Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A914BC7A/4C528F78450311E2BDCA1F732979BB20/UxLzmab36w3c1RwDn4P3t6R6Xwk.mft
File:                     UxLzmab36w3c1RwDn4P3t6R6Xwk.mft (raw, json)
Hash identifier:          H4+puLSVWFur2mLuR7cMkf5d755OIqHq7L9GS2ATCuQ=
Subject key identifier:   7D:87:E4:3F:CB:49:09:CB:79:B7:E8:31:69:BE:6F:A5:77:9E:80:47
Authority key identifier: 53:12:F3:99:A6:F7:EB:0D:DC:D5:1C:03:9F:83:F7:B7:A4:7A:5F:09
Certificate issuer:       /CN=A914BC7A/serialNumber=5312F399A6F7EB0DDCD51C039F83F7B7A47A5F09
Certificate serial:       359D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UxLzmab36w3c1RwDn4P3t6R6Xwk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A914BC7A/4C528F78450311E2BDCA1F732979BB20/UxLzmab36w3c1RwDn4P3t6R6Xwk.mft
Manifest number:          3507
Signing time:             Sat 18 Oct 2025 15:31:24 +0000
Manifest this update:     Sat 18 Oct 2025 15:31:23 +0000
Manifest next update:     Sat 25 Oct 2025 15:31:23 +0000
Files and hashes:         1: UxLzmab36w3c1RwDn4P3t6R6Xwk.crl (hash: AMs7CAQG/na4w1Il2fW9w5mX/ahXM63yJh5MSLlb+1s=)
                          2: E48E2E94017211EBA18CC269C4F9AE02.roa (hash: ICLuCqdPid1RG8G/uczcAZrYY/Vhg9vDB0Y4ZuWrsgg=)
                          3: 95B5C59E2DCE11EEB652B16FC4F9AE02.roa (hash: esENVVA6EiNHoh8zYMrrGIlsPVgfxlInP1Q1Dqp1TX0=)
                          4: EB3FE1C61B6411ECAAB1D328C4F9AE02.roa (hash: vlPdQwiOxGdbOdhmlbrhpezVJ256bDBMeryFLzti+9k=)
                          5: 7350B2AE2BB011EEBF8C0962C4F9AE02.roa (hash: t0X2DtahA6cVGvL8LAxWIioK5JV3S/HBQuQOiXYnF58=)
                          6: 03C522BA8CF211ED8699F014C4F9AE02.roa (hash: osXWx1pbxHv+AmHj+bmzgWhkOOzEZkepu7gweinGAO4=)
                          7: E367308E8D8811EDB3C13D6CC4F9AE02.roa (hash: pxP+7JsX1QXgZ6389EUW7Rq0A265BP9eId8bGB02ABI=)
                          8: E474AF108D8811EDB3C13D6CC4F9AE02.roa (hash: hzE638zELYjKoWqOncVd2PWwcT0doUZBbmbjdlD3Egk=)
                          9: 8D6973CE77C311EE90D4BD46C4F9AE02.roa (hash: 3Qq37sSxACv5Ldn7kCrtNWP8w5ga3g9Ur/m7mESYzt4=)
                          10: 56C4FAF42D4511EAB70F247AC4F9AE02.roa (hash: 5OfOPHDKno3z0OXXcGhOFxPs0axjwDkS/h/HmudH3qQ=)
                          11: EF1D0466455311E98FA31F68C4F9AE02.roa (hash: OqgL79PVwss/L9YJSqF29Xvq2wNOU6UYyi3JyoLgqms=)
                          12: C2F17AB22DCE11EEA2884670C4F9AE02.roa (hash: V1fSCsWS5cdJM7voSc5ZTQaks8azUpLSc/ONX61tIJU=)
                          13: 2F20ECAE554211EF82D40732C4F9AE02.roa (hash: e6hwM0dYbBNpOl3iexa5a16uqfeIZ/QyfHI0cTq8Oq8=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A914BC7A/4C528F78450311E2BDCA1F732979BB20/UxLzmab36w3c1RwDn4P3t6R6Xwk.crl
