c:f0:db:8f:4c:a3:de:a9:7d:14:02:1e:
         16:dd:6b:39
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgICBC8wDQYJKoZIhvcNAQELBQAwWjElMCMGA1UEAxMcYXBu
aWMtcnBraS1yb290LWludGVybWVkaWF0ZTExMC8GA1UEBRMoOTgxNDJDOUQwQjQx
QTNCOUZCNjAzRDc2OTg0ODIzNkZEMUYzMTkyNDAeFw0yNjAyMjcwMTAwNDZaFw0y
NjA0MDYwMTAwNDZaMBgxFjAUBgNVBAMTDTY5YTBlY2JlLTdmNGUwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAl1yfJvm25OKB6JDuoEhVvsjZ0YMcDjcC
Ptap/8VaHS29X3dojRPOoNLETXDA7CqotNlkLRh4a6py8tmhQu7HXql1UYCN7Lol
YVCawmEAZAJVAvxKkSqHcD+Lc04gcHN5BiqrUzhShA7s6eYiK8R4p7ZuuR6ikKIt
C2Mc9nXV659YykA74pGjhgYJ1Vz0PQjknRI5OLLadJWXZBRU/vRwJ+NMuS5xS/S6
3t0uqFuuImQc7C9PNPn9K9tBd8kyGLKTIlFJnIG/vKx7CaodwwfHlws1Bydf1IMA
5iNdj851b8yfnWO3VAmE+kKgS+0CoejwtZsATE8jfUbKRdWf16bdAgMBAAGjggJP
MIICSzAdBgNVHQ4EFgQUlqvRnq4un9AulCxCEfAc/2ybaaQwHwYDVR0jBBgwFoAU
mBQsnQtBo7n7YD12mEgjb9HzGSQwDgYDVR0PAQH/BAQDAgeAMHMGA1UdHwRsMGow
aKBmoGSGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJF
MEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9tQlFzblF0Qm83bjdZRDEybUVnamI5
SHpHU1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5LzgzOERCMjE0MTY2NTExRTJCM0JDMjg2
MTcyRkQxRkYyL21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdTUS5jZXIwSgYDVR0g
AQH/BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5h
cG5pYy5uZXQvUlBLSS9DUFMucGRmMH4GCCsGAQUFBwELBHIwcDBuBggrBgEFBQcw
C4ZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5Lzk4MDY1MkUwQjc3
RTExRTdBOTZBMzk1MjFBNEY0RkI0L21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdT
US5tZnQwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAw
BgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQDcxToVehYcKBmKKi/r
YOA9QsbEXlL+a5dFzWo3SbsHEpfmxyfqdAVG6YLY/hNXy1IiUmfzc3Gv63NXfJJk
50LWyp4GnioXS3bzW3irdQY6Xy3YoLs5pSAjBdFJE9LVLAn2zQTey/LtAvD6WT0Q
OZEFb1pt1dzNy9AfEwIu+buzAHwPBZ8b+hfZroWSXmwzSArclwkjiAdrgnaj7//N
dYJEvleoky21Z5R4C2+yN8IZXSgdz54fz7/REnCeY/P09mOLcGTqMNcvdJxSuNul
KS3f+FMFeU6Oop+aFVkBYaMSuFuV7L138KCkT2/n1G7FcKks8NuPTKPeqX0UAh4W
3Ws5
-----END CERTIFICATE-----
Generated at Sat Feb 28 02:06:37 2026 by rpki-client