Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9170D3E/B5DFC8C09FD711EF9E38A837C4F9AE02/YG6ylYJUrJi2M26qQayAstyxnG4.mft
File:                     YG6ylYJUrJi2M26qQayAstyxnG4.mft (raw, json)
Hash identifier:          P/3eW65XiZhx2sAmUDjJ3r1WN/+vWy/+WGtObd1znQw=
Subject key identifier:   14:41:2D:3B:AA:52:AD:03:AB:FD:D7:E5:28:94:D6:B0:47:56:75:C1
Authority key identifier: 60:6E:B2:95:82:54:AC:98:B6:33:6E:AA:41:AC:80:B2:DC:B1:9C:6E
Certificate issuer:       /CN=A9170D3E/serialNumber=606EB2958254AC98B6336EAA41AC80B2DCB19C6E
Certificate serial:       B0
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YG6ylYJUrJi2M26qQayAstyxnG4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9170D3E/B5DFC8C09FD711EF9E38A837C4F9AE02/YG6ylYJUrJi2M26qQayAstyxnG4.mft
Manifest number:          AF
Signing time:             Sun 19 Oct 2025 09:15:20 +0000
Manifest this update:     Sun 19 Oct 2025 09:15:19 +0000
Manifest next update:     Sun 26 Oct 2025 09:15:19 +0000
Files and hashes:         1: YG6ylYJUrJi2M26qQayAstyxnG4.crl (hash: 0ijkpeNLXJ6zlhfiqqpBwjAQEbPucMFjqfylTIZRy1o=)
                          2: 181772049FD811EF8680B438C4F9AE02.roa (hash: kL8m2A2/eVPCA0J/9/iLQOKzk2RiAB33QgbmFjlKwTo=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9170D3E/B5DFC8C09FD711EF9E38A837C4F9AE02/YG6ylYJUrJi2M26qQayAstyxnG4.crl
                          rsync://rpki.apnic.net/member_repository/A9170D3E/B5DFC8C09FD711EF9E38A837C4F9AE02/YG6ylYJUrJi2M26qQayAstyxnG4.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YG6ylYJUrJi2M26qQayAstyxnG4.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 26 Oct 2025 09:15:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 176 (0xb0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9170D3E, serialNumber=606EB2958254AC98B6336EAA41AC80B2DCB19C6E
        Validity
            Not Before: Oct 19 09:15:19 2025 GMT
            Not After : Oct 26 09:15:19 2025 GMT
        Subject: CN=68f4ac27-c7c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:91:81:71:c5:ff:f3:55:c2:59:a5:7a:cc:87:
                    53:39:75:d0:d2:76:7c:04:fe:0b:14:df:74:a5:5d:
                    63:ea:c9:de:57:3f:8f:74:bc:0e:0d:18:20:b6:6a:
                    ef:14:a9:a4:8a:21:8a:0b:30:bc:18:75:6b:08:3b:
                    b3:85:81:e8:4f:09:02:07:80:c4:d4:92:f2:82:1a:
                    7c:3c:66:02:e0:d0:18:80:ed:c0:09:73:46:ab:c9:
                    e8:f7:93:e3:0e:f5:a2:fe:f5:91:84:0e:1f:1e:ae:
                    48:9b:57:6b:2d:f9:a6:29:91:4b:5c:d8:3b:25:f2:
                    03:a9:ab:3e:8a:85:6f:0e:04:2a:14:44:55:40:99:
                    1d:8f:63:4b:ad:b2:25:85:24:22:ce:e2:df:af:27:
                    9d:8d:46:d9:c1:2d:61:d8:8b:79:f8:2e:72:46:59:
                    fb:6d:b0:f7:8a:02:59:42:19:e2:88:2f:54:5e:a6:
                    1b:c8:7e:f6:99:28:dc:60:4b:7c:61:23:fc:c5:ab:
                    d4:fe:a4:49:9c:70:c2:13:ac:68:61:75:b8:3c:7a:
                    7f:39:51:17:e8:f1:65:42:f9:9e:a9:19:03:c7:24:
                    47:e9:22:db:1b:b6:21:9b:72:78:ed:1e:e9:4c:a9:
                    a6:99:ab:59:1c:43:1f:a5:e3:1c:27:a5:5c:d0:8e:
                    b5:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:41:2D:3B:AA:52:AD:03:AB:FD:D7:E5:28:94:D6:B0:47:56:75:C1
            X509v3 Authority Key Identifier:
                keyid:60:6E:B2:95:82:54:AC:98:B6:33:6E:AA:41:AC:80:B2:DC:B1:9C:6E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9170D3E/B5DFC8C09FD711EF9E38A837C4F9AE02/YG6ylYJUrJi2M26qQayAstyxnG4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YG6ylYJUrJi2M26qQayAstyxnG4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170D3E/B5DFC8C09FD711EF9E38A837C4F9AE02/YG6ylYJUrJi2M26qQayAstyxnG4.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:23:a5:f0:71:c2:7f:48:0c:a0:48:4a:14:f0:85:93:18:23:
         f7:19:94:99:87:58:12:94:d4:18:e3:66:e2:68:d4:c2:8c:fe:
         2d:25:73:1e:b8:a3:cf:e7:27:98:0b:74:fd:41:eb:5a:a1:c2:
         df:7f:9c:a5:8e:77:dc:ec:d3:89:6f:3e:b1:a7:d4:5c:32:da:
         08:45:86:9d:51:25:dc:dd:b9:f6:95:ee:a9:12:9f:88:aa:3f:
         4f:0b:0f:bb:7f:ac:94:b0:a4:73:ca:48:17:e7:a2:98:a7:77:
         27:5a:34:b9:f6:64:2d:58:89:82:83:4e:f1:dd:ec:65:9b:c1:
         1e:7a:ca:27:04:f9:2c:b3:75:5d:16:4a:97:37:98:c6:43:35:
         78:39:28:ad:90:7b:e2:bc:1c:2b:51:34:b7:b9:fa:20:d7:0c:
         c7:5a:78:11:03:be:be:31:df:dd:d2:10:7f:fe:16:ff:06:1a:
         d0:5c:bf:f1:03:0b:eb:7a:75:1f:a2:73:6c:6c:59:d1:19:05:
         d6:4b:cf:27:fe:f4:65:a8:e8:ce:81:aa:69:d8:7e:fe:74:05:
         1b:bc:03:27:66:ec:74:ee:85:f6:7a:ad:04:a2:c7:7d:89:07:
         6a:3c:45:e2:e4:19:4a:ae:f9:f3:24:b1:17:9b:92:4a:64:1a:
         90:10:48:31
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICALAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzBEM0UxMTAvBgNVBAUTKDYwNkVCMjk1ODI1NEFDOThCNjMzNkVBQTQxQUM4MEIy
RENCMTlDNkUwHhcNMjUxMDE5MDkxNTE5WhcNMjUxMDI2MDkxNTE5WjAYMRYwFAYD
VQQDEw02OGY0YWMyNy1jN2MzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtpGBccX/81XCWaV6zIdTOXXQ0nZ8BP4LFN90pV1j6sneVz+PdLwODRggtmrv
FKmkiiGKCzC8GHVrCDuzhYHoTwkCB4DE1JLyghp8PGYC4NAYgO3ACXNGq8no95Pj
DvWi/vWRhA4fHq5Im1drLfmmKZFLXNg7JfIDqas+ioVvDgQqFERVQJkdj2NLrbIl
hSQizuLfryedjUbZwS1h2It5+C5yRln7bbD3igJZQhniiC9UXqYbyH72mSjcYEt8
YSP8xavU/qRJnHDCE6xoYXW4PHp/OVEX6PFlQvmeqRkDxyRH6SLbG7Yhm3J47R7p
TKmmmatZHEMfpeMcJ6Vc0I61HwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBRBLTuq
Uq0Dq/3X5SiU1rBHVnXBMB8GA1UdIwQYMBaAFGBuspWCVKyYtjNuqkGsgLLcsZxu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MEQzRS9CNURGQzhDMDlG
RDcxMUVGOUUzOEE4MzdDNEY5QUUwMi9ZRzZ5bFlKVXJKaTJNMjZxUWF5QXN0eXhu
RzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1lHNnlsWUpVckppMk0yNnFRYXlBc3R5eG5HNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MEQzRS9CNURGQzhDMDlGRDcxMUVGOUUzOEE4MzdDNEY5QUUwMi9ZRzZ5bFlKVXJK
aTJNMjZxUWF5QXN0eXhuRzQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQA/I6XwccJ/SAygSEoU8IWTGCP3GZSZh1gSlNQY42biaNTCjP4tJXMe
uKPP5yeYC3T9QetaocLff5yljnfc7NOJbz6xp9RcMtoIRYadUSXc3bn2le6pEp+I
qj9PCw+7f6yUsKRzykgX56KYp3cnWjS59mQtWImCg07x3exlm8EeesonBPkss3Vd
FkqXN5jGQzV4OSitkHvivBwrUTS3ufog1wzHWngRA76+Md/d0hB//hb/BhrQXL/x
AwvrenUfonNsbFnRGQXWS88n/vRlqOjOgapp2H7+dAUbvAMnZux07oX2eq0Eosd9
iQdqPEXi5BlKrvnzJLEXm5JKZBqQEEgx
-----END CERTIFICATE-----
Generated at Mon Oct 20 23:32:15 2025 by rpki-client