Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91856C4/A3BAD8E204FF11EA93EE9A23C4F9AE02/mpwxvYeWc4abPI8FWW6IFVgvEdA.mft
File:                     mpwxvYeWc4abPI8FWW6IFVgvEdA.mft (raw, json)
Hash identifier:          vwj9K8YCpZa/w1bN48/o/aSPN7/2tTR0eRqkUHm1Z/Q=
Subject key identifier:   8C:1F:53:B2:11:80:A4:2A:0B:E6:EC:8E:D9:4C:3D:11:E2:D9:07:D4
Authority key identifier: 9A:9C:31:BD:87:96:73:86:9B:3C:8F:05:59:6E:88:15:58:2F:11:D0
Certificate issuer:       /CN=A91856C4/serialNumber=9A9C31BD879673869B3C8F05596E8815582F11D0
Certificate serial:       0CE5
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mpwxvYeWc4abPI8FWW6IFVgvEdA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91856C4/A3BAD8E204FF11EA93EE9A23C4F9AE02/mpwxvYeWc4abPI8FWW6IFVgvEdA.mft
Manifest number:          0CD3
Signing time:             Mon 02 Mar 2026 00:45:25 +0000
Manifest this update:     Mon 02 Mar 2026 00:45:25 +0000
Manifest next update:     Mon 09 Mar 2026 00:45:25 +0000
Files and hashes:         1: mpwxvYeWc4abPI8FWW6IFVgvEdA.crl (hash: pLNlgWYAjqCBS98EEkLzjvugBs9JBmGtP7UwJjrPlTQ=)
                          2: 58AEC9929C0F11EA9CC4217CC4F9AE02.roa (hash: 1lJZiaXN2+jlJbSyyyT2ZVc0TvKSt6+Hz3K+SpWk1T8=)
                          3: 98DC875C050111EA9BDD372BC4F9AE02.roa (hash: YHhtbTx3DFi9+kl85V+ijdhzu/uN/CR3C5x9c+CBrX0=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91856C4/A3BAD8E204FF11EA93EE9A23C4F9AE02/mpwxvYeWc4abPI8FWW6IFVgvEdA.crl
                          rsync://rpki.apnic.net/member_repository/A91856C4/A3BAD8E204FF11EA93EE9A23C4F9AE02/mpwxvYeWc4abPI8FWW6IFVgvEdA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mpwxvYeWc4abPI8FWW6IFVgvEdA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 09 Mar 2026 00:45:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3301 (0xce5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91856C4, serialNumber=9A9C31BD879673869B3C8F05596E8815582F11D0
        Validity
            Not Before: Mar  2 00:45:25 2026 GMT
            Not After : Mar  9 00:45:25 2026 GMT
        Subject: CN=69a4dda5-51ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:e6:c9:08:44:f4:20:b9:16:2a:65:d0:11:fa:
                    3f:77:f0:d6:ec:0c:7a:a8:8b:10:e7:c0:f9:d7:2c:
                    60:de:f7:2a:b3:32:ff:bf:4e:95:5d:1e:c4:0f:da:
                    a0:4c:93:2f:4f:94:7b:3d:3e:9c:78:66:a1:70:70:
                    6c:83:d5:5f:3f:cf:2d:94:e9:14:da:9a:6d:ef:d2:
                    90:e2:eb:b7:e5:28:8c:68:18:21:6e:fc:ab:11:ae:
                    b9:87:f0:a8:ce:c4:cb:39:30:a3:f8:e0:45:1f:df:
                    f5:31:d9:79:cd:ea:d1:66:ff:8b:b3:4e:ed:47:29:
                    1f:9e:8a:ba:2c:ec:80:8c:b2:e9:03:71:46:d7:fc:
                    d1:89:91:a4:c6:02:89:e0:63:62:29:a2:e9:43:ec:
                    e6:94:bc:0b:71:39:71:46:3b:8a:3e:3e:e3:4c:35:
                    ff:5e:77:71:81:7a:ec:8c:08:3f:b6:12:a9:7b:a2:
                    1b:ab:fd:c9:60:bf:29:09:f9:ca:92:e1:b3:70:b1:
                    78:cd:62:bc:95:2a:dc:80:dd:78:d4:2e:61:51:b6:
                    a7:16:8b:22:e8:9e:1c:4e:ad:ee:6f:4c:2f:9b:e4:
                    62:e5:79:01:c2:6a:b8:84:44:6e:8d:fe:94:7a:c1:
                    60:f0:b5:98:88:9f:3a:7d:e2:03:90:81:7e:34:b7:
                    bb:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:1F:53:B2:11:80:A4:2A:0B:E6:EC:8E:D9:4C:3D:11:E2:D9:07:D4
            X509v3 Authority Key Identifier:
                keyid:9A:9C:31:BD:87:96:73:86:9B:3C:8F:05:59:6E:88:15:58:2F:11:D0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91856C4/A3BAD8E204FF11EA93EE9A23C4F9AE02/mpwxvYeWc4abPI8FWW6IFVgvEdA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mpwxvYeWc4abPI8FWW6IFVgvEdA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91856C4/A3BAD8E204FF11EA93EE9A23C4F9AE02/mpwxvYeWc4abPI8FWW6IFVgvEdA.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:4c:7d:64:ac:f6:e9:f1:d1:ef:9b:02:db:04:be:13:88:38:
         52:00:8a:7d:81:e0:31:98:a9:4a:a4:7c:b7:8c:ca:1d:3c:a1:
         19:1e:a1:69:8c:48:ff:ba:4c:e6:fe:14:b1:2f:f7:9e:94:9d:
         d1:a7:9a:c1:d7:d3:ff:38:58:d2:6d:59:ab:44:f1:99:90:6f:
         41:b2:58:4b:31:c0:fb:82:77:01:51:8c:e2:ba:19:22:56:0a:
         9a:ec:14:3b:15:c3:25:0b:b2:bd:35:8c:aa:dc:32:bb:d9:52:
         5b:dc:bb:60:43:04:4c:d6:06:4d:37:3b:06:14:7e:0f:e9:9f:
         0d:23:68:c7:28:f4:e0:b9:a7:46:00:d8:36:9b:6f:06:e8:54:
         6a:2c:15:21:94:ee:0c:b6:37:e4:26:4b:79:94:f4:bc:04:77:
         ca:35:c6:87:db:6f:f4:aa:91:5e:c0:f9:a7:69:3c:da:06:3d:
         9e:3a:ef:11:2e:d8:15:46:d7:23:00:60:7b:c7:1b:07:d1:1f:
         82:da:26:50:54:7e:12:a8:cb:fc:d4:ab:88:48:c6:83:b5:a3:
         5c:d4:78:3e:ce:2b:f7:c8:18:d7:4a:e3:06:df:02:7d:85:ae:
         25:70:73:fa:ae:8b:6f:36:4d:a9:fb:2b:d5:78:9b:29:0c:f6:
         b1:ed:30:1f
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICDOUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODU2QzQxMTAvBgNVBAUTKDlBOUMzMUJEODc5NjczODY5QjNDOEYwNTU5NkU4ODE1
NTgyRjExRDAwHhcNMjYwMzAyMDA0NTI1WhcNMjYwMzA5MDA0NTI1WjAYMRYwFAYD
VQQDEw02OWE0ZGRhNS01MWFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnebJCET0ILkWKmXQEfo/d/DW7Ax6qIsQ58D51yxg3vcqszL/v06VXR7ED9qg
TJMvT5R7PT6ceGahcHBsg9VfP88tlOkU2ppt79KQ4uu35SiMaBghbvyrEa65h/Co
zsTLOTCj+OBFH9/1Mdl5zerRZv+Ls07tRykfnoq6LOyAjLLpA3FG1/zRiZGkxgKJ
4GNiKaLpQ+zmlLwLcTlxRjuKPj7jTDX/XndxgXrsjAg/thKpe6Ibq/3JYL8pCfnK
kuGzcLF4zWK8lSrcgN141C5hUbanFosi6J4cTq3ub0wvm+Ri5XkBwmq4hERujf6U
esFg8LWYiJ86feIDkIF+NLe7rwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFIwfU7IR
gKQqC+bsjtlMPRHi2QfUMB8GA1UdIwQYMBaAFJqcMb2HlnOGmzyPBVluiBVYLxHQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NTZDNC9BM0JBRDhFMjA0
RkYxMUVBOTNFRTlBMjNDNEY5QUUwMi9tcHd4dlllV2M0YWJQSThGV1c2SUZWZ3ZF
ZEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21wd3h2WWVXYzRhYlBJOEZXVzZJRlZndkVkQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
NTZDNC9BM0JBRDhFMjA0RkYxMUVBOTNFRTlBMjNDNEY5QUUwMi9tcHd4dlllV2M0
YWJQSThGV1c2SUZWZ3ZFZEEubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEAIUx9ZKz26fHR75sC2wS+E4g4UgCKfYHgMZipSqR8t4zKHTyhGR6haYxI/7pM
5v4UsS/3npSd0aeawdfT/zhY0m1Zq0TxmZBvQbJYSzHA+4J3AVGM4roZIlYKmuwU
OxXDJQuyvTWMqtwyu9lSW9y7YEMETNYGTTc7BhR+D+mfDSNoxyj04LmnRgDYNptv
BuhUaiwVIZTuDLY35CZLeZT0vAR3yjXGh9tv9KqRXsD5p2k82gY9njrvES7YFUbX
IwBge8cbB9EfgtomUFR+EqjL/NSriEjGg7WjXNR4Ps4r98gY10rjBt8CfYWuJXBz
+q6LbzZNqfsr1XibKQz2se0wHw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:36:51 2026 by rpki-client