Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A914EED0/6EEB1150C2B311EAB4832750C4F9AE02/y-ExoIOkVjx8Q52webZLatEQGnw.mft
File:                     y-ExoIOkVjx8Q52webZLatEQGnw.mft (raw, json)
Hash identifier:          8db98DhtRtuFrb28qhBX5n5Nth3jU/Iw/t7ndf9fK7c=
Subject key identifier:   76:BB:7E:1F:B5:CA:DD:72:7B:F2:58:BB:12:DC:29:CE:71:BD:96:50
Authority key identifier: CB:E1:31:A0:83:A4:56:3C:7C:43:9D:B0:79:B6:4B:6A:D1:10:1A:7C
Certificate issuer:       /CN=A914EED0/serialNumber=CBE131A083A4563C7C439DB079B64B6AD1101A7C
Certificate serial:       08D6
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y-ExoIOkVjx8Q52webZLatEQGnw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A914EED0/6EEB1150C2B311EAB4832750C4F9AE02/y-ExoIOkVjx8Q52webZLatEQGnw.mft
Manifest number:          08C2
Signing time:             Sat 18 Oct 2025 21:36:44 +0000
Manifest this update:     Sat 18 Oct 2025 21:36:44 +0000
Manifest next update:     Sat 25 Oct 2025 21:36:44 +0000
Files and hashes:         1: y-ExoIOkVjx8Q52webZLatEQGnw.crl (hash: oxzTaoDeP11DkfJW7q9uVYRV5U2fPyTfbFOVSvSzWSQ=)
                          2: 90D4C28CC2BA11EA8A079767C4F9AE02.roa (hash: e+13EZAvpj9mc2IILMERDnSK9NszhBMUbUBC2BNslfY=)
                          3: F043A0CCC2B411EA9BAFF054C4F9AE02.roa (hash: NHcEruSqBuMj/IPzd/3S47VAhmXWgMgQYut3Slp0jA8=)
                          4: 91B81F1EC2BA11EA8A079767C4F9AE02.roa (hash: HnUSTDgiOASq4KYnjuG0nd8h+Pt87RrArwZX9gcI9gM=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A914EED0/6EEB1150C2B311EAB4832750C4F9AE02/y-ExoIOkVjx8Q52webZLatEQGnw.crl
                          rsync://rpki.apnic.net/member_repository/A914EED0/6EEB1150C2B311EAB4832750C4F9AE02/y-ExoIOkVjx8Q52webZLatEQGnw.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y-ExoIOkVjx8Q52webZLatEQGnw.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 25 Oct 2025 21:36:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2262 (0x8d6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A914EED0, serialNumber=CBE131A083A4563C7C439DB079B64B6AD1101A7C
        Validity
            Not Before: Oct 18 21:36:44 2025 GMT
            Not After : Oct 25 21:36:44 2025 GMT
        Subject: CN=68f4086c-73e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:b9:cc:25:d4:55:a5:51:ca:9e:a6:a3:37:d7:
                    15:c9:9c:59:89:f4:df:af:e6:e5:0e:e7:de:73:50:
                    4a:1c:b3:71:25:4c:59:85:de:f0:9c:78:60:e6:b6:
                    8f:48:34:b8:5b:76:f5:2e:e3:d7:54:83:d2:f4:1e:
                    2f:0a:b7:b4:db:65:07:43:12:22:63:10:f4:96:6e:
                    e6:1a:37:b6:52:44:bc:b7:fd:95:ee:1c:f3:25:a9:
                    4f:eb:55:70:ae:54:05:5b:24:2d:2e:15:f1:54:13:
                    ec:45:9c:7e:6d:5f:1f:c6:7e:52:76:7d:c0:a1:3e:
                    e5:23:ac:8d:5d:fa:4f:2e:5b:30:f6:ec:b8:bf:88:
                    21:3d:55:5d:80:11:25:44:86:d0:ae:fe:54:68:d7:
                    24:41:59:34:b7:26:05:7c:73:bd:58:80:2c:59:12:
                    78:11:0e:6f:be:95:08:f8:79:18:69:15:a6:02:39:
                    cd:be:3d:7b:d9:71:d2:b7:4c:24:9c:11:a8:7b:a9:
                    41:a3:07:84:04:40:0a:b3:b2:6f:7a:15:de:15:49:
                    8d:61:cb:89:29:2c:6f:b0:9c:11:ac:5c:d1:1d:ec:
                    1b:f0:3e:fa:d2:77:fc:b0:1a:75:4a:03:b9:e7:0c:
                    76:79:22:62:69:5c:1e:42:83:a3:18:8e:03:8a:27:
                    5b:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:BB:7E:1F:B5:CA:DD:72:7B:F2:58:BB:12:DC:29:CE:71:BD:96:50
            X509v3 Authority Key Identifier:
                keyid:CB:E1:31:A0:83:A4:56:3C:7C:43:9D:B0:79:B6:4B:6A:D1:10:1A:7C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A914EED0/6EEB1150C2B311EAB4832750C4F9AE02/y-ExoIOkVjx8Q52webZLatEQGnw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y-ExoIOkVjx8Q52webZLatEQGnw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914EED0/6EEB1150C2B311EAB4832750C4F9AE02/y-ExoIOkVjx8Q52webZLatEQGnw.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:cc:16:d8:4f:8b:01:bc:1f:c9:63:2a:98:e1:ef:ae:b7:06:
         70:fa:40:1a:e7:05:ec:02:9a:05:08:63:95:21:16:e7:0b:b4:
         22:3f:8e:f7:1d:22:48:e7:b2:86:9c:a1:d5:18:10:20:2f:00:
         73:34:11:04:f6:3c:51:e7:4d:87:8a:56:8b:e4:46:4e:ae:d2:
         1d:7b:bd:f2:2f:f9:a0:d8:25:a4:ba:81:ac:e2:01:3c:64:5b:
         27:86:6c:cf:ac:e7:4d:1e:1d:49:0b:57:d1:05:fe:0b:49:b5:
         5d:a5:4b:33:a2:ed:e7:f1:70:8b:09:88:68:8f:90:2d:d6:16:
         66:fa:56:ea:8b:ea:4f:db:84:a3:ac:6f:dd:7d:48:ba:33:d4:
         78:ce:4f:01:d4:f7:34:e3:dd:00:b3:77:6f:5b:88:5e:43:c5:
         be:87:42:f4:23:e1:76:6a:43:31:d9:6c:e8:35:78:be:2f:18:
         13:da:34:ea:ef:2a:d3:83:39:12:13:56:62:5e:0d:67:bf:58:
         b5:df:43:de:3c:ec:5e:97:09:6b:f7:8d:35:26:a1:a5:8d:bf:
         a8:df:ed:80:b6:24:9a:a5:dc:ed:75:59:40:90:95:2a:ca:aa:
         19:38:bf:a6:71:ea:00:ca:bc:e6:4d:f3:ab:1c:a2:aa:57:a7:
         36:ed:59:8f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCNYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEVFRDAxMTAvBgNVBAUTKENCRTEzMUEwODNBNDU2M0M3QzQzOURCMDc5QjY0QjZB
RDExMDFBN0MwHhcNMjUxMDE4MjEzNjQ0WhcNMjUxMDI1MjEzNjQ0WjAYMRYwFAYD
VQQDEw02OGY0MDg2Yy03M2U0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqrnMJdRVpVHKnqajN9cVyZxZifTfr+blDufec1BKHLNxJUxZhd7wnHhg5raP
SDS4W3b1LuPXVIPS9B4vCre022UHQxIiYxD0lm7mGje2UkS8t/2V7hzzJalP61Vw
rlQFWyQtLhXxVBPsRZx+bV8fxn5Sdn3AoT7lI6yNXfpPLlsw9uy4v4ghPVVdgBEl
RIbQrv5UaNckQVk0tyYFfHO9WIAsWRJ4EQ5vvpUI+HkYaRWmAjnNvj172XHSt0wk
nBGoe6lBoweEBEAKs7JvehXeFUmNYcuJKSxvsJwRrFzRHewb8D760nf8sBp1SgO5
5wx2eSJiaVweQoOjGI4DiidbIQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHa7fh+1
yt1ye/JYuxLcKc5xvZZQMB8GA1UdIwQYMBaAFMvhMaCDpFY8fEOdsHm2S2rREBp8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RUVEMC82RUVCMTE1MEMy
QjMxMUVBQjQ4MzI3NTBDNEY5QUUwMi95LUV4b0lPa1ZqeDhRNTJ3ZWJaTGF0RVFH
bncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ktRXhvSU9rVmp4OFE1MndlYlpMYXRFUUdudy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
RUVEMC82RUVCMTE1MEMyQjMxMUVBQjQ4MzI3NTBDNEY5QUUwMi95LUV4b0lPa1Zq
eDhRNTJ3ZWJaTGF0RVFHbncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAZzBbYT4sBvB/JYyqY4e+utwZw+kAa5wXsApoFCGOVIRbnC7QiP473
HSJI57KGnKHVGBAgLwBzNBEE9jxR502HilaL5EZOrtIde73yL/mg2CWkuoGs4gE8
ZFsnhmzPrOdNHh1JC1fRBf4LSbVdpUszou3n8XCLCYhoj5At1hZm+lbqi+pP24Sj
rG/dfUi6M9R4zk8B1Pc0490As3dvW4heQ8W+h0L0I+F2akMx2WzoNXi+LxgT2jTq
7yrTgzkSE1ZiXg1nv1i130PePOxelwlr9401JqGljb+o3+2AtiSapdztdVlAkJUq
yqoZOL+mceoAyrzmTfOrHKKqV6c27VmP
-----END CERTIFICATE-----
Generated at Mon Oct 20 21:39:39 2025 by rpki-client