Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9173BC9/C5C83CAE13A011EA93EEEF65C4F9AE02/ShUjM8QF9WZCwv0DscDx5R97ZNY.mft
File:                     ShUjM8QF9WZCwv0DscDx5R97ZNY.mft (raw, json)
Hash identifier:          YsPkoggOFx/MLfKYzkkyNjZKUhMBvsEYzG38n/0itTo=
Subject key identifier:   B3:1B:15:16:AE:05:DF:98:B2:AA:40:A2:7C:C6:F4:96:F4:4C:50:FE
Authority key identifier: 4A:15:23:33:C4:05:F5:66:42:C2:FD:03:B1:C0:F1:E5:1F:7B:64:D6
Certificate issuer:       /CN=A9173BC9/serialNumber=4A152333C405F56642C2FD03B1C0F1E51F7B64D6
Certificate serial:       0C73
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ShUjM8QF9WZCwv0DscDx5R97ZNY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9173BC9/C5C83CAE13A011EA93EEEF65C4F9AE02/ShUjM8QF9WZCwv0DscDx5R97ZNY.mft
Manifest number:          0C52
Signing time:             Mon 20 Oct 2025 19:16:08 +0000
Manifest this update:     Mon 20 Oct 2025 19:16:08 +0000
Manifest next update:     Mon 27 Oct 2025 19:16:08 +0000
Files and hashes:         1: ShUjM8QF9WZCwv0DscDx5R97ZNY.crl (hash: m56p8zSDxTbA7ZcYTFW06g2lLXAyekU7kckYwQic+k0=)
                          2: EF14DD34B6E211EAB3BA9536C4F9AE02.roa (hash: JvXhjoE9cUV4jCMwgWZkjIHHf+CaNT0a6L5+glk4qjE=)
                          3: 2A9AFB320BC911EBBA11562FC4F9AE02.roa (hash: B9PgWoUF+TKonGl7pCL92WHmVPwhmrPhSj6ll1DGQwA=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9173BC9/C5C83CAE13A011EA93EEEF65C4F9AE02/ShUjM8QF9WZCwv0DscDx5R97ZNY.crl
                          rsync://rpki.apnic.net/member_repository/A9173BC9/C5C83CAE13A011EA93EEEF65C4F9AE02/ShUjM8QF9WZCwv0DscDx5R97ZNY.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ShUjM8QF9WZCwv0DscDx5R97ZNY.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 27 Oct 2025 19:16:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3187 (0xc73)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9173BC9, serialNumber=4A152333C405F56642C2FD03B1C0F1E51F7B64D6
        Validity
            Not Before: Oct 20 19:16:08 2025 GMT
            Not After : Oct 27 19:16:08 2025 GMT
        Subject: CN=68f68a78-379b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:3a:71:f0:f9:a3:20:8d:1e:ae:3c:2b:1b:9b:
                    94:8c:11:fc:c5:4c:67:08:8e:f1:5f:4f:8a:e7:7d:
                    fa:7a:a8:90:cd:bc:8e:57:82:00:f7:3f:60:da:bd:
                    ce:8e:78:e2:0a:14:ef:00:cc:7c:7b:17:53:f8:6d:
                    8b:06:3c:6d:19:06:3d:17:e8:69:51:59:86:a4:99:
                    b5:b6:81:1d:27:a4:aa:cb:78:73:7b:9f:32:b1:fb:
                    e7:94:75:f8:6a:9a:18:df:13:e5:e6:fe:4a:bd:97:
                    55:bd:e8:9a:41:a0:47:7b:9e:d6:7b:6e:b0:63:fd:
                    0b:2d:54:bb:aa:62:fc:10:43:a9:86:71:bd:d6:cb:
                    13:25:47:99:8b:c5:74:48:26:49:4e:56:3b:73:47:
                    01:f1:40:51:f4:8a:bc:09:6b:fa:4b:c6:79:f3:37:
                    c5:b1:3f:23:c9:6c:ef:f9:9b:d6:0b:0a:93:52:c4:
                    8c:58:c4:25:2c:f7:e1:e6:61:d5:37:fe:9f:3a:44:
                    7d:ea:be:32:26:a5:f7:4a:93:6c:d9:61:04:5e:97:
                    55:58:38:aa:5f:22:3e:f1:7c:81:79:86:ee:6f:07:
                    70:3c:69:4b:e0:3d:78:4e:c4:e6:fe:0e:5f:40:72:
                    75:eb:77:c6:e3:0c:7a:8c:58:23:b6:04:e2:79:9a:
