Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A911035A/3C609B447C6611EA8089F351C4F9AE02/3GIgCKihrUK-KiVJQ0ka-qhFSaU.mft
File:                     3GIgCKihrUK-KiVJQ0ka-qhFSaU.mft (raw, json)
Hash identifier:          EuND4OWy7eqAvf4ZYb+EZglVzZDs2At6iC0QMPDF7ms=
Subject key identifier:   37:82:24:14:D2:A9:B5:AF:01:D1:07:8A:E5:56:B3:35:E9:94:3E:D4
Authority key identifier: DC:62:20:08:A8:A1:AD:42:BE:2A:25:49:43:49:1A:FA:A8:45:49:A5
Certificate issuer:       /CN=A911035A/serialNumber=DC622008A8A1AD42BE2A254943491AFAA84549A5
Certificate serial:       0A8B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3GIgCKihrUK-KiVJQ0ka-qhFSaU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A911035A/3C609B447C6611EA8089F351C4F9AE02/3GIgCKihrUK-KiVJQ0ka-qhFSaU.mft
Manifest number:          0A79
Signing time:             Mon 02 Mar 2026 00:58:13 +0000
Manifest this update:     Mon 02 Mar 2026 00:58:13 +0000
Manifest next update:     Mon 09 Mar 2026 00:58:13 +0000
Files and hashes:         1: 3GIgCKihrUK-KiVJQ0ka-qhFSaU.crl (hash: ddtxQIMIlHG28Ux9rqh+Hkp7yb9uhRtOyOc0/tomJfc=)
                          2: C1B3DE082BBE11EF809E1831C4F9AE02.roa (hash: pjTWlhBU9uLdZ8Pokz/j8Myvf4pRfYFG3vHjcrWT10w=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A911035A/3C609B447C6611EA8089F351C4F9AE02/3GIgCKihrUK-KiVJQ0ka-qhFSaU.crl
                          rsync://rpki.apnic.net/member_repository/A911035A/3C609B447C6611EA8089F351C4F9AE02/3GIgCKihrUK-KiVJQ0ka-qhFSaU.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3GIgCKihrUK-KiVJQ0ka-qhFSaU.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 09 Mar 2026 00:58:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2699 (0xa8b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A911035A, serialNumber=DC622008A8A1AD42BE2A254943491AFAA84549A5
        Validity
            Not Before: Mar  2 00:58:13 2026 GMT
            Not After : Mar  9 00:58:13 2026 GMT
        Subject: CN=69a4e0a5-f883
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:ef:16:85:80:37:5f:ef:b5:62:b9:5f:a7:c7:
                    a9:5e:ae:97:d4:53:37:af:cb:ef:bd:1f:31:a6:0e:
                    cc:09:a0:b7:0e:61:07:ac:2b:91:4f:d8:fa:43:3d:
                    ba:ec:57:16:27:66:ef:73:67:de:d6:db:21:8e:ef:
                    cd:59:97:fd:64:e9:a3:fa:15:0f:44:62:44:3f:cf:
                    56:78:93:67:44:32:06:8e:39:9e:7c:6d:ae:e1:5c:
                    7b:6d:65:25:04:6c:56:87:d1:36:1f:e1:2c:e8:6e:
                    54:de:ad:18:58:ef:94:43:b1:b2:50:7b:fc:89:32:
                    4a:39:c2:c2:88:d6:79:4d:0a:c5:1f:c2:1f:5a:6e:
                    d8:2e:23:38:27:ee:99:76:3c:27:dc:1b:c6:3f:19:
                    40:d2:c5:66:c1:05:29:58:9f:a6:11:a6:06:57:fb:
                    64:11:7c:22:c9:f8:ea:f7:94:2b:c9:82:a0:11:05:
                    5b:c2:02:07:75:6b:48:22:20:68:64:3c:2d:2c:e9:
                    07:1e:b2:cd:eb:fc:97:fb:14:0b:67:1b:3a:6f:7d:
                    b8:7d:b8:43:3d:c0:e3:cc:04:a9:1e:1b:cc:c9:2d:
                    db:3c:3e:a8:ac:49:97:fa:78:ca:42:d6:8b:74:2e:
                    52:ba:cd:fb:50:d3:55:dd:da:9a:90:85:cf:ad:1b:
