Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9170DA5/CE0EDA26571A11F0B8507341C4F9AE02/Psexptohoad1gV0cv-cjFLipXdk.mft
File:                     Psexptohoad1gV0cv-cjFLipXdk.mft (raw, json)
Hash identifier:          gyOcK/2xD0WlFVLxHnZICWeMjZjYQS8UpDew1sYfdBA=
Subject key identifier:   17:AE:88:BF:50:D4:70:EA:B2:26:F4:24:DE:29:95:D1:DE:97:C6:21
Authority key identifier: 3E:C7:B1:A6:DA:21:A1:A7:75:81:5D:1C:BF:E7:23:14:B8:A9:5D:D9
Certificate issuer:       /CN=A9170DA5/serialNumber=3EC7B1A6DA21A1A775815D1CBFE72314B8A95DD9
Certificate serial:       3B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Psexptohoad1gV0cv-cjFLipXdk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9170DA5/CE0EDA26571A11F0B8507341C4F9AE02/Psexptohoad1gV0cv-cjFLipXdk.mft
Manifest number:          3A
Signing time:             Sun 19 Oct 2025 10:58:58 +0000
Manifest this update:     Sun 19 Oct 2025 10:58:57 +0000
Manifest next update:     Sun 26 Oct 2025 10:58:57 +0000
Files and hashes:         1: Psexptohoad1gV0cv-cjFLipXdk.crl (hash: wlpA/2G4hwp09zyCQy6cuDY89s/0vH/1BWqdyX7uTcI=)
                          2: F99E9E78571B11F093AD0C10C4F9AE02.roa (hash: Ntdzzur1e7UcFcIFXVyf4NefmktAA4cSP3KFPUhWals=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9170DA5/CE0EDA26571A11F0B8507341C4F9AE02/Psexptohoad1gV0cv-cjFLipXdk.crl
                          rsync://rpki.apnic.net/member_repository/A9170DA5/CE0EDA26571A11F0B8507341C4F9AE02/Psexptohoad1gV0cv-cjFLipXdk.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Psexptohoad1gV0cv-cjFLipXdk.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 26 Oct 2025 10:58:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 59 (0x3b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9170DA5, serialNumber=3EC7B1A6DA21A1A775815D1CBFE72314B8A95DD9
        Validity
            Not Before: Oct 19 10:58:57 2025 GMT
            Not After : Oct 26 10:58:57 2025 GMT
        Subject: CN=68f4c471-e1e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:07:62:3d:1f:a9:88:28:11:83:e7:c6:c3:aa:
                    a9:41:cb:7b:1a:7a:81:a6:8e:f1:56:46:cf:cf:75:
                    fb:5d:60:26:43:7e:ca:50:3d:31:f4:41:12:76:60:
                    e2:58:24:7d:7e:64:a1:b4:88:18:0a:51:15:00:04:
                    88:24:61:d4:8e:15:ba:12:6c:de:29:7b:dd:1b:95:
                    f0:1f:df:ba:27:d5:40:f0:40:4c:5e:7d:ed:fa:d5:
                    7c:aa:f7:48:31:ef:63:4a:d5:36:40:ca:d6:19:72:
                    7c:2d:07:6c:6e:37:6d:69:47:ca:76:9e:be:7f:c7:
                    be:a9:1d:0a:b1:8b:f0:7f:93:a4:6a:a0:f8:a8:53:
                    3f:b2:30:e1:68:ee:24:73:13:be:a9:d8:6e:6e:dd:
                    b9:25:14:e5:58:ba:e9:31:9d:03:de:c5:d9:8d:8d:
                    3f:36:d4:db:30:2b:cd:59:c8:5f:4f:7b:48:2c:37:
                    f7:b8:08:0b:b5:f3:6f:c8:bc:25:34:15:82:ea:21:
                    7a:18:00:87:3f:36:76:48:33:f9:fc:58:95:26:18:
                    02:ba:3e:c4:31:41:da:e2:13:e9:5c:95:2f:f8:2c:
                    da:2b:a1:f5:cf:19:84:6b:26:a5:e6:a1:ea:ff:ef:
                    5a:54:cf:a3:0b:59:d4:b5:ac:7c:5b:70:21:2a:89:
                    98:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:AE:88:BF:50:D4:70:EA:B2:26:F4:24:DE:29:95:D1:DE:97:C6:21