                    93:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:1B:15:16:AE:05:DF:98:B2:AA:40:A2:7C:C6:F4:96:F4:4C:50:FE
            X509v3 Authority Key Identifier:
                keyid:4A:15:23:33:C4:05:F5:66:42:C2:FD:03:B1:C0:F1:E5:1F:7B:64:D6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9173BC9/C5C83CAE13A011EA93EEEF65C4F9AE02/ShUjM8QF9WZCwv0DscDx5R97ZNY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ShUjM8QF9WZCwv0DscDx5R97ZNY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9173BC9/C5C83CAE13A011EA93EEEF65C4F9AE02/ShUjM8QF9WZCwv0DscDx5R97ZNY.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:d7:76:c5:c0:98:06:36:de:a9:e9:ba:5a:17:2f:8f:70:3b:
         50:04:4e:d7:9a:b8:7f:d8:99:ce:ad:e9:3e:28:ce:65:b7:8a:
         ef:ad:12:39:cb:9f:3c:9e:35:e0:ef:d6:8d:d7:66:fe:bd:09:
         9f:e8:ab:6d:f2:4b:f0:5e:86:5d:c5:5c:20:0c:32:fe:15:c4:
         af:7b:e0:e0:12:f0:bd:24:22:76:12:24:e8:6c:57:a6:a6:72:
         99:f3:b2:59:c9:24:cd:fd:83:0d:d0:54:56:a9:77:76:ce:31:
         d4:7a:e0:2d:e2:88:4e:dd:55:40:40:80:9a:bc:fb:71:3e:69:
         0e:e8:e7:e9:4d:dd:b1:33:52:ea:88:f7:6f:3d:ab:b0:88:73:
         76:f5:87:39:d1:0b:e1:72:0b:86:9a:03:08:54:4f:d5:9f:13:
         92:63:75:61:17:26:13:e9:3a:e7:d1:fe:a9:b8:63:ab:7a:00:
         f3:40:3c:8d:17:9f:3a:bb:7e:64:8c:6c:73:f5:3c:49:12:8b:
         14:d4:f1:80:f1:33:b9:18:bd:e3:de:18:20:13:4f:59:a2:d2:
         57:ba:4a:cb:64:bb:59:d3:5e:d3:d5:7f:9f:47:e4:ba:41:f0:
         cf:d8:b5:07:84:bc:ba:45:cc:e1:3b:18:e6:b8:4f:8a:69:0b:
         39:ef:7e:d9
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICDHMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzNCQzkxMTAvBgNVBAUTKDRBMTUyMzMzQzQwNUY1NjY0MkMyRkQwM0IxQzBGMUU1
MUY3QjY0RDYwHhcNMjUxMDIwMTkxNjA4WhcNMjUxMDI3MTkxNjA4WjAYMRYwFAYD
VQQDEw02OGY2OGE3OC0zNzliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtTpx8PmjII0erjwrG5uUjBH8xUxnCI7xX0+K5336eqiQzbyOV4IA9z9g2r3O
jnjiChTvAMx8exdT+G2LBjxtGQY9F+hpUVmGpJm1toEdJ6Sqy3hze58ysfvnlHX4
apoY3xPl5v5KvZdVveiaQaBHe57We26wY/0LLVS7qmL8EEOphnG91ssTJUeZi8V0
SCZJTlY7c0cB8UBR9Iq8CWv6S8Z58zfFsT8jyWzv+ZvWCwqTUsSMWMQlLPfh5mHV
N/6fOkR96r4yJqX3SpNs2WEEXpdVWDiqXyI+8XyBeYbubwdwPGlL4D14TsTm/g5f
QHJ163fG4wx6jFgjtgTieZqTLQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLMbFRau
Bd+YsqpAonzG9Jb0TFD+MB8GA1UdIwQYMBaAFEoVIzPEBfVmQsL9A7HA8eUfe2TW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3M0JDOS9DNUM4M0NBRTEz
QTAxMUVBOTNFRUVGNjVDNEY5QUUwMi9TaFVqTThRRjlXWkN3djBEc2NEeDVSOTda
TlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NoVWpNOFFGOVdaQ3d2MERzY0R4NVI5N1pOWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
M0JDOS9DNUM4M0NBRTEzQTAxMUVBOTNFRUVGNjVDNEY5QUUwMi9TaFVqTThRRjlX
WkN3djBEc2NEeDVSOTdaTlkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCB13bFwJgGNt6p6bpaFy+PcDtQBE7Xmrh/2JnOrek+KM5lt4rvrRI5
y588njXg79aN12b+vQmf6Ktt8kvwXoZdxVwgDDL+FcSve+DgEvC9JCJ2EiTobFem
pnKZ87JZySTN/YMN0FRWqXd2zjHUeuAt4ohO3VVAQICavPtxPmkO6OfpTd2xM1Lq
iPdvPauwiHN29Yc50QvhcguGmgMIVE/VnxOSY3VhFyYT6Trn0f6puGOregDzQDyN
F586u35kjGxz9TxJEosU1PGA8TO5GL3j3hggE09ZotJXukrLZLtZ017T1X+fR+S6
QfDP2LUHhLy6RczhOxjmuE+KaQs5737Z
-----END CERTIFICATE-----
Generated at Tue Oct 21 02:25:21 2025 by rpki-client