Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A911E6CA/7409B47A4FC711EA8E46D415C4F9AE02/drnTOfrNYrR-k-iITehQOW2877Q.mft
File:                     drnTOfrNYrR-k-iITehQOW2877Q.mft (raw, json)
Hash identifier:          gjKhOc0TuT/2OlHdCA0zOETOhbHJydpGRL+9tHPZcKE=
Subject key identifier:   20:4A:C0:4F:D3:96:9B:85:5C:2D:C5:E5:BB:71:A6:BF:CE:43:82:77
Authority key identifier: 76:B9:D3:39:FA:CD:62:B4:7E:93:E8:88:4D:E8:50:39:6D:BC:EF:B4
Certificate issuer:       /CN=A911E6CA/serialNumber=76B9D339FACD62B47E93E8884DE850396DBCEFB4
Certificate serial:       0B32
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/drnTOfrNYrR-k-iITehQOW2877Q.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A911E6CA/7409B47A4FC711EA8E46D415C4F9AE02/drnTOfrNYrR-k-iITehQOW2877Q.mft
Manifest number:          0B1A
Signing time:             Sat 18 Oct 2025 20:14:46 +0000
Manifest this update:     Sat 18 Oct 2025 20:14:46 +0000
Manifest next update:     Sat 25 Oct 2025 20:14:46 +0000
Files and hashes:         1: drnTOfrNYrR-k-iITehQOW2877Q.crl (hash: umPg6JE1xVAywvL5NnohzHkg3tyZnYwNb/entOoBc4E=)
                          2: 83882F7AF83B11ECB4154E31C4F9AE02.roa (hash: YH3lhLXoSVbhjIpXiN2vn5qlApvWo5uVmDvE4K7XYgk=)
                          3: 4FFC83964CA311EE815AF017C4F9AE02.roa (hash: UA3Z3TNFXnNBwmElq5Ec0QuBLoZlUKqnBYT4/k/3BsY=)
                          4: AA1ABF0AB20011EA9C0DFB2FC4F9AE02.roa (hash: FcXy6QLc2Tvjs24Fp66P1cwtAXMmWgi5gNPzljev1BY=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A911E6CA/7409B47A4FC711EA8E46D415C4F9AE02/drnTOfrNYrR-k-iITehQOW2877Q.crl
                          rsync://rpki.apnic.net/member_repository/A911E6CA/7409B47A4FC711EA8E46D415C4F9AE02/drnTOfrNYrR-k-iITehQOW2877Q.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/drnTOfrNYrR-k-iITehQOW2877Q.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 25 Oct 2025 20:14:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2866 (0xb32)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A911E6CA, serialNumber=76B9D339FACD62B47E93E8884DE850396DBCEFB4
        Validity
            Not Before: Oct 18 20:14:46 2025 GMT
            Not After : Oct 25 20:14:46 2025 GMT
        Subject: CN=68f3f536-d38f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:4d:5b:23:c8:81:d8:c5:46:3b:b7:98:1d:fd:
                    10:24:ec:58:13:a8:2d:29:8e:18:d4:e2:56:be:16:
                    a3:41:2b:28:cb:d6:ac:df:31:46:2c:59:cf:1b:bb:
                    be:34:3e:be:1a:ab:d3:9c:12:62:19:0f:fa:5b:ff:
                    a2:6c:25:ce:a1:4e:12:9a:6c:fe:40:ba:ec:e4:7c:
                    2d:c9:9b:5a:62:f8:8d:26:23:a1:84:6a:d3:a7:50:
                    aa:75:e6:ca:ef:cf:8f:43:20:6a:f9:54:bc:f6:99:
                    f2:b3:27:c9:93:16:c6:27:a2:10:af:c3:06:96:75:
                    e4:49:40:20:fd:f1:29:66:7f:9a:c2:84:31:3b:23:
                    ef:01:8b:59:fe:1f:e6:25:35:c9:4c:3f:c9:62:70:
                    07:b8:42:2b:a7:f4:7e:db:6e:45:b7:18:67:28:02:
                    2e:09:a6:7c:42:0c:c1:76:ab:7a:f8:6a:b8:62:3b:
                    04:cd:77:2c:f9:56:de:f7:13:5f:19:c8:7a:ae:d5:
                    90:7d:fe:8d:86:99:1f:23:3a:23:b9:38:ea:a5:62:
                    74:d1:fa:83:e2:fc:f9:b0:d9:1c:91:8f:41:22:cb:
                    f7:f6:13:cb:b8:75:06:8c:80:83:1f:02:4d:63:3d:
                    e4:a9:b1:bb:21:59:c5:86:07:71:f1:88:40:90:e3:
                    af:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:4A:C0:4F:D3:96:9B:85:5C:2D:C5:E5:BB:71:A6:BF:CE:43:82:77
            X509v3 Authority Key Identifier:
                keyid:76:B9:D3:39:FA:CD:62:B4:7E:93:E8:88:4D:E8:50:39:6D:BC:EF:B4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A911E6CA/7409B47A4FC711EA8E46D415C4F9AE02/drnTOfrNYrR-k-iITehQOW2877Q.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/drnTOfrNYrR-k-iITehQOW2877Q.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911E6CA/7409B47A4FC711EA8E46D415C4F9AE02/drnTOfrNYrR-k-iITehQOW2877Q.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:6f:55:a3:e2:ba:3a:c5:bb:fa:59:08:14:41:7b:36:0b:98:
         dc:dc:d8:06:59:80:90:25:dc:f9:ae:12:3d:ea:f3:e6:8e:90:
         96:88:b6:77:49:9b:30:dc:02:41:15:fb:a5:df:09:9a:37:42:
         da:3b:8c:7d:a7:ae:f8:9d:6a:3f:0e:50:e0:23:be:92:93:3e:
         6e:b2:e3:90:24:17:99:08:06:55:c2:a2:62:6c:26:5a:3e:d5:
         65:e5:07:88:f5:b9:36:92:b3:63:9f:d8:ea:fd:1e:0d:b5:2f:
         bd:a3:25:38:08:46:2b:74:97:f6:5e:3c:23:e9:b5:3f:a9:de:
         85:78:ab:cb:a5:04:91:66:82:42:19:18:32:1a:d7:a2:5c:bb:
         ce:31:04:ca:6f:71:bc:49:18:8d:7e:b7:5b:51:e0:9a:72:38:
         bd:df:fd:50:39:59:a7:e3:e7:10:19:a1:0d:49:d4:dc:0f:73:
         29:97:2f:f6:e8:f4:de:f0:e3:2e:31:1e:db:f1:d1:0a:b6:8f:
         08:bb:55:49:c4:9f:8d:42:d7:f6:32:54:84:53:2a:40:4f:d9:
         70:a8:13:b2:85:46:52:1a:0f:20:c1:10:22:61:7c:03:ad:00:
         25:00:d7:4e:b8:2c:f3:87:87:e3:0b:c8:7d:bb:25:f4:44:1a:
         af:18:89:e7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCzIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUU2Q0ExMTAvBgNVBAUTKDc2QjlEMzM5RkFDRDYyQjQ3RTkzRTg4ODRERTg1MDM5
NkRCQ0VGQjQwHhcNMjUxMDE4MjAxNDQ2WhcNMjUxMDI1MjAxNDQ2WjAYMRYwFAYD
VQQDEw02OGYzZjUzNi1kMzhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyk1bI8iB2MVGO7eYHf0QJOxYE6gtKY4Y1OJWvhajQSsoy9as3zFGLFnPG7u+
ND6+GqvTnBJiGQ/6W/+ibCXOoU4Smmz+QLrs5HwtyZtaYviNJiOhhGrTp1CqdebK
78+PQyBq+VS89pnysyfJkxbGJ6IQr8MGlnXkSUAg/fEpZn+awoQxOyPvAYtZ/h/m
JTXJTD/JYnAHuEIrp/R+225FtxhnKAIuCaZ8QgzBdqt6+Gq4YjsEzXcs+Vbe9xNf
Gch6rtWQff6NhpkfIzojuTjqpWJ00fqD4vz5sNkckY9BIsv39hPLuHUGjICDHwJN
Yz3kqbG7IVnFhgdx8YhAkOOvdwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCBKwE/T
lpuFXC3F5btxpr/OQ4J3MB8GA1UdIwQYMBaAFHa50zn6zWK0fpPoiE3oUDltvO+0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRTZDQS83NDA5QjQ3QTRG
QzcxMUVBOEU0NkQ0MTVDNEY5QUUwMi9kcm5UT2ZyTllyUi1rLWlJVGVoUU9XMjg3
N1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2RyblRPZnJOWXJSLWstaUlUZWhRT1cyODc3US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
RTZDQS83NDA5QjQ3QTRGQzcxMUVBOEU0NkQ0MTVDNEY5QUUwMi9kcm5UT2ZyTlly
Ui1rLWlJVGVoUU9XMjg3N1EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBVb1Wj4ro6xbv6WQgUQXs2C5jc3NgGWYCQJdz5rhI96vPmjpCWiLZ3
SZsw3AJBFful3wmaN0LaO4x9p674nWo/DlDgI76Skz5usuOQJBeZCAZVwqJibCZa
PtVl5QeI9bk2krNjn9jq/R4NtS+9oyU4CEYrdJf2Xjwj6bU/qd6FeKvLpQSRZoJC
GRgyGteiXLvOMQTKb3G8SRiNfrdbUeCacji93/1QOVmn4+cQGaENSdTcD3Mply/2
6PTe8OMuMR7b8dEKto8Iu1VJxJ+NQtf2MlSEUypAT9lwqBOyhUZSGg8gwRAiYXwD
rQAlANdOuCzzh4fjC8h9uyX0RBqvGInn
-----END CERTIFICATE-----
Generated at Mon Oct 20 05:43:12 2025 by rpki-client