Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A914BC7A/4C528F78450311E2BDCA1F732979BB20/UxLzmab36w3c1RwDn4P3t6R6Xwk.mft
File:                     UxLzmab36w3c1RwDn4P3t6R6Xwk.mft (raw, json)
Hash identifier:          JFCYR4ipBp/tIX8hR1X+xFWorBhqXSu4CXJHzJZ/HhU=
Subject key identifier:   60:C1:D4:E8:D0:88:66:31:F4:F0:0D:DA:8C:CB:83:7F:37:2F:49:94
Authority key identifier: 53:12:F3:99:A6:F7:EB:0D:DC:D5:1C:03:9F:83:F7:B7:A4:7A:5F:09
Certificate issuer:       /CN=A914BC7A/serialNumber=5312F399A6F7EB0DDCD51C039F83F7B7A47A5F09
Certificate serial:       359E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UxLzmab36w3c1RwDn4P3t6R6Xwk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A914BC7A/4C528F78450311E2BDCA1F732979BB20/UxLzmab36w3c1RwDn4P3t6R6Xwk.mft
Manifest number:          3508
Signing time:             Mon 20 Oct 2025 15:29:06 +0000
Manifest this update:     Mon 20 Oct 2025 15:29:06 +0000
Manifest next update:     Mon 27 Oct 2025 15:29:06 +0000
Files and hashes:         1: UxLzmab36w3c1RwDn4P3t6R6Xwk.crl (hash: lCLkjbhki6Weg5SB724F29s62VF9qTo2cqqnKeXANrg=)
                          2: E48E2E94017211EBA18CC269C4F9AE02.roa (hash: ICLuCqdPid1RG8G/uczcAZrYY/Vhg9vDB0Y4ZuWrsgg=)
                          3: 95B5C59E2DCE11EEB652B16FC4F9AE02.roa (hash: esENVVA6EiNHoh8zYMrrGIlsPVgfxlInP1Q1Dqp1TX0=)
                          4: EB3FE1C61B6411ECAAB1D328C4F9AE02.roa (hash: vlPdQwiOxGdbOdhmlbrhpezVJ256bDBMeryFLzti+9k=)
                          5: 7350B2AE2BB011EEBF8C0962C4F9AE02.roa (hash: t0X2DtahA6cVGvL8LAxWIioK5JV3S/HBQuQOiXYnF58=)
                          6: 03C522BA8CF211ED8699F014C4F9AE02.roa (hash: osXWx1pbxHv+AmHj+bmzgWhkOOzEZkepu7gweinGAO4=)
                          7: E367308E8D8811EDB3C13D6CC4F9AE02.roa (hash: pxP+7JsX1QXgZ6389EUW7Rq0A265BP9eId8bGB02ABI=)
                          8: E474AF108D8811EDB3C13D6CC4F9AE02.roa (hash: hzE638zELYjKoWqOncVd2PWwcT0doUZBbmbjdlD3Egk=)
                          9: 8D6973CE77C311EE90D4BD46C4F9AE02.roa (hash: 3Qq37sSxACv5Ldn7kCrtNWP8w5ga3g9Ur/m7mESYzt4=)
                          10: 56C4FAF42D4511EAB70F247AC4F9AE02.roa (hash: 5OfOPHDKno3z0OXXcGhOFxPs0axjwDkS/h/HmudH3qQ=)
                          11: EF1D0466455311E98FA31F68C4F9AE02.roa (hash: OqgL79PVwss/L9YJSqF29Xvq2wNOU6UYyi3JyoLgqms=)
                          12: C2F17AB22DCE11EEA2884670C4F9AE02.roa (hash: V1fSCsWS5cdJM7voSc5ZTQaks8azUpLSc/ONX61tIJU=)
                          13: 2F20ECAE554211EF82D40732C4F9AE02.roa (hash: e6hwM0dYbBNpOl3iexa5a16uqfeIZ/QyfHI0cTq8Oq8=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A914BC7A/4C528F78450311E2BDCA1F732979BB20/UxLzmab36w3c1RwDn4P3t6R6Xwk.crl
