Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.mft
File:                     3yU0hNzlLEE3y9HI7UTZyyVX9D8.mft (raw, json)
Hash identifier:          x+7bJabx5XPs9+sRWTdl4BUwUrFE042K0ZAY6a3tduY=
Subject key identifier:   86:32:2E:FC:18:50:22:84:8F:B0:12:97:7E:92:06:C1:E7:5A:7E:90
Authority key identifier: DF:25:34:84:DC:E5:2C:41:37:CB:D1:C8:ED:44:D9:CB:25:57:F4:3F
Certificate issuer:       /CN=A9158568/serialNumber=DF253484DCE52C4137CBD1C8ED44D9CB2557F43F
Certificate serial:       0C4D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3yU0hNzlLEE3y9HI7UTZyyVX9D8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.mft
Manifest number:          0C33
Signing time:             Sat 18 Oct 2025 19:29:31 +0000
Manifest this update:     Sat 18 Oct 2025 19:29:30 +0000
Manifest next update:     Sat 25 Oct 2025 19:29:30 +0000
Files and hashes:         1: 3yU0hNzlLEE3y9HI7UTZyyVX9D8.crl (hash: e8ejF7zYH+bppU6hqsrm9xfntltqfsoJ8guo6BK0qPw=)
                          2: 3A5A84F8CB7111EBA9EEF440C4F9AE02.roa (hash: LcxIbKxK3jutvAgu3ThkdTt7YT68VEQAWEq5z0WaOxY=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.crl
                          rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3yU0hNzlLEE3y9HI7UTZyyVX9D8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 25 Oct 2025 19:29:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3149 (0xc4d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9158568, serialNumber=DF253484DCE52C4137CBD1C8ED44D9CB2557F43F
        Validity
            Not Before: Oct 18 19:29:30 2025 GMT
            Not After : Oct 25 19:29:30 2025 GMT
        Subject: CN=68f3ea9b-5444
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:66:aa:c6:ca:3b:4c:55:af:12:d6:aa:b2:76:
                    3e:f0:3b:a0:2c:31:51:fb:6b:be:c7:12:30:11:bd:
                    4f:24:7c:b1:6c:90:96:8a:b2:79:40:21:e4:cc:71:
                    d5:4b:41:f5:61:46:36:d0:b1:68:bd:b3:a8:09:c0:
                    d2:38:fe:71:ff:ab:11:5d:c8:f9:60:60:fd:dc:9f:
                    5b:12:80:e0:01:da:64:39:29:0f:1b:5c:aa:8a:0d:
                    15:1e:70:bd:1f:89:a6:27:a2:a1:ac:4e:8d:ff:bf:
                    01:70:01:bf:ff:d5:e8:f5:ab:8c:3d:85:dd:b5:dd:
                    34:8e:d6:23:59:c2:2c:70:0e:db:0c:f9:a9:07:21:
                    d1:09:4f:2b:4d:3c:2a:5d:df:50:1a:a0:ed:57:2c:
                    f5:0e:6d:57:2a:3c:46:cd:c8:7a:93:33:74:6e:fd:
                    50:be:df:11:a5:31:cd:69:e7:95:a8:6e:db:d7:ed:
                    37:2c:18:22:13:c9:cf:38:93:00:3d:92:7e:34:30:
                    3b:4f:26:56:2b:f2:95:a5:5f:4b:87:b5:a4:ab:77:
                    ee:f8:7e:02:b3:a6:f4:c8:fc:db:e7:a9:5f:db:f9:
                    f1:5b:1b:07:ca:ed:b8:0d:6f:9a:e5:f6:55:7d:8e:
                    5b:ce:24:cc:ee:92:ab:b7:a1:9a:32:b4:37:1a:96:
                    3c:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:32:2E:FC:18:50:22:84:8F:B0:12:97:7E:92:06:C1:E7:5A:7E:90
