Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91650A5/17DFB35A46E611E5B08DA17BC4F9AE02/QIyZnDwewBZElFs0d6nyI061eRw.mft
File:                     QIyZnDwewBZElFs0d6nyI061eRw.mft (raw, json)
Hash identifier:          b13f2E37aaSBS0OfvtQBZqXpN+SwpKRyLRRbAiObGgA=
Subject key identifier:   02:2D:A7:19:BD:6F:EF:94:32:A3:3B:B2:C1:E6:E5:03:26:01:FD:F9
Authority key identifier: 40:8C:99:9C:3C:1E:C0:16:44:94:5B:34:77:A9:F2:23:4E:B5:79:1C
Certificate issuer:       /CN=A91650A5/serialNumber=408C999C3C1EC01644945B3477A9F2234EB5791C
Certificate serial:       2556
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QIyZnDwewBZElFs0d6nyI061eRw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91650A5/17DFB35A46E611E5B08DA17BC4F9AE02/QIyZnDwewBZElFs0d6nyI061eRw.mft
Manifest number:          252A
Signing time:             Thu 26 Mar 2026 15:45:52 +0000
Manifest this update:     Thu 26 Mar 2026 15:45:51 +0000
Manifest next update:     Thu 02 Apr 2026 15:45:51 +0000
Files and hashes:         1: QIyZnDwewBZElFs0d6nyI061eRw.crl (hash: IjUDvZICq9SnziDTqxRwtxcLc8P1wKW4JEQA58dNWZs=)
                          2: ABA9F4B8AF8411EABF9F844DC4F9AE02.roa (hash: /w4t5dhbmQEa84JEDJ39VitjjFskPm/mEpnYuZ0T6wQ=)
                          3: 2486E806F0E311EAA1C58D62C4F9AE02.roa (hash: l+zP+x/ZY9cq3nbV4r5XpYolKqUr/0Lu8hDJSfvQgkI=)
                          4: 50A2F64264BC11E8ACC7951EC4F9AE02.roa (hash: 6oC3s9zXSmCynBY9z0T8TeaSrJ6gHinauk9Zr2y+ucg=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91650A5/17DFB35A46E611E5B08DA17BC4F9AE02/QIyZnDwewBZElFs0d6nyI061eRw.crl
                          rsync://rpki.apnic.net/member_repository/A91650A5/17DFB35A46E611E5B08DA17BC4F9AE02/QIyZnDwewBZElFs0d6nyI061eRw.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QIyZnDwewBZElFs0d6nyI061eRw.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 02 Apr 2026 14:54:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9558 (0x2556)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91650A5, serialNumber=408C999C3C1EC01644945B3477A9F2234EB5791C
        Validity
            Not Before: Mar 26 15:45:51 2026 GMT
            Not After : Apr  2 15:45:51 2026 GMT
        Subject: CN=69c554b0-ec9f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:b2:8a:a2:d3:19:12:0b:c8:6b:c1:15:60:40:
                    de:46:8d:08:0f:22:59:8b:66:3e:4b:9a:ef:ba:bb:
                    e5:e2:6c:eb:a7:d9:12:70:00:57:69:a7:a9:32:35:
                    16:31:12:0f:22:fa:dd:51:94:90:c0:96:44:2d:7e:
                    7e:18:48:9d:73:78:b2:70:2b:f1:4b:7e:13:7e:ee:
                    4c:93:02:66:80:c7:20:20:20:d7:17:dd:92:c0:04:
                    78:e1:14:3a:eb:df:52:12:59:3c:b2:93:28:5e:85:
                    fb:a2:6c:19:fe:6f:11:94:95:e4:41:5d:de:6e:73:
                    49:53:ee:7c:a5:ee:d5:3e:e5:9b:f3:b1:c6:df:47:
                    c2:f0:6a:f5:a5:17:1b:c6:d1:b4:4a:cd:e4:9f:42:
                    81:6c:0c:f2:fc:90:ba:97:dd:42:b4:8d:85:3b:fc:
                    d7:89:ea:c1:87:0b:6d:9d:21:60:07:8f:4d:67:8b:
                    e6:42:9f:4c:71:36:1b:dc:3e:e0:21:27:ad:ee:28:
                    c8:3a:f6:59:04:65:3d:5a:c4:3a:11:1d:b7:fb:48:
                    1b:74:fb:6f:c6:97:d8:87:7b:f0:63:29:51:fe:dd:
                    a3:4e:0c:4c:a8:1f:1f:ad:5d:06:37:64:1d:4c:ce:
