Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.mft
File:                     IXw9i-0LQMD7CItZ7m5lrmxmHw0.mft (raw, json)
Hash identifier:          BFoMdZlFOaR/FHsW8+SjtrzkieGSxZ+M282LITO07AE=
Subject key identifier:   24:F3:62:1D:08:31:1A:38:82:17:11:EF:4A:57:B3:F5:73:24:73:9B
Authority key identifier: 21:7C:3D:8B:ED:0B:40:C0:FB:08:8B:59:EE:6E:65:AE:6C:66:1F:0D
Certificate issuer:       /CN=A9152DE4/serialNumber=217C3D8BED0B40C0FB088B59EE6E65AE6C661F0D
Certificate serial:       0450
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IXw9i-0LQMD7CItZ7m5lrmxmHw0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.mft
Manifest number:          0444
Signing time:             Sun 19 Oct 2025 02:09:20 +0000
Manifest this update:     Sun 19 Oct 2025 02:09:19 +0000
Manifest next update:     Sun 26 Oct 2025 02:09:19 +0000
Files and hashes:         1: IXw9i-0LQMD7CItZ7m5lrmxmHw0.crl (hash: HqVTNbeDo2oN9nYmEyq3UtAsYKAJoI8tI+V+bGT6MC8=)
                          2: E986DDEC979911ECB3B7CE39C4F9AE02.roa (hash: ciNIImuAbj1AO0K4GihG7jlhzLEKvAURaWl26eH889E=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.crl
                          rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IXw9i-0LQMD7CItZ7m5lrmxmHw0.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 26 Oct 2025 02:09:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1104 (0x450)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9152DE4, serialNumber=217C3D8BED0B40C0FB088B59EE6E65AE6C661F0D
        Validity
            Not Before: Oct 19 02:09:19 2025 GMT
            Not After : Oct 26 02:09:19 2025 GMT
        Subject: CN=68f44850-6f84
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f9:6c:95:fe:97:18:31:23:0b:92:7b:82:a0:57:
                    b0:fc:c0:f9:ac:5c:af:3a:4d:8d:3b:7c:9c:13:ee:
                    15:3d:c3:d0:6e:f3:b0:0c:34:c8:90:ff:52:28:3f:
                    31:47:bc:a5:b1:34:bb:49:de:08:20:5e:85:1a:28:
                    54:00:f4:c3:42:9e:39:f7:d8:9a:87:70:da:8f:cb:
                    7b:29:e1:a3:cc:65:49:31:5b:da:41:eb:da:16:75:
                    98:7d:04:60:01:d9:96:44:ba:7d:f2:1a:d2:10:73:
                    22:1f:0a:89:89:91:08:a3:e8:ce:27:6f:80:e2:f2:
                    21:57:dd:04:f1:42:7d:2c:2a:24:aa:d1:cf:29:61:
                    0a:a6:c8:46:82:33:d2:9e:f0:34:b9:32:75:50:5e:
                    9b:fd:ad:e6:b1:65:56:f9:75:3d:3b:9b:8b:50:95:
                    32:a3:c2:11:f5:05:11:45:82:03:52:6d:39:cf:f6:
                    3f:66:ae:29:6e:20:e5:5c:37:79:82:5c:a3:d2:72:
                    43:b6:7c:f9:82:66:b0:cc:93:ba:41:c0:38:fb:93:
                    8c:e5:dc:bc:39:e1:07:10:0e:86:fa:0c:02:0a:da:
                    2c:2c:00:d4:e7:e6:dd:76:b6:06:0b:df:38:95:4e:
                    bb:5c:dd:f3:23:f3:eb:f3:e9:b2:4c:98:43:62:e7:
                    86:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:F3:62:1D:08:31:1A:38:82:17:11:EF:4A:57:B3:F5:73:24:73:9B
