Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9171B1A/51FFC4E4F41111E9A435B04CC4F9AE02/kY5yieKMGkkiojy1Zb2CG34gphE.mft
File:                     kY5yieKMGkkiojy1Zb2CG34gphE.mft (raw, json)
Hash identifier:          ue2troAgr+Gx4Iwaid41N8UeIPPT/a529Vu/k7l/+lI=
Subject key identifier:   41:01:EE:7B:62:97:81:AE:2C:F2:F8:48:95:93:9A:7B:92:73:E9:C4
Authority key identifier: 91:8E:72:89:E2:8C:1A:49:22:A2:3C:B5:65:BD:82:1B:7E:20:A6:11
Certificate issuer:       /CN=A9171B1A/serialNumber=918E7289E28C1A4922A23CB565BD821B7E20A611
Certificate serial:       0CF0
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kY5yieKMGkkiojy1Zb2CG34gphE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9171B1A/51FFC4E4F41111E9A435B04CC4F9AE02/kY5yieKMGkkiojy1Zb2CG34gphE.mft
Manifest number:          0CE2
Signing time:             Mon 20 Oct 2025 18:39:26 +0000
Manifest this update:     Mon 20 Oct 2025 18:39:26 +0000
Manifest next update:     Mon 27 Oct 2025 18:39:26 +0000
Files and hashes:         1: kY5yieKMGkkiojy1Zb2CG34gphE.crl (hash: msZZoi9BnVLsBh+08cgJE/cpsB76PWRjbPZwuAVCcD4=)
                          2: 6D9433B0F41211E9AAF5924EC4F9AE02.roa (hash: zsrG738sZcXZENVnoH6VOaw0rvAxdfe6+csvxONB1gM=)
                          3: 6E3B1338F41211E9AAF5924EC4F9AE02.roa (hash: crrlwPJBnOLvYmfJKxmn3crboPF6B78h7qVd3khCwOc=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9171B1A/51FFC4E4F41111E9A435B04CC4F9AE02/kY5yieKMGkkiojy1Zb2CG34gphE.crl
                          rsync://rpki.apnic.net/member_repository/A9171B1A/51FFC4E4F41111E9A435B04CC4F9AE02/kY5yieKMGkkiojy1Zb2CG34gphE.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kY5yieKMGkkiojy1Zb2CG34gphE.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 27 Oct 2025 18:23:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3312 (0xcf0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9171B1A, serialNumber=918E7289E28C1A4922A23CB565BD821B7E20A611
        Validity
            Not Before: Oct 20 18:39:26 2025 GMT
            Not After : Oct 27 18:39:26 2025 GMT
        Subject: CN=68f681de-b7d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:b1:50:62:20:66:80:40:11:72:30:43:7c:ab:
                    18:f5:ce:32:8b:20:df:79:6b:94:74:93:cd:b6:ec:
                    08:f1:bc:25:1d:7a:b0:57:ed:a9:51:e9:14:d6:1b:
                    a0:27:99:9d:ca:39:2f:4d:08:e2:58:8b:19:8b:15:
                    76:25:5f:96:a6:3c:56:36:e7:28:b1:a9:bf:ad:60:
                    e0:dd:67:82:2c:60:b9:9c:81:ad:91:86:dc:47:27:
                    f6:06:a8:9d:50:7f:5e:9e:d0:59:90:41:b4:b0:5d:
                    c4:27:22:26:04:75:3e:94:8b:97:77:3f:2e:6d:fc:
                    91:b8:3e:1e:82:c4:7a:cf:3b:59:4d:1f:6a:0d:23:
                    ea:d8:06:c5:fe:f4:b2:49:aa:78:e9:59:ee:cc:8d:
                    43:56:f0:a7:b5:68:2a:a5:53:1b:a3:70:80:8e:1f:
                    24:65:db:68:35:46:aa:7e:cb:b6:84:19:89:77:ca:
                    73:1b:43:f5:29:45:c5:dc:9c:e4:d6:4b:cc:3e:9c:
                    43:85:c4:92:86:40:f1:67:e7:ea:bd:b1:ef:e6:9e:
                    78:fe:6d:bd:e2:0b:6f:49:db:5c:93:f6:36:dd:bf:
                    5b:42:6a:3e:bc:41:29:84:b0:2e:87:50:a1:8d:21:
                    52:57:52:75:11:e7:ff:96:7e:01:c5:ac:bf:12:c3:
                    30:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:01:EE:7B:62:97:81:AE:2C:F2:F8:48:95:93:9A:7B:92:73:E9:C4
            X509v3 Authority Key Identifier:
                keyid:91:8E:72:89:E2:8C:1A:49:22:A2:3C:B5:65:BD:82:1B:7E:20:A6:11

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9171B1A/51FFC4E4F41111E9A435B04CC4F9AE02/kY5yieKMGkkiojy1Zb2CG34gphE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kY5yieKMGkkiojy1Zb2CG34gphE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9171B1A/51FFC4E4F41111E9A435B04CC4F9AE02/kY5yieKMGkkiojy1Zb2CG34gphE.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:fa:6d:1c:f6:df:a3:dc:c8:9f:05:1d:69:61:5f:f0:4c:6b:
         97:4a:78:1d:48:37:0f:7c:9f:45:95:d4:1a:46:17:75:32:bf:
         98:e2:4e:be:4d:c9:27:a9:0f:5b:17:81:ed:e6:f5:29:90:33:
         d9:bd:27:b2:f5:56:ee:8a:8d:2a:df:a0:48:9c:c6:5c:c2:31:
         74:f3:55:9e:39:db:da:dd:0b:7d:0d:a8:c8:2f:2f:45:03:9d:
         c1:4a:a7:77:02:2a:6f:16:b2:d4:c5:ef:ae:b5:3a:90:90:f4:
         3f:60:44:b8:e9:3c:69:e5:34:b2:d7:a9:9a:4b:8f:73:0c:d7:
         4f:86:eb:24:c7:6c:0c:f4:ac:d8:63:2d:b8:45:5d:96:54:34:
         9c:5f:7d:8e:b4:2f:98:86:8a:69:5b:3a:3a:f0:bc:85:d5:ec:
         bd:eb:dd:96:33:c9:93:57:bd:fb:73:e6:7a:7c:47:59:2e:50:
         7e:dd:b8:c7:c0:01:67:c1:b6:e7:5f:f9:24:00:ba:2f:e9:2b:
         41:e9:ac:f7:e7:98:78:ef:fd:70:90:db:97:dc:d1:7c:1a:e6:
         2e:94:77:af:02:67:f4:4f:e9:23:eb:3b:88:cc:17:24:b0:b3:
         ae:73:38:f9:fe:57:74:ef:62:f6:56:4d:4f:db:ed:7c:93:30:
         9a:06:49:3b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICDPAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzFCMUExMTAvBgNVBAUTKDkxOEU3Mjg5RTI4QzFBNDkyMkEyM0NCNTY1QkQ4MjFC
N0UyMEE2MTEwHhcNMjUxMDIwMTgzOTI2WhcNMjUxMDI3MTgzOTI2WjAYMRYwFAYD
VQQDEw02OGY2ODFkZS1iN2Q1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt7FQYiBmgEARcjBDfKsY9c4yiyDfeWuUdJPNtuwI8bwlHXqwV+2pUekU1hug
J5mdyjkvTQjiWIsZixV2JV+WpjxWNucosam/rWDg3WeCLGC5nIGtkYbcRyf2Bqid
UH9entBZkEG0sF3EJyImBHU+lIuXdz8ubfyRuD4egsR6zztZTR9qDSPq2AbF/vSy
Sap46VnuzI1DVvCntWgqpVMbo3CAjh8kZdtoNUaqfsu2hBmJd8pzG0P1KUXF3Jzk
1kvMPpxDhcSShkDxZ+fqvbHv5p54/m294gtvSdtck/Y23b9bQmo+vEEphLAuh1Ch
jSFSV1J1Eef/ln4Bxay/EsMwWwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEEB7nti
l4GuLPL4SJWTmnuSc+nEMB8GA1UdIwQYMBaAFJGOconijBpJIqI8tWW9ght+IKYR
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MUIxQS81MUZGQzRFNEY0
MTExMUU5QTQzNUIwNENDNEY5QUUwMi9rWTV5aWVLTUdra2lvankxWmIyQ0czNGdw
aEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tZNXlpZUtNR2traW9qeTFaYjJDRzM0Z3BoRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MUIxQS81MUZGQzRFNEY0MTExMUU5QTQzNUIwNENDNEY5QUUwMi9rWTV5aWVLTUdr
a2lvankxWmIyQ0czNGdwaEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCr+m0c9t+j3MifBR1pYV/wTGuXSngdSDcPfJ9FldQaRhd1Mr+Y4k6+
TcknqQ9bF4Ht5vUpkDPZvSey9Vbuio0q36BInMZcwjF081WeOdva3Qt9DajILy9F
A53BSqd3AipvFrLUxe+utTqQkPQ/YES46Txp5TSy16maS49zDNdPhuskx2wM9KzY
Yy24RV2WVDScX32OtC+YhoppWzo68LyF1ey9692WM8mTV737c+Z6fEdZLlB+3bjH
wAFnwbbnX/kkALov6StB6az355h47/1wkNuX3NF8GuYulHevAmf0T+kj6zuIzBck
sLOuczj5/ld072L2Vk1P2+18kzCaBkk7
-----END CERTIFICATE-----
Generated at Mon Oct 20 21:44:00 2025 by rpki-client