Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A911647C/3B1CDFBC851311EAAA0B0A7FC4F9AE02/c35h2qB72DNCtgxeutSxuxm-QAM.mft
File:                     c35h2qB72DNCtgxeutSxuxm-QAM.mft (raw, json)
Hash identifier:          WU4+ZXrn6kCi8WLD8/8HbkWsDBSaZm8lM4mYm+e8kvI=
Subject key identifier:   3F:8B:FA:42:9F:A1:4F:70:C7:06:C3:44:F9:9C:EC:04:61:9C:7F:87
Authority key identifier: 73:7E:61:DA:A0:7B:D8:33:42:B6:0C:5E:BA:D4:B1:BB:19:BE:40:03
Certificate issuer:       /CN=A911647C/serialNumber=737E61DAA07BD83342B60C5EBAD4B1BB19BE4003
Certificate serial:       0A34
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/c35h2qB72DNCtgxeutSxuxm-QAM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A911647C/3B1CDFBC851311EAAA0B0A7FC4F9AE02/c35h2qB72DNCtgxeutSxuxm-QAM.mft
Manifest number:          0A0F
Signing time:             Mon 20 Oct 2025 20:41:01 +0000
Manifest this update:     Mon 20 Oct 2025 20:41:00 +0000
Manifest next update:     Mon 27 Oct 2025 20:41:00 +0000
Files and hashes:         1: c35h2qB72DNCtgxeutSxuxm-QAM.crl (hash: ZHK/TMNp/mwQUXcpryvUAJnwlSRrm/PnswUlgs9UWdo=)
                          2: 5258D3D4BCE011EFAB38225AC4F9AE02.roa (hash: 4oLW18xAlE3B8nPyqU3w32UG4L4+C+i7k1rNnlKSQ7s=)
                          3: 95B5855C18CE11EFBCD58454C4F9AE02.roa (hash: PcZXGp5zvO/A3lEsDn884MTZ2FtXJ7tXRCkkHLH+i5g=)
                          4: 981F188018CE11EFBCD58454C4F9AE02.roa (hash: 7NNAaJL+KytCopmMwh7xFBD72cI0M9FvnIHrWbUqbbw=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A911647C/3B1CDFBC851311EAAA0B0A7FC4F9AE02/c35h2qB72DNCtgxeutSxuxm-QAM.crl
                          rsync://rpki.apnic.net/member_repository/A911647C/3B1CDFBC851311EAAA0B0A7FC4F9AE02/c35h2qB72DNCtgxeutSxuxm-QAM.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/c35h2qB72DNCtgxeutSxuxm-QAM.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 27 Oct 2025 19:55:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2612 (0xa34)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A911647C, serialNumber=737E61DAA07BD83342B60C5EBAD4B1BB19BE4003
        Validity
            Not Before: Oct 20 20:41:00 2025 GMT
            Not After : Oct 27 20:41:00 2025 GMT
        Subject: CN=68f69e5d-f6e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:a9:fa:da:a8:f1:7b:22:24:54:a1:f7:e2:40:
                    cf:04:85:ca:1f:09:74:95:37:2c:df:4c:04:b6:ce:
                    65:e4:33:1b:b8:02:10:b1:5b:d6:86:9f:83:7a:31:
                    8b:2f:92:d2:64:da:13:dd:42:0c:a8:d6:b1:85:ef:
                    22:7b:86:8d:14:00:65:79:cd:c4:fa:85:b5:1d:ee:
                    87:0e:9f:69:62:93:60:75:3c:88:f3:be:23:d4:f1:
                    63:14:08:d9:3b:d0:3d:c9:77:f3:aa:8a:27:e7:79:
                    80:c4:1a:84:ff:7f:c1:61:bf:5a:34:bd:a4:38:d0:
                    81:0d:1e:be:23:17:3d:72:47:95:43:77:c3:11:c0:
                    27:f2:d5:00:b0:88:45:bd:ec:4a:d0:ee:9f:cc:a4:
                    33:a6:d4:4a:22:43:7f:a5:9a:83:0a:63:50:01:b0:
                    94:8f:10:89:20:11:a1:84:a4:57:53:bc:fb:6d:36:
                    ee:57:de:4e:30:36:92:f7:0b:9b:3d:92:86:68:3c:
                    46:a7:91:aa:9d:5f:68:b6:02:f2:ea:41:36:60:42:
                    b0:87:95:ed:ae:1f:b3:c1:c1:f7:30:f5:34:5f:8c:
                    b0:7f:e1:05:f4:61:14:cc:1f:6f:68:10:49:df:cb:
                    ae:6b:c9:88:88:25:ed:56:66:50:a0:2d:8e:18:49:
                    4e:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:8B:FA:42:9F:A1:4F:70:C7:06:C3:44:F9:9C:EC:04:61:9C:7F:87
            X509v3 Authority Key Identifier:
                keyid:73:7E:61:DA:A0:7B:D8:33:42:B6:0C:5E:BA:D4:B1:BB:19:BE:40:03

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A911647C/3B1CDFBC851311EAAA0B0A7FC4F9AE02/c35h2qB72DNCtgxeutSxuxm-QAM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/c35h2qB72DNCtgxeutSxuxm-QAM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911647C/3B1CDFBC851311EAAA0B0A7FC4F9AE02/c35h2qB72DNCtgxeutSxuxm-QAM.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:c6:69:4d:be:a5:62:a7:ef:91:0d:28:c4:3a:f5:a4:2a:70:
         cf:52:63:e6:09:6c:26:3c:c8:af:98:f8:2e:dd:80:a7:c0:79:
         90:b0:59:76:0f:eb:2e:21:d1:b4:ae:6b:b1:b3:03:03:64:9e:
         63:a0:a3:0e:78:37:5e:86:75:a4:03:10:75:a3:78:1f:05:2b:
         6e:7c:9b:e1:63:95:5d:b3:f6:55:b3:9c:8a:57:db:e8:b9:87:
         d1:95:bf:df:6f:4f:ce:eb:6b:29:c8:74:90:c3:b1:aa:ac:5c:
         70:89:28:10:ec:fd:f1:1c:a8:07:e0:16:29:8c:44:cf:d9:21:
         86:37:4d:6c:63:15:f6:75:61:6a:63:18:95:af:c4:95:0a:79:
         1d:00:0b:3f:8c:f4:b2:33:97:75:4e:15:86:d9:80:97:7c:82:
         4c:bd:e0:74:98:e2:11:93:21:fd:5f:03:84:4e:a3:7e:7e:2b:
         bf:eb:18:57:c9:0b:9a:09:aa:59:c1:fc:b6:04:00:dc:b2:19:
         8a:b4:bf:39:f7:82:cf:10:ef:17:7f:79:5c:0d:2a:59:99:f2:
         b2:03:35:53:74:90:dc:25:80:51:89:58:c7:91:a0:b7:8a:25:
         6d:55:61:f5:13:0e:4e:db:16:23:ee:60:b6:d2:7c:39:4e:72:
         f6:23:44:73
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCjQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTY0N0MxMTAvBgNVBAUTKDczN0U2MURBQTA3QkQ4MzM0MkI2MEM1RUJBRDRCMUJC
MTlCRTQwMDMwHhcNMjUxMDIwMjA0MTAwWhcNMjUxMDI3MjA0MTAwWjAYMRYwFAYD
VQQDEw02OGY2OWU1ZC1mNmUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAlan62qjxeyIkVKH34kDPBIXKHwl0lTcs30wEts5l5DMbuAIQsVvWhp+DejGL
L5LSZNoT3UIMqNaxhe8ie4aNFABlec3E+oW1He6HDp9pYpNgdTyI874j1PFjFAjZ
O9A9yXfzqoon53mAxBqE/3/BYb9aNL2kONCBDR6+Ixc9ckeVQ3fDEcAn8tUAsIhF
vexK0O6fzKQzptRKIkN/pZqDCmNQAbCUjxCJIBGhhKRXU7z7bTbuV95OMDaS9wub
PZKGaDxGp5GqnV9otgLy6kE2YEKwh5Xtrh+zwcH3MPU0X4ywf+EF9GEUzB9vaBBJ
38uua8mIiCXtVmZQoC2OGElO5wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFD+L+kKf
oU9wxwbDRPmc7ARhnH+HMB8GA1UdIwQYMBaAFHN+Ydqge9gzQrYMXrrUsbsZvkAD
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNjQ3Qy8zQjFDREZCQzg1
MTMxMUVBQUEwQjBBN0ZDNEY5QUUwMi9jMzVoMnFCNzJETkN0Z3hldXRTeHV4bS1R
QU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2MzNWgycUI3MkROQ3RneGV1dFN4dXhtLVFBTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
NjQ3Qy8zQjFDREZCQzg1MTMxMUVBQUEwQjBBN0ZDNEY5QUUwMi9jMzVoMnFCNzJE
TkN0Z3hldXRTeHV4bS1RQU0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBgxmlNvqVip++RDSjEOvWkKnDPUmPmCWwmPMivmPgu3YCnwHmQsFl2
D+suIdG0rmuxswMDZJ5joKMOeDdehnWkAxB1o3gfBStufJvhY5Vds/ZVs5yKV9vo
uYfRlb/fb0/O62spyHSQw7GqrFxwiSgQ7P3xHKgH4BYpjETP2SGGN01sYxX2dWFq
YxiVr8SVCnkdAAs/jPSyM5d1ThWG2YCXfIJMveB0mOIRkyH9XwOETqN+fiu/6xhX
yQuaCapZwfy2BADcshmKtL8594LPEO8Xf3lcDSpZmfKyAzVTdJDcJYBRiVjHkaC3
iiVtVWH1Ew5O2xYj7mC20nw5TnL2I0Rz
-----END CERTIFICATE-----
Generated at Tue Oct 21 02:25:39 2025 by rpki-client