Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9144F59/4B958BCE00CB11E8BEB1EF10C4F9AE02/x7Jkc1A4Cmo0404yzv41GZN-l8g.mft
File:                     x7Jkc1A4Cmo0404yzv41GZN-l8g.mft (raw, json)
Hash identifier:          tVzw+QdN4C8IXiNnkIOl9z1L8PvGHLpQVDQ97dcFg4w=
Subject key identifier:   32:FB:D9:2B:C6:DD:98:F1:42:D5:6D:B0:33:2F:8C:AD:2D:D7:E6:CC
Authority key identifier: C7:B2:64:73:50:38:0A:6A:34:E3:4E:32:CE:FE:35:19:93:7E:97:C8
Certificate issuer:       /CN=A9144F59/serialNumber=C7B2647350380A6A34E34E32CEFE3519937E97C8
Certificate serial:       172B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x7Jkc1A4Cmo0404yzv41GZN-l8g.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9144F59/4B958BCE00CB11E8BEB1EF10C4F9AE02/x7Jkc1A4Cmo0404yzv41GZN-l8g.mft
Manifest number:          1703
Signing time:             Mon 20 Oct 2025 17:00:56 +0000
Manifest this update:     Mon 20 Oct 2025 17:00:55 +0000
Manifest next update:     Mon 27 Oct 2025 17:00:55 +0000
Files and hashes:         1: x7Jkc1A4Cmo0404yzv41GZN-l8g.crl (hash: G8MuNsWgeamlHlXjOHRbXSbIgeYGjfxaPNPlXH4g3qQ=)
                          2: CCE4818E514D11EEADBDDC4DC4F9AE02.roa (hash: mHHD4iG0u+Xkwk4pjbL/x0UUJaJ5cYa7RlAiU7ksSOM=)
                          3: 0897E314434811EF8E76757AC4F9AE02.roa (hash: VmGRRamI92gsFHH67DOcSNfpbQCDWa56npBMPnLQFzI=)
                          4: 453489B8BE6311EE90BF9241C4F9AE02.roa (hash: bqFmiv55QKtXboSAyhppicmxMvI2sf59cazaYPcU9EY=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9144F59/4B958BCE00CB11E8BEB1EF10C4F9AE02/x7Jkc1A4Cmo0404yzv41GZN-l8g.crl
                          rsync://rpki.apnic.net/member_repository/A9144F59/4B958BCE00CB11E8BEB1EF10C4F9AE02/x7Jkc1A4Cmo0404yzv41GZN-l8g.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x7Jkc1A4Cmo0404yzv41GZN-l8g.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 27 Oct 2025 17:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5931 (0x172b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9144F59, serialNumber=C7B2647350380A6A34E34E32CEFE3519937E97C8
        Validity
            Not Before: Oct 20 17:00:55 2025 GMT
            Not After : Oct 27 17:00:55 2025 GMT
        Subject: CN=68f66ac7-af78
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:a1:04:8a:02:d7:60:b1:6e:78:3c:3b:48:34:
                    23:3f:bb:c3:9e:93:ff:24:76:25:7e:4e:64:ed:17:
                    97:10:f3:b6:50:e2:c1:17:93:00:c9:46:91:00:65:
                    85:a8:dd:8e:80:fa:fc:e5:a0:79:c3:d7:b9:53:db:
                    32:bd:cf:68:0a:42:bc:97:cc:6b:86:46:54:dd:3a:
                    9f:12:86:b0:24:74:5c:49:f9:ed:1e:43:12:21:04:
                    d8:72:2b:77:e9:a3:23:62:10:60:08:e6:dd:fa:c3:
                    74:82:09:d1:59:51:c1:ae:f4:63:6c:16:c0:31:62:
                    59:07:88:b7:eb:a0:49:1b:3f:27:37:d8:ea:47:3d:
                    e2:c0:a2:ec:9b:e9:f8:f7:84:19:0a:87:23:d9:b9:
                    e3:ef:0b:6f:56:56:e3:7a:73:ff:77:4c:9d:d1:26:
                    cc:43:11:58:3c:3e:3b:2a:98:e8:4f:5b:a6:15:6c:
                    9c:b9:c9:d9:f5:15:ec:07:4e:49:4b:da:92:0b:ad:
                    47:37:79:2b:17:95:46:e4:9c:58:e2:cb:e2:56:07:
                    5a:ab:db:bd:77:a4:91:df:ac:19:f7:17:3e:e6:02:
                    e6:9a:b0:fe:0a:ed:2c:cf:f7:e7:2b:d6:18:0a:d7:
