Manifest

$ rpki-client -vvf rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
File:                     mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft (raw, json)
Hash identifier:          uuL3C8bYLM2ZLBHj+shTTgYVJ50L0ZbNuzS1C2eSpWg=
Subject key identifier:   17:41:DC:7C:DA:A2:E4:01:33:EA:C0:14:F4:AE:CE:A2:A6:5A:7F:13
Authority key identifier: 98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
Certificate issuer:       /CN=apnic-rpki-root-intermediate/serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
Certificate serial:       03B5
Authority info access:    rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
Subject info access:      rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
Manifest number:          01D5
Signing time:             Wed 20 Aug 2025 23:26:18 +0000
Manifest this update:     Wed 20 Aug 2025 23:26:18 +0000
Manifest next update:     Sat 27 Sep 2025 23:26:18 +0000
Files and hashes:         1: mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl (hash: pllOsIIg7iRFrce+mhLREUyd7rBfJoS0Yd4jbqH7QZU=)
                          2: DmWk9f02tb1o6zySNAiXjJB6p58.cer (hash: F5ea2PHEdnp8OkhTCvVxp73LXDgcVsjPpcfj7fYDYic=)
                          3: dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer (hash: DLn0ekEKu4AAZ/H6QT8/63ajihmyTwj6iRLFZfoowJ4=)
                          4: NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer (hash: x4mFJOMmynkwTyJAqeOPLl/8JsviT9ztJe/+Vjo6VFw=)
                          5: DPzneFf88B852ZpitKpi5hWedvg.cer (hash: bYzdOUS201K8gqiq8ncffU6nm6tl5f6sVNHjv8idJNk=)
                          6: lqhe9LjK9dTDWhV_ThJe5JS6-Tk.cer (hash: xNGFTC4dfqtMbccyv7r/06PxIMW5lHsysOQ7ZVWen1U=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 18 Sep 2025 22:49:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 949 (0x3b5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=apnic-rpki-root-intermediate, serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
        Validity
            Not Before: Aug 20 23:26:18 2025 GMT
            Not After : Sep 27 23:26:18 2025 GMT
        Subject: CN=68a6599a-6bfc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:ef:1e:c5:3b:1b:3e:3d:f0:86:5d:ed:ef:ba:
                    93:96:f0:e4:5b:af:91:fa:72:31:04:1f:a9:5e:36:
                    92:53:d2:f5:c4:08:95:f8:fd:d8:7a:63:d8:09:9f:
                    64:74:b6:9a:83:2d:0e:82:13:cd:8d:79:da:64:7b:
                    96:3a:35:c7:89:28:75:be:62:81:47:7c:25:4e:5e:
                    08:96:5b:4a:ad:0a:e2:9c:6f:95:cc:82:e4:10:4f:
                    41:7b:c2:6e:8f:9a:92:f9:54:58:90:73:7d:ec:b2:
                    64:d2:54:00:a2:54:1d:ab:66:1d:6b:9f:b6:94:ef:
                    77:72:1a:5a:35:d7:99:19:1d:43:63:69:ee:56:87:
                    a1:4b:fa:50:b8:75:cc:89:1c:b8:c0:54:d8:73:b0:
                    9b:40:d1:d5:c0:fc:35:b7:eb:89:99:51:7d:da:a0:
                    7f:88:e2:81:20:31:9f:bb:7f:79:f1:97:f1:8d:84:
                    ae:ed:44:a9:37:19:ca:a6:a1:11:fc:d9:88:07:98:
                    c6:c4:57:7e:0c:5a:0f:d2:62:60:fd:3f:e9:a5:8c:
                    f5:5f:58:7c:fe:6a:b4:97:80:81:ea:3f:93:2c:e8:
                    41:fb:1d:c7:82:92:af:4f:b8:ee:46:0f:39:ff:22:
                    1a:e1:ad:0b:81:65:83:e2:a1:fd:cf:22:c2:f8:77:
                    06:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:41:DC:7C:DA:A2:E4:01:33:EA:C0:14:F4:AE:CE:A2:A6:5A:7F:13
            X509v3 Authority Key Identifier:
                keyid:98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:59:46:8c:f0:9b:51:38:2b:cc:f2:0e:7e:4b:75:51:7f:42:
         ca:9c:03:18:c1:03:a4:2b:89:97:fb:88:da:28:44:15:4f:f7:
         56:89:5b:e4:a4:de:4a:58:87:81:1d:3e:b0:2b:ee:62:48:7e:
         f3:c5:9a:3f:45:02:93:10:c4:e7:2a:b0:79:f8:89:79:2b:d8:
         9c:84:11:46:22:11:8a:99:4e:b5:32:f1:b6:a7:f6:9b:8a:24:
         7a:ba:8c:a5:ce:b6:97:7c:9e:c6:c2:e8:0b:3e:0a:04:60:38:
         33:24:86:b2:da:9a:3e:53:99:ae:30:a5:ba:c2:7a:ee:84:f0:
         f9:5a:ad:6f:24:c4:f8:99:da:eb:3c:ea:ba:8a:d1:07:3a:78:
         4f:dc:98:5f:c7:b1:a2:69:49:a2:29:39:48:c9:bc:32:0d:12:
         52:32:a4:ca:7d:34:fa:3b:21:d2:65:e1:d2:74:40:bf:08:40:
         50:8a:d8:ff:c9:70:05:02:7f:60:72:9b:19:e0:75:93:b6:2d:
         96:e5:0b:c6:da:92:18:c9:e1:79:1b:af:5b:2f:79:b2:74:2a:
         81:15:46:95:ed:93:0d:12:00:ba:d4:5e:e8:d8:23:0c:c8:2d:
         91:ba:84:3c:ff:b5:f2:9d:66:ba:8b:bb:9d:b2:cd:b7:86:cb:
         07:68:b4:67
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgICA7UwDQYJKoZIhvcNAQELBQAwWjElMCMGA1UEAxMcYXBu
aWMtcnBraS1yb290LWludGVybWVkaWF0ZTExMC8GA1UEBRMoOTgxNDJDOUQwQjQx
QTNCOUZCNjAzRDc2OTg0ODIzNkZEMUYzMTkyNDAeFw0yNTA4MjAyMzI2MThaFw0y
NTA5MjcyMzI2MThaMBgxFjAUBgNVBAMTDTY4YTY1OTlhLTZiZmMwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC87x7FOxs+PfCGXe3vupOW8ORbr5H6cjEE
H6leNpJT0vXECJX4/dh6Y9gJn2R0tpqDLQ6CE82Nedpke5Y6NceJKHW+YoFHfCVO
XgiWW0qtCuKcb5XMguQQT0F7wm6PmpL5VFiQc33ssmTSVACiVB2rZh1rn7aU73dy
Glo115kZHUNjae5Wh6FL+lC4dcyJHLjAVNhzsJtA0dXA/DW364mZUX3aoH+I4oEg
MZ+7f3nxl/GNhK7tRKk3GcqmoRH82YgHmMbEV34MWg/SYmD9P+mljPVfWHz+arSX
gIHqP5Ms6EH7HceCkq9PuO5GDzn/IhrhrQuBZYPiof3PIsL4dwbDAgMBAAGjggJP
MIICSzAdBgNVHQ4EFgQUF0HcfNqi5AEz6sAU9K7OoqZafxMwHwYDVR0jBBgwFoAU
mBQsnQtBo7n7YD12mEgjb9HzGSQwDgYDVR0PAQH/BAQDAgeAMHMGA1UdHwRsMGow
aKBmoGSGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJF
MEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9tQlFzblF0Qm83bjdZRDEybUVnamI5
SHpHU1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5LzgzOERCMjE0MTY2NTExRTJCM0JDMjg2
MTcyRkQxRkYyL21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdTUS5jZXIwSgYDVR0g
AQH/BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5h
cG5pYy5uZXQvUlBLSS9DUFMucGRmMH4GCCsGAQUFBwELBHIwcDBuBggrBgEFBQcw
C4ZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5Lzk4MDY1MkUwQjc3
RTExRTdBOTZBMzk1MjFBNEY0RkI0L21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdT
US5tZnQwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAw
BgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQBgWUaM8JtROCvM8g5+
S3VRf0LKnAMYwQOkK4mX+4jaKEQVT/dWiVvkpN5KWIeBHT6wK+5iSH7zxZo/RQKT
EMTnKrB5+Il5K9ichBFGIhGKmU61MvG2p/abiiR6uoylzraXfJ7GwugLPgoEYDgz
JIay2po+U5muMKW6wnruhPD5Wq1vJMT4mdrrPOq6itEHOnhP3Jhfx7GiaUmiKTlI
ybwyDRJSMqTKfTT6OyHSZeHSdEC/CEBQitj/yXAFAn9gcpsZ4HWTti2W5QvG2pIY
yeF5G69bL3mydCqBFUaV7ZMNEgC61F7o2CMMyC2RuoQ8/7XynWa6i7udss23hssH
aLRn
-----END CERTIFICATE-----
Generated at Sat Aug 23 04:26:00 2025 by rpki-client