                    bc:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:82:24:14:D2:A9:B5:AF:01:D1:07:8A:E5:56:B3:35:E9:94:3E:D4
            X509v3 Authority Key Identifier:
                keyid:DC:62:20:08:A8:A1:AD:42:BE:2A:25:49:43:49:1A:FA:A8:45:49:A5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A911035A/3C609B447C6611EA8089F351C4F9AE02/3GIgCKihrUK-KiVJQ0ka-qhFSaU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3GIgCKihrUK-KiVJQ0ka-qhFSaU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911035A/3C609B447C6611EA8089F351C4F9AE02/3GIgCKihrUK-KiVJQ0ka-qhFSaU.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:59:ec:70:0e:65:c5:4a:e9:34:b6:82:44:37:9b:69:66:07:
         80:dd:e7:1e:df:88:b5:ac:19:9c:74:12:a0:0a:aa:5e:7b:e1:
         44:63:e5:c9:cd:24:1e:07:70:f7:a2:3a:8e:68:6d:66:5f:f9:
         07:a7:f7:2b:e5:53:9b:dd:6a:91:66:52:03:97:7b:98:0d:ee:
         ed:64:2f:48:55:e4:6e:a9:d7:e5:23:58:10:e8:45:ad:e1:9a:
         26:28:14:79:d6:79:68:83:09:82:c6:e6:cc:83:19:9e:f6:7f:
         ca:37:ee:cb:68:9f:fa:6f:df:ea:f5:12:98:e2:bf:1e:db:47:
         b5:f5:9b:49:ce:3d:91:73:a8:1a:8e:28:b8:dc:66:14:57:23:
         35:45:32:f7:15:02:13:46:b9:b7:5d:a4:34:47:62:fe:03:17:
         b1:87:1a:61:10:b9:b0:8c:5a:7d:5d:73:79:7c:4a:95:48:c7:
         12:6b:d0:58:29:fe:85:16:49:fe:9e:e7:df:95:c1:93:90:2a:
         e3:bb:e6:01:c1:47:00:7c:0e:d6:c2:ba:e5:c8:33:7e:e7:6a:
         ad:3c:e8:49:cd:08:97:17:d1:e8:e0:c2:8e:55:f7:79:bb:78:
         64:8d:d2:e4:ca:9c:1a:98:5f:fc:f5:99:b1:65:29:db:d9:34:
         ec:35:ea:49
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICCoswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTAzNUExMTAvBgNVBAUTKERDNjIyMDA4QThBMUFENDJCRTJBMjU0OTQzNDkxQUZB
QTg0NTQ5QTUwHhcNMjYwMzAyMDA1ODEzWhcNMjYwMzA5MDA1ODEzWjAYMRYwFAYD
VQQDEw02OWE0ZTBhNS1mODgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzO8WhYA3X++1Yrlfp8epXq6X1FM3r8vvvR8xpg7MCaC3DmEHrCuRT9j6Qz26
7FcWJ2bvc2fe1tshju/NWZf9ZOmj+hUPRGJEP89WeJNnRDIGjjmefG2u4Vx7bWUl
BGxWh9E2H+Es6G5U3q0YWO+UQ7GyUHv8iTJKOcLCiNZ5TQrFH8IfWm7YLiM4J+6Z
djwn3BvGPxlA0sVmwQUpWJ+mEaYGV/tkEXwiyfjq95QryYKgEQVbwgIHdWtIIiBo
ZDwtLOkHHrLN6/yX+xQLZxs6b324fbhDPcDjzASpHhvMyS3bPD6orEmX+njKQtaL
dC5Sus37UNNV3dqakIXPrRu8jQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFDeCJBTS
qbWvAdEHiuVWszXplD7UMB8GA1UdIwQYMBaAFNxiIAiooa1CviolSUNJGvqoRUml
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExMDM1QS8zQzYwOUI0NDdD
NjYxMUVBODA4OUYzNTFDNEY5QUUwMi8zR0lnQ0tpaHJVSy1LaVZKUTBrYS1xaEZT
YVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNHSWdDS2loclVLLUtpVkpRMGthLXFoRlNhVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
MDM1QS8zQzYwOUI0NDdDNjYxMUVBODA4OUYzNTFDNEY5QUUwMi8zR0lnQ0tpaHJV
Sy1LaVZKUTBrYS1xaEZTYVUubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEAEFnscA5lxUrpNLaCRDebaWYHgN3nHt+ItawZnHQSoAqqXnvhRGPlyc0kHgdw
96I6jmhtZl/5B6f3K+VTm91qkWZSA5d7mA3u7WQvSFXkbqnX5SNYEOhFreGaJigU
edZ5aIMJgsbmzIMZnvZ/yjfuy2if+m/f6vUSmOK/HttHtfWbSc49kXOoGo4ouNxm
FFcjNUUy9xUCE0a5t12kNEdi/gMXsYcaYRC5sIxafV1zeXxKlUjHEmvQWCn+hRZJ
/p7n35XBk5Aq47vmAcFHAHwO1sK65cgzfudqrTzoSc0IlxfR6ODCjlX3ebt4ZI3S
5MqcGphf/PWZsWUp29k07DXqSQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 20:18:28 2026 by rpki-client