Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A915E77C/F700A9EC725611ED90211562C4F9AE02/BQN-TN5E7GZCxBafqFE3LXj7_Ks.mft
File:                     BQN-TN5E7GZCxBafqFE3LXj7_Ks.mft (raw, json)
Hash identifier:          lJR3fiHTwZwAeE7K/xqvaG4XR7T+d1Xy7IkY6NBERdk=
Subject key identifier:   BB:6F:B3:A6:F1:D8:53:01:4A:AD:A1:9E:A0:43:E0:CA:40:88:ED:B0
Authority key identifier: 05:03:7E:4C:DE:44:EC:66:42:C4:16:9F:A8:51:37:2D:78:FB:FC:AB
Certificate issuer:       /CN=A915E77C/serialNumber=05037E4CDE44EC6642C4169FA851372D78FBFCAB
Certificate serial:       021C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BQN-TN5E7GZCxBafqFE3LXj7_Ks.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915E77C/F700A9EC725611ED90211562C4F9AE02/BQN-TN5E7GZCxBafqFE3LXj7_Ks.mft
Manifest number:          0219
Signing time:             Sun 19 Oct 2025 04:25:10 +0000
Manifest this update:     Sun 19 Oct 2025 04:25:09 +0000
Manifest next update:     Sun 26 Oct 2025 04:25:09 +0000
Files and hashes:         1: BQN-TN5E7GZCxBafqFE3LXj7_Ks.crl (hash: UBC34ETh+ZKozjM5OeWwMizzKI0pARioZ7FwwmPJWW4=)
                          2: A20DDFE2725911ED8CB4D763C4F9AE02.roa (hash: YLNPavuZCOudMxVfyqmjZm9NJz/Z+dCM3fPBM36z61c=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A915E77C/F700A9EC725611ED90211562C4F9AE02/BQN-TN5E7GZCxBafqFE3LXj7_Ks.crl
                          rsync://rpki.apnic.net/member_repository/A915E77C/F700A9EC725611ED90211562C4F9AE02/BQN-TN5E7GZCxBafqFE3LXj7_Ks.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BQN-TN5E7GZCxBafqFE3LXj7_Ks.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 26 Oct 2025 04:25:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 540 (0x21c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915E77C, serialNumber=05037E4CDE44EC6642C4169FA851372D78FBFCAB
        Validity
            Not Before: Oct 19 04:25:09 2025 GMT
            Not After : Oct 26 04:25:09 2025 GMT
        Subject: CN=68f46826-4f27
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:a5:45:c5:54:22:26:b3:77:c9:4b:93:0d:fb:
                    a5:df:eb:0d:4b:b3:3c:c5:b3:e9:87:d2:d3:6d:67:
                    e9:bd:f3:b3:ee:d8:38:2a:93:b1:2f:2b:27:d9:18:
                    fe:05:f8:7c:e8:e3:1a:79:87:24:ee:4c:6f:65:d5:
                    50:68:2d:37:44:57:1a:29:fb:9c:f6:88:3a:9a:cf:
                    d8:99:a8:05:30:2b:bf:3e:cf:5b:f0:3d:9f:dd:6f:
                    bf:aa:f2:e6:30:92:d1:0f:e2:5b:7e:67:b7:2a:ac:
                    5d:f4:5e:43:a0:89:16:06:fd:ba:25:d2:95:7c:ec:
                    b3:47:23:2b:15:bf:b9:e0:18:f3:69:21:cd:23:bc:
                    0d:07:ad:f6:30:29:7e:32:39:6f:a9:25:29:9c:45:
                    41:d2:9c:38:df:ff:84:ce:76:93:18:99:c8:e0:06:
                    7d:fe:71:fc:b4:f0:12:61:67:d1:c7:b4:20:fe:cc:
                    8a:30:87:1f:9a:bc:1d:31:78:83:dc:d2:32:77:aa:
                    d4:e1:f3:19:05:c1:c8:a0:3c:29:12:d3:47:2e:e6:
                    79:74:3b:22:a2:9f:c4:d5:c5:c1:11:54:0e:ac:ec:
                    41:b5:07:b0:60:df:db:a6:08:61:bd:35:75:80:39:
                    64:ed:05:ca:25:b4:5b:46:cc:a9:93:76:4e:ac:a2:
                    b1:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:6F:B3:A6:F1:D8:53:01:4A:AD:A1:9E:A0:43:E0:CA:40:88:ED:B0
            X509v3 Authority Key Identifier:
                keyid:05:03:7E:4C:DE:44:EC:66:42:C4:16:9F:A8:51:37:2D:78:FB:FC:AB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915E77C/F700A9EC725611ED90211562C4F9AE02/BQN-TN5E7GZCxBafqFE3LXj7_Ks.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BQN-TN5E7GZCxBafqFE3LXj7_Ks.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915E77C/F700A9EC725611ED90211562C4F9AE02/BQN-TN5E7GZCxBafqFE3LXj7_Ks.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:57:4e:7d:4e:d7:04:33:9d:39:a2:40:46:d0:81:89:5e:aa:
         82:61:ab:93:51:fc:fc:6c:81:d8:bb:31:b8:da:28:73:9c:75:
         e0:28:49:62:fa:7d:b3:88:5e:3e:1c:45:1a:92:f7:2b:23:90:
         77:d0:0c:8a:7d:4d:25:64:b0:93:57:02:9f:d5:3c:ad:34:f2:
         da:8e:94:9e:96:08:a7:ea:1a:b0:54:a0:a1:d8:a4:f2:cb:09:
         33:fd:d8:3d:16:b9:dd:01:3b:d1:e9:24:61:a0:67:23:36:1a:
         0e:f7:e5:2e:eb:11:52:a4:a0:77:1f:34:bb:97:00:fd:7c:a6:
         76:8d:58:03:cb:ef:fb:62:7f:59:92:1f:45:56:31:1d:10:f7:
         81:4d:92:3e:99:75:cf:18:d1:c1:61:76:f9:7a:04:e6:19:86:
         5c:63:df:9d:8d:1a:4e:83:13:4e:96:d9:93:d6:4c:46:1d:72:
         07:e5:23:a6:28:99:40:2d:b7:27:d3:5d:32:a7:6e:ff:c1:20:
         4b:e7:bb:c0:ba:6e:be:42:32:1b:fc:f0:1e:18:df:19:3f:d8:
         fa:43:65:32:31:17:5d:7e:27:87:f8:37:87:4b:d9:eb:21:11:
         bf:d9:f0:1c:fe:60:2c:5d:40:c1:6d:fd:d2:36:f4:74:f0:76:
         d7:9b:3a:4a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAhwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUU3N0MxMTAvBgNVBAUTKDA1MDM3RTRDREU0NEVDNjY0MkM0MTY5RkE4NTEzNzJE
NzhGQkZDQUIwHhcNMjUxMDE5MDQyNTA5WhcNMjUxMDI2MDQyNTA5WjAYMRYwFAYD
VQQDEw02OGY0NjgyNi00ZjI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtKVFxVQiJrN3yUuTDful3+sNS7M8xbPph9LTbWfpvfOz7tg4KpOxLysn2Rj+
Bfh86OMaeYck7kxvZdVQaC03RFcaKfuc9og6ms/YmagFMCu/Ps9b8D2f3W+/qvLm
MJLRD+Jbfme3Kqxd9F5DoIkWBv26JdKVfOyzRyMrFb+54BjzaSHNI7wNB632MCl+
MjlvqSUpnEVB0pw43/+EznaTGJnI4AZ9/nH8tPASYWfRx7Qg/syKMIcfmrwdMXiD
3NIyd6rU4fMZBcHIoDwpEtNHLuZ5dDsiop/E1cXBEVQOrOxBtQewYN/bpghhvTV1
gDlk7QXKJbRbRsypk3ZOrKKx/QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLtvs6bx
2FMBSq2hnqBD4MpAiO2wMB8GA1UdIwQYMBaAFAUDfkzeROxmQsQWn6hRNy14+/yr
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RTc3Qy9GNzAwQTlFQzcy
NTYxMUVEOTAyMTE1NjJDNEY5QUUwMi9CUU4tVE41RTdHWkN4QmFmcUZFM0xYajdf
S3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0JRTi1UTjVFN0daQ3hCYWZxRkUzTFhqN19Lcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
RTc3Qy9GNzAwQTlFQzcyNTYxMUVEOTAyMTE1NjJDNEY5QUUwMi9CUU4tVE41RTdH
WkN4QmFmcUZFM0xYajdfS3MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCAV059TtcEM505okBG0IGJXqqCYauTUfz8bIHYuzG42ihznHXgKEli
+n2ziF4+HEUakvcrI5B30AyKfU0lZLCTVwKf1TytNPLajpSelgin6hqwVKCh2KTy
ywkz/dg9FrndATvR6SRhoGcjNhoO9+Uu6xFSpKB3HzS7lwD9fKZ2jVgDy+/7Yn9Z
kh9FVjEdEPeBTZI+mXXPGNHBYXb5egTmGYZcY9+djRpOgxNOltmT1kxGHXIH5SOm
KJlALbcn010yp27/wSBL57vAum6+QjIb/PAeGN8ZP9j6Q2UyMRddfieH+DeHS9nr
IRG/2fAc/mAsXUDBbf3SNvR08HbXmzpK
-----END CERTIFICATE-----
Generated at Mon Oct 20 15:41:04 2025 by rpki-client