                    cf:63:9e:86:73:56:c0:06:1d:3a:8b:14:60:52:e2:
                    85:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:2D:A7:19:BD:6F:EF:94:32:A3:3B:B2:C1:E6:E5:03:26:01:FD:F9
            X509v3 Authority Key Identifier:
                keyid:40:8C:99:9C:3C:1E:C0:16:44:94:5B:34:77:A9:F2:23:4E:B5:79:1C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91650A5/17DFB35A46E611E5B08DA17BC4F9AE02/QIyZnDwewBZElFs0d6nyI061eRw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QIyZnDwewBZElFs0d6nyI061eRw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91650A5/17DFB35A46E611E5B08DA17BC4F9AE02/QIyZnDwewBZElFs0d6nyI061eRw.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         bc:8b:b0:e6:dc:84:08:a5:aa:30:00:cf:4e:49:d3:48:02:ca:
         48:7a:b3:66:6e:09:02:93:9c:e0:7b:61:b8:69:13:6d:c7:22:
         13:97:c7:bb:33:cf:2d:aa:e7:dd:fc:12:95:0b:e2:bb:15:ec:
         06:60:38:c4:01:d2:09:59:4b:08:dc:0a:23:de:9d:9e:84:de:
         2b:38:3a:27:8b:14:ac:3a:19:79:ad:f7:29:c8:16:b1:e9:5e:
         89:a9:cb:cf:12:38:26:6d:66:d5:e0:d1:22:b1:fe:50:8d:e6:
         22:63:18:82:42:4c:86:3d:db:ec:fe:21:c1:ea:eb:32:01:c1:
         f0:4a:b8:1c:5d:15:76:b4:1d:2a:27:0e:f1:59:db:3b:a1:83:
         dc:d2:9f:6e:dc:9b:c3:5d:67:4b:f9:65:68:10:5b:50:7a:d9:
         de:3b:a0:a9:f9:5e:15:5f:fe:8d:69:52:07:a4:94:bb:cd:0c:
         a1:ef:ac:1a:d4:f4:57:36:ff:76:f9:b6:24:9b:a6:a1:c9:cb:
         b1:45:34:9a:8f:f5:d2:79:81:9d:14:8d:54:77:7b:0a:90:c3:
         3a:d2:5f:14:c4:76:64:5a:8b:3a:da:3f:cf:96:01:f3:99:c0:
         74:c3:09:13:ca:f4:25:82:a7:e7:3f:97:15:e7:b3:ce:82:50:
         fc:18:45:45
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICJVYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjUwQTUxMTAvBgNVBAUTKDQwOEM5OTlDM0MxRUMwMTY0NDk0NUIzNDc3QTlGMjIz
NEVCNTc5MUMwHhcNMjYwMzI2MTU0NTUxWhcNMjYwNDAyMTU0NTUxWjAYMRYwFAYD
VQQDEw02OWM1NTRiMC1lYzlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAurKKotMZEgvIa8EVYEDeRo0IDyJZi2Y+S5rvurvl4mzrp9kScABXaaepMjUW
MRIPIvrdUZSQwJZELX5+GEidc3iycCvxS34Tfu5MkwJmgMcgICDXF92SwAR44RQ6
699SElk8spMoXoX7omwZ/m8RlJXkQV3ebnNJU+58pe7VPuWb87HG30fC8Gr1pRcb
xtG0Ss3kn0KBbAzy/JC6l91CtI2FO/zXierBhwttnSFgB49NZ4vmQp9McTYb3D7g
ISet7ijIOvZZBGU9WsQ6ER23+0gbdPtvxpfYh3vwYylR/t2jTgxMqB8frV0GN2Qd
TM7PY56Gc1bABh06ixRgUuKFYwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFAItpxm9
b++UMqM7ssHm5QMmAf35MB8GA1UdIwQYMBaAFECMmZw8HsAWRJRbNHep8iNOtXkc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NTBBNS8xN0RGQjM1QTQ2
RTYxMUU1QjA4REExN0JDNEY5QUUwMi9RSXlabkR3ZXdCWkVsRnMwZDZueUkwNjFl
UncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FJeVpuRHdld0JaRWxGczBkNm55STA2MWVSdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
NTBBNS8xN0RGQjM1QTQ2RTYxMUU1QjA4REExN0JDNEY5QUUwMi9RSXlabkR3ZXdC
WkVsRnMwZDZueUkwNjFlUncubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEAvIuw5tyECKWqMADPTknTSALKSHqzZm4JApOc4HthuGkTbcciE5fHuzPPLarn
3fwSlQviuxXsBmA4xAHSCVlLCNwKI96dnoTeKzg6J4sUrDoZea33KcgWseleianL
zxI4Jm1m1eDRIrH+UI3mImMYgkJMhj3b7P4hwerrMgHB8Eq4HF0VdrQdKicO8Vnb
O6GD3NKfbtybw11nS/llaBBbUHrZ3jugqfleFV/+jWlSB6SUu80Moe+sGtT0Vzb/
dvm2JJumocnLsUU0mo/10nmBnRSNVHd7CpDDOtJfFMR2ZFqLOto/z5YB85nAdMMJ
E8r0JYKn5z+XFeezzoJQ/BhFRQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 20:38:15 2026 by rpki-client