Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91525A9/2618840EB14311ED87D07678C4F9AE02/68PX_PsTT1OPwZ-YrYmMDz8HTyA.mft
File:                     68PX_PsTT1OPwZ-YrYmMDz8HTyA.mft (raw, json)
Hash identifier:          iUfkfLl671MmW9K9jHOQZfD2fOBNU4wxPkMqhmquDMI=
Subject key identifier:   4D:FE:07:BD:57:0C:48:B4:9B:F2:94:A8:B3:2F:66:64:F9:6E:50:17
Authority key identifier: EB:C3:D7:FC:FB:13:4F:53:8F:C1:9F:98:AD:89:8C:0F:3F:07:4F:20
Certificate issuer:       /CN=A91525A9/serialNumber=EBC3D7FCFB134F538FC19F98AD898C0F3F074F20
Certificate serial:       01EB
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/68PX_PsTT1OPwZ-YrYmMDz8HTyA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91525A9/2618840EB14311ED87D07678C4F9AE02/68PX_PsTT1OPwZ-YrYmMDz8HTyA.mft
Manifest number:          01DF
Signing time:             Sat 23 Aug 2025 02:52:37 +0000
Manifest this update:     Sat 23 Aug 2025 02:52:37 +0000
Manifest next update:     Sat 30 Aug 2025 02:52:37 +0000
Files and hashes:         1: 68PX_PsTT1OPwZ-YrYmMDz8HTyA.crl (hash: Mr8DSfRMTvow1/BihrBYCMeXDQeAWARQHTlMPx88Pm4=)
                          2: 98152E6C480111EFB2976238C4F9AE02.roa (hash: p8fvqZ7Alg5roEiASszoiJIP01rninX1g3Jc6iC5JJA=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91525A9/2618840EB14311ED87D07678C4F9AE02/68PX_PsTT1OPwZ-YrYmMDz8HTyA.crl
                          rsync://rpki.apnic.net/member_repository/A91525A9/2618840EB14311ED87D07678C4F9AE02/68PX_PsTT1OPwZ-YrYmMDz8HTyA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/68PX_PsTT1OPwZ-YrYmMDz8HTyA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Aug 2025 02:52:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 491 (0x1eb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91525A9, serialNumber=EBC3D7FCFB134F538FC19F98AD898C0F3F074F20
        Validity
            Not Before: Aug 23 02:52:37 2025 GMT
            Not After : Aug 30 02:52:37 2025 GMT
        Subject: CN=68a92cf5-71eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:b3:f7:11:f0:d6:6b:1b:69:55:fa:ed:d9:39:
                    81:12:46:60:92:04:e1:e1:16:4a:0f:86:ee:3d:70:
                    c9:db:9e:4d:e6:fe:2f:eb:f3:47:e1:6e:3d:41:77:
                    6d:5a:56:9b:ab:0e:86:7f:aa:20:e9:a3:69:10:f4:
                    a0:83:90:56:f8:fc:00:3d:a6:11:e3:e1:80:1c:dc:
                    cc:78:06:af:75:5f:e2:e5:bd:da:cb:f5:8a:16:80:
                    08:c7:a7:cf:a7:70:01:b5:88:d1:64:78:41:d3:1a:
                    3f:88:4f:11:b1:22:21:80:9c:8c:e7:b5:8a:5b:46:
                    00:cf:c3:5a:0f:c8:5b:5e:eb:42:54:72:ec:b4:f9:
                    d1:52:68:e1:a0:1b:13:cc:5d:52:67:eb:0f:72:98:
                    db:77:3d:58:9d:26:f3:e2:92:f1:a1:9e:85:2d:7e:
                    30:57:dc:ed:a2:b1:9b:8b:b3:76:c7:97:d7:8f:1c:
                    14:8c:23:69:40:bd:bf:62:08:f2:f8:02:14:79:09:
                    8a:89:02:c9:0d:28:90:91:98:99:1c:15:2e:90:0d:
                    a0:54:77:4f:bf:81:c4:f2:6b:4d:3d:77:b1:0a:ca:
                    24:9a:05:76:f3:ee:e6:d3:be:81:dd:53:4a:d2:37:
                    f7:a9:5d:75:8e:4b:64:2a:91:66:9b:c1:ec:92:38:
                    fe:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:FE:07:BD:57:0C:48:B4:9B:F2:94:A8:B3:2F:66:64:F9:6E:50:17
            X509v3 Authority Key Identifier:
                keyid:EB:C3:D7:FC:FB:13:4F:53:8F:C1:9F:98:AD:89:8C:0F:3F:07:4F:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91525A9/2618840EB14311ED87D07678C4F9AE02/68PX_PsTT1OPwZ-YrYmMDz8HTyA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/68PX_PsTT1OPwZ-YrYmMDz8HTyA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91525A9/2618840EB14311ED87D07678C4F9AE02/68PX_PsTT1OPwZ-YrYmMDz8HTyA.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:86:b8:1e:a1:23:e0:e3:de:db:87:71:22:fe:ce:ca:91:21:
         55:4c:41:49:a8:8e:9c:13:1d:72:a8:61:6f:d6:6d:bb:be:24:
         5e:bf:30:4e:62:05:e8:0f:a5:90:b4:35:b3:5d:e7:44:a8:3a:
         3d:4f:0e:97:ea:7d:b9:87:6e:b1:53:5f:fc:5c:fa:d3:c9:ee:
         d7:a9:b3:85:4d:76:16:51:13:85:17:63:65:d3:e9:f4:95:18:
         d6:84:30:34:03:59:41:3b:a1:cb:1a:67:86:3a:17:de:7e:0f:
         22:1d:a0:0c:99:88:cd:d9:86:4a:6c:75:41:8e:8b:b5:80:8c:
         46:0f:60:e6:8d:4a:16:74:15:aa:d4:8f:05:5b:75:1a:85:be:
         e7:bb:29:72:6d:d9:ad:62:cc:58:c2:b8:4b:a9:fd:96:8e:71:
         e2:1c:73:06:bf:dd:68:9d:6e:1a:ed:f7:01:d8:60:31:57:fa:
         56:e6:1b:10:bd:11:e7:13:3e:67:64:a6:04:56:41:63:2d:20:
         d3:fa:7f:e2:4b:f1:6d:56:89:fa:2e:2d:62:53:e3:84:f2:5a:
         03:48:ea:e8:bc:f6:21:0d:29:bf:82:ae:84:42:31:4b:39:af:
         41:80:12:b1:db:53:70:6c:55:fc:42:13:fc:2f:99:2b:46:0a:
         c6:27:25:c6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAeswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTI1QTkxMTAvBgNVBAUTKEVCQzNEN0ZDRkIxMzRGNTM4RkMxOUY5OEFEODk4QzBG
M0YwNzRGMjAwHhcNMjUwODIzMDI1MjM3WhcNMjUwODMwMDI1MjM3WjAYMRYwFAYD
VQQDEw02OGE5MmNmNS03MWViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1rP3EfDWaxtpVfrt2TmBEkZgkgTh4RZKD4buPXDJ255N5v4v6/NH4W49QXdt
Wlabqw6Gf6og6aNpEPSgg5BW+PwAPaYR4+GAHNzMeAavdV/i5b3ay/WKFoAIx6fP
p3ABtYjRZHhB0xo/iE8RsSIhgJyM57WKW0YAz8NaD8hbXutCVHLstPnRUmjhoBsT
zF1SZ+sPcpjbdz1YnSbz4pLxoZ6FLX4wV9ztorGbi7N2x5fXjxwUjCNpQL2/Ygjy
+AIUeQmKiQLJDSiQkZiZHBUukA2gVHdPv4HE8mtNPXexCsokmgV28+7m076B3VNK
0jf3qV11jktkKpFmm8Hskjj+WwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFE3+B71X
DEi0m/KUqLMvZmT5blAXMB8GA1UdIwQYMBaAFOvD1/z7E09Tj8GfmK2JjA8/B08g
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MjVBOS8yNjE4ODQwRUIx
NDMxMUVEODdEMDc2NzhDNEY5QUUwMi82OFBYX1BzVFQxT1B3Wi1ZclltTUR6OEhU
eUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzY4UFhfUHNUVDFPUHdaLVlyWW1NRHo4SFR5QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
MjVBOS8yNjE4ODQwRUIxNDMxMUVEODdEMDc2NzhDNEY5QUUwMi82OFBYX1BzVFQx
T1B3Wi1ZclltTUR6OEhUeUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBWhrgeoSPg497bh3Ei/s7KkSFVTEFJqI6cEx1yqGFv1m27viRevzBO
YgXoD6WQtDWzXedEqDo9Tw6X6n25h26xU1/8XPrTye7XqbOFTXYWUROFF2Nl0+n0
lRjWhDA0A1lBO6HLGmeGOhfefg8iHaAMmYjN2YZKbHVBjou1gIxGD2DmjUoWdBWq
1I8FW3Uahb7nuylybdmtYsxYwrhLqf2WjnHiHHMGv91onW4a7fcB2GAxV/pW5hsQ
vRHnEz5nZKYEVkFjLSDT+n/iS/FtVon6Li1iU+OE8loDSOrovPYhDSm/gq6EQjFL
Oa9BgBKx21NwbFX8QhP8L5krRgrGJyXG
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:25:34 2025 by rpki-client