Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A912C8AF/197FF7A2B40911EF94E6745DC4F9AE02/hA_W9-iR44BKfbMJ0EzoXBr3htE.mft
File:                     hA_W9-iR44BKfbMJ0EzoXBr3htE.mft (raw, json)
Hash identifier:          iA9LGhF4XsLM69yJwpFA2ASpHCPb8qUUODi5iUnYfAY=
Subject key identifier:   09:CF:8E:B2:87:2F:2A:5F:87:98:F8:2A:E4:24:1B:45:81:C7:FA:66
Authority key identifier: 84:0F:D6:F7:E8:91:E3:80:4A:7D:B3:09:D0:4C:E8:5C:1A:F7:86:D1
Certificate issuer:       /CN=A912C8AF/serialNumber=840FD6F7E891E3804A7DB309D04CE85C1AF786D1
Certificate serial:       B0
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hA_W9-iR44BKfbMJ0EzoXBr3htE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A912C8AF/197FF7A2B40911EF94E6745DC4F9AE02/hA_W9-iR44BKfbMJ0EzoXBr3htE.mft
Manifest number:          AC
Signing time:             Sat 18 Oct 2025 20:25:10 +0000
Manifest this update:     Sat 18 Oct 2025 20:25:10 +0000
Manifest next update:     Sat 25 Oct 2025 20:25:10 +0000
Files and hashes:         1: hA_W9-iR44BKfbMJ0EzoXBr3htE.crl (hash: k+vjUhJggejhmWoDt6WbHs84neP+b0sB2vLUvvpYJgU=)
                          2: 7B73A414A81311F0A69E5E49C4F9AE02.roa (hash: vf/Qz1zNWab4GZKpZSQw8SUPGRrLV9FUb2vcsaGOSLY=)
                          3: FD4056EC7CC411F0BAFA214CC4F9AE02.roa (hash: 0lZOVOfd15vpeG++w5mAWXS/YLQjKe0BETzMm0Ic6h8=)
                          4: 245F176CA81311F0A8A82B85C4F9AE02.roa (hash: ebzMyTtJaZgd5qEdDD8H3gUyuweRz4YwhdGqKlk2YpI=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A912C8AF/197FF7A2B40911EF94E6745DC4F9AE02/hA_W9-iR44BKfbMJ0EzoXBr3htE.crl
                          rsync://rpki.apnic.net/member_repository/A912C8AF/197FF7A2B40911EF94E6745DC4F9AE02/hA_W9-iR44BKfbMJ0EzoXBr3htE.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hA_W9-iR44BKfbMJ0EzoXBr3htE.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 25 Oct 2025 20:25:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 176 (0xb0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A912C8AF, serialNumber=840FD6F7E891E3804A7DB309D04CE85C1AF786D1
        Validity
            Not Before: Oct 18 20:25:10 2025 GMT
            Not After : Oct 25 20:25:10 2025 GMT
        Subject: CN=68f3f7a6-9cb7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:cd:7c:a8:d4:a6:14:8a:30:be:d6:67:05:f2:
                    69:80:47:cc:20:37:0a:29:4b:d7:f9:5a:f6:8b:51:
                    dd:c9:8a:f9:62:4d:a7:68:e1:d4:e4:65:8f:5b:41:
                    d7:ba:dc:98:75:2a:5e:0f:52:d4:72:0a:b8:56:33:
                    ef:bb:39:bf:3e:2f:8c:16:90:fd:85:c9:b7:d4:30:
                    ce:2c:9c:d8:47:d0:f2:1c:ad:a8:9f:bd:a9:ff:86:
                    0f:59:68:68:47:21:2f:e0:aa:36:4d:da:1c:43:e6:
                    cd:8a:29:fb:ae:48:ed:25:d6:74:23:f9:e1:fe:c1:
                    10:d5:f7:98:17:4a:10:c6:7b:01:fc:7b:b8:68:31:
                    a3:3b:58:32:09:13:2b:aa:4d:b9:7e:71:27:f0:bd:
                    74:74:09:7e:68:ea:8a:9d:32:ee:24:a6:98:74:55:
                    44:a9:35:99:2a:65:ea:85:2f:bf:6f:77:78:c6:cd:
                    59:c7:d7:d1:54:6a:f5:68:45:11:66:95:cc:fe:14:
                    b4:a0:41:75:cf:ec:ef:58:0e:e8:bf:8e:9b:fd:a9:
                    48:9f:52:20:24:ca:d8:ea:8d:5a:30:0a:61:78:0d:
                    6a:e7:8d:b4:5c:eb:b2:b4:df:b6:ad:44:ec:85:31:
                    93:c3:9f:2c:47:bc:94:b2:d4:aa:87:b7:17:f2:8b:
                    a8:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:CF:8E:B2:87:2F:2A:5F:87:98:F8:2A:E4:24:1B:45:81:C7:FA:66
            X509v3 Authority Key Identifier:
                keyid:84:0F:D6:F7:E8:91:E3:80:4A:7D:B3:09:D0:4C:E8:5C:1A:F7:86:D1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A912C8AF/197FF7A2B40911EF94E6745DC4F9AE02/hA_W9-iR44BKfbMJ0EzoXBr3htE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hA_W9-iR44BKfbMJ0EzoXBr3htE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912C8AF/197FF7A2B40911EF94E6745DC4F9AE02/hA_W9-iR44BKfbMJ0EzoXBr3htE.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:d8:16:f6:19:82:03:71:34:8d:c2:c9:de:49:c8:22:62:a3:
         5f:3c:23:47:f1:ae:ef:72:be:17:59:fb:fa:17:d1:9d:13:8c:
         d8:e8:81:2e:0e:5b:32:aa:49:6f:41:39:a4:6f:e1:68:4c:2e:
         79:a6:c8:48:47:3e:b2:22:89:77:cf:d7:a8:77:31:59:18:09:
         f2:b1:a1:bf:fc:4a:0c:6a:3e:5a:e7:9b:1d:2c:97:d4:a7:bd:
         cf:44:ed:f6:3c:e0:01:5f:ef:97:9b:6e:be:68:ab:41:32:5d:
         54:61:49:98:31:2a:bd:40:d3:0e:d3:3b:f2:ff:99:c7:89:1e:
         b4:72:d7:8f:a0:96:11:fd:10:09:5c:c4:9d:13:b1:8c:29:ee:
         44:98:23:00:84:ee:9f:96:64:a9:b5:3c:5c:af:9a:74:c6:fc:
         a0:65:9a:30:4d:36:35:52:0f:4d:93:d4:51:d7:fb:db:61:e7:
         18:0b:95:13:5d:89:72:c0:d1:5c:ab:b4:63:81:eb:7a:c4:c6:
         d9:09:5d:a0:72:0d:54:c9:8b:07:ce:79:80:a6:c7:41:f2:ab:
         43:ee:34:99:5a:dc:0e:0c:df:aa:dc:26:00:b5:a9:29:52:db:
         e3:05:72:0b:d8:ec:91:df:e0:5e:4f:62:58:0c:3c:b9:3e:04:
         bb:39:aa:3d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICALAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkM4QUYxMTAvBgNVBAUTKDg0MEZENkY3RTg5MUUzODA0QTdEQjMwOUQwNENFODVD
MUFGNzg2RDEwHhcNMjUxMDE4MjAyNTEwWhcNMjUxMDI1MjAyNTEwWjAYMRYwFAYD
VQQDEw02OGYzZjdhNi05Y2I3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyc18qNSmFIowvtZnBfJpgEfMIDcKKUvX+Vr2i1HdyYr5Yk2naOHU5GWPW0HX
utyYdSpeD1LUcgq4VjPvuzm/Pi+MFpD9hcm31DDOLJzYR9DyHK2on72p/4YPWWho
RyEv4Ko2TdocQ+bNiin7rkjtJdZ0I/nh/sEQ1feYF0oQxnsB/Hu4aDGjO1gyCRMr
qk25fnEn8L10dAl+aOqKnTLuJKaYdFVEqTWZKmXqhS+/b3d4xs1Zx9fRVGr1aEUR
ZpXM/hS0oEF1z+zvWA7ov46b/alIn1IgJMrY6o1aMApheA1q5420XOuytN+2rUTs
hTGTw58sR7yUstSqh7cX8ouogQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAnPjrKH
Lypfh5j4KuQkG0WBx/pmMB8GA1UdIwQYMBaAFIQP1vfokeOASn2zCdBM6Fwa94bR
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQzhBRi8xOTdGRjdBMkI0
MDkxMUVGOTRFNjc0NURDNEY5QUUwMi9oQV9XOS1pUjQ0QktmYk1KMEV6b1hCcjNo
dEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2hBX1c5LWlSNDRCS2ZiTUowRXpvWEJyM2h0RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
QzhBRi8xOTdGRjdBMkI0MDkxMUVGOTRFNjc0NURDNEY5QUUwMi9oQV9XOS1pUjQ0
QktmYk1KMEV6b1hCcjNodEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCi2Bb2GYIDcTSNwsneScgiYqNfPCNH8a7vcr4XWfv6F9GdE4zY6IEu
DlsyqklvQTmkb+FoTC55pshIRz6yIol3z9eodzFZGAnysaG//EoMaj5a55sdLJfU
p73PRO32POABX++Xm26+aKtBMl1UYUmYMSq9QNMO0zvy/5nHiR60ctePoJYR/RAJ
XMSdE7GMKe5EmCMAhO6flmSptTxcr5p0xvygZZowTTY1Ug9Nk9RR1/vbYecYC5UT
XYlywNFcq7Rjget6xMbZCV2gcg1UyYsHznmApsdB8qtD7jSZWtwODN+q3CYAtakp
UtvjBXIL2OyR3+BeT2JYDDy5PgS7Oao9
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:43:13 2025 by rpki-client