Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9131359/CA9A34B6662311ED91855D42C4F9AE02/6VdtMs2hm7hvPBYuyf020_0lucE.mft
File:                     6VdtMs2hm7hvPBYuyf020_0lucE.mft (raw, json)
Hash identifier:          IQtFX4/jN0+popGYYQ5LwViNVGkCf5KT4U6VEAZO/VM=
Subject key identifier:   CD:BC:EA:13:1E:56:7C:C4:AF:1A:29:03:BD:9B:68:65:F5:58:EF:F9
Authority key identifier: E9:57:6D:32:CD:A1:9B:B8:6F:3C:16:2E:C9:FD:36:D3:FD:25:B9:C1
Certificate issuer:       /CN=A9131359/serialNumber=E9576D32CDA19BB86F3C162EC9FD36D3FD25B9C1
Certificate serial:       0226
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/6VdtMs2hm7hvPBYuyf020_0lucE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9131359/CA9A34B6662311ED91855D42C4F9AE02/6VdtMs2hm7hvPBYuyf020_0lucE.mft
Manifest number:          0221
Signing time:             Sun 19 Oct 2025 04:17:30 +0000
Manifest this update:     Sun 19 Oct 2025 04:17:29 +0000
Manifest next update:     Sun 26 Oct 2025 04:17:29 +0000
Files and hashes:         1: 6VdtMs2hm7hvPBYuyf020_0lucE.crl (hash: lXgIEd6+ONNgP6m0Q3zqG9d77EIrqd+zG3sBHMcafiM=)
                          2: 01C299E0662611ED94A8DA42C4F9AE02.roa (hash: qDl9A66XUfdxXb2Z9BDWMcaLCM85XHiGpfBrshr3vQY=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9131359/CA9A34B6662311ED91855D42C4F9AE02/6VdtMs2hm7hvPBYuyf020_0lucE.crl
                          rsync://rpki.apnic.net/member_repository/A9131359/CA9A34B6662311ED91855D42C4F9AE02/6VdtMs2hm7hvPBYuyf020_0lucE.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/6VdtMs2hm7hvPBYuyf020_0lucE.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 26 Oct 2025 04:17:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 550 (0x226)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9131359, serialNumber=E9576D32CDA19BB86F3C162EC9FD36D3FD25B9C1
        Validity
            Not Before: Oct 19 04:17:29 2025 GMT
            Not After : Oct 26 04:17:29 2025 GMT
        Subject: CN=68f4665a-7011
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:c0:4b:b1:26:fb:13:bb:2c:8b:5a:63:47:a9:
                    11:77:4a:e6:54:26:35:40:c9:d1:57:9a:1d:bf:b0:
                    db:78:c2:3b:67:21:63:d1:54:fe:21:bf:36:cc:d7:
                    af:fd:b1:ef:ff:0f:5c:49:ce:ee:b2:bf:6b:dc:4f:
                    dc:cd:b6:9a:c5:02:70:c3:c5:d0:ac:84:98:78:9a:
                    56:ae:71:2a:1f:dc:ab:45:ea:5d:21:f6:79:f1:af:
                    10:ba:1e:ca:99:42:da:a4:ff:b8:5c:90:91:4e:20:
                    cc:28:a3:09:7b:19:18:4e:1d:2b:7d:53:b0:91:8c:
                    28:18:0e:63:95:a9:a2:51:a7:43:50:41:c9:0d:ea:
                    76:f9:0a:35:1c:b3:4a:ae:0b:a1:1a:93:d4:61:31:
                    f2:97:00:06:17:3d:e1:7b:ff:c3:26:2d:d3:0b:cd:
                    b7:56:8b:8f:7d:8d:6f:e2:a1:25:fc:c9:38:01:30:
                    8f:f2:7b:6d:db:d1:6a:22:0d:a8:68:1f:c0:42:ad:
                    f8:69:3e:15:20:1b:d2:e1:e5:2d:dc:0c:04:a7:e6:
                    1e:13:fc:57:d6:6c:27:42:11:97:a7:54:8e:3b:4c:
                    d1:77:df:52:9e:5e:47:21:9c:06:fa:e6:a5:f4:b5:
                    55:d1:4a:2a:7d:1a:fb:70:c6:49:fd:1f:d8:f7:22:
                    5c:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:BC:EA:13:1E:56:7C:C4:AF:1A:29:03:BD:9B:68:65:F5:58:EF:F9
            X509v3 Authority Key Identifier:
                keyid:E9:57:6D:32:CD:A1:9B:B8:6F:3C:16:2E:C9:FD:36:D3:FD:25:B9:C1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9131359/CA9A34B6662311ED91855D42C4F9AE02/6VdtMs2hm7hvPBYuyf020_0lucE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/6VdtMs2hm7hvPBYuyf020_0lucE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9131359/CA9A34B6662311ED91855D42C4F9AE02/6VdtMs2hm7hvPBYuyf020_0lucE.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:34:04:e0:07:28:63:78:71:0c:91:b7:60:56:68:a7:da:e9:
         ef:7f:b9:c5:e3:de:5e:69:61:32:a0:f4:69:14:67:66:93:b3:
         1f:d2:2f:ae:71:1e:67:26:8c:5c:8e:ea:60:db:12:6f:70:bc:
         24:00:da:51:1c:15:fa:a0:c8:ca:0e:11:06:86:90:a6:9f:59:
         2d:3e:a7:31:3c:77:8d:20:87:54:91:2b:e7:f9:17:f8:c3:80:
         80:b1:0e:50:e7:e1:cd:24:be:cc:b3:da:30:83:3e:2c:43:d2:
         24:c9:8a:6e:3c:66:90:cd:1d:74:cb:5c:d6:72:24:76:98:db:
         55:23:3a:3f:04:30:50:c3:7b:12:00:cc:9f:b9:48:1c:a8:b7:
         ef:21:19:9c:50:c9:56:ab:c0:64:58:8b:af:c3:df:b1:19:0b:
         cf:03:b9:32:e1:39:30:2e:c3:a4:ac:c3:b1:e7:45:ea:59:ad:
         52:0c:79:a9:d5:2c:7a:73:5b:80:b1:ab:75:ef:b8:c7:64:bc:
         10:0c:32:b4:84:34:27:fd:d9:86:c1:a9:d3:51:a5:8e:49:fb:
         81:37:e5:16:73:5b:2a:1e:68:75:bf:aa:fc:90:01:25:2d:96:
         80:f9:7d:ce:06:b2:92:be:5d:1c:9d:52:ca:cc:45:1c:1f:ab:
         0e:72:96:5f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAiYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzEzNTkxMTAvBgNVBAUTKEU5NTc2RDMyQ0RBMTlCQjg2RjNDMTYyRUM5RkQzNkQz
RkQyNUI5QzEwHhcNMjUxMDE5MDQxNzI5WhcNMjUxMDI2MDQxNzI5WjAYMRYwFAYD
VQQDEw02OGY0NjY1YS03MDExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAp8BLsSb7E7ssi1pjR6kRd0rmVCY1QMnRV5odv7DbeMI7ZyFj0VT+Ib82zNev
/bHv/w9cSc7usr9r3E/czbaaxQJww8XQrISYeJpWrnEqH9yrRepdIfZ58a8Quh7K
mULapP+4XJCRTiDMKKMJexkYTh0rfVOwkYwoGA5jlamiUadDUEHJDep2+Qo1HLNK
rguhGpPUYTHylwAGFz3he//DJi3TC823VouPfY1v4qEl/Mk4ATCP8ntt29FqIg2o
aB/AQq34aT4VIBvS4eUt3AwEp+YeE/xX1mwnQhGXp1SOO0zRd99Snl5HIZwG+ual
9LVV0UoqfRr7cMZJ/R/Y9yJc2QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFM286hMe
VnzErxopA72baGX1WO/5MB8GA1UdIwQYMBaAFOlXbTLNoZu4bzwWLsn9NtP9JbnB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMTM1OS9DQTlBMzRCNjY2
MjMxMUVEOTE4NTVENDJDNEY5QUUwMi82VmR0TXMyaG03aHZQQll1eWYwMjBfMGx1
Y0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLzZWZHRNczJobTdodlBCWXV5ZjAyMF8wbHVjRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
MTM1OS9DQTlBMzRCNjY2MjMxMUVEOTE4NTVENDJDNEY5QUUwMi82VmR0TXMyaG03
aHZQQll1eWYwMjBfMGx1Y0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBYNATgByhjeHEMkbdgVmin2unvf7nF495eaWEyoPRpFGdmk7Mf0i+u
cR5nJoxcjupg2xJvcLwkANpRHBX6oMjKDhEGhpCmn1ktPqcxPHeNIIdUkSvn+Rf4
w4CAsQ5Q5+HNJL7Ms9owgz4sQ9IkyYpuPGaQzR10y1zWciR2mNtVIzo/BDBQw3sS
AMyfuUgcqLfvIRmcUMlWq8BkWIuvw9+xGQvPA7ky4TkwLsOkrMOx50XqWa1SDHmp
1Sx6c1uAsat177jHZLwQDDK0hDQn/dmGwanTUaWOSfuBN+UWc1sqHmh1v6r8kAEl
LZaA+X3OBrKSvl0cnVLKzEUcH6sOcpZf
-----END CERTIFICATE-----
Generated at Tue Oct 21 02:25:36 2025 by rpki-client