Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A915EA8F/E3A35BB4242811ED8FD24C86C4F9AE02/LOCE4B2sa01jSTjXbOraWWNVvVM.mft
File:                     LOCE4B2sa01jSTjXbOraWWNVvVM.mft (raw, json)
Hash identifier:          xZbf+kODPUXNSwi804GnDO6NN/QngwjNPBt9B1rolrI=
Subject key identifier:   AE:2D:73:97:E3:10:46:77:16:45:87:30:F9:3D:AF:C1:D6:7A:44:67
Authority key identifier: 2C:E0:84:E0:1D:AC:6B:4D:63:49:38:D7:6C:EA:DA:59:63:55:BD:53
Certificate issuer:       /CN=A915EA8F/serialNumber=2CE084E01DAC6B4D634938D76CEADA596355BD53
Certificate serial:       028A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LOCE4B2sa01jSTjXbOraWWNVvVM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915EA8F/E3A35BB4242811ED8FD24C86C4F9AE02/LOCE4B2sa01jSTjXbOraWWNVvVM.mft
Manifest number:          0286
Signing time:             Sun 19 Oct 2025 03:49:24 +0000
Manifest this update:     Sun 19 Oct 2025 03:49:24 +0000
Manifest next update:     Sun 26 Oct 2025 03:49:23 +0000
Files and hashes:         1: LOCE4B2sa01jSTjXbOraWWNVvVM.crl (hash: 7a08pwSpKQLpWiUlKMZ2nFImdTwTbVUJrT6WKGReuAg=)
                          2: 028640A8242B11ED9547B486C4F9AE02.roa (hash: dsbPmjXp/oYWvfHXOZsMcI3WqL8KWucAeTqSoUbpKas=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A915EA8F/E3A35BB4242811ED8FD24C86C4F9AE02/LOCE4B2sa01jSTjXbOraWWNVvVM.crl
                          rsync://rpki.apnic.net/member_repository/A915EA8F/E3A35BB4242811ED8FD24C86C4F9AE02/LOCE4B2sa01jSTjXbOraWWNVvVM.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LOCE4B2sa01jSTjXbOraWWNVvVM.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 26 Oct 2025 03:49:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 650 (0x28a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915EA8F, serialNumber=2CE084E01DAC6B4D634938D76CEADA596355BD53
        Validity
            Not Before: Oct 19 03:49:24 2025 GMT
            Not After : Oct 26 03:49:23 2025 GMT
        Subject: CN=68f45fc4-020b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:dc:4e:96:57:7f:10:d0:d5:1b:a4:5b:dc:2f:
                    07:b2:87:bc:a5:c0:64:c0:63:71:8f:02:10:d2:55:
                    0f:64:d2:58:7c:ae:6a:d8:3a:6b:13:ef:df:5c:39:
                    a7:15:22:8d:5d:d6:ea:40:60:70:fc:6d:8f:58:7c:
                    55:d9:39:92:ab:16:eb:66:a7:a4:9e:58:28:8d:35:
                    e2:67:3e:37:12:8c:f0:76:c3:84:fb:a0:47:1e:d8:
                    18:8f:e2:e0:db:ab:f6:6d:f6:d8:00:7d:c6:28:7c:
                    3a:b5:17:db:98:e8:5f:59:90:78:33:4c:1b:5c:99:
                    1c:fc:88:85:07:38:19:5b:cd:1a:6e:f4:5c:9f:24:
                    41:26:20:21:5f:a0:e2:51:5e:c5:a8:63:b2:82:77:
                    05:e7:79:bd:b0:80:b6:7a:1a:02:b3:af:49:c3:00:
                    a5:77:51:77:47:d8:d3:40:62:f4:b9:1e:69:f0:9f:
                    32:f4:19:2e:6f:65:fc:c2:28:b9:84:73:98:5f:16:
                    1a:84:ab:80:6e:9b:5c:ac:bb:f4:18:56:be:66:cd:
                    49:6a:3e:91:84:36:30:62:a5:e6:41:6b:c6:ac:ab:
                    81:fe:9b:e9:a9:6a:e6:c2:12:84:af:d4:43:90:cd:
                    58:e6:13:ee:a8:c7:9d:1c:9d:78:8f:e7:a6:7b:d9:
