Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9165A0B/15586F42C4F811EA8B9B4C13C4F9AE02/capYzfG2vXwm5hp1GKTQrSyfGhQ.mft
File:                     capYzfG2vXwm5hp1GKTQrSyfGhQ.mft (raw, json)
Hash identifier:          4se3e0jjE4D0uMMzqyzfuRjC4hAt5c3lCz8NjeZoUB8=
Subject key identifier:   9A:02:AD:80:6E:C1:DA:76:7B:50:66:AD:51:98:56:FE:EB:AA:6C:18
Authority key identifier: 71:AA:58:CD:F1:B6:BD:7C:26:E6:1A:75:18:A4:D0:AD:2C:9F:1A:14
Certificate issuer:       /CN=A9165A0B/serialNumber=71AA58CDF1B6BD7C26E61A7518A4D0AD2C9F1A14
Certificate serial:       08FF
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/capYzfG2vXwm5hp1GKTQrSyfGhQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9165A0B/15586F42C4F811EA8B9B4C13C4F9AE02/capYzfG2vXwm5hp1GKTQrSyfGhQ.mft
Manifest number:          08D2
Signing time:             Sat 18 Oct 2025 21:38:16 +0000
Manifest this update:     Sat 18 Oct 2025 21:38:15 +0000
Manifest next update:     Sat 25 Oct 2025 21:38:15 +0000
Files and hashes:         1: capYzfG2vXwm5hp1GKTQrSyfGhQ.crl (hash: IiB6FOOubYpc4ysbLUxltsCW4Pxutb8kzDo5RTg+GN4=)
                          2: 8C51AEF8C4FB11EAAEAE7C1DC4F9AE02.roa (hash: bPeJO2btPaCYUVh0qNcUsTHYhYl9S+AMYJDMiRwcwDE=)
                          3: 8BA9C1CAC4FB11EAAEAE7C1DC4F9AE02.roa (hash: /6RdNjawuKYuhK/injB7VuoeyL7n6oTSV9kNVsfLQfE=)
                          4: 90606AD670AA11ED8DAE4C5AC4F9AE02.roa (hash: K4ZsrhlRHbGz6KmikspiKMatFVTA+yV67UI0J6tV1jI=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9165A0B/15586F42C4F811EA8B9B4C13C4F9AE02/capYzfG2vXwm5hp1GKTQrSyfGhQ.crl
                          rsync://rpki.apnic.net/member_repository/A9165A0B/15586F42C4F811EA8B9B4C13C4F9AE02/capYzfG2vXwm5hp1GKTQrSyfGhQ.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/capYzfG2vXwm5hp1GKTQrSyfGhQ.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 25 Oct 2025 21:38:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2303 (0x8ff)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9165A0B, serialNumber=71AA58CDF1B6BD7C26E61A7518A4D0AD2C9F1A14
        Validity
            Not Before: Oct 18 21:38:15 2025 GMT
            Not After : Oct 25 21:38:15 2025 GMT
        Subject: CN=68f408c7-f7c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:2e:b4:64:2a:c8:04:d7:55:37:cb:8e:a6:16:
                    2c:60:28:ee:50:38:01:c2:3d:1c:30:25:ee:7d:a1:
                    b8:d1:bb:ed:44:44:d0:ca:d7:3e:ac:5a:b9:ed:f6:
                    c4:b3:ae:54:b0:9c:98:cd:48:e0:37:64:60:49:09:
                    d5:de:ee:a8:e7:2f:93:cb:8a:08:2c:ca:b7:d8:a5:
                    b0:d6:97:34:23:66:07:da:5f:c2:4a:33:d7:f6:14:
                    b8:7e:7b:6d:dc:96:1e:ef:16:db:91:35:35:05:8d:
                    a1:4e:d5:45:80:46:0d:46:44:f6:63:80:91:cf:b1:
                    58:de:2c:21:15:36:7d:53:6e:02:65:f0:81:53:9f:
                    92:84:66:cb:83:24:76:ac:2e:24:17:8c:6f:64:97:
                    f4:d2:79:90:91:3c:12:2a:e8:85:f9:8a:b9:ac:f5:
                    65:f6:75:2d:33:56:72:c8:cd:25:42:e6:b1:9b:4b:
                    67:cd:6f:c4:cb:63:82:13:b0:08:51:dd:2f:b4:a7:
                    15:1c:56:8f:6a:9a:40:0b:59:7f:a2:b6:09:20:af:
                    d6:ec:ff:3b:44:d3:71:74:2c:b0:c4:b7:09:3c:34:
                    8f:63:b2:4e:43:13:da:6c:80:4f:fe:d2:f3:9a:c1:
                    75:37:58:db:6f:f9:7c:af:02:ee:0f:e7:b3:4d:cb:
                    e9:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:02:AD:80:6E:C1:DA:76:7B:50:66:AD:51:98:56:FE:EB:AA:6C:18
            X509v3 Authority Key Identifier:
                keyid:71:AA:58:CD:F1:B6:BD:7C:26:E6:1A:75:18:A4:D0:AD:2C:9F:1A:14

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9165A0B/15586F42C4F811EA8B9B4C13C4F9AE02/capYzfG2vXwm5hp1GKTQrSyfGhQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/capYzfG2vXwm5hp1GKTQrSyfGhQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9165A0B/15586F42C4F811EA8B9B4C13C4F9AE02/capYzfG2vXwm5hp1GKTQrSyfGhQ.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:c2:b5:f4:2e:ae:ee:96:7b:4f:a1:94:60:02:54:40:b2:5b:
         82:42:26:5c:73:c5:86:72:35:d2:db:bb:3e:2b:87:cb:66:62:
         94:ac:6c:31:4e:61:b9:28:04:aa:6f:55:a5:2a:2c:f0:15:f9:
         2f:18:e9:ce:86:7e:08:df:eb:cf:21:59:78:d3:b8:83:25:38:
         e8:fc:2c:03:0c:ac:a2:b7:2a:db:6d:a1:30:17:92:26:5c:99:
         ef:b2:b7:61:aa:a7:18:17:28:c3:79:ce:55:ae:f9:20:6a:fc:
         54:a9:ce:fd:bd:3c:6f:b5:f1:36:b5:64:b7:ff:f4:56:aa:95:
         d9:12:75:3a:21:a4:67:6a:2b:45:13:db:3d:2a:43:0c:bc:d4:
         e4:58:2e:5e:7c:af:b2:94:03:47:ae:91:18:7b:a5:a0:e0:c3:
         88:7e:e7:f9:ed:c1:c1:0e:62:5c:c0:83:d5:98:26:bb:bf:89:
         b2:1d:67:7c:42:41:48:ef:fd:df:1d:d2:2f:98:5c:da:6b:f9:
         32:ab:d4:8b:a2:a8:86:de:38:d6:81:39:de:0c:86:ca:fa:f3:
         43:63:25:d3:e5:38:6d:2b:eb:78:2c:b5:77:f8:2e:a0:e4:22:
         59:9b:26:68:16:8a:1f:99:53:e4:b1:5a:5a:fe:fd:f9:dd:c8:
         e8:d3:25:78
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCP8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjVBMEIxMTAvBgNVBAUTKDcxQUE1OENERjFCNkJEN0MyNkU2MUE3NTE4QTREMEFE
MkM5RjFBMTQwHhcNMjUxMDE4MjEzODE1WhcNMjUxMDI1MjEzODE1WjAYMRYwFAYD
VQQDEw02OGY0MDhjNy1mN2M3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvy60ZCrIBNdVN8uOphYsYCjuUDgBwj0cMCXufaG40bvtRETQytc+rFq57fbE
s65UsJyYzUjgN2RgSQnV3u6o5y+Ty4oILMq32KWw1pc0I2YH2l/CSjPX9hS4fntt
3JYe7xbbkTU1BY2hTtVFgEYNRkT2Y4CRz7FY3iwhFTZ9U24CZfCBU5+ShGbLgyR2
rC4kF4xvZJf00nmQkTwSKuiF+Yq5rPVl9nUtM1ZyyM0lQuaxm0tnzW/Ey2OCE7AI
Ud0vtKcVHFaPappAC1l/orYJIK/W7P87RNNxdCywxLcJPDSPY7JOQxPabIBP/tLz
msF1N1jbb/l8rwLuD+ezTcvprQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJoCrYBu
wdp2e1BmrVGYVv7rqmwYMB8GA1UdIwQYMBaAFHGqWM3xtr18JuYadRik0K0snxoU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NUEwQi8xNTU4NkY0MkM0
RjgxMUVBOEI5QjRDMTNDNEY5QUUwMi9jYXBZemZHMnZYd201aHAxR0tUUXJTeWZH
aFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2NhcFl6Zkcydlh3bTVocDFHS1RRclN5ZkdoUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
NUEwQi8xNTU4NkY0MkM0RjgxMUVBOEI5QjRDMTNDNEY5QUUwMi9jYXBZemZHMnZY
d201aHAxR0tUUXJTeWZHaFEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBUwrX0Lq7ulntPoZRgAlRAsluCQiZcc8WGcjXS27s+K4fLZmKUrGwx
TmG5KASqb1WlKizwFfkvGOnOhn4I3+vPIVl407iDJTjo/CwDDKyityrbbaEwF5Im
XJnvsrdhqqcYFyjDec5VrvkgavxUqc79vTxvtfE2tWS3//RWqpXZEnU6IaRnaitF
E9s9KkMMvNTkWC5efK+ylANHrpEYe6Wg4MOIfuf57cHBDmJcwIPVmCa7v4myHWd8
QkFI7/3fHdIvmFzaa/kyq9SLoqiG3jjWgTneDIbK+vNDYyXT5ThtK+t4LLV3+C6g
5CJZmyZoFoofmVPksVpa/v353cjo0yV4
-----END CERTIFICATE-----
Generated at Mon Oct 20 14:46:09 2025 by rpki-client