                          rsync://rpki.apnic.net/member_repository/A914BC7A/4C528F78450311E2BDCA1F732979BB20/UxLzmab36w3c1RwDn4P3t6R6Xwk.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UxLzmab36w3c1RwDn4P3t6R6Xwk.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 27 Oct 2025 15:29:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13726 (0x359e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A914BC7A, serialNumber=5312F399A6F7EB0DDCD51C039F83F7B7A47A5F09
        Validity
            Not Before: Oct 20 15:29:06 2025 GMT
            Not After : Oct 27 15:29:06 2025 GMT
        Subject: CN=68f65542-35c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:a3:f9:ad:72:b4:ea:a0:d0:aa:65:50:35:aa:
                    79:67:af:69:7b:44:cc:b2:99:2c:76:7e:d0:e8:4b:
                    9c:11:e7:0e:91:ae:bd:52:8e:5d:6c:ed:e4:7d:19:
                    a6:b2:cd:d1:92:8b:f0:c2:43:c7:c0:47:8e:75:78:
                    d5:67:5d:bb:84:9e:88:1c:31:c1:57:61:85:7c:1c:
                    b8:6e:62:b9:b5:4d:4a:30:11:7e:33:d3:b3:c6:c5:
                    10:37:cd:16:85:3b:16:35:dd:cc:65:3c:3c:76:82:
                    64:99:21:b0:7d:ce:f5:1d:b9:68:29:cf:9e:0f:a0:
                    bf:e5:86:48:b8:6f:9d:ec:40:98:f6:6f:1e:1e:c4:
                    2b:c8:62:23:99:0f:65:99:0d:d7:fe:04:60:fa:d0:
                    d3:44:a1:74:be:ac:d0:c9:f0:11:63:a0:b3:16:af:
                    ff:cb:c5:c5:58:a6:39:a4:ac:f6:cd:92:54:9d:e4:
                    97:05:4e:00:fc:6b:02:b8:fb:3e:44:f2:49:20:4b:
                    52:b9:24:9e:8b:a0:2f:18:2d:18:b2:04:d7:01:27:
                    f3:a7:84:25:f7:fe:e1:60:79:cb:e3:91:cf:ab:d8:
                    62:61:64:42:a2:d2:e0:f8:d8:22:74:02:60:ff:18:
                    64:c7:a5:0c:e1:a7:f4:87:4a:98:33:ce:27:cf:9d:
                    31:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:C1:D4:E8:D0:88:66:31:F4:F0:0D:DA:8C:CB:83:7F:37:2F:49:94
            X509v3 Authority Key Identifier:
                keyid:53:12:F3:99:A6:F7:EB:0D:DC:D5:1C:03:9F:83:F7:B7:A4:7A:5F:09

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A914BC7A/4C528F78450311E2BDCA1F732979BB20/UxLzmab36w3c1RwDn4P3t6R6Xwk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UxLzmab36w3c1RwDn4P3t6R6Xwk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914BC7A/4C528F78450311E2BDCA1F732979BB20/UxLzmab36w3c1RwDn4P3t6R6Xwk.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:c3:e1:94:7e:cc:07:27:cb:dd:d3:8f:be:95:48:cc:b6:21:
         c9:72:fa:b1:2b:a3:a3:e6:8a:83:85:3a:21:30:9f:7b:26:cd:
         35:bc:2f:1a:82:06:48:ad:0a:d6:29:22:f4:53:69:7e:99:9a:
         b6:c5:be:cc:46:8a:3c:b5:2f:ac:63:a4:86:9c:34:41:56:89:
         5e:ff:6d:37:3c:d0:85:a9:f3:a5:89:f0:52:a2:30:5a:99:dd:
         ce:5d:12:fd:40:70:13:bc:ca:b0:e1:54:45:cf:8f:73:69:c9:
         50:ad:b7:b4:66:12:55:63:4b:18:5a:47:8f:12:58:e3:bf:d2:
         b1:e1:f0:dc:cb:0f:57:51:ec:10:4a:0c:7a:2f:3b:f4:27:76:
         ec:9d:fa:9a:2c:d9:32:af:97:b2:45:3a:91:8a:50:45:5f:9a:
         b7:2b:d1:bb:cc:af:dd:db:3a:b9:dc:bd:52:0e:e4:14:1b:e8:
         e3:6b:41:26:b9:73:16:02:1b:da:2e:7d:c5:83:65:3a:09:fa:
         45:c7:5d:33:26:97:47:db:51:b2:80:c6:d1:ca:7c:e1:dc:df:
         07:1e:aa:29:fd:ce:04:bb:79:46:6f:a2:7e:64:d2:ed:21:8f:
         22:91:74:03:ce:a5:40:eb:76:f3:5a:a9:e8:41:2d:f2:6a:ec:
         e1:7a:bf:5c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICNZ4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEJDN0ExMTAvBgNVBAUTKDUzMTJGMzk5QTZGN0VCMEREQ0Q1MUMwMzlGODNGN0I3
QTQ3QTVGMDkwHhcNMjUxMDIwMTUyOTA2WhcNMjUxMDI3MTUyOTA2WjAYMRYwFAYD
VQQDEw02OGY2NTU0Mi0zNWM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz6P5rXK06qDQqmVQNap5Z69pe0TMspksdn7Q6EucEecOka69Uo5dbO3kfRmm
ss3RkovwwkPHwEeOdXjVZ127hJ6IHDHBV2GFfBy4bmK5tU1KMBF+M9OzxsUQN80W
hTsWNd3MZTw8doJkmSGwfc71HbloKc+eD6C/5YZIuG+d7ECY9m8eHsQryGIjmQ9l
mQ3X/gRg+tDTRKF0vqzQyfARY6CzFq//y8XFWKY5pKz2zZJUneSXBU4A/GsCuPs+
RPJJIEtSuSSei6AvGC0YsgTXASfzp4Ql9/7hYHnL45HPq9hiYWRCotLg+NgidAJg
/xhkx6UM4af0h0qYM84nz50xXwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGDB1OjQ
iGYx9PAN2ozLg383L0mUMB8GA1UdIwQYMBaAFFMS85mm9+sN3NUcA5+D97ekel8J
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QkM3QS80QzUyOEY3ODQ1
MDMxMUUyQkRDQTFGNzMyOTc5QkIyMC9VeEx6bWFiMzZ3M2MxUndEbjRQM3Q2UjZY
d2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1V4THptYWIzNnczYzFSd0RuNFAzdDZSNlh3ay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
QkM3QS80QzUyOEY3ODQ1MDMxMUUyQkRDQTFGNzMyOTc5QkIyMC9VeEx6bWFiMzZ3
M2MxUndEbjRQM3Q2UjZYd2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBqw+GUfswHJ8vd04++lUjMtiHJcvqxK6Oj5oqDhTohMJ97Js01vC8a
ggZIrQrWKSL0U2l+mZq2xb7MRoo8tS+sY6SGnDRBVole/203PNCFqfOlifBSojBa
md3OXRL9QHATvMqw4VRFz49zaclQrbe0ZhJVY0sYWkePEljjv9Kx4fDcyw9XUewQ
Sgx6Lzv0J3bsnfqaLNkyr5eyRTqRilBFX5q3K9G7zK/d2zq53L1SDuQUG+jja0Em
uXMWAhvaLn3Fg2U6CfpFx10zJpdH21GygMbRynzh3N8HHqop/c4Eu3lGb6J+ZNLt
IY8ikXQDzqVA63bzWqnoQS3yauzher9c
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:37:21 2025 by rpki-client