                    47:f5:8a:71:2a:24:fa:6c:f6:b3:81:6a:56:aa:37:
                    1c:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:FB:D9:2B:C6:DD:98:F1:42:D5:6D:B0:33:2F:8C:AD:2D:D7:E6:CC
            X509v3 Authority Key Identifier:
                keyid:C7:B2:64:73:50:38:0A:6A:34:E3:4E:32:CE:FE:35:19:93:7E:97:C8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9144F59/4B958BCE00CB11E8BEB1EF10C4F9AE02/x7Jkc1A4Cmo0404yzv41GZN-l8g.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x7Jkc1A4Cmo0404yzv41GZN-l8g.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9144F59/4B958BCE00CB11E8BEB1EF10C4F9AE02/x7Jkc1A4Cmo0404yzv41GZN-l8g.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:7e:0c:7b:8a:ce:c4:96:1c:2f:a6:61:ba:88:26:6f:81:97:
         77:a5:3f:77:eb:e8:82:62:57:7e:bd:d0:b8:4e:93:ae:c1:4d:
         92:a9:02:0c:44:30:0d:32:03:8b:da:0c:98:dc:c5:de:62:0f:
         b5:e6:b8:1c:4d:9a:ce:88:05:04:5c:d7:26:06:72:91:e7:b8:
         c5:10:b2:94:2f:72:39:b5:21:46:92:fa:bb:f3:3f:9f:c9:e0:
         79:4c:66:2b:0a:81:cc:e4:9b:64:32:01:45:94:0c:a8:e7:05:
         3d:bd:f7:a0:c0:7f:33:14:3d:d2:36:ab:9d:45:c5:24:f1:21:
         a4:88:9b:3f:d8:67:69:ae:39:f6:8b:09:e7:a3:23:5f:de:2e:
         55:c6:d8:4a:2d:6c:5c:0f:95:9d:44:07:ec:84:bd:e2:39:8e:
         c9:db:00:7e:62:b0:c7:1a:6e:e0:61:07:db:16:01:87:ab:ce:
         5c:00:d2:79:de:48:be:b9:77:a5:f1:35:20:dc:7e:f6:88:63:
         be:8d:2e:db:a7:53:5e:ec:67:df:45:bb:a0:d2:8b:0b:1e:fd:
         5c:8a:f7:76:01:09:97:0d:72:d9:cf:0f:48:0d:a7:46:18:a2:
         29:f4:e4:40:02:93:2c:b1:2c:1c:b2:ff:69:e8:ee:52:6d:75:
         da:07:d5:7e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICFyswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDRGNTkxMTAvBgNVBAUTKEM3QjI2NDczNTAzODBBNkEzNEUzNEUzMkNFRkUzNTE5
OTM3RTk3QzgwHhcNMjUxMDIwMTcwMDU1WhcNMjUxMDI3MTcwMDU1WjAYMRYwFAYD
VQQDEw02OGY2NmFjNy1hZjc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmqEEigLXYLFueDw7SDQjP7vDnpP/JHYlfk5k7ReXEPO2UOLBF5MAyUaRAGWF
qN2OgPr85aB5w9e5U9syvc9oCkK8l8xrhkZU3TqfEoawJHRcSfntHkMSIQTYcit3
6aMjYhBgCObd+sN0ggnRWVHBrvRjbBbAMWJZB4i366BJGz8nN9jqRz3iwKLsm+n4
94QZCocj2bnj7wtvVlbjenP/d0yd0SbMQxFYPD47KpjoT1umFWycucnZ9RXsB05J
S9qSC61HN3krF5VG5JxY4sviVgdaq9u9d6SR36wZ9xc+5gLmmrD+Cu0sz/fnK9YY
CtdH9YpxKiT6bPazgWpWqjccpwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDL72SvG
3ZjxQtVtsDMvjK0t1+bMMB8GA1UdIwQYMBaAFMeyZHNQOApqNONOMs7+NRmTfpfI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NEY1OS80Qjk1OEJDRTAw
Q0IxMUU4QkVCMUVGMTBDNEY5QUUwMi94N0prYzFBNENtbzA0MDR5enY0MUdaTi1s
OGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3g3SmtjMUE0Q21vMDQwNHl6djQxR1pOLWw4Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
NEY1OS80Qjk1OEJDRTAwQ0IxMUU4QkVCMUVGMTBDNEY5QUUwMi94N0prYzFBNENt
bzA0MDR5enY0MUdaTi1sOGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQB+fgx7is7ElhwvpmG6iCZvgZd3pT936+iCYld+vdC4TpOuwU2SqQIM
RDANMgOL2gyY3MXeYg+15rgcTZrOiAUEXNcmBnKR57jFELKUL3I5tSFGkvq78z+f
yeB5TGYrCoHM5JtkMgFFlAyo5wU9vfegwH8zFD3SNqudRcUk8SGkiJs/2Gdprjn2
iwnnoyNf3i5VxthKLWxcD5WdRAfshL3iOY7J2wB+YrDHGm7gYQfbFgGHq85cANJ5
3ki+uXel8TUg3H72iGO+jS7bp1Ne7GffRbug0osLHv1civd2AQmXDXLZzw9IDadG
GKIp9ORAApMssSwcsv9p6O5SbXXaB9V+
-----END CERTIFICATE-----
Generated at Tue Oct 21 03:10:14 2025 by rpki-client