Manifest

$ rpki-client -vvf rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
File:                     mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft (raw, json)
Hash identifier:          g90GSrRVn/LQ77uQlYYnhxvvRQHYzijzRLAKIOA4EFI=
Subject key identifier:   1C:DB:06:5D:0D:6B:9B:FB:4A:83:A6:B9:38:4C:9D:86:12:13:9F:39
Authority key identifier: 98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
Certificate issuer:       /CN=apnic-rpki-root-intermediate/serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
Certificate serial:       048D
Authority info access:    rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
Subject info access:      rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
Manifest number:          0241
Signing time:             Tue 07 Jul 2026 23:39:06 +0000
Manifest this update:     Tue 07 Jul 2026 23:39:06 +0000
Manifest next update:     Fri 14 Aug 2026 23:39:06 +0000
Files and hashes:         1: mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl (hash: qPie7uf1JBqxzHGjjGW2hzvkb3M5ySIUPEEpFywEwMI=)
                          2: DmWk9f02tb1o6zySNAiXjJB6p58.cer (hash: HvBVoi7peyVruKoMqA8m9fc5aNSsi6jivmqKbRjnsQc=)
                          3: dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer (hash: PQfR4XNx9gUCSr0yJu9OOWH/nSkFnYCTdL+2c4SlKxc=)
                          4: NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer (hash: WVmxsOlDF0xat6+qJEYw0FI7gJpo7ipvHNwUyCZPWe8=)
                          5: DPzneFf88B852ZpitKpi5hWedvg.cer (hash: ATgve2070Q2HLMuJxZG7RNiDFEa3mcphfB0TKoFQiZY=)
                          6: lqhe9LjK9dTDWhV_ThJe5JS6-Tk.cer (hash: 2wvSf3mvkmBJarrorgDD4c1VL/vS28rDRIDRnYLdNAA=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 25 Jul 2026 22:49:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1165 (0x48d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=apnic-rpki-root-intermediate, serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
        Validity
            Not Before: Jul  7 23:39:06 2026 GMT
            Not After : Aug 14 23:39:06 2026 GMT
        Subject: CN=6a4d8e1a-d053
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:87:85:3a:56:5f:14:6b:6b:d4:aa:7d:ec:a0:
                    1d:02:38:89:09:ec:9c:8f:6d:49:91:3a:06:30:b0:
                    13:8c:37:0d:73:fc:b0:c7:e9:50:00:30:00:0a:07:
                    86:fb:8f:9a:be:fd:39:10:7f:4d:53:42:ff:ea:f5:
                    67:9b:53:79:05:ee:2b:a8:16:24:42:0e:21:2a:d9:
                    01:b5:2e:4f:9f:b0:5d:2c:4d:f0:4f:f3:2d:c1:33:
                    f8:6b:60:ce:61:08:d2:e0:d9:d1:aa:58:26:a7:d9:
                    24:42:f6:e5:49:b8:f1:da:e4:c8:e8:1b:bc:55:28:
                    6c:7e:4d:e0:fa:c0:14:d1:c3:e9:f6:87:0a:1c:56:
                    c3:22:cf:6d:ee:0e:04:f5:c9:d1:9e:44:a0:3b:9b:
                    84:1c:9f:84:41:93:50:3b:ce:cf:b1:25:ad:01:59:
                    01:2d:3c:28:49:53:53:2b:27:1b:e0:36:20:70:42:
                    7e:41:e5:65:85:ff:47:68:27:7f:4d:28:05:2c:36:
                    ab:70:c7:b8:2f:12:79:e2:d5:44:44:bb:cc:d8:bd:
                    69:cf:1e:01:6b:21:61:d2:cf:41:47:cf:e3:ea:2d:
                    b4:ac:40:2a:d1:aa:95:67:f2:78:30:95:25:85:f5:
                    28:9f:71:5b:a4:be:ec:5a:7f:74:ae:e2:55:c2:e4:
                    44:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:DB:06:5D:0D:6B:9B:FB:4A:83:A6:B9:38:4C:9D:86:12:13:9F:39
            X509v3 Authority Key Identifier:
                keyid:98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:cb:b5:22:ac:7c:f4:63:98:9f:ac:2d:1b:31:28:bc:fa:32:
         bb:8a:4e:f0:03:f2:06:50:82:d1:82:40:5c:99:38:c0:97:34:
         07:2f:4c:a8:a0:a0:85:db:dc:6d:84:39:90:fd:05:fa:a9:66:
         8e:eb:44:0b:d7:e8:16:6e:21:7a:16:5c:a0:63:76:8c:4b:67:
         10:5f:a5:a5:17:75:72:ea:53:b4:36:f0:52:0f:ba:51:30:ba:
         b1:34:0b:e8:6a:2e:6f:3d:42:83:6d:fe:39:1a:c1:b1:b6:7c:
         1a:89:de:ab:59:ba:a7:cc:68:a7:43:9a:9f:30:d8:dd:83:54:
         fa:b6:00:8c:5e:d7:f9:40:7f:f5:16:b1:41:56:8a:8d:3b:c9:
         11:41:1e:63:ac:8e:c6:e9:46:f2:9b:9a:b8:a3:13:77:75:99:
         f9:5a:7c:cd:82:7f:af:d2:72:a0:27:a1:aa:85:8b:49:4a:08:
         ef:90:95:99:b0:8a:95:c6:4e:b4:1d:18:91:7a:4b:14:94:02:
         1f:b0:4b:5a:1e:76:03:1c:97:03:c6:9b:59:21:1d:5a:4c:88:
         5b:8a:f3:8f:b5:f9:05:bb:44:f5:3e:a8:4a:9e:a9:2a:a3:dc:
         e8:c5:ab:53:9c:8d:15:59:17:97:ca:10:8c:1f:47:3d:23:da:
         c7:e9:6d:c9
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgICBI0wDQYJKoZIhvcNAQELBQAwWjElMCMGA1UEAxMcYXBu
aWMtcnBraS1yb290LWludGVybWVkaWF0ZTExMC8GA1UEBRMoOTgxNDJDOUQwQjQx
QTNCOUZCNjAzRDc2OTg0ODIzNkZEMUYzMTkyNDAeFw0yNjA3MDcyMzM5MDZaFw0y
NjA4MTQyMzM5MDZaMBgxFjAUBgNVBAMTDTZhNGQ4ZTFhLWQwNTMwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDh4U6Vl8Ua2vUqn3soB0COIkJ7JyPbUmR
OgYwsBOMNw1z/LDH6VAAMAAKB4b7j5q+/TkQf01TQv/q9WebU3kF7iuoFiRCDiEq
2QG1Lk+fsF0sTfBP8y3BM/hrYM5hCNLg2dGqWCan2SRC9uVJuPHa5MjoG7xVKGx+
TeD6wBTRw+n2hwocVsMiz23uDgT1ydGeRKA7m4Qcn4RBk1A7zs+xJa0BWQEtPChJ
U1MrJxvgNiBwQn5B5WWF/0doJ39NKAUsNqtwx7gvEnni1UREu8zYvWnPHgFrIWHS
z0FHz+PqLbSsQCrRqpVn8ngwlSWF9SifcVukvuxaf3Su4lXC5ES3AgMBAAGjggJP
MIICSzAdBgNVHQ4EFgQUHNsGXQ1rm/tKg6a5OEydhhITnzkwHwYDVR0jBBgwFoAU
mBQsnQtBo7n7YD12mEgjb9HzGSQwDgYDVR0PAQH/BAQDAgeAMHMGA1UdHwRsMGow
aKBmoGSGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJF
MEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9tQlFzblF0Qm83bjdZRDEybUVnamI5
SHpHU1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5LzgzOERCMjE0MTY2NTExRTJCM0JDMjg2
MTcyRkQxRkYyL21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdTUS5jZXIwSgYDVR0g
AQH/BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5h
cG5pYy5uZXQvUlBLSS9DUFMucGRmMH4GCCsGAQUFBwELBHIwcDBuBggrBgEFBQcw
C4ZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5Lzk4MDY1MkUwQjc3
RTExRTdBOTZBMzk1MjFBNEY0RkI0L21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdT
US5tZnQwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAw
BgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQAfy7UirHz0Y5ifrC0b
MSi8+jK7ik7wA/IGUILRgkBcmTjAlzQHL0yooKCF29xthDmQ/QX6qWaO60QL1+gW
biF6FlygY3aMS2cQX6WlF3Vy6lO0NvBSD7pRMLqxNAvoai5vPUKDbf45GsGxtnwa
id6rWbqnzGinQ5qfMNjdg1T6tgCMXtf5QH/1FrFBVoqNO8kRQR5jrI7G6Ubym5q4
oxN3dZn5WnzNgn+v0nKgJ6GqhYtJSgjvkJWZsIqVxk60HRiReksUlAIfsEtaHnYD
HJcDxptZIR1aTIhbivOPtfkFu0T1PqhKnqkqo9zoxatTnI0VWReXyhCMH0c9I9rH
6W3J
-----END CERTIFICATE-----
Generated at Fri Jul 10 15:31:35 2026 by rpki-client