Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.mft
File:                     kXkVGVyXGrRB_d7eb_PNNy51TLU.mft (raw, json)
Hash identifier:          3PEpr61YKHFw/6+2OOuttnxB787vtCFyoshfPD983aQ=
Subject key identifier:   54:C8:11:82:3B:8B:71:4D:43:01:F4:28:60:A0:36:9E:58:69:F4:21
Authority key identifier: 91:79:15:19:5C:97:1A:B4:41:FD:DE:DE:6F:F3:CD:37:2E:75:4C:B5
Certificate issuer:       /CN=A91795CA/serialNumber=917915195C971AB441FDDEDE6FF3CD372E754CB5
Certificate serial:       067B
Authority info access:    rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/kXkVGVyXGrRB_d7eb_PNNy51TLU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.mft
Manifest number:          0675
Signing time:             Sat 18 Oct 2025 23:43:58 +0000
Manifest this update:     Sat 18 Oct 2025 23:43:58 +0000
Manifest next update:     Sat 25 Oct 2025 23:43:58 +0000
Files and hashes:         1: kXkVGVyXGrRB_d7eb_PNNy51TLU.crl (hash: uWwansMvwRFIiLbxyd3r1kzN9K7Ev+OetFEaW7LSkwU=)
                          2: 2B8D76AE9BB711EBBB7BA02BC4F9AE02.roa (hash: aHkHq3prWV8PYM6R/1n0/cS3AolHN3tQt/aLI9yRoNU=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.crl
                          rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.mft
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/kXkVGVyXGrRB_d7eb_PNNy51TLU.cer
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 25 Oct 2025 23:43:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1659 (0x67b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91795CA, serialNumber=917915195C971AB441FDDEDE6FF3CD372E754CB5
        Validity
            Not Before: Oct 18 23:43:58 2025 GMT
            Not After : Oct 25 23:43:58 2025 GMT
        Subject: CN=68f4263e-8c7a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:0b:ce:09:ef:73:cb:a9:e7:b1:3d:6a:ce:5f:
                    1f:50:65:eb:c2:c4:3a:80:2a:a3:dc:75:12:7a:b9:
                    40:8f:ac:41:d6:b3:2a:48:ad:91:5e:e1:91:b9:31:
                    e9:4f:3c:9f:14:21:9f:58:59:e0:3b:eb:04:e7:a2:
                    54:ac:08:a6:08:d9:03:8d:ab:15:b6:78:c8:ed:a3:
                    14:ee:52:1c:a6:99:e9:62:10:17:d5:98:f8:70:c2:
                    e2:f5:91:f6:fb:0b:83:88:65:7b:de:29:f6:75:25:
                    c4:db:a5:82:06:c6:f7:35:30:4d:1c:82:36:c3:c6:
                    9e:7d:1e:b6:88:dd:10:36:3f:c0:f4:2f:29:2e:3d:
                    8d:7c:fc:cc:94:8d:ee:3f:e3:9b:ac:8a:ba:63:ce:
                    cb:a0:e9:b4:ec:22:50:0c:92:34:60:f8:ad:9a:d3:
                    bb:25:92:d8:c2:f7:57:72:1f:7f:b6:e4:4f:87:61:
                    34:88:31:e8:ea:da:58:50:ae:ec:20:b5:9d:ab:6b:
                    6a:78:db:db:81:1c:45:5d:84:af:39:c9:9e:79:21:
                    e1:8a:ba:27:c2:6c:b0:f6:52:64:ab:56:d2:06:9c:
                    fc:e5:e8:c1:0f:fa:ec:0c:8e:a6:00:90:b6:9e:a5:
                    9e:ca:8a:d5:5e:4e:c9:23:dd:9b:da:9b:5f:c4:af:
                    81:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:C8:11:82:3B:8B:71:4D:43:01:F4:28:60:A0:36:9E:58:69:F4:21
            X509v3 Authority Key Identifier:
                keyid:91:79:15:19:5C:97:1A:B4:41:FD:DE:DE:6F:F3:CD:37:2E:75:4C:B5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/kXkVGVyXGrRB_d7eb_PNNy51TLU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:8b:bb:64:9e:e2:bf:26:a5:3b:27:d8:5e:76:94:20:ad:28:
         98:f2:7d:73:98:78:b9:0e:0b:ef:d1:05:7b:49:bd:fb:02:84:
         2a:0b:65:8b:56:cd:96:c2:d1:dc:63:59:d9:02:80:4f:ee:e2:
         22:f6:59:5b:38:31:56:a7:45:27:e0:23:77:1e:0a:29:24:48:
         5e:31:79:96:47:56:c4:c0:98:5a:04:22:fb:ac:0e:7c:a4:b3:
         15:18:e5:17:aa:8c:8b:a7:25:e6:73:65:a0:e5:09:98:60:49:
         dc:e8:2c:45:13:1e:6d:0b:91:c8:b4:71:f6:f4:2e:2f:9a:a5:
         7c:cd:91:74:7f:80:31:1f:fd:4c:22:44:fe:7c:4e:b0:d4:e5:
         a5:44:96:4b:e2:9d:49:88:a7:90:73:5c:0d:71:9f:0d:b8:a8:
         dd:3e:a6:ac:49:15:04:cc:ec:c9:39:70:7e:5f:2a:3d:38:a9:
         11:53:f3:3a:9f:16:a0:1f:64:73:0b:cf:70:a7:54:6b:21:a3:
         34:4b:f6:92:30:07:92:06:79:01:54:8a:9e:36:ca:43:14:05:
         c7:35:13:46:b5:48:bd:57:d4:3d:49:3f:b5:ce:65:e0:e7:da:
         32:1f:b9:ca:ad:4f:42:71:4f:8f:92:17:c3:44:5c:3d:32:1e:
         63:fb:3e:ba
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICBnswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Nzk1Q0ExMTAvBgNVBAUTKDkxNzkxNTE5NUM5NzFBQjQ0MUZEREVERTZGRjNDRDM3
MkU3NTRDQjUwHhcNMjUxMDE4MjM0MzU4WhcNMjUxMDI1MjM0MzU4WjAYMRYwFAYD
VQQDEw02OGY0MjYzZS04YzdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxgvOCe9zy6nnsT1qzl8fUGXrwsQ6gCqj3HUSerlAj6xB1rMqSK2RXuGRuTHp
TzyfFCGfWFngO+sE56JUrAimCNkDjasVtnjI7aMU7lIcppnpYhAX1Zj4cMLi9ZH2
+wuDiGV73in2dSXE26WCBsb3NTBNHII2w8aefR62iN0QNj/A9C8pLj2NfPzMlI3u
P+ObrIq6Y87LoOm07CJQDJI0YPitmtO7JZLYwvdXch9/tuRPh2E0iDHo6tpYUK7s
ILWdq2tqeNvbgRxFXYSvOcmeeSHhironwmyw9lJkq1bSBpz85ejBD/rsDI6mAJC2
nqWeyorVXk7JI92b2ptfxK+BoQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFTIEYI7
i3FNQwH0KGCgNp5YafQhMB8GA1UdIwQYMBaAFJF5FRlclxq0Qf3e3m/zzTcudUy1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3OTVDQS82MzQ3Mzc1Njk4
MDYxMUVCQTg3RTI3NjVDNEY5QUUwMi9rWGtWR1Z5WEdyUkJfZDdlYl9QTk55NTFU
TFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyL2tYa1ZHVnlYR3JSQl9kN2ViX1BOTnk1MVRMVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
OTVDQS82MzQ3Mzc1Njk4MDYxMUVCQTg3RTI3NjVDNEY5QUUwMi9rWGtWR1Z5WEdy
UkJfZDdlYl9QTk55NTFUTFUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAQi7tknuK/JqU7J9hedpQgrSiY8n1zmHi5Dgvv0QV7Sb37AoQqC2WL
Vs2WwtHcY1nZAoBP7uIi9llbODFWp0Un4CN3HgopJEheMXmWR1bEwJhaBCL7rA58
pLMVGOUXqoyLpyXmc2Wg5QmYYEnc6CxFEx5tC5HItHH29C4vmqV8zZF0f4AxH/1M
IkT+fE6w1OWlRJZL4p1JiKeQc1wNcZ8NuKjdPqasSRUEzOzJOXB+Xyo9OKkRU/M6
nxagH2RzC89wp1RrIaM0S/aSMAeSBnkBVIqeNspDFAXHNRNGtUi9V9Q9ST+1zmXg
59oyH7nKrU9CcU+PkhfDRFw9Mh5j+z66
-----END CERTIFICATE-----
Generated at Mon Oct 20 19:31:15 2025 by rpki-client