            X509v3 Authority Key Identifier:
                keyid:3E:C7:B1:A6:DA:21:A1:A7:75:81:5D:1C:BF:E7:23:14:B8:A9:5D:D9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9170DA5/CE0EDA26571A11F0B8507341C4F9AE02/Psexptohoad1gV0cv-cjFLipXdk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Psexptohoad1gV0cv-cjFLipXdk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170DA5/CE0EDA26571A11F0B8507341C4F9AE02/Psexptohoad1gV0cv-cjFLipXdk.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         b2:06:83:58:ac:f0:6d:a0:70:62:18:e0:9e:50:b5:df:f1:fe:
         4a:2d:4a:56:47:09:74:6c:76:db:76:f7:fa:c8:60:5f:5f:de:
         e5:c7:56:80:34:e4:00:16:e4:80:69:3a:4c:59:a8:b1:3f:cb:
         52:30:bb:41:70:fb:53:2e:69:8b:8d:c8:aa:c8:7f:a2:78:c3:
         68:fd:70:b7:76:ef:2a:bb:f3:16:56:ce:a2:ca:6a:09:ff:f6:
         1b:b8:f0:ae:8d:30:27:84:29:a8:59:c4:50:40:5f:bf:cc:02:
         08:fe:7a:01:cf:50:6f:00:80:33:a2:c2:8a:53:f3:d0:ec:35:
         14:6e:65:ae:4b:48:6b:50:22:b9:98:bf:41:ef:8d:29:08:68:
         d8:bf:13:fe:02:a2:05:6a:93:88:ff:dc:c8:5d:ea:2d:96:e9:
         c8:68:04:fb:48:e0:89:34:98:b4:00:0d:df:80:4b:24:f9:21:
         95:c2:0a:93:a9:9f:5f:f5:81:a2:d3:2a:78:ac:8f:b9:01:66:
         ec:38:07:90:26:9f:43:27:15:c6:f1:0f:23:34:5f:11:b5:e9:
         da:ca:59:50:88:1c:66:b5:7d:20:52:e2:61:16:08:2f:da:57:
         ad:29:ca:50:03:cc:1a:f2:f0:4d:1b:ba:8e:5d:5c:29:43:fa:
         fe:e4:00:8f
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBOzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
MERBNTExMC8GA1UEBRMoM0VDN0IxQTZEQTIxQTFBNzc1ODE1RDFDQkZFNzIzMTRC
OEE5NUREOTAeFw0yNTEwMTkxMDU4NTdaFw0yNTEwMjYxMDU4NTdaMBgxFjAUBgNV
BAMTDTY4ZjRjNDcxLWUxZTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDwB2I9H6mIKBGD58bDqqlBy3saeoGmjvFWRs/PdftdYCZDfspQPTH0QRJ2YOJY
JH1+ZKG0iBgKURUABIgkYdSOFboSbN4pe90blfAf37on1UDwQExefe361Xyq90gx
72NK1TZAytYZcnwtB2xuN21pR8p2nr5/x76pHQqxi/B/k6RqoPioUz+yMOFo7iRz
E76p2G5u3bklFOVYuukxnQPexdmNjT821NswK81ZyF9Pe0gsN/e4CAu182/IvCU0
FYLqIXoYAIc/NnZIM/n8WJUmGAK6PsQxQdriE+lclS/4LNorofXPGYRrJqXmoer/
71pUz6MLWdS1rHxbcCEqiZilAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUF66Iv1DU
cOqyJvQk3imV0d6XxiEwHwYDVR0jBBgwFoAUPsexptohoad1gV0cv+cjFLipXdkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcwREE1L0NFMEVEQTI2NTcx
QTExRjBCODUwNzM0MUM0RjlBRTAyL1BzZXhwdG9ob2FkMWdWMGN2LWNqRkxpcFhk
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUHNleHB0b2hvYWQxZ1YwY3YtY2pGTGlwWGRrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL
hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcw
REE1L0NFMEVEQTI2NTcxQTExRjBCODUwNzM0MUM0RjlBRTAyL1BzZXhwdG9ob2Fk
MWdWMGN2LWNqRkxpcFhkay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h
cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA
MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL
BQADggEBALIGg1is8G2gcGIY4J5Qtd/x/kotSlZHCXRsdtt29/rIYF9f3uXHVoA0
5AAW5IBpOkxZqLE/y1Iwu0Fw+1MuaYuNyKrIf6J4w2j9cLd27yq78xZWzqLKagn/
9hu48K6NMCeEKahZxFBAX7/MAgj+egHPUG8AgDOiwopT89DsNRRuZa5LSGtQIrmY
v0HvjSkIaNi/E/4CogVqk4j/3Mhd6i2W6choBPtI4Ik0mLQADd+ASyT5IZXCCpOp
n1/1gaLTKnisj7kBZuw4B5Amn0MnFcbxDyM0XxG16drKWVCIHGa1fSBS4mEWCC/a
V60pylADzBry8E0buo5dXClD+v7kAI8=
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:00:28 2025 by rpki-client