Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A15FB/BE88A70C2EC711EF82208273C4F9AE02/kuYzl488XC0IYKzbDh3VEhAOie8.mft
File:                     kuYzl488XC0IYKzbDh3VEhAOie8.mft (raw, json)
Hash identifier:          L23jxZCxYxTxs+Be2KKmtoAj3KCM5ooiEc8pZyCKJa8=
Subject key identifier:   CA:1E:15:43:4F:6F:DE:4D:BE:2C:32:E0:86:40:FF:17:23:02:B8:87
Authority key identifier: 92:E6:33:97:8F:3C:5C:2D:08:60:AC:DB:0E:1D:D5:12:10:0E:89:EF
Certificate issuer:       /CN=A91A15FB/serialNumber=92E633978F3C5C2D0860ACDB0E1DD512100E89EF
Certificate serial:       0147
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kuYzl488XC0IYKzbDh3VEhAOie8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A15FB/BE88A70C2EC711EF82208273C4F9AE02/kuYzl488XC0IYKzbDh3VEhAOie8.mft
Manifest number:          0141
Signing time:             Mon 02 Mar 2026 14:37:35 +0000
Manifest this update:     Mon 02 Mar 2026 14:37:35 +0000
Manifest next update:     Mon 09 Mar 2026 14:37:35 +0000
Files and hashes:         1: kuYzl488XC0IYKzbDh3VEhAOie8.crl (hash: Y6V2W4H7hpNQD9jDj3p4grlPKPTZxS+p5sscmgEhyEI=)
                          2: F67388B8C8EE11F0B296D571C4F9AE02.roa (hash: Ln4i6mHL5UZIq22mGQVLVNPqUJhOiI44Lt1j7dBvqNs=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91A15FB/BE88A70C2EC711EF82208273C4F9AE02/kuYzl488XC0IYKzbDh3VEhAOie8.crl
                          rsync://rpki.apnic.net/member_repository/A91A15FB/BE88A70C2EC711EF82208273C4F9AE02/kuYzl488XC0IYKzbDh3VEhAOie8.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kuYzl488XC0IYKzbDh3VEhAOie8.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 09 Mar 2026 14:37:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 327 (0x147)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A15FB, serialNumber=92E633978F3C5C2D0860ACDB0E1DD512100E89EF
        Validity
            Not Before: Mar  2 14:37:35 2026 GMT
            Not After : Mar  9 14:37:35 2026 GMT
        Subject: CN=69a5a0af-9813
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:81:96:1e:16:ed:0f:52:12:ab:87:d4:4a:5a:
                    58:03:36:be:46:1f:9f:67:52:02:c3:b1:3e:92:47:
                    74:0a:b9:7b:e9:7b:32:9b:f6:2a:5f:a7:c3:75:30:
                    72:24:da:52:09:8a:8d:dc:16:f1:f8:f8:58:af:33:
                    b5:52:d1:e2:9e:0d:fa:8a:b5:99:3f:09:bd:83:02:
                    b6:9d:86:4f:28:c2:77:f9:04:15:27:9a:e0:61:b1:
                    b5:ae:62:6b:05:45:45:e7:e7:e9:67:3e:d3:82:42:
                    bb:59:79:9a:05:a4:96:cf:e7:1d:39:dd:74:ae:42:
                    88:17:93:5d:7a:4e:06:22:2f:d0:f4:70:29:42:bc:
                    7c:f0:e0:15:b7:d8:20:da:01:2a:04:c5:c2:77:f5:
                    54:b7:a4:c2:96:51:d0:04:8b:11:25:13:a9:12:e3:
                    05:f5:99:ab:2b:5d:05:80:fe:7a:8d:45:f5:8f:8a:
                    b3:5f:85:c5:7b:62:e6:cd:c7:04:64:6c:26:76:ff:
                    0a:bb:92:85:09:68:86:91:43:d7:83:28:06:1a:d5:
                    dd:bf:ee:e3:06:f0:b0:e9:8d:8a:b0:94:0f:3b:f6:
                    df:46:0e:77:6a:aa:12:68:a3:c4:fc:cf:de:86:a9:
                    c4:44:10:eb:7a:0c:d5:40:48:ce:11:07:10:ca:1c:
                    44:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:1E:15:43:4F:6F:DE:4D:BE:2C:32:E0:86:40:FF:17:23:02:B8:87
            X509v3 Authority Key Identifier:
                keyid:92:E6:33:97:8F:3C:5C:2D:08:60:AC:DB:0E:1D:D5:12:10:0E:89:EF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A15FB/BE88A70C2EC711EF82208273C4F9AE02/kuYzl488XC0IYKzbDh3VEhAOie8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kuYzl488XC0IYKzbDh3VEhAOie8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A15FB/BE88A70C2EC711EF82208273C4F9AE02/kuYzl488XC0IYKzbDh3VEhAOie8.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:33:c3:fe:90:fc:1f:37:ae:ac:d3:40:93:d5:71:7d:db:d2:
         bd:5f:3b:aa:5e:3b:0a:13:0d:14:43:e6:68:64:f8:67:78:32:
         1c:35:db:99:0c:1a:91:70:14:c0:92:99:bc:4f:40:b2:7f:a6:
         bd:c5:86:08:7c:4c:32:c6:20:3c:ef:7f:9f:a7:b2:6d:4c:64:
         85:e1:55:1a:6d:06:6c:10:55:0e:92:6b:c3:85:85:6c:f6:ac:
         fb:20:c2:97:16:7c:a1:0d:b2:04:54:65:d4:df:b2:ba:85:70:
         b2:09:13:1b:5b:97:1a:3c:a6:f1:6d:93:ba:10:00:e9:17:1e:
         c5:50:53:da:7f:c6:9d:a3:49:24:e4:ef:e7:77:3f:70:85:57:
         61:1e:a3:78:5f:92:3b:55:5a:11:f2:ea:cd:d2:2f:9b:7f:8e:
         f3:64:51:59:56:4f:57:7c:97:b2:2a:33:30:2d:93:21:5d:af:
         38:d2:bd:88:e4:56:7a:73:f1:0c:48:a3:12:97:b0:aa:79:db:
         cf:67:7b:87:8f:fa:50:95:e4:e9:e2:63:87:c1:9c:5b:52:ac:
         69:97:22:9a:cc:66:7d:ca:10:41:b9:56:8e:ff:66:92:33:4f:
         e4:c7:00:38:fe:bc:7b:b4:8d:26:9c:09:02:20:95:97:41:29:
         37:77:9b:06
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICAUcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTE1RkIxMTAvBgNVBAUTKDkyRTYzMzk3OEYzQzVDMkQwODYwQUNEQjBFMURENTEy
MTAwRTg5RUYwHhcNMjYwMzAyMTQzNzM1WhcNMjYwMzA5MTQzNzM1WjAYMRYwFAYD
VQQDEw02OWE1YTBhZi05ODEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA64GWHhbtD1ISq4fUSlpYAza+Rh+fZ1ICw7E+kkd0Crl76Xsym/YqX6fDdTBy
JNpSCYqN3Bbx+PhYrzO1UtHing36irWZPwm9gwK2nYZPKMJ3+QQVJ5rgYbG1rmJr
BUVF5+fpZz7TgkK7WXmaBaSWz+cdOd10rkKIF5Ndek4GIi/Q9HApQrx88OAVt9gg
2gEqBMXCd/VUt6TCllHQBIsRJROpEuMF9ZmrK10FgP56jUX1j4qzX4XFe2LmzccE
ZGwmdv8Ku5KFCWiGkUPXgygGGtXdv+7jBvCw6Y2KsJQPO/bfRg53aqoSaKPE/M/e
hqnERBDregzVQEjOEQcQyhxESQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFMoeFUNP
b95Nviwy4IZA/xcjAriHMB8GA1UdIwQYMBaAFJLmM5ePPFwtCGCs2w4d1RIQDonv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMTVGQi9CRTg4QTcwQzJF
QzcxMUVGODIyMDgyNzNDNEY5QUUwMi9rdVl6bDQ4OFhDMElZS3piRGgzVkVoQU9p
ZTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2t1WXpsNDg4WEMwSVlLemJEaDNWRWhBT2llOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
MTVGQi9CRTg4QTcwQzJFQzcxMUVGODIyMDgyNzNDNEY5QUUwMi9rdVl6bDQ4OFhD
MElZS3piRGgzVkVoQU9pZTgubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEAeDPD/pD8HzeurNNAk9VxfdvSvV87ql47ChMNFEPmaGT4Z3gyHDXbmQwakXAU
wJKZvE9Asn+mvcWGCHxMMsYgPO9/n6eybUxkheFVGm0GbBBVDpJrw4WFbPas+yDC
lxZ8oQ2yBFRl1N+yuoVwsgkTG1uXGjym8W2TuhAA6RcexVBT2n/GnaNJJOTv53c/
cIVXYR6jeF+SO1VaEfLqzdIvm3+O82RRWVZPV3yXsiozMC2TIV2vONK9iORWenPx
DEijEpewqnnbz2d7h4/6UJXk6eJjh8GcW1KsaZcimsxmfcoQQblWjv9mkjNP5McA
OP68e7SNJpwJAiCVl0EpN3ebBg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 21:27:15 2026 by rpki-client