            X509v3 Authority Key Identifier:
                keyid:DF:25:34:84:DC:E5:2C:41:37:CB:D1:C8:ED:44:D9:CB:25:57:F4:3F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3yU0hNzlLEE3y9HI7UTZyyVX9D8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:4d:0a:7a:f4:7c:b0:23:a8:7b:de:e4:6e:e9:44:df:dc:3e:
         65:d2:f2:3d:0f:af:a5:61:8c:6b:e3:df:86:d6:53:ff:af:86:
         7f:1a:97:26:53:ee:d3:1f:6a:d1:ec:b4:f1:20:1f:f6:2c:1c:
         ab:32:ac:c8:c3:6e:72:9d:1b:f2:bc:72:10:01:06:ee:c1:f4:
         60:bf:cc:9f:c7:14:ad:16:03:8f:26:a8:1f:a2:5f:1c:50:d0:
         b5:a3:e9:41:04:e2:b6:4c:20:9b:b1:8f:e2:8c:b1:23:4e:61:
         b8:a4:5d:5c:cf:33:c1:73:00:b6:3d:a8:0c:4e:d0:71:c4:f0:
         0f:5a:99:e2:c3:b5:6d:82:fc:90:44:27:29:17:99:d5:8d:3e:
         6e:26:45:38:1e:f2:39:15:b8:e4:48:74:b7:4a:59:c0:92:88:
         ed:21:0f:c3:6b:f2:d3:88:e9:db:a7:0d:86:27:23:8f:15:bb:
         57:42:fc:e4:45:5b:ab:25:92:a1:4f:57:ca:3f:b4:73:84:19:
         94:4b:0b:de:b9:d3:bd:e8:66:0e:cb:a5:67:63:1d:22:be:44:
         7e:23:d3:0f:4a:12:1e:2a:d5:05:f1:d7:9c:54:8b:eb:85:b6:
         15:29:2c:a1:64:16:f5:57:1f:51:46:e3:63:c1:e7:96:92:c5:
         b9:64:6e:b2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICDE0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTg1NjgxMTAvBgNVBAUTKERGMjUzNDg0RENFNTJDNDEzN0NCRDFDOEVENDREOUNC
MjU1N0Y0M0YwHhcNMjUxMDE4MTkyOTMwWhcNMjUxMDI1MTkyOTMwWjAYMRYwFAYD
VQQDEw02OGYzZWE5Yi01NDQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnmaqxso7TFWvEtaqsnY+8DugLDFR+2u+xxIwEb1PJHyxbJCWirJ5QCHkzHHV
S0H1YUY20LFovbOoCcDSOP5x/6sRXcj5YGD93J9bEoDgAdpkOSkPG1yqig0VHnC9
H4mmJ6KhrE6N/78BcAG//9Xo9auMPYXdtd00jtYjWcIscA7bDPmpByHRCU8rTTwq
Xd9QGqDtVyz1Dm1XKjxGzch6kzN0bv1Qvt8RpTHNaeeVqG7b1+03LBgiE8nPOJMA
PZJ+NDA7TyZWK/KVpV9Lh7Wkq3fu+H4Cs6b0yPzb56lf2/nxWxsHyu24DW+a5fZV
fY5bziTM7pKrt6GaMrQ3GpY8wQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIYyLvwY
UCKEj7ASl36SBsHnWn6QMB8GA1UdIwQYMBaAFN8lNITc5SxBN8vRyO1E2cslV/Q/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1ODU2OC9EMzEzMDY3NjE4
NTcxMUVBOTg2MzQxNUVDNEY5QUUwMi8zeVUwaE56bExFRTN5OUhJN1VUWnl5Vlg5
RDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzN5VTBoTnpsTEVFM3k5SEk3VVRaeXlWWDlEOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
ODU2OC9EMzEzMDY3NjE4NTcxMUVBOTg2MzQxNUVDNEY5QUUwMi8zeVUwaE56bExF
RTN5OUhJN1VUWnl5Vlg5RDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQACTQp69HywI6h73uRu6UTf3D5l0vI9D6+lYYxr49+G1lP/r4Z/Gpcm
U+7TH2rR7LTxIB/2LByrMqzIw25ynRvyvHIQAQbuwfRgv8yfxxStFgOPJqgfol8c
UNC1o+lBBOK2TCCbsY/ijLEjTmG4pF1czzPBcwC2PagMTtBxxPAPWpniw7VtgvyQ
RCcpF5nVjT5uJkU4HvI5FbjkSHS3SlnAkojtIQ/Da/LTiOnbpw2GJyOPFbtXQvzk
RVurJZKhT1fKP7RzhBmUSwveudO96GYOy6VnYx0ivkR+I9MPShIeKtUF8decVIvr
hbYVKSyhZBb1Vx9RRuNjweeWksW5ZG6y
-----END CERTIFICATE-----
Generated at Mon Oct 20 05:44:56 2025 by rpki-client