Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A915C62B/64A05146601211E5BE925070C4F9AE02/UPIOqel1rkxMhmfLV_e89XAhXJY.mft
File:                     UPIOqel1rkxMhmfLV_e89XAhXJY.mft (raw, json)
Hash identifier:          fkWumFgCC+9+76Glg8iB2+4gGOSV233kzAAfE7bY98U=
Subject key identifier:   7F:2F:B0:62:A5:10:F5:37:EA:68:46:43:59:A4:AC:D8:AD:48:CC:16
Authority key identifier: 50:F2:0E:A9:E9:75:AE:4C:4C:86:67:CB:57:F7:BC:F5:70:21:5C:96
Certificate issuer:       /CN=A915C62B/serialNumber=50F20EA9E975AE4C4C8667CB57F7BCF570215C96
Certificate serial:       250D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UPIOqel1rkxMhmfLV_e89XAhXJY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915C62B/64A05146601211E5BE925070C4F9AE02/UPIOqel1rkxMhmfLV_e89XAhXJY.mft
Manifest number:          248B
Signing time:             Mon 20 Oct 2025 16:00:29 +0000
Manifest this update:     Mon 20 Oct 2025 16:00:28 +0000
Manifest next update:     Mon 27 Oct 2025 16:00:28 +0000
Files and hashes:         1: UPIOqel1rkxMhmfLV_e89XAhXJY.crl (hash: z6jLuvWyyYu5YNhTUBVE+u6rHcO2I7kxFv3bvNV70UU=)
                          2: 773D7A96B0DC11ECAEC09469C4F9AE02.roa (hash: +WC2UXiXRAqIzHn7ONEYWXHBgmbJbPnjPVSGS0s7/Ek=)
                          3: D327C18CDFEC11ED9AB6E147C4F9AE02.roa (hash: 3InFcZXcKxf33f9FWszWBOSOPJdwVMTqcXaCFEAtgos=)
                          4: B8951CDCD23611EA8D9E515BC4F9AE02.roa (hash: wpRpc+8U0njhNHbGwBjOo+RuZgkwEeZa9Pqu3yMunD4=)
                          5: E706A8B2BBF111EE8697E433C4F9AE02.roa (hash: FnsiPBdxFnP5LQukQVG3d42mA5484m2AVmj3oV2t2KA=)
                          6: 1A2298A2D23811EABDECA85FC4F9AE02.roa (hash: 1/+DL1PoqH8yBHyNvZhkg16rUz6sOO89hqHUzOVSkA4=)
                          7: 491B85B2E58911ED94960F39C4F9AE02.roa (hash: RyOHGCTj0hywUpSfB0LbQFD/WnXHLiXqG6hMldKxBrM=)
                          8: 06239EBADFEA11ED835B4D0EC4F9AE02.roa (hash: P7O96Yfngs36i1Yso6tRUdR0UTcCnWvkqMzJTMS0hUc=)
                          9: 59B3485028C111E7A885571AC4F9AE02.roa (hash: MyX6SM4sHZHxsdiUbFwM+v8VFzTqS7OCLLsMP0uCrow=)
                          10: 554E53D4B0B811EC9BE93E24C4F9AE02.roa (hash: VUsFSPTS+fH+FbOaolmzdGMNrxq1DeJRsMnTavDc/kM=)
                          11: 5A2BB4DE28C111E7A885571AC4F9AE02.roa (hash: T2OA6la6kiD43UxKezGsuNIwVX4A5ubar9PjrFa2VdE=)
                          12: D451FBE0DFEC11ED9AB6E147C4F9AE02.roa (hash: 36bNWyq826on2XLU7og/PScQxw0sLluCdj62sCimk1k=)
                          13: D50024D6DFEC11ED9AB6E147C4F9AE02.roa (hash: hn226uuDr+Sb6ocn2sePSMCB9luhKNckDxMjXkyTZ+s=)
