Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A917B520/8F9091D432B011EFA4CBF96AC4F9AE02/OAzWvMnhwR_sTuJ9qJOCTa21ISo.mft
File:                     OAzWvMnhwR_sTuJ9qJOCTa21ISo.mft (raw, json)
Hash identifier:          TDsjoQUWht2VadAp/1M7PH+BnxqZfLGQje2CT/Utt94=
Subject key identifier:   A8:33:20:47:E5:27:2F:6A:DC:44:09:5B:20:BF:AF:B3:67:A7:4F:4D
Authority key identifier: 38:0C:D6:BC:C9:E1:C1:1F:EC:4E:E2:7D:A8:93:82:4D:AD:B5:21:2A
Certificate issuer:       /CN=A917B520/serialNumber=380CD6BCC9E1C11FEC4EE27DA893824DADB5212A
Certificate serial:       011E
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OAzWvMnhwR_sTuJ9qJOCTa21ISo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917B520/8F9091D432B011EFA4CBF96AC4F9AE02/OAzWvMnhwR_sTuJ9qJOCTa21ISo.mft
Manifest number:          0118
Signing time:             Sun 19 Oct 2025 05:15:48 +0000
Manifest this update:     Sun 19 Oct 2025 05:15:48 +0000
Manifest next update:     Sun 26 Oct 2025 05:15:48 +0000
Files and hashes:         1: OAzWvMnhwR_sTuJ9qJOCTa21ISo.crl (hash: Ufvtdm0ocBj6bWDPyYOL7cx7uLbOZtgnfA0tQitpnbc=)
                          2: 9580A702548211EFAADB996FC4F9AE02.roa (hash: nFQQw/dyghkb1sXKy9uupZRqxzdAPtcnxFOFgRiXGi4=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A917B520/8F9091D432B011EFA4CBF96AC4F9AE02/OAzWvMnhwR_sTuJ9qJOCTa21ISo.crl
                          rsync://rpki.apnic.net/member_repository/A917B520/8F9091D432B011EFA4CBF96AC4F9AE02/OAzWvMnhwR_sTuJ9qJOCTa21ISo.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OAzWvMnhwR_sTuJ9qJOCTa21ISo.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 26 Oct 2025 05:15:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 286 (0x11e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917B520, serialNumber=380CD6BCC9E1C11FEC4EE27DA893824DADB5212A
        Validity
            Not Before: Oct 19 05:15:48 2025 GMT
            Not After : Oct 26 05:15:48 2025 GMT
        Subject: CN=68f47404-2a01
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:b7:84:8c:e6:09:73:d0:e2:7d:c5:10:aa:4b:
                    4f:1c:ff:89:38:0e:b5:3a:cd:7a:60:72:7a:e1:22:
                    ff:29:a3:07:50:d8:64:29:65:43:56:ce:28:73:61:
                    7a:e2:87:86:39:65:f2:ba:ef:12:90:92:f5:e7:e3:
                    0e:d7:a9:94:05:0d:a4:c0:00:ef:61:0b:d3:b1:3c:
                    3b:67:8b:40:20:b7:e2:66:d0:7e:fe:67:fa:46:12:
                    bc:44:29:16:4d:ff:89:13:36:19:5f:49:c2:91:60:
                    0f:42:a3:90:08:15:8e:6b:5c:82:02:7a:df:2f:e0:
                    63:20:f2:a1:2d:3b:4c:43:83:73:cd:bf:5d:c2:aa:
                    be:34:2d:b7:bc:a2:7f:96:a7:24:95:b7:6e:89:82:
                    00:18:25:7a:0e:47:0f:53:74:77:09:d6:27:78:25:
                    6d:af:11:7e:52:cd:2c:36:fb:9a:d9:6b:84:a6:2b:
                    21:21:d5:17:66:80:8b:70:d7:ca:d7:9e:d6:73:be:
                    8c:64:61:97:dd:39:d3:d0:9d:57:dc:8f:a1:cd:dc:
                    1e:11:d5:ac:39:e9:c2:50:41:b4:2e:dc:c2:55:36:
                    92:f9:70:84:e4:f7:de:11:3e:a4:a0:83:c3:78:96:
                    c4:6f:ee:86:fe:10:9d:71:1b:44:ff:ac:9a:03:90:
                    1e:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:33:20:47:E5:27:2F:6A:DC:44:09:5B:20:BF:AF:B3:67:A7:4F:4D
            X509v3 Authority Key Identifier:
                keyid:38:0C:D6:BC:C9:E1:C1:1F:EC:4E:E2:7D:A8:93:82:4D:AD:B5:21:2A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917B520/8F9091D432B011EFA4CBF96AC4F9AE02/OAzWvMnhwR_sTuJ9qJOCTa21ISo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OAzWvMnhwR_sTuJ9qJOCTa21ISo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917B520/8F9091D432B011EFA4CBF96AC4F9AE02/OAzWvMnhwR_sTuJ9qJOCTa21ISo.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:75:54:86:ae:47:74:1b:73:ae:d3:4c:26:77:35:6e:43:1a:
         f8:81:f5:74:d1:81:85:26:ce:ab:c1:16:3f:7c:d1:81:4b:b2:
         79:95:72:a5:b8:4b:7b:22:ec:a2:f3:f1:76:da:02:25:36:7a:
         72:3d:69:24:c4:6b:e6:5b:d9:be:73:4f:e3:a8:bc:30:6b:f4:
         2c:6c:b1:04:2c:60:1f:4f:35:30:b1:ac:13:8c:5f:c9:58:5c:
         99:4b:5b:ef:40:42:eb:6a:63:06:34:41:f5:fe:3b:b2:d0:29:
         ed:00:73:86:8a:c8:0d:09:49:f0:6b:e7:94:3d:94:54:a5:a6:
         30:39:78:a8:c4:6d:e0:a7:34:ba:1b:78:06:ea:b9:19:d6:09:
         62:a3:cf:8d:27:b6:02:7f:f9:c9:13:d9:71:a0:b8:a7:3b:37:
         87:d6:0e:a1:0b:2d:11:71:19:d2:e8:01:97:9e:59:d6:0b:5c:
         df:f3:18:03:5f:e0:c1:19:19:29:63:2a:0a:bf:c3:da:bb:a0:
         81:5a:5c:93:cf:d7:22:09:81:10:a9:73:5f:26:b2:cd:c2:8a:
         ee:2b:6a:91:0b:d2:27:72:6e:42:f3:be:35:2c:cb:8b:6d:3b:
         98:0b:3e:2a:3c:38:3c:4f:91:a8:9a:34:56:f9:6a:a4:17:e4:
         58:89:4a:c7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAR4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0I1MjAxMTAvBgNVBAUTKDM4MENENkJDQzlFMUMxMUZFQzRFRTI3REE4OTM4MjRE
QURCNTIxMkEwHhcNMjUxMDE5MDUxNTQ4WhcNMjUxMDI2MDUxNTQ4WjAYMRYwFAYD
VQQDEw02OGY0NzQwNC0yYTAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA07eEjOYJc9DifcUQqktPHP+JOA61Os16YHJ64SL/KaMHUNhkKWVDVs4oc2F6
4oeGOWXyuu8SkJL15+MO16mUBQ2kwADvYQvTsTw7Z4tAILfiZtB+/mf6RhK8RCkW
Tf+JEzYZX0nCkWAPQqOQCBWOa1yCAnrfL+BjIPKhLTtMQ4Nzzb9dwqq+NC23vKJ/
lqcklbduiYIAGCV6DkcPU3R3CdYneCVtrxF+Us0sNvua2WuEpishIdUXZoCLcNfK
157Wc76MZGGX3TnT0J1X3I+hzdweEdWsOenCUEG0LtzCVTaS+XCE5PfeET6koIPD
eJbEb+6G/hCdcRtE/6yaA5AeQwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKgzIEfl
Jy9q3EQJWyC/r7Nnp09NMB8GA1UdIwQYMBaAFDgM1rzJ4cEf7E7ifaiTgk2ttSEq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QjUyMC84RjkwOTFENDMy
QjAxMUVGQTRDQkY5NkFDNEY5QUUwMi9PQXpXdk1uaHdSX3NUdUo5cUpPQ1RhMjFJ
U28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL09Beld2TW5od1Jfc1R1SjlxSk9DVGEyMUlTby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
QjUyMC84RjkwOTFENDMyQjAxMUVGQTRDQkY5NkFDNEY5QUUwMi9PQXpXdk1uaHdS
X3NUdUo5cUpPQ1RhMjFJU28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBldVSGrkd0G3Ou00wmdzVuQxr4gfV00YGFJs6rwRY/fNGBS7J5lXKl
uEt7Iuyi8/F22gIlNnpyPWkkxGvmW9m+c0/jqLwwa/QsbLEELGAfTzUwsawTjF/J
WFyZS1vvQELramMGNEH1/juy0CntAHOGisgNCUnwa+eUPZRUpaYwOXioxG3gpzS6
G3gG6rkZ1glio8+NJ7YCf/nJE9lxoLinOzeH1g6hCy0RcRnS6AGXnlnWC1zf8xgD
X+DBGRkpYyoKv8Pau6CBWlyTz9ciCYEQqXNfJrLNworuK2qRC9Incm5C8741LMuL
bTuYCz4qPDg8T5GomjRW+WqkF+RYiUrH
-----END CERTIFICATE-----
Generated at Tue Oct 21 05:29:58 2025 by rpki-client