            X509v3 Authority Key Identifier:
                keyid:21:7C:3D:8B:ED:0B:40:C0:FB:08:8B:59:EE:6E:65:AE:6C:66:1F:0D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IXw9i-0LQMD7CItZ7m5lrmxmHw0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:35:ed:b5:ba:81:51:c8:81:10:1a:e9:78:0f:74:07:69:8a:
         ea:01:56:3a:96:46:7c:e6:93:34:39:fc:32:ad:b9:84:38:68:
         b8:f1:92:b2:71:dc:47:3c:0e:a4:e1:05:75:dc:4e:d1:f6:55:
         64:69:1b:49:14:c0:66:97:b9:b2:07:5a:d1:b7:48:e0:e0:28:
         96:72:4b:a0:d6:38:eb:c1:cf:77:0a:38:9c:c6:b5:e7:65:35:
         db:e8:73:32:6b:9e:66:96:a6:61:2f:73:62:4d:13:4f:0c:1e:
         31:ba:a0:69:23:23:7f:d9:51:85:9b:a5:f8:0a:af:5c:5c:48:
         a5:f7:0a:37:be:e5:71:eb:2b:e2:5b:c4:88:65:76:e3:41:01:
         e3:0f:5e:a9:01:a9:48:fe:11:fc:91:81:18:00:23:58:36:0c:
         5b:b2:ec:99:87:32:25:f1:1b:ee:57:c6:1b:c1:c5:73:b7:de:
         20:b4:95:d4:51:df:fe:73:3f:63:12:8f:07:a8:69:69:1a:82:
         42:6e:c5:c0:9b:70:7f:c8:99:a8:76:8d:5a:24:84:ca:bc:64:
         3d:d4:14:47:b3:5f:be:92:df:6b:83:17:28:f9:07:6d:fc:a4:
         aa:45:35:63:dc:a6:0a:34:3a:bd:71:78:eb:45:10:e8:30:00:
         a5:ff:7f:62
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICBFAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTJERTQxMTAvBgNVBAUTKDIxN0MzRDhCRUQwQjQwQzBGQjA4OEI1OUVFNkU2NUFF
NkM2NjFGMEQwHhcNMjUxMDE5MDIwOTE5WhcNMjUxMDI2MDIwOTE5WjAYMRYwFAYD
VQQDEw02OGY0NDg1MC02Zjg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA+WyV/pcYMSMLknuCoFew/MD5rFyvOk2NO3ycE+4VPcPQbvOwDDTIkP9SKD8x
R7ylsTS7Sd4IIF6FGihUAPTDQp4599iah3Daj8t7KeGjzGVJMVvaQevaFnWYfQRg
AdmWRLp98hrSEHMiHwqJiZEIo+jOJ2+A4vIhV90E8UJ9LCokqtHPKWEKpshGgjPS
nvA0uTJ1UF6b/a3msWVW+XU9O5uLUJUyo8IR9QURRYIDUm05z/Y/Zq4pbiDlXDd5
glyj0nJDtnz5gmawzJO6QcA4+5OM5dy8OeEHEA6G+gwCCtosLADU5+bddrYGC984
lU67XN3zI/Pr8+myTJhDYueGuwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCTzYh0I
MRo4ghcR70pXs/VzJHObMB8GA1UdIwQYMBaAFCF8PYvtC0DA+wiLWe5uZa5sZh8N
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MkRFNC80Q0NDQzMzMjc5
MkExMUVDQjBDNTkxNjJDNEY5QUUwMi9JWHc5aS0wTFFNRDdDSXRaN201bHJteG1I
dzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0lYdzlpLTBMUU1EN0NJdFo3bTVscm14bUh3MC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
MkRFNC80Q0NDQzMzMjc5MkExMUVDQjBDNTkxNjJDNEY5QUUwMi9JWHc5aS0wTFFN
RDdDSXRaN201bHJteG1IdzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQClNe21uoFRyIEQGul4D3QHaYrqAVY6lkZ85pM0OfwyrbmEOGi48ZKy
cdxHPA6k4QV13E7R9lVkaRtJFMBml7myB1rRt0jg4CiWckug1jjrwc93CjicxrXn
ZTXb6HMya55mlqZhL3NiTRNPDB4xuqBpIyN/2VGFm6X4Cq9cXEil9wo3vuVx6yvi
W8SIZXbjQQHjD16pAalI/hH8kYEYACNYNgxbsuyZhzIl8RvuV8YbwcVzt94gtJXU
Ud/+cz9jEo8HqGlpGoJCbsXAm3B/yJmodo1aJITKvGQ91BRHs1++kt9rgxco+Qdt
/KSqRTVj3KYKNDq9cXjrRRDoMACl/39i
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:43:34 2025 by rpki-client