Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A914FED3/F8584F7CB38A11E987288166C4F9AE02/aZ9RqdnhRW0WAb6D2LlK1ZpDgjM.mft
File:                     aZ9RqdnhRW0WAb6D2LlK1ZpDgjM.mft (raw, json)
Hash identifier:          2cRm+PBA42YlmlKj/MiiMc5/rO/o44pTFynJJM8tQoA=
Subject key identifier:   57:24:14:7E:45:49:73:DD:1D:19:15:47:98:63:83:66:9D:6E:57:DC
Authority key identifier: 69:9F:51:A9:D9:E1:45:6D:16:01:BE:83:D8:B9:4A:D5:9A:43:82:33
Certificate issuer:       /CN=A914FED3/serialNumber=699F51A9D9E1456D1601BE83D8B94AD59A438233
Certificate serial:       0E4A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aZ9RqdnhRW0WAb6D2LlK1ZpDgjM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A914FED3/F8584F7CB38A11E987288166C4F9AE02/aZ9RqdnhRW0WAb6D2LlK1ZpDgjM.mft
Manifest number:          0E32
Signing time:             Mon 20 Oct 2025 18:20:17 +0000
Manifest this update:     Mon 20 Oct 2025 18:20:16 +0000
Manifest next update:     Mon 27 Oct 2025 18:20:16 +0000
Files and hashes:         1: aZ9RqdnhRW0WAb6D2LlK1ZpDgjM.crl (hash: 43ASJ5WFF6raHmuAzaODFTOZU/iXCQNIaesNauMrhMc=)
                          2: F9BDC484F7B011EB84345029C4F9AE02.roa (hash: TISln3OWwFMxrFHBXjhzJmsuAj7ldgpqpKcI/7qFxoU=)
                          3: 6E8576BC0F1911F0A007DF16C4F9AE02.roa (hash: cRBzFvwtKhO498akQMxVv4jrQ/Ofn1ctENdiE3NLHgk=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A914FED3/F8584F7CB38A11E987288166C4F9AE02/aZ9RqdnhRW0WAb6D2LlK1ZpDgjM.crl
                          rsync://rpki.apnic.net/member_repository/A914FED3/F8584F7CB38A11E987288166C4F9AE02/aZ9RqdnhRW0WAb6D2LlK1ZpDgjM.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aZ9RqdnhRW0WAb6D2LlK1ZpDgjM.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 27 Oct 2025 18:20:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3658 (0xe4a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A914FED3, serialNumber=699F51A9D9E1456D1601BE83D8B94AD59A438233
        Validity
            Not Before: Oct 20 18:20:16 2025 GMT
            Not After : Oct 27 18:20:16 2025 GMT
        Subject: CN=68f67d61-ee5e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:9a:8c:07:07:90:a1:9e:72:21:f3:90:e7:5a:
                    5e:73:26:bf:83:80:0c:4b:12:63:1e:66:8e:51:d4:
                    d9:9f:33:71:6c:6f:99:92:1f:b4:45:e0:dc:85:b1:
                    b9:0b:ad:08:82:59:42:c5:25:0f:92:02:bf:4f:c4:
                    9a:14:58:a6:a1:f4:57:0a:73:87:9f:fb:5f:12:f2:
                    e4:c3:eb:29:2b:d1:4f:ea:1e:10:73:48:20:ca:ff:
                    08:19:cc:5b:cb:82:cd:ed:88:ec:03:14:21:43:a2:
                    d2:cf:07:87:ca:d6:2c:c3:2d:bd:e7:3a:c1:d0:9a:
                    b1:a5:5c:9f:98:5a:8c:4d:57:63:b8:14:d5:ae:ef:
                    3a:1b:ae:9d:07:e9:68:b8:4c:6d:f3:c1:96:6c:2e:
                    0a:a4:aa:e7:83:72:80:f0:56:a7:8f:30:f8:91:38:
                    4e:62:57:15:6a:13:13:60:e0:a6:86:c3:5f:92:fb:
                    8e:fb:d7:80:17:07:48:1a:2d:f5:e3:e9:a7:9c:f0:
                    6f:cf:8f:ef:53:83:60:d1:29:23:bf:8d:56:60:eb:
                    9d:74:ca:98:ad:7c:3a:58:af:b6:d2:2a:d5:aa:a1:
                    01:4d:75:8e:79:c4:8a:f3:9a:66:3d:3b:24:ac:42:
                    44:2e:6c:d2:26:fb:9e:01:e5:b4:27:e6:72:3f:e8:
                    3e:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:24:14:7E:45:49:73:DD:1D:19:15:47:98:63:83:66:9D:6E:57:DC
            X509v3 Authority Key Identifier:
                keyid:69:9F:51:A9:D9:E1:45:6D:16:01:BE:83:D8:B9:4A:D5:9A:43:82:33

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A914FED3/F8584F7CB38A11E987288166C4F9AE02/aZ9RqdnhRW0WAb6D2LlK1ZpDgjM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aZ9RqdnhRW0WAb6D2LlK1ZpDgjM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914FED3/F8584F7CB38A11E987288166C4F9AE02/aZ9RqdnhRW0WAb6D2LlK1ZpDgjM.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:95:85:29:87:67:ac:82:30:0a:a6:1b:bd:9f:6d:f7:6e:bb:
         99:28:ef:00:d0:2c:e4:d2:b8:37:c5:bf:5a:42:64:1c:74:30:
         35:01:eb:4f:b0:80:7a:07:39:53:d9:c1:26:b1:ad:69:85:a5:
         1d:71:7b:da:68:32:a1:14:5f:8f:c0:26:c5:b7:10:f5:85:50:
         af:46:8b:71:f1:30:c0:5c:e5:8a:f0:fb:ad:45:5f:3f:13:5c:
         8e:7f:22:ac:e4:4f:d3:b9:81:bd:96:fe:70:bc:c4:a8:d9:d0:
         bb:45:21:02:2c:b1:52:0f:c5:cb:2e:c9:49:23:b3:6c:ad:c2:
         4c:a5:14:e8:62:e1:41:8c:02:b8:b4:0b:cb:9d:c7:ea:dd:37:
         f7:ee:06:bb:c5:0e:5c:10:48:7d:62:a7:af:99:b8:75:3e:b7:
         6d:aa:ca:f7:cf:76:94:a1:a9:13:70:3f:53:ad:d8:42:ea:b9:
         5f:d8:a1:e8:47:98:a0:3b:55:f0:a3:95:5b:09:70:67:02:2c:
         12:70:83:69:f4:12:78:a5:d1:34:2c:bb:19:e7:51:13:45:31:
         04:ac:93:1a:f1:06:4f:01:67:e5:7a:61:49:b9:b3:28:bf:da:
         36:bc:78:37:1d:f6:75:3b:8f:75:d0:9f:75:95:fd:1b:25:d5:
         6a:63:be:72
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICDkowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEZFRDMxMTAvBgNVBAUTKDY5OUY1MUE5RDlFMTQ1NkQxNjAxQkU4M0Q4Qjk0QUQ1
OUE0MzgyMzMwHhcNMjUxMDIwMTgyMDE2WhcNMjUxMDI3MTgyMDE2WjAYMRYwFAYD
VQQDEw02OGY2N2Q2MS1lZTVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3pqMBweQoZ5yIfOQ51pecya/g4AMSxJjHmaOUdTZnzNxbG+Zkh+0ReDchbG5
C60IgllCxSUPkgK/T8SaFFimofRXCnOHn/tfEvLkw+spK9FP6h4Qc0ggyv8IGcxb
y4LN7YjsAxQhQ6LSzweHytYswy295zrB0JqxpVyfmFqMTVdjuBTVru86G66dB+lo
uExt88GWbC4KpKrng3KA8FanjzD4kThOYlcVahMTYOCmhsNfkvuO+9eAFwdIGi31
4+mnnPBvz4/vU4Ng0Skjv41WYOuddMqYrXw6WK+20irVqqEBTXWOecSK85pmPTsk
rEJELmzSJvueAeW0J+ZyP+g+RQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFckFH5F
SXPdHRkVR5hjg2adblfcMB8GA1UdIwQYMBaAFGmfUanZ4UVtFgG+g9i5StWaQ4Iz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RkVEMy9GODU4NEY3Q0Iz
OEExMUU5ODcyODgxNjZDNEY5QUUwMi9hWjlScWRuaFJXMFdBYjZEMkxsSzFacERn
ak0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FaOVJxZG5oUlcwV0FiNkQyTGxLMVpwRGdqTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
RkVEMy9GODU4NEY3Q0IzOEExMUU5ODcyODgxNjZDNEY5QUUwMi9hWjlScWRuaFJX
MFdBYjZEMkxsSzFacERnak0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBzlYUph2esgjAKphu9n233bruZKO8A0Czk0rg3xb9aQmQcdDA1AetP
sIB6BzlT2cEmsa1phaUdcXvaaDKhFF+PwCbFtxD1hVCvRotx8TDAXOWK8PutRV8/
E1yOfyKs5E/TuYG9lv5wvMSo2dC7RSECLLFSD8XLLslJI7NsrcJMpRToYuFBjAK4
tAvLncfq3Tf37ga7xQ5cEEh9Yqevmbh1Prdtqsr3z3aUoakTcD9TrdhC6rlf2KHo
R5igO1Xwo5VbCXBnAiwScINp9BJ4pdE0LLsZ51ETRTEErJMa8QZPAWflemFJubMo
v9o2vHg3HfZ1O4910J91lf0bJdVqY75y
-----END CERTIFICATE-----
Generated at Tue Oct 21 00:09:57 2025 by rpki-client