Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9119B43/E5B839824B3A11EC992E8150C4F9AE02/Xtho2ocq-NaWpcGp-ngp9lJzynk.mft
File:                     Xtho2ocq-NaWpcGp-ngp9lJzynk.mft (raw, json)
Hash identifier:          jBUIQGyArWTwibiH+FdRMBPNgqPTHlB4fhYXxa2+9oE=
Subject key identifier:   F6:A5:D4:09:C6:6C:EF:AE:B2:79:34:25:FD:8A:C4:60:42:40:23:45
Authority key identifier: 5E:D8:68:DA:87:2A:F8:D6:96:A5:C1:A9:FA:78:29:F6:52:73:CA:79
Certificate issuer:       /CN=A9119B43/serialNumber=5ED868DA872AF8D696A5C1A9FA7829F65273CA79
Certificate serial:       04BC
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xtho2ocq-NaWpcGp-ngp9lJzynk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9119B43/E5B839824B3A11EC992E8150C4F9AE02/Xtho2ocq-NaWpcGp-ngp9lJzynk.mft
Manifest number:          04B4
Signing time:             Sun 19 Oct 2025 01:43:47 +0000
Manifest this update:     Sun 19 Oct 2025 01:43:46 +0000
Manifest next update:     Sun 26 Oct 2025 01:43:46 +0000
Files and hashes:         1: Xtho2ocq-NaWpcGp-ngp9lJzynk.crl (hash: Vigs2seoR0oO6SfRirB8XenX5YBY5cNbljiyOUu7T9k=)
                          2: 6C27C19E4BFA11ECA6797F6DC4F9AE02.roa (hash: 9zlcNMp71CcrKhJ6RcgbQ3pW8nUmE/ShM6R3qPGEpIM=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9119B43/E5B839824B3A11EC992E8150C4F9AE02/Xtho2ocq-NaWpcGp-ngp9lJzynk.crl
                          rsync://rpki.apnic.net/member_repository/A9119B43/E5B839824B3A11EC992E8150C4F9AE02/Xtho2ocq-NaWpcGp-ngp9lJzynk.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xtho2ocq-NaWpcGp-ngp9lJzynk.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 26 Oct 2025 01:43:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1212 (0x4bc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9119B43, serialNumber=5ED868DA872AF8D696A5C1A9FA7829F65273CA79
        Validity
            Not Before: Oct 19 01:43:46 2025 GMT
            Not After : Oct 26 01:43:46 2025 GMT
        Subject: CN=68f44252-fe3d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:cf:2e:60:07:65:6e:ec:7a:d8:3d:40:80:bb:
                    dc:e9:ba:2b:df:b0:22:13:80:7e:14:3a:6a:31:ea:
                    e6:fe:1b:67:0d:be:82:5e:8c:3b:ac:aa:42:dd:8f:
                    17:a3:23:a4:46:86:af:a3:c9:aa:c7:b3:3b:f2:e3:
                    ce:d0:0b:b0:22:5e:d0:c6:3c:f0:08:e3:7f:03:bf:
                    ed:11:6b:b0:d9:cc:5d:b6:f0:80:d2:ec:60:64:33:
                    19:99:b3:eb:db:3c:ee:98:e6:a0:c5:9f:77:1d:bc:
                    8b:ed:c5:96:00:fb:79:a3:87:e7:c5:cc:d3:07:5d:
                    2e:98:a6:6b:d0:3e:50:cb:d2:f3:c7:d9:e0:63:e0:
                    27:b3:1e:01:c5:e3:eb:2a:17:c9:51:4f:df:2c:ba:
                    e6:53:60:95:29:83:6d:d5:f4:ce:d7:ea:4a:dd:db:
                    68:9c:4e:bd:d5:18:92:b2:de:85:89:1a:cf:3e:b1:
                    a6:56:5d:60:c4:08:23:b3:df:d8:b3:c7:94:71:0d:
                    5a:63:bc:f9:73:1f:4f:4e:d9:a4:92:ec:ee:56:a3:
                    eb:10:d2:96:08:c7:bf:3f:32:7c:da:9e:92:bf:94:
                    c2:6e:9d:1b:86:40:c2:ca:92:df:ec:8c:cb:54:f6:
                    76:5d:a6:e1:9b:19:f2:ed:be:61:63:5d:eb:19:d1:
