Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.mft
File:                     AflcxfCmuelnxvjzbH9k1CRLrHI.mft (raw, json)
Hash identifier:          CStUHhfPnI5zCfkvTX+hTFnqqqIUX1480JtYaaxfEOg=
Subject key identifier:   72:3C:B2:2A:09:53:E3:44:9D:47:29:0A:DB:10:04:C2:52:83:F3:95
Authority key identifier: 01:F9:5C:C5:F0:A6:B9:E9:67:C6:F8:F3:6C:7F:64:D4:24:4B:AC:72
Certificate issuer:       /CN=A9169451/serialNumber=01F95CC5F0A6B9E967C6F8F36C7F64D4244BAC72
Certificate serial:       0253
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AflcxfCmuelnxvjzbH9k1CRLrHI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.mft
Manifest number:          024F
Signing time:             Sun 19 Oct 2025 03:59:49 +0000
Manifest this update:     Sun 19 Oct 2025 03:59:48 +0000
Manifest next update:     Sun 26 Oct 2025 03:59:48 +0000
Files and hashes:         1: AflcxfCmuelnxvjzbH9k1CRLrHI.crl (hash: 35Q/vmLqctIks3B+wn1EqTSxOzI7alL4NPAEa0HQC4I=)
                          2: 0C1EB10A3A5011ED8B4A2570C4F9AE02.roa (hash: R3jRDvm0E8vyU2n+jY+lrRNs85d0z5lzmVh9QqpC5jI=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.crl
                          rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AflcxfCmuelnxvjzbH9k1CRLrHI.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 26 Oct 2025 03:59:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 595 (0x253)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9169451, serialNumber=01F95CC5F0A6B9E967C6F8F36C7F64D4244BAC72
        Validity
            Not Before: Oct 19 03:59:48 2025 GMT
            Not After : Oct 26 03:59:48 2025 GMT
        Subject: CN=68f46234-bcd1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:10:10:94:14:83:47:0c:23:a4:4c:e3:92:c9:
                    ca:22:9f:87:e1:26:78:a4:ce:61:19:f1:57:34:7a:
                    e2:91:cb:0a:cd:de:82:15:a2:53:89:7c:c7:8d:99:
                    24:0b:69:b9:9e:5b:b0:91:c5:93:48:c5:86:f8:02:
                    7e:28:6d:55:e5:88:ba:d9:55:ff:f2:32:88:09:98:
                    5c:b4:74:2b:a7:d5:9e:7b:ef:86:95:eb:e7:66:5e:
                    fd:81:de:9a:fc:8e:cd:ca:56:00:6e:b6:a1:c7:03:
                    83:71:24:5a:f5:ca:a4:06:62:e4:f4:96:be:f1:b6:
                    28:e8:29:a4:30:b8:7b:ff:97:88:2f:78:af:a7:1b:
                    1c:e9:c1:61:f7:52:4d:a8:ff:70:cb:bc:2d:2f:ba:
                    ed:72:d0:5f:3a:38:49:6c:d3:8b:aa:f3:b2:43:66:
                    57:34:5f:0c:42:59:a1:59:89:73:9d:5c:06:6e:a6:
                    0d:ca:79:c2:88:36:16:70:a5:2f:33:69:df:01:64:
                    25:66:f5:bc:fd:ae:0e:eb:f9:5d:1f:c6:a4:ab:02:
                    5d:72:b5:38:6c:be:06:b1:53:31:71:31:37:0f:fd:
                    59:e5:30:94:6b:97:fc:95:da:66:dc:be:8a:86:ab:
                    7c:6d:68:df:24:60:71:b2:00:80:ae:3a:a7:cc:8f:
                    d2:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:3C:B2:2A:09:53:E3:44:9D:47:29:0A:DB:10:04:C2:52:83:F3:95
