Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft
File:                     KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft (raw, json)
Hash identifier:          PAJ7E3vR8m96KQVnNxZA6f1vZeQMjCGLU5u5/gyjBsc=
Subject key identifier:   1F:85:12:FB:C8:B7:10:1A:B5:66:C1:9F:1F:88:74:CA:C4:71:8C:6C
Authority key identifier: 29:76:87:67:53:D6:55:62:A7:CA:85:E3:E9:E8:DF:75:07:97:C9:48
Certificate issuer:       /CN=A914F521/serialNumber=2976876753D65562A7CA85E3E9E8DF750797C948
Certificate serial:       0E02
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft
Manifest number:          0DE5
Signing time:             Sat 18 Oct 2025 18:32:49 +0000
Manifest this update:     Sat 18 Oct 2025 18:32:48 +0000
Manifest next update:     Sat 25 Oct 2025 18:32:48 +0000
Files and hashes:         1: KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl (hash: 9366c0ia2wJ7d2W19JAjMUUGL/3UjX7K1cb5l+Ugaqw=)
                          2: 757320342E4011EEBC464879C4F9AE02.roa (hash: P37lIdcSAoW+RqsdCkFvhSnyXLO3TfyFSiBj1G2ZldU=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl
                          rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 25 Oct 2025 18:32:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3586 (0xe02)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A914F521, serialNumber=2976876753D65562A7CA85E3E9E8DF750797C948
        Validity
            Not Before: Oct 18 18:32:48 2025 GMT
            Not After : Oct 25 18:32:48 2025 GMT
        Subject: CN=68f3dd51-ae7f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:aa:74:17:44:8c:e8:d0:29:1d:b9:23:03:53:
                    b6:e3:db:dd:6a:58:79:b0:89:a5:66:52:c6:8c:6e:
                    b6:7f:20:47:a1:54:84:fe:35:ad:b8:b3:c4:0b:df:
                    f7:7a:29:15:f9:40:53:0d:40:78:5f:38:1b:0c:06:
                    c6:9e:f3:8c:66:f2:6b:34:dd:dc:81:38:27:be:af:
                    20:3c:32:3b:36:17:23:23:6a:6e:16:42:d7:fe:dd:
                    a0:de:92:d1:23:c4:9a:a3:0f:25:f6:fe:38:ae:08:
                    87:20:3b:2c:27:f1:d9:16:66:e3:7c:50:3f:22:4c:
                    7d:e6:e0:fd:6f:31:43:4d:b7:0c:b5:fd:ec:bf:3f:
                    aa:1f:07:d6:28:47:11:17:31:b3:34:88:07:8c:35:
                    89:a6:78:7e:fc:a9:76:6e:40:f3:70:9d:98:38:c7:
                    28:6d:f2:44:08:1e:b3:74:d7:ab:6d:7a:db:8d:8f:
                    67:ca:49:2c:4a:f3:22:15:69:52:ac:0e:87:c2:df:
                    55:da:b3:4c:4e:f9:8a:8e:6a:f9:65:48:36:bd:7e:
                    40:73:50:f5:78:30:6f:e5:d5:b6:f6:40:29:2c:0d:
                    54:f4:a2:15:5e:6c:64:0f:a6:b7:b8:b4:77:0d:f8:
                    bc:38:1d:fa:6a:a3:0b:70:04:22:ac:f6:4c:48:b9:
                    9f:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:85:12:FB:C8:B7:10:1A:B5:66:C1:9F:1F:88:74:CA:C4:71:8C:6C
