Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9164164/A68E264EA18211EF8F4E1623C4F9AE02/qHNyAfpMZPoAVkAi2wb2Dn7izQ0.mft
File:                     qHNyAfpMZPoAVkAi2wb2Dn7izQ0.mft (raw, json)
Hash identifier:          P1tqCVrv8mmLeFPFgzmgX1T4nJObevEiYPka1G9CIgU=
Subject key identifier:   4E:35:BB:4F:1F:72:37:30:20:93:A1:DD:97:D6:30:40:1C:F1:48:C1
Authority key identifier: A8:73:72:01:FA:4C:64:FA:00:56:40:22:DB:06:F6:0E:7E:E2:CD:0D
Certificate issuer:       /CN=A9164164/serialNumber=A8737201FA4C64FA00564022DB06F60E7EE2CD0D
Certificate serial:       AF
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/qHNyAfpMZPoAVkAi2wb2Dn7izQ0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9164164/A68E264EA18211EF8F4E1623C4F9AE02/qHNyAfpMZPoAVkAi2wb2Dn7izQ0.mft
Manifest number:          AE
Signing time:             Sun 19 Oct 2025 09:16:01 +0000
Manifest this update:     Sun 19 Oct 2025 09:16:00 +0000
Manifest next update:     Sun 26 Oct 2025 09:16:00 +0000
Files and hashes:         1: qHNyAfpMZPoAVkAi2wb2Dn7izQ0.crl (hash: gkXdvx/HFQh33B7cjAQHep4+M6DqEj9zl2OcRTke1sY=)
                          2: F1487C2AA18211EFA2B7E923C4F9AE02.roa (hash: ow0JlSSKtHwrzhAKotnC4Hb7SPL+BmK/kbudjjYhQGA=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9164164/A68E264EA18211EF8F4E1623C4F9AE02/qHNyAfpMZPoAVkAi2wb2Dn7izQ0.crl
                          rsync://rpki.apnic.net/member_repository/A9164164/A68E264EA18211EF8F4E1623C4F9AE02/qHNyAfpMZPoAVkAi2wb2Dn7izQ0.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/qHNyAfpMZPoAVkAi2wb2Dn7izQ0.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 26 Oct 2025 09:16:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 175 (0xaf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9164164, serialNumber=A8737201FA4C64FA00564022DB06F60E7EE2CD0D
        Validity
            Not Before: Oct 19 09:16:00 2025 GMT
            Not After : Oct 26 09:16:00 2025 GMT
        Subject: CN=68f4ac51-fa9e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:db:68:be:32:63:b7:70:51:da:32:f3:8b:4b:
                    02:4e:75:2f:bf:59:08:cb:a2:e6:90:9e:83:9a:a5:
                    58:b7:17:69:c9:75:f5:95:34:61:1b:b0:10:d2:11:
                    80:b1:67:78:f3:9d:70:d0:9a:a3:d2:85:fc:1f:96:
                    00:a6:3d:ff:bc:96:09:df:33:26:00:2e:b4:be:ce:
                    7d:53:47:95:0d:27:d5:45:6b:a9:bb:9f:39:63:1b:
                    e2:3a:52:a5:cb:3d:38:07:18:8c:b3:69:41:d5:38:
                    e6:b3:8d:ed:3e:67:a6:37:6a:3e:c7:54:a2:ea:87:
                    93:0e:01:35:22:d1:7d:9c:48:ff:bb:a0:3e:e8:ea:
                    1a:e7:e5:1f:36:23:26:3a:4e:28:7c:72:ea:95:fd:
                    f0:b8:16:9c:59:a9:8f:78:82:11:0a:24:ca:3f:8d:
                    14:12:54:e0:5e:a3:b4:ca:9b:1c:57:8c:8e:f0:8c:
                    23:aa:fe:01:a6:7d:f3:8e:69:fa:84:28:79:b4:2c:
                    51:9d:75:bc:87:d3:41:81:a4:76:59:3d:70:ce:b7:
                    f9:4a:60:a9:9f:dd:92:1d:47:a2:04:e0:44:bc:3b:
                    c1:81:9d:5b:bb:d6:b8:21:aa:49:0c:8a:5f:d7:59:
                    80:81:7b:b0:1f:8a:ba:51:9e:7a:0a:c1:05:50:70:
                    56:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:35:BB:4F:1F:72:37:30:20:93:A1:DD:97:D6:30:40:1C:F1:48:C1
            X509v3 Authority Key Identifier:
                keyid:A8:73:72:01:FA:4C:64:FA:00:56:40:22:DB:06:F6:0E:7E:E2:CD:0D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9164164/A68E264EA18211EF8F4E1623C4F9AE02/qHNyAfpMZPoAVkAi2wb2Dn7izQ0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/qHNyAfpMZPoAVkAi2wb2Dn7izQ0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9164164/A68E264EA18211EF8F4E1623C4F9AE02/qHNyAfpMZPoAVkAi2wb2Dn7izQ0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:c8:03:17:bc:01:ae:16:b5:ea:2e:5e:3d:24:41:e5:7d:ba:
         de:28:ec:34:43:f3:d5:da:f5:db:54:ba:0d:27:77:04:6c:d6:
         3a:f7:41:41:ae:aa:d7:f7:e3:5d:6f:57:a0:75:88:5d:18:9a:
         a3:a9:0f:ed:73:6d:93:41:d7:fa:68:62:a3:49:35:06:bf:42:
         b2:cb:a2:58:ac:df:7c:6e:a7:be:28:2d:9f:95:82:91:26:c6:
         d7:e9:85:77:40:d5:ff:1a:db:68:f9:fc:a4:5c:29:b2:6f:77:
         8e:83:79:23:04:4a:53:e3:d3:b8:43:4d:29:c0:af:95:06:f1:
         9d:36:8e:f4:40:c9:0e:b7:ce:db:ad:3a:90:e5:d9:80:fc:d3:
         97:70:e8:ef:dd:0e:18:b3:d0:9a:58:28:a1:d4:87:89:e4:09:
         97:af:94:49:f4:f6:24:e9:88:33:e1:de:41:6f:b4:ca:e6:66:
         f7:f5:f6:7e:88:99:af:3f:55:94:79:d4:bc:a1:95:40:b5:b4:
         a4:d1:bb:1a:95:57:44:36:73:c9:83:a9:4e:2a:84:a4:58:42:
         92:f2:e1:8f:29:59:88:51:07:a2:bd:71:84:c3:40:03:1d:ec:
         8a:6a:5d:3f:e0:79:3f:e1:5a:9f:52:c7:5b:15:09:f2:b6:35:
         ee:fe:e3:07
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAK8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjQxNjQxMTAvBgNVBAUTKEE4NzM3MjAxRkE0QzY0RkEwMDU2NDAyMkRCMDZGNjBF
N0VFMkNEMEQwHhcNMjUxMDE5MDkxNjAwWhcNMjUxMDI2MDkxNjAwWjAYMRYwFAYD
VQQDEw02OGY0YWM1MS1mYTllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv9tovjJjt3BR2jLzi0sCTnUvv1kIy6LmkJ6DmqVYtxdpyXX1lTRhG7AQ0hGA
sWd4851w0Jqj0oX8H5YApj3/vJYJ3zMmAC60vs59U0eVDSfVRWupu585YxviOlKl
yz04BxiMs2lB1Tjms43tPmemN2o+x1Si6oeTDgE1ItF9nEj/u6A+6Ooa5+UfNiMm
Ok4ofHLqlf3wuBacWamPeIIRCiTKP40UElTgXqO0ypscV4yO8Iwjqv4Bpn3zjmn6
hCh5tCxRnXW8h9NBgaR2WT1wzrf5SmCpn92SHUeiBOBEvDvBgZ1bu9a4IapJDIpf
11mAgXuwH4q6UZ56CsEFUHBWnwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFE41u08f
cjcwIJOh3ZfWMEAc8UjBMB8GA1UdIwQYMBaAFKhzcgH6TGT6AFZAItsG9g5+4s0N
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NDE2NC9BNjhFMjY0RUEx
ODIxMUVGOEY0RTE2MjNDNEY5QUUwMi9xSE55QWZwTVpQb0FWa0FpMndiMkRuN2l6
UTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3FITnlBZnBNWlBvQVZrQWkyd2IyRG43aXpRMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
NDE2NC9BNjhFMjY0RUExODIxMUVGOEY0RTE2MjNDNEY5QUUwMi9xSE55QWZwTVpQ
b0FWa0FpMndiMkRuN2l6UTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQA8yAMXvAGuFrXqLl49JEHlfbreKOw0Q/PV2vXbVLoNJ3cEbNY690FB
rqrX9+Ndb1egdYhdGJqjqQ/tc22TQdf6aGKjSTUGv0Kyy6JYrN98bqe+KC2flYKR
JsbX6YV3QNX/Gtto+fykXCmyb3eOg3kjBEpT49O4Q00pwK+VBvGdNo70QMkOt87b
rTqQ5dmA/NOXcOjv3Q4Ys9CaWCih1IeJ5AmXr5RJ9PYk6Ygz4d5Bb7TK5mb39fZ+
iJmvP1WUedS8oZVAtbSk0bsalVdENnPJg6lOKoSkWEKS8uGPKVmIUQeivXGEw0AD
HeyKal0/4Hk/4VqfUsdbFQnytjXu/uMH
-----END CERTIFICATE-----
Generated at Tue Oct 21 12:58:05 2025 by rpki-client