            X509v3 Authority Key Identifier:
                keyid:01:F9:5C:C5:F0:A6:B9:E9:67:C6:F8:F3:6C:7F:64:D4:24:4B:AC:72

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AflcxfCmuelnxvjzbH9k1CRLrHI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:bc:6e:dc:c2:fc:2f:d7:3a:77:ed:c1:7a:13:e2:1e:40:57:
         b2:96:aa:65:ba:67:8a:11:84:de:99:af:45:f7:c4:b5:7d:d3:
         1e:7d:a8:77:bb:a7:14:d6:03:4b:12:b7:7f:8b:9c:d1:19:a0:
         10:b1:67:0d:56:58:57:10:39:9e:92:26:a8:28:ec:09:19:f8:
         7b:57:3c:27:e8:46:6e:d4:9b:8b:7c:84:4d:65:6f:61:27:f5:
         84:22:26:ec:7d:6d:0d:8b:57:ae:d3:e8:c0:db:97:12:ac:83:
         41:77:5b:b1:b4:db:87:c2:b3:64:60:62:d7:33:c8:bf:d1:35:
         e1:cd:66:90:99:da:dc:a4:38:73:33:94:7b:1e:5e:32:ea:fc:
         50:5c:57:9b:9d:f3:ae:3c:5c:28:b9:a2:be:d1:e2:72:9b:a5:
         18:d2:ee:73:7f:0e:2b:31:63:23:67:63:b4:4b:7b:07:b6:23:
         51:86:45:60:9e:d1:bc:0b:f2:e9:4f:2c:e5:9f:a1:e8:96:f5:
         ce:2f:11:1f:dc:af:92:87:e9:e0:5a:69:1b:89:b5:19:dc:51:
         5d:99:42:85:88:a0:53:fb:df:6e:8e:b3:8f:bc:53:85:9a:3b:
         66:f1:e9:79:a1:b3:49:3b:0a:1e:44:57:8c:8a:20:0e:c5:42:
         aa:c6:ec:a7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAlMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Njk0NTExMTAvBgNVBAUTKDAxRjk1Q0M1RjBBNkI5RTk2N0M2RjhGMzZDN0Y2NEQ0
MjQ0QkFDNzIwHhcNMjUxMDE5MDM1OTQ4WhcNMjUxMDI2MDM1OTQ4WjAYMRYwFAYD
VQQDEw02OGY0NjIzNC1iY2QxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoxAQlBSDRwwjpEzjksnKIp+H4SZ4pM5hGfFXNHrikcsKzd6CFaJTiXzHjZkk
C2m5nluwkcWTSMWG+AJ+KG1V5Yi62VX/8jKICZhctHQrp9Wee++GlevnZl79gd6a
/I7NylYAbrahxwODcSRa9cqkBmLk9Ja+8bYo6CmkMLh7/5eIL3ivpxsc6cFh91JN
qP9wy7wtL7rtctBfOjhJbNOLqvOyQ2ZXNF8MQlmhWYlznVwGbqYNynnCiDYWcKUv
M2nfAWQlZvW8/a4O6/ldH8akqwJdcrU4bL4GsVMxcTE3D/1Z5TCUa5f8ldpm3L6K
hqt8bWjfJGBxsgCArjqnzI/SOwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHI8sioJ
U+NEnUcpCtsQBMJSg/OVMB8GA1UdIwQYMBaAFAH5XMXwprnpZ8b482x/ZNQkS6xy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2OTQ1MS83MURCNjdENDNB
NEQxMUVEOTAwREUyNkVDNEY5QUUwMi9BZmxjeGZDbXVlbG54dmp6Ykg5azFDUkxy
SEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0FmbGN4ZkNtdWVsbnh2anpiSDlrMUNSTHJISS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
OTQ1MS83MURCNjdENDNBNEQxMUVEOTAwREUyNkVDNEY5QUUwMi9BZmxjeGZDbXVl
bG54dmp6Ykg5azFDUkxySEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBTvG7cwvwv1zp37cF6E+IeQFeylqplumeKEYTema9F98S1fdMefah3
u6cU1gNLErd/i5zRGaAQsWcNVlhXEDmekiaoKOwJGfh7Vzwn6EZu1JuLfIRNZW9h
J/WEIibsfW0Ni1eu0+jA25cSrINBd1uxtNuHwrNkYGLXM8i/0TXhzWaQmdrcpDhz
M5R7Hl4y6vxQXFebnfOuPFwouaK+0eJym6UY0u5zfw4rMWMjZ2O0S3sHtiNRhkVg
ntG8C/LpTyzln6HolvXOLxEf3K+Sh+ngWmkbibUZ3FFdmUKFiKBT+99ujrOPvFOF
mjtm8el5obNJOwoeRFeMiiAOxUKqxuyn
-----END CERTIFICATE-----
Generated at Mon Oct 20 05:45:05 2025 by rpki-client