            X509v3 Authority Key Identifier:
                keyid:29:76:87:67:53:D6:55:62:A7:CA:85:E3:E9:E8:DF:75:07:97:C9:48

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         be:7e:d5:4d:5f:e9:98:11:3e:80:5b:23:f3:4c:4d:4b:16:8b:
         4b:cc:b3:23:63:f3:68:56:44:9c:2a:57:ab:bb:8b:74:d7:78:
         09:33:66:1f:ca:0d:02:37:7b:f9:8e:28:31:4c:12:16:39:ac:
         d5:c9:bd:98:03:d5:16:1c:bc:38:29:58:7f:d1:df:9a:63:da:
         6c:09:5b:cb:d8:88:36:1f:d2:70:30:51:a4:7f:22:ff:cb:8d:
         91:bd:a4:69:d7:2e:e2:e9:d0:a4:02:f1:23:e1:d9:73:8f:ad:
         2a:0a:85:96:20:5a:56:ff:04:59:9d:11:84:35:3a:33:a0:64:
         a8:63:8d:8d:78:55:e3:23:2a:2d:1c:52:0e:1c:13:a2:ee:f3:
         bf:c8:45:eb:6a:35:13:65:4a:12:a0:be:0c:10:89:b7:16:57:
         3e:6a:a0:c5:e5:27:17:0f:4b:ed:94:14:c8:fd:fc:20:f1:0a:
         66:1f:fa:8b:89:12:97:6a:12:d9:bf:e0:65:5a:db:82:bd:b9:
         c1:83:c4:96:10:71:20:1c:58:13:3e:f6:5a:8f:16:5a:bc:93:
         0d:8b:bc:1a:17:2e:27:0f:97:6e:fe:be:88:43:7c:f7:43:34:
         22:91:a8:47:53:a6:df:03:57:f2:71:b5:a7:96:77:ae:18:f0:
         e3:8e:6a:85
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICDgIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEY1MjExMTAvBgNVBAUTKDI5NzY4NzY3NTNENjU1NjJBN0NBODVFM0U5RThERjc1
MDc5N0M5NDgwHhcNMjUxMDE4MTgzMjQ4WhcNMjUxMDI1MTgzMjQ4WjAYMRYwFAYD
VQQDEw02OGYzZGQ1MS1hZTdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4ap0F0SM6NApHbkjA1O249vdalh5sImlZlLGjG62fyBHoVSE/jWtuLPEC9/3
eikV+UBTDUB4XzgbDAbGnvOMZvJrNN3cgTgnvq8gPDI7NhcjI2puFkLX/t2g3pLR
I8Saow8l9v44rgiHIDssJ/HZFmbjfFA/Ikx95uD9bzFDTbcMtf3svz+qHwfWKEcR
FzGzNIgHjDWJpnh+/Kl2bkDzcJ2YOMcobfJECB6zdNerbXrbjY9nykksSvMiFWlS
rA6Hwt9V2rNMTvmKjmr5ZUg2vX5Ac1D1eDBv5dW29kApLA1U9KIVXmxkD6a3uLR3
Dfi8OB36aqMLcAQirPZMSLmf/QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFB+FEvvI
txAatWbBnx+IdMrEcYxsMB8GA1UdIwQYMBaAFCl2h2dT1lVip8qF4+no33UHl8lI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RjUyMS8yMTY1ODgyMEM2
N0UxMUU5QUYzQkE3NjVDNEY5QUUwMi9LWGFIWjFQV1ZXS255b1hqNmVqZmRRZVh5
VWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tYYUhaMVBXVldLbnlvWGo2ZWpmZFFlWHlVZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
RjUyMS8yMTY1ODgyMEM2N0UxMUU5QUYzQkE3NjVDNEY5QUUwMi9LWGFIWjFQV1ZX
S255b1hqNmVqZmRRZVh5VWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQC+ftVNX+mYET6AWyPzTE1LFotLzLMjY/NoVkScKleru4t013gJM2Yf
yg0CN3v5jigxTBIWOazVyb2YA9UWHLw4KVh/0d+aY9psCVvL2Ig2H9JwMFGkfyL/
y42RvaRp1y7i6dCkAvEj4dlzj60qCoWWIFpW/wRZnRGENTozoGSoY42NeFXjIyot
HFIOHBOi7vO/yEXrajUTZUoSoL4MEIm3Flc+aqDF5ScXD0vtlBTI/fwg8QpmH/qL
iRKXahLZv+BlWtuCvbnBg8SWEHEgHFgTPvZajxZavJMNi7waFy4nD5du/r6IQ3z3
QzQikahHU6bfA1fycbWnlneuGPDjjmqF
-----END CERTIFICATE-----
Generated at Mon Oct 20 05:42:49 2025 by rpki-client