                    d3:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:2D:73:97:E3:10:46:77:16:45:87:30:F9:3D:AF:C1:D6:7A:44:67
            X509v3 Authority Key Identifier:
                keyid:2C:E0:84:E0:1D:AC:6B:4D:63:49:38:D7:6C:EA:DA:59:63:55:BD:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915EA8F/E3A35BB4242811ED8FD24C86C4F9AE02/LOCE4B2sa01jSTjXbOraWWNVvVM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LOCE4B2sa01jSTjXbOraWWNVvVM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915EA8F/E3A35BB4242811ED8FD24C86C4F9AE02/LOCE4B2sa01jSTjXbOraWWNVvVM.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:0e:7c:6a:4e:11:ad:5f:35:81:d8:0f:c7:82:b8:fa:d6:95:
         d2:e2:1c:04:40:35:37:42:56:ba:bc:94:33:a9:65:00:b2:6e:
         6c:b8:b4:8d:5a:28:4f:cf:92:ee:da:33:cc:e6:96:d4:87:8a:
         4a:0c:30:95:7d:08:85:2c:f9:e0:27:73:e1:32:29:c4:57:6c:
         f4:c8:19:af:57:f5:26:b3:0e:19:cf:57:32:bc:78:85:d6:e8:
         a4:6b:26:7a:cb:a8:88:01:95:a1:7a:45:90:9e:bb:f1:7e:b0:
         43:7c:cc:f1:39:a7:8f:d3:b3:2f:97:46:b1:61:3c:60:58:9b:
         c4:bd:1c:84:24:58:3a:8e:78:2a:e0:63:31:59:aa:d8:c7:6b:
         1a:f8:ea:f8:87:67:85:7d:6e:9f:5b:18:11:02:65:50:1d:cd:
         3e:1b:8a:22:f9:57:0b:da:07:c2:46:73:2b:28:5a:f6:c7:b8:
         12:cd:1c:a6:e6:50:e8:fe:38:32:7e:52:60:96:05:c0:5a:1d:
         f5:dd:a0:b5:76:6d:41:42:cd:f8:0e:30:34:35:06:2d:4e:75:
         dd:e0:0a:35:3f:b2:2d:43:cd:c5:1a:d3:08:4c:73:4a:6b:41:
         6c:e3:2a:bc:79:a8:c9:f6:0d:52:6f:b5:71:56:9b:58:9a:17:
         64:72:39:c3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAoowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUVBOEYxMTAvBgNVBAUTKDJDRTA4NEUwMURBQzZCNEQ2MzQ5MzhENzZDRUFEQTU5
NjM1NUJENTMwHhcNMjUxMDE5MDM0OTI0WhcNMjUxMDI2MDM0OTIzWjAYMRYwFAYD
VQQDEw02OGY0NWZjNC0wMjBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5NxOlld/ENDVG6Rb3C8Hsoe8pcBkwGNxjwIQ0lUPZNJYfK5q2DprE+/fXDmn
FSKNXdbqQGBw/G2PWHxV2TmSqxbrZqeknlgojTXiZz43EozwdsOE+6BHHtgYj+Lg
26v2bfbYAH3GKHw6tRfbmOhfWZB4M0wbXJkc/IiFBzgZW80abvRcnyRBJiAhX6Di
UV7FqGOygncF53m9sIC2ehoCs69JwwCld1F3R9jTQGL0uR5p8J8y9Bkub2X8wii5
hHOYXxYahKuAbptcrLv0GFa+Zs1Jaj6RhDYwYqXmQWvGrKuB/pvpqWrmwhKEr9RD
kM1Y5hPuqMedHJ14j+eme9nT7wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFK4tc5fj
EEZ3FkWHMPk9r8HWekRnMB8GA1UdIwQYMBaAFCzghOAdrGtNY0k412zq2lljVb1T
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RUE4Ri9FM0EzNUJCNDI0
MjgxMUVEOEZEMjRDODZDNEY5QUUwMi9MT0NFNEIyc2EwMWpTVGpYYk9yYVdXTlZ2
Vk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xPQ0U0QjJzYTAxalNUalhiT3JhV1dOVnZWTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
RUE4Ri9FM0EzNUJCNDI0MjgxMUVEOEZEMjRDODZDNEY5QUUwMi9MT0NFNEIyc2Ew
MWpTVGpYYk9yYVdXTlZ2Vk0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBUDnxqThGtXzWB2A/Hgrj61pXS4hwEQDU3Qla6vJQzqWUAsm5suLSN
WihPz5Lu2jPM5pbUh4pKDDCVfQiFLPngJ3PhMinEV2z0yBmvV/Umsw4Zz1cyvHiF
1uikayZ6y6iIAZWhekWQnrvxfrBDfMzxOaeP07Mvl0axYTxgWJvEvRyEJFg6jngq
4GMxWarYx2sa+Or4h2eFfW6fWxgRAmVQHc0+G4oi+VcL2gfCRnMrKFr2x7gSzRym
5lDo/jgyflJglgXAWh313aC1dm1BQs34DjA0NQYtTnXd4Ao1P7ItQ83FGtMITHNK
a0Fs4yq8eajJ9g1Sb7VxVptYmhdkcjnD
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:42:52 2025 by rpki-client