                          14: AFF73BD2BA0811EAB2479081C4F9AE02.roa (hash: uGRoaBEpGo4yAmtbgi1VOwtzxczgF1r1S032AP+3DGc=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A915C62B/64A05146601211E5BE925070C4F9AE02/UPIOqel1rkxMhmfLV_e89XAhXJY.crl
                          rsync://rpki.apnic.net/member_repository/A915C62B/64A05146601211E5BE925070C4F9AE02/UPIOqel1rkxMhmfLV_e89XAhXJY.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UPIOqel1rkxMhmfLV_e89XAhXJY.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 27 Oct 2025 16:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9485 (0x250d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915C62B, serialNumber=50F20EA9E975AE4C4C8667CB57F7BCF570215C96
        Validity
            Not Before: Oct 20 16:00:28 2025 GMT
            Not After : Oct 27 16:00:28 2025 GMT
        Subject: CN=68f65c9d-7d6f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:22:21:0a:8a:b3:6c:b4:07:50:75:33:72:52:
                    e3:9a:dd:22:77:90:4f:b2:2e:d3:bb:5d:a8:34:43:
                    26:14:f5:91:e6:79:a9:c7:bd:87:55:cd:e0:cd:29:
                    3c:b2:93:80:08:f8:18:c5:56:f2:5d:39:69:ab:6d:
                    9f:cc:a0:06:93:79:cc:ab:a3:d2:25:ca:b0:6b:82:
                    4f:b2:61:39:b1:49:4c:f3:dc:87:e6:f6:ab:79:4c:
                    91:22:8e:14:06:41:56:f6:ce:9c:83:05:48:d9:55:
                    36:d5:84:73:2c:70:21:9f:e2:88:f4:03:88:e7:f0:
                    1e:1e:f2:d8:e5:dc:65:79:0c:b2:44:e7:9b:49:76:
                    69:d6:d3:d6:6a:9f:96:0d:91:b6:3e:41:19:d1:8e:
                    9a:88:f4:49:a6:5d:70:7b:d7:9d:56:63:68:a3:62:
                    85:ce:0c:f1:2f:ed:5f:1b:e5:57:81:aa:3b:b1:70:
                    9b:a7:f4:e9:dd:46:7d:06:62:e4:f8:6a:84:31:a5:
                    34:65:29:50:92:02:be:13:4a:be:e0:c4:e0:ee:98:
                    5f:ed:a3:a1:4f:c3:43:65:6d:c8:5a:a6:ef:cb:61:
                    72:a2:5e:4b:c2:ec:ed:37:35:56:17:6e:f0:e9:92:
                    1f:60:09:d2:e6:b5:df:f9:71:bf:42:19:1a:5e:45:
                    fe:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:2F:B0:62:A5:10:F5:37:EA:68:46:43:59:A4:AC:D8:AD:48:CC:16
            X509v3 Authority Key Identifier:
                keyid:50:F2:0E:A9:E9:75:AE:4C:4C:86:67:CB:57:F7:BC:F5:70:21:5C:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915C62B/64A05146601211E5BE925070C4F9AE02/UPIOqel1rkxMhmfLV_e89XAhXJY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UPIOqel1rkxMhmfLV_e89XAhXJY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915C62B/64A05146601211E5BE925070C4F9AE02/UPIOqel1rkxMhmfLV_e89XAhXJY.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         d8:fb:a9:98:c1:d3:90:53:ea:20:15:68:a2:78:c7:dd:96:ec:
         10:ae:47:c4:f1:59:bc:41:3a:40:1a:b6:db:e0:6c:00:12:14:
         10:9a:8a:78:78:c4:3b:f5:55:51:6f:5e:92:9d:88:2b:63:13:
         4d:e8:58:b4:67:d2:0e:03:21:f6:33:86:8c:8e:fa:3c:8c:40:
         98:61:f5:8e:4d:f5:5e:0b:f3:c2:61:b6:5e:b4:7a:66:0d:e9:
         14:ee:05:15:81:d8:d0:dd:c1:ae:a6:8d:87:e9:f8:45:08:37:
         63:5e:4a:45:af:88:12:4b:5c:96:67:b2:a4:8a:41:a8:56:c5:
         23:02:1f:11:62:4e:d0:41:b0:90:b8:91:4f:fd:cf:d7:3f:ed:
         72:60:82:41:ad:2c:da:c0:da:f8:93:42:51:3d:e6:dc:10:88:
         05:56:ca:40:d6:79:da:13:85:a1:4f:9a:cb:4e:20:bf:7f:7e:
         90:6b:62:e7:c3:88:fe:67:89:9c:f9:b7:be:b7:5a:43:f4:ad:
         21:b3:8e:23:69:23:a1:f2:04:3e:e0:d8:87:b2:c0:48:d2:6b:
         92:bd:64:40:91:3d:bd:4d:d2:98:cd:bc:42:93:ac:aa:60:ff:
         12:0b:b1:71:a5:32:24:25:6d:31:5e:f8:c7:8e:f9:2d:d0:6e:
         9c:7b:9d:d9
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICJQ0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUM2MkIxMTAvBgNVBAUTKDUwRjIwRUE5RTk3NUFFNEM0Qzg2NjdDQjU3RjdCQ0Y1
NzAyMTVDOTYwHhcNMjUxMDIwMTYwMDI4WhcNMjUxMDI3MTYwMDI4WjAYMRYwFAYD
VQQDEw02OGY2NWM5ZC03ZDZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtSIhCoqzbLQHUHUzclLjmt0id5BPsi7Tu12oNEMmFPWR5nmpx72HVc3gzSk8
spOACPgYxVbyXTlpq22fzKAGk3nMq6PSJcqwa4JPsmE5sUlM89yH5vareUyRIo4U
BkFW9s6cgwVI2VU21YRzLHAhn+KI9AOI5/AeHvLY5dxleQyyROebSXZp1tPWap+W
DZG2PkEZ0Y6aiPRJpl1we9edVmNoo2KFzgzxL+1fG+VXgao7sXCbp/Tp3UZ9BmLk
+GqEMaU0ZSlQkgK+E0q+4MTg7phf7aOhT8NDZW3IWqbvy2Fyol5LwuztNzVWF27w
6ZIfYAnS5rXf+XG/QhkaXkX+2QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFH8vsGKl
EPU36mhGQ1mkrNitSMwWMB8GA1UdIwQYMBaAFFDyDqnpda5MTIZny1f3vPVwIVyW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QzYyQi82NEEwNTE0NjYw
MTIxMUU1QkU5MjUwNzBDNEY5QUUwMi9VUElPcWVsMXJreE1obWZMVl9lODlYQWhY
SlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VQSU9xZWwxcmt4TWhtZkxWX2U4OVhBaFhKWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
QzYyQi82NEEwNTE0NjYwMTIxMUU1QkU5MjUwNzBDNEY5QUUwMi9VUElPcWVsMXJr
eE1obWZMVl9lODlYQWhYSlkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQDY+6mYwdOQU+ogFWiieMfdluwQrkfE8Vm8QTpAGrbb4GwAEhQQmop4
eMQ79VVRb16SnYgrYxNN6Fi0Z9IOAyH2M4aMjvo8jECYYfWOTfVeC/PCYbZetHpm
DekU7gUVgdjQ3cGupo2H6fhFCDdjXkpFr4gSS1yWZ7KkikGoVsUjAh8RYk7QQbCQ
uJFP/c/XP+1yYIJBrSzawNr4k0JRPebcEIgFVspA1nnaE4WhT5rLTiC/f36Qa2Ln
w4j+Z4mc+be+t1pD9K0hs44jaSOh8gQ+4NiHssBI0muSvWRAkT29TdKYzbxCk6yq
YP8SC7FxpTIkJW0xXvjHjvkt0G6ce53Z
-----END CERTIFICATE-----
Generated at Mon Oct 20 21:35:26 2025 by rpki-client