                    08:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:A5:D4:09:C6:6C:EF:AE:B2:79:34:25:FD:8A:C4:60:42:40:23:45
            X509v3 Authority Key Identifier:
                keyid:5E:D8:68:DA:87:2A:F8:D6:96:A5:C1:A9:FA:78:29:F6:52:73:CA:79

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9119B43/E5B839824B3A11EC992E8150C4F9AE02/Xtho2ocq-NaWpcGp-ngp9lJzynk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xtho2ocq-NaWpcGp-ngp9lJzynk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9119B43/E5B839824B3A11EC992E8150C4F9AE02/Xtho2ocq-NaWpcGp-ngp9lJzynk.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:5e:b6:e7:af:fc:64:95:98:15:fa:02:28:c6:44:98:cc:44:
         a8:12:b2:bc:ea:8f:81:ad:65:60:da:3f:d6:60:a9:c0:79:33:
         00:04:d8:37:f1:3a:cb:01:b5:ce:5d:cb:e8:1c:fd:c9:cb:5f:
         11:fe:40:ed:bf:8d:3c:8c:e7:ed:91:83:1f:c8:d1:2d:35:3c:
         36:36:2b:56:36:d8:f7:47:12:84:f1:7b:6d:29:dd:c1:1a:27:
         35:69:33:33:81:5e:4e:24:ba:54:2a:97:b5:a5:a2:65:64:c5:
         8e:7e:1c:de:b5:5f:bc:32:1b:59:ba:15:3c:6f:63:9b:26:92:
         01:f0:75:86:31:1f:a4:98:e4:95:66:73:93:5e:6f:14:8c:00:
         f9:8a:6c:27:34:34:36:49:ec:d9:04:88:fd:4f:6c:c8:08:2f:
         53:47:99:66:e4:6b:0e:82:01:05:eb:00:d3:c7:18:b9:49:7d:
         bf:ba:1b:88:28:98:6c:1d:54:11:d2:4f:1c:3f:5e:b9:5c:d6:
         5e:c4:05:89:c0:78:aa:f0:f6:35:ac:8d:23:a2:0c:8a:2f:86:
         db:f4:ed:41:2c:8a:53:8e:1f:3f:75:3c:b1:90:f5:1f:c3:c8:
         af:b3:8f:05:77:db:1e:d7:ec:1a:d2:89:ff:65:92:13:d7:69:
         c2:36:11:96
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICBLwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTlCNDMxMTAvBgNVBAUTKDVFRDg2OERBODcyQUY4RDY5NkE1QzFBOUZBNzgyOUY2
NTI3M0NBNzkwHhcNMjUxMDE5MDE0MzQ2WhcNMjUxMDI2MDE0MzQ2WjAYMRYwFAYD
VQQDEw02OGY0NDI1Mi1mZTNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyM8uYAdlbux62D1AgLvc6bor37AiE4B+FDpqMerm/htnDb6CXow7rKpC3Y8X
oyOkRoavo8mqx7M78uPO0AuwIl7QxjzwCON/A7/tEWuw2cxdtvCA0uxgZDMZmbPr
2zzumOagxZ93HbyL7cWWAPt5o4fnxczTB10umKZr0D5Qy9Lzx9ngY+Ansx4BxePr
KhfJUU/fLLrmU2CVKYNt1fTO1+pK3dtonE691RiSst6FiRrPPrGmVl1gxAgjs9/Y
s8eUcQ1aY7z5cx9PTtmkkuzuVqPrENKWCMe/PzJ82p6Sv5TCbp0bhkDCypLf7IzL
VPZ2Xabhmxny7b5hY13rGdEIyQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPal1AnG
bO+usnk0Jf2KxGBCQCNFMB8GA1UdIwQYMBaAFF7YaNqHKvjWlqXBqfp4KfZSc8p5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOUI0My9FNUI4Mzk4MjRC
M0ExMUVDOTkyRTgxNTBDNEY5QUUwMi9YdGhvMm9jcS1OYVdwY0dwLW5ncDlsSnp5
bmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1h0aG8yb2NxLU5hV3BjR3AtbmdwOWxKenluay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
OUI0My9FNUI4Mzk4MjRCM0ExMUVDOTkyRTgxNTBDNEY5QUUwMi9YdGhvMm9jcS1O
YVdwY0dwLW5ncDlsSnp5bmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQADXrbnr/xklZgV+gIoxkSYzESoErK86o+BrWVg2j/WYKnAeTMABNg3
8TrLAbXOXcvoHP3Jy18R/kDtv408jOftkYMfyNEtNTw2NitWNtj3RxKE8XttKd3B
Gic1aTMzgV5OJLpUKpe1paJlZMWOfhzetV+8MhtZuhU8b2ObJpIB8HWGMR+kmOSV
ZnOTXm8UjAD5imwnNDQ2SezZBIj9T2zICC9TR5lm5GsOggEF6wDTxxi5SX2/uhuI
KJhsHVQR0k8cP165XNZexAWJwHiq8PY1rI0jogyKL4bb9O1BLIpTjh8/dTyxkPUf
w8ivs48Fd9se1+wa0on/ZZIT12nCNhGW
-----END CERTIFICATE-----
Generated at Mon Oct 20 10:44:29 2025 by rpki-client