Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9129F1D/21CABA5C875E11EDBDC64946C4F9AE02/y1sC0Pxzbip6stKIoPwzFnpLvO0.mft
File:                     y1sC0Pxzbip6stKIoPwzFnpLvO0.mft (raw, json)
Hash identifier:          xGmfwVToA54LqQgAO2JchgX+VySIQhalNOib4AmTi/w=
Subject key identifier:   AF:C7:0F:16:03:10:CA:C7:20:56:B5:D4:46:25:D6:70:81:9D:ED:39
Authority key identifier: CB:5B:02:D0:FC:73:6E:2A:7A:B2:D2:88:A0:FC:33:16:7A:4B:BC:ED
Certificate issuer:       /CN=A9129F1D/serialNumber=CB5B02D0FC736E2A7AB2D288A0FC33167A4BBCED
Certificate serial:       020E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y1sC0Pxzbip6stKIoPwzFnpLvO0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9129F1D/21CABA5C875E11EDBDC64946C4F9AE02/y1sC0Pxzbip6stKIoPwzFnpLvO0.mft
Manifest number:          020A
Signing time:             Sun 19 Oct 2025 04:34:23 +0000
Manifest this update:     Sun 19 Oct 2025 04:34:23 +0000
Manifest next update:     Sun 26 Oct 2025 04:34:23 +0000
Files and hashes:         1: y1sC0Pxzbip6stKIoPwzFnpLvO0.crl (hash: o2yGzZuSEQrdeKvRrbGgmkYuKFQSY4ZzCaMyvdF6I2s=)
                          2: 3E122AE0876011ED84335D46C4F9AE02.roa (hash: bMGYEkxmsNwyimLtEml2g/yxjeK2QwKmxudQ/0mQEOc=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9129F1D/21CABA5C875E11EDBDC64946C4F9AE02/y1sC0Pxzbip6stKIoPwzFnpLvO0.crl
                          rsync://rpki.apnic.net/member_repository/A9129F1D/21CABA5C875E11EDBDC64946C4F9AE02/y1sC0Pxzbip6stKIoPwzFnpLvO0.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y1sC0Pxzbip6stKIoPwzFnpLvO0.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 26 Oct 2025 04:34:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 526 (0x20e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9129F1D, serialNumber=CB5B02D0FC736E2A7AB2D288A0FC33167A4BBCED
        Validity
            Not Before: Oct 19 04:34:23 2025 GMT
            Not After : Oct 26 04:34:23 2025 GMT
        Subject: CN=68f46a4f-fe77
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:05:dd:b4:6e:05:5b:20:bb:c7:89:fc:5b:5c:
                    2f:84:27:00:7a:c3:0c:08:22:05:e0:93:82:87:38:
                    86:50:6b:52:70:5a:59:b7:8e:57:e4:23:cb:09:89:
                    6c:50:1d:51:75:02:9c:c5:b9:20:ae:61:73:73:67:
                    da:03:4a:42:41:5e:92:c9:25:89:d2:6d:d6:ce:c5:
                    93:16:b1:8f:61:8e:19:04:66:11:46:c2:e0:7b:a6:
                    cc:cf:cd:e1:d5:bf:0f:69:e9:9e:6e:c3:97:72:4a:
                    db:6f:5d:71:10:53:8b:c4:c1:36:9e:16:4a:e4:e6:
                    fc:99:88:45:3f:05:9a:e7:3a:13:f2:da:0a:0e:2d:
                    bb:6a:2e:b7:8b:f9:7b:80:0e:d6:38:69:4c:88:6b:
                    9c:cf:f5:dd:56:90:f7:4b:af:09:f3:15:51:ea:5b:
                    e9:d2:bc:11:da:02:6d:6b:5b:ce:bb:3b:74:79:c3:
                    50:5a:2c:0c:72:77:5f:0f:1c:5e:9a:70:8c:58:17:
                    52:26:51:e5:87:d5:ff:be:62:05:e8:5f:23:fe:1e:
                    ef:6c:c8:f3:5b:ce:64:d1:82:f6:9e:be:dc:f8:03:
                    27:52:85:09:ee:da:87:96:b9:17:24:45:c6:a4:c1:
                    5c:98:03:20:0a:29:ef:02:82:64:a3:13:50:df:ca:
                    e5:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:C7:0F:16:03:10:CA:C7:20:56:B5:D4:46:25:D6:70:81:9D:ED:39
            X509v3 Authority Key Identifier:
                keyid:CB:5B:02:D0:FC:73:6E:2A:7A:B2:D2:88:A0:FC:33:16:7A:4B:BC:ED

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9129F1D/21CABA5C875E11EDBDC64946C4F9AE02/y1sC0Pxzbip6stKIoPwzFnpLvO0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y1sC0Pxzbip6stKIoPwzFnpLvO0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9129F1D/21CABA5C875E11EDBDC64946C4F9AE02/y1sC0Pxzbip6stKIoPwzFnpLvO0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:25:41:9f:d9:4c:9f:dc:e9:50:44:af:bb:42:b9:dc:57:e6:
         0c:c1:24:3a:6f:7e:b6:f4:b2:64:c1:85:ea:01:9b:62:84:e6:
         38:05:03:c4:a0:a6:08:f5:f3:e2:94:20:c6:b5:4b:56:f6:6b:
         04:c1:7b:5f:cf:5b:7d:de:07:4d:9d:b5:8d:e6:59:dc:f7:37:
         bf:42:c7:74:d3:e2:87:5f:82:b6:b0:73:ce:2c:67:a5:96:a3:
         a4:fa:09:25:cd:fd:93:61:7f:eb:88:66:a7:c4:26:39:01:40:
         d6:62:3b:33:01:83:39:79:d6:22:3d:3b:65:29:90:3e:f2:12:
         ce:0f:14:32:f3:de:6c:99:2e:f4:1a:b5:6a:a0:1b:24:d7:6a:
         43:93:67:7d:fa:27:ef:9e:a7:40:8e:d1:82:68:60:4d:5d:4f:
         b2:21:43:c0:da:71:17:98:55:8c:a3:06:5e:70:1b:b6:b8:69:
         9e:91:35:48:3f:1d:cc:57:87:ed:82:d5:50:21:f0:a5:51:38:
         3e:45:83:a7:ba:e5:5d:59:7c:2d:cc:37:87:44:1a:a9:08:58:
         fd:2a:29:d8:56:91:55:da:35:95:e0:0b:d2:7c:f5:ae:80:34:
         5c:d6:f7:88:8e:b3:67:0e:2e:36:73:50:67:60:52:9c:1e:ca:
         c4:a3:a3:2b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAg4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjlGMUQxMTAvBgNVBAUTKENCNUIwMkQwRkM3MzZFMkE3QUIyRDI4OEEwRkMzMzE2
N0E0QkJDRUQwHhcNMjUxMDE5MDQzNDIzWhcNMjUxMDI2MDQzNDIzWjAYMRYwFAYD
VQQDEw02OGY0NmE0Zi1mZTc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuwXdtG4FWyC7x4n8W1wvhCcAesMMCCIF4JOChziGUGtScFpZt45X5CPLCYls
UB1RdQKcxbkgrmFzc2faA0pCQV6SySWJ0m3WzsWTFrGPYY4ZBGYRRsLge6bMz83h
1b8PaemebsOXckrbb11xEFOLxME2nhZK5Ob8mYhFPwWa5zoT8toKDi27ai63i/l7
gA7WOGlMiGucz/XdVpD3S68J8xVR6lvp0rwR2gJta1vOuzt0ecNQWiwMcndfDxxe
mnCMWBdSJlHlh9X/vmIF6F8j/h7vbMjzW85k0YL2nr7c+AMnUoUJ7tqHlrkXJEXG
pMFcmAMgCinvAoJkoxNQ38rlawIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFK/HDxYD
EMrHIFa11EYl1nCBne05MB8GA1UdIwQYMBaAFMtbAtD8c24qerLSiKD8MxZ6S7zt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOUYxRC8yMUNBQkE1Qzg3
NUUxMUVEQkRDNjQ5NDZDNEY5QUUwMi95MXNDMFB4emJpcDZzdEtJb1B3ekZucEx2
TzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3kxc0MwUHh6YmlwNnN0S0lvUHd6Rm5wTHZPMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
OUYxRC8yMUNBQkE1Qzg3NUUxMUVEQkRDNjQ5NDZDNEY5QUUwMi95MXNDMFB4emJp
cDZzdEtJb1B3ekZucEx2TzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAIJUGf2Uyf3OlQRK+7QrncV+YMwSQ6b3629LJkwYXqAZtihOY4BQPE
oKYI9fPilCDGtUtW9msEwXtfz1t93gdNnbWN5lnc9ze/Qsd00+KHX4K2sHPOLGel
lqOk+gklzf2TYX/riGanxCY5AUDWYjszAYM5edYiPTtlKZA+8hLODxQy895smS70
GrVqoBsk12pDk2d9+ifvnqdAjtGCaGBNXU+yIUPA2nEXmFWMowZecBu2uGmekTVI
Px3MV4ftgtVQIfClUTg+RYOnuuVdWXwtzDeHRBqpCFj9KinYVpFV2jWV4AvSfPWu
gDRc1veIjrNnDi42c1BnYFKcHsrEo6Mr
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:49:26 2025 by rpki-client