                          rsync://rpki.apnic.net/member_repository/A914BC7A/4C528F78450311E2BDCA1F732979BB20/UxLzmab36w3c1RwDn4P3t6R6Xwk.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UxLzmab36w3c1RwDn4P3t6R6Xwk.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 25 Oct 2025 15:31:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13725 (0x359d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A914BC7A, serialNumber=5312F399A6F7EB0DDCD51C039F83F7B7A47A5F09
        Validity
            Not Before: Oct 18 15:31:23 2025 GMT
            Not After : Oct 25 15:31:23 2025 GMT
        Subject: CN=68f3b2cc-f1a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:87:cb:bf:16:44:e4:5f:42:c0:20:48:75:5d:
                    bb:2a:ef:e0:2a:37:76:be:c6:75:d1:0b:13:fb:b6:
                    c9:94:a0:1f:b9:e3:06:05:f0:28:30:16:9f:fd:36:
                    da:3b:f6:70:57:30:67:c9:68:49:72:6c:32:aa:62:
                    73:d9:9c:51:dd:68:3d:b4:f6:79:3e:c3:a5:7b:02:
                    c7:b9:cb:a3:f7:42:56:62:3d:65:a8:db:d5:47:f4:
                    17:cf:a4:6e:51:e9:99:df:50:b4:36:e6:19:80:6e:
                    41:96:d8:39:0c:68:b5:03:1b:03:ad:34:54:8a:b6:
                    27:85:86:57:4e:8b:b7:3a:97:b2:c0:a5:79:57:9c:
                    4a:a8:06:0d:71:f1:27:b1:95:84:3c:08:ee:d2:b0:
                    5d:3f:7a:26:c1:dc:8a:a0:be:cb:c4:08:f8:85:d8:
                    2f:6d:20:ab:85:8e:6f:37:51:38:14:9b:17:16:66:
                    15:e2:c9:e3:45:5e:a2:c9:61:5f:b1:4a:84:73:70:
                    22:b8:f1:f2:04:c0:98:72:9e:da:96:d6:29:19:f7:
                    06:0b:f3:48:6b:cd:45:5a:cf:73:99:55:08:10:22:
                    d4:97:c9:72:71:57:4f:e0:cc:a4:ee:d9:d4:3a:ae:
                    bc:e8:8f:7b:51:a7:a8:c4:cd:5f:f3:6d:8b:03:dc:
                    69:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:87:E4:3F:CB:49:09:CB:79:B7:E8:31:69:BE:6F:A5:77:9E:80:47
            X509v3 Authority Key Identifier:
                keyid:53:12:F3:99:A6:F7:EB:0D:DC:D5:1C:03:9F:83:F7:B7:A4:7A:5F:09

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A914BC7A/4C528F78450311E2BDCA1F732979BB20/UxLzmab36w3c1RwDn4P3t6R6Xwk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UxLzmab36w3c1RwDn4P3t6R6Xwk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914BC7A/4C528F78450311E2BDCA1F732979BB20/UxLzmab36w3c1RwDn4P3t6R6Xwk.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:0e:d7:41:1d:eb:08:5f:f7:1a:51:38:b0:28:80:e9:0b:0b:
         cb:e6:0d:c6:40:fc:e6:97:bd:ee:8c:90:b8:71:cc:37:7c:82:
         81:a5:32:ae:8f:b1:04:94:3f:58:08:ad:7c:b4:72:a0:62:d6:
         41:d4:7c:48:86:72:cc:58:67:48:f4:16:d9:f3:13:17:3b:ab:
         f4:ae:45:4a:f8:06:af:51:e0:12:61:c6:56:0a:91:bd:b8:99:
         7d:22:19:5b:be:f2:fd:4b:32:46:bb:b6:32:c1:ec:91:f2:08:
         bc:12:b6:49:9f:98:b1:46:2c:16:a1:d0:66:16:32:3e:b5:a7:
         be:39:7b:ba:ca:65:4e:20:56:48:7d:c8:4c:13:61:37:62:58:
         8c:75:ac:3b:9a:43:e8:90:90:7c:68:d4:63:c7:f6:02:31:a8:
         b5:9c:a7:95:8e:92:9e:2f:a9:ed:73:44:35:e8:4c:f5:b7:5a:
         1b:b8:e3:05:b3:32:53:0b:31:a7:5b:1b:87:ec:13:ba:2b:ff:
         31:ce:b6:ca:81:e5:17:89:7e:65:57:99:fd:16:b7:79:c8:22:
         cf:de:d2:1e:54:bc:69:98:00:1f:d9:6c:51:b2:cd:e6:ca:a6:
         01:97:a0:31:86:09:cc:58:b3:ea:79:03:8d:37:d5:8c:97:c3:
         7e:42:b0:20
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICNZ0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEJDN0ExMTAvBgNVBAUTKDUzMTJGMzk5QTZGN0VCMEREQ0Q1MUMwMzlGODNGN0I3
QTQ3QTVGMDkwHhcNMjUxMDE4MTUzMTIzWhcNMjUxMDI1MTUzMTIzWjAYMRYwFAYD
VQQDEw02OGYzYjJjYy1mMWExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwYfLvxZE5F9CwCBIdV27Ku/gKjd2vsZ10QsT+7bJlKAfueMGBfAoMBaf/Tba
O/ZwVzBnyWhJcmwyqmJz2ZxR3Wg9tPZ5PsOlewLHucuj90JWYj1lqNvVR/QXz6Ru
UemZ31C0NuYZgG5Bltg5DGi1AxsDrTRUirYnhYZXTou3OpeywKV5V5xKqAYNcfEn
sZWEPAju0rBdP3omwdyKoL7LxAj4hdgvbSCrhY5vN1E4FJsXFmYV4snjRV6iyWFf
sUqEc3AiuPHyBMCYcp7altYpGfcGC/NIa81FWs9zmVUIECLUl8lycVdP4Myk7tnU
Oq686I97UaeoxM1f822LA9xpFQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFH2H5D/L
SQnLebfoMWm+b6V3noBHMB8GA1UdIwQYMBaAFFMS85mm9+sN3NUcA5+D97ekel8J
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QkM3QS80QzUyOEY3ODQ1
MDMxMUUyQkRDQTFGNzMyOTc5QkIyMC9VeEx6bWFiMzZ3M2MxUndEbjRQM3Q2UjZY
d2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1V4THptYWIzNnczYzFSd0RuNFAzdDZSNlh3ay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
QkM3QS80QzUyOEY3ODQ1MDMxMUUyQkRDQTFGNzMyOTc5QkIyMC9VeEx6bWFiMzZ3
M2MxUndEbjRQM3Q2UjZYd2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQA+DtdBHesIX/caUTiwKIDpCwvL5g3GQPzml73ujJC4ccw3fIKBpTKu
j7EElD9YCK18tHKgYtZB1HxIhnLMWGdI9BbZ8xMXO6v0rkVK+AavUeASYcZWCpG9
uJl9IhlbvvL9SzJGu7YyweyR8gi8ErZJn5ixRiwWodBmFjI+tae+OXu6ymVOIFZI
fchME2E3YliMdaw7mkPokJB8aNRjx/YCMai1nKeVjpKeL6ntc0Q16Ez1t1obuOMF
szJTCzGnWxuH7BO6K/8xzrbKgeUXiX5lV5n9Frd5yCLP3tIeVLxpmAAf2WxRss3m
yqYBl6AxhgnMWLPqeQONN9WMl8N+QrAg
-----END CERTIFICATE-----
Generated at Mon Oct 20 16:14:55 2025 by rpki-client