Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A917C933/FD9521B2DC5711EA83E8EC67C4F9AE02/GhottiJwSYYNHLb7OB0DX3zd_nk.mft
File:                     GhottiJwSYYNHLb7OB0DX3zd_nk.mft (raw, json)
Hash identifier:          /8cp13he6tvboW/sVJU6niiDsvvvwHxWQnMqjwRS2oQ=
Subject key identifier:   84:DB:94:8D:07:EB:CE:92:D2:2D:C3:4B:70:C7:73:2E:E0:20:CC:1A
Authority key identifier: 1A:1A:2D:B6:22:70:49:86:0D:1C:B6:FB:38:1D:03:5F:7C:DD:FE:79
Certificate issuer:       /CN=A917C933/serialNumber=1A1A2DB6227049860D1CB6FB381D035F7CDDFE79
Certificate serial:       0875
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GhottiJwSYYNHLb7OB0DX3zd_nk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917C933/FD9521B2DC5711EA83E8EC67C4F9AE02/GhottiJwSYYNHLb7OB0DX3zd_nk.mft
Manifest number:          0860
Signing time:             Mon 20 Oct 2025 21:36:17 +0000
Manifest this update:     Mon 20 Oct 2025 21:36:17 +0000
Manifest next update:     Mon 27 Oct 2025 21:36:17 +0000
Files and hashes:         1: GhottiJwSYYNHLb7OB0DX3zd_nk.crl (hash: 7yLj6aqTeKYaLEQwFHhKLvE9Q7B8yQhuUGHfJxB/htw=)
                          2: 9067F6746F3211EF8F5EFB20C4F9AE02.roa (hash: RqZ70A3hEEaJCi1AIYIvzKrDKMGhuHpCuqVixNHeLHs=)
                          3: 9F555EDC433611EB89B8BE60C4F9AE02.roa (hash: rEovmytiKNNVpD6gPGRI9HANLC4RwJ5LENxvCh8CzI0=)
                          4: B2E74042602811EF90548827C4F9AE02.roa (hash: BvCqMScG09pGK+LZUbihhOFZxqUcMb0S5ZcrEfWSJgU=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A917C933/FD9521B2DC5711EA83E8EC67C4F9AE02/GhottiJwSYYNHLb7OB0DX3zd_nk.crl
                          rsync://rpki.apnic.net/member_repository/A917C933/FD9521B2DC5711EA83E8EC67C4F9AE02/GhottiJwSYYNHLb7OB0DX3zd_nk.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GhottiJwSYYNHLb7OB0DX3zd_nk.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 27 Oct 2025 21:36:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2165 (0x875)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917C933, serialNumber=1A1A2DB6227049860D1CB6FB381D035F7CDDFE79
        Validity
            Not Before: Oct 20 21:36:17 2025 GMT
            Not After : Oct 27 21:36:17 2025 GMT
        Subject: CN=68f6ab51-fb83
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:da:89:63:7f:6e:62:df:c0:ef:6b:24:16:32:
                    ef:9a:ca:b9:7e:95:09:20:2e:4b:b1:85:fc:9c:65:
                    f5:0f:b9:ea:52:a4:26:dc:b2:28:45:d8:8c:ad:4c:
                    ef:5c:8e:63:07:fa:00:60:ba:c1:e5:54:95:23:49:
                    31:39:51:18:bb:f0:cc:d6:9a:2f:13:f3:d4:3e:91:
                    78:2d:8f:78:80:36:15:1d:be:11:7f:ec:7a:09:7b:
                    2d:72:6a:63:7a:59:a1:ed:20:64:08:89:7e:49:87:
                    f2:43:1c:17:05:ee:54:e5:86:1a:a4:70:e8:12:ef:
                    5e:c6:4f:c2:6f:40:5f:15:ea:62:b4:fb:3c:a9:b5:
                    2a:de:56:0f:97:f0:dc:ab:17:61:78:00:1b:cc:d5:
                    e3:0a:b3:6f:23:c0:58:01:27:c1:6b:6b:43:68:c3:
                    4b:26:4a:9e:e7:60:9b:21:20:aa:ad:1e:fe:88:b6:
                    70:fb:b0:f7:e5:c5:99:42:55:1c:3c:92:bd:6d:09:
                    7f:bd:16:d3:72:c1:af:12:dd:a4:ba:ab:3a:16:e8:
                    4a:cb:61:d5:be:7f:15:41:b2:08:00:5a:81:8b:ed:
                    cd:ad:42:cf:7f:7f:e3:59:a5:27:14:8f:81:43:6f:
                    44:f8:fc:38:77:48:8f:43:b0:38:d8:7c:01:9e:0b:
                    c0:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:DB:94:8D:07:EB:CE:92:D2:2D:C3:4B:70:C7:73:2E:E0:20:CC:1A
            X509v3 Authority Key Identifier:
                keyid:1A:1A:2D:B6:22:70:49:86:0D:1C:B6:FB:38:1D:03:5F:7C:DD:FE:79

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917C933/FD9521B2DC5711EA83E8EC67C4F9AE02/GhottiJwSYYNHLb7OB0DX3zd_nk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GhottiJwSYYNHLb7OB0DX3zd_nk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C933/FD9521B2DC5711EA83E8EC67C4F9AE02/GhottiJwSYYNHLb7OB0DX3zd_nk.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         bd:a1:b5:72:6b:27:dd:e4:13:c6:5a:00:fc:64:ad:b7:ea:42:
         b2:74:53:6e:c1:52:9b:76:8f:9b:40:f2:2f:8b:51:d1:6e:4c:
         0c:e7:4a:bb:37:c4:94:f7:23:3e:d7:5f:a4:8f:6a:66:d8:d9:
         3a:ba:fb:e5:91:84:ad:f3:1a:2a:6c:33:1d:23:35:f2:6b:f3:
         f3:ee:ca:5c:eb:93:02:04:44:bd:a3:3a:b0:53:2a:a6:a2:2f:
         a6:13:23:71:89:d4:79:37:69:da:80:55:76:f3:48:f2:44:45:
         78:3e:0c:1e:a6:90:01:f1:02:c4:73:7c:d8:b9:c0:72:07:5f:
         f2:0a:00:93:b3:6e:86:e1:7c:87:09:f3:09:37:03:1f:52:4e:
         7f:a1:49:c1:c5:76:e6:3b:ad:71:8d:16:99:9c:5b:c5:ca:95:
         a6:0d:c9:54:0c:28:42:72:53:36:f2:ba:2e:dc:63:30:31:77:
         f0:de:c5:16:cb:7c:00:49:49:ce:96:07:b7:7f:78:8a:32:29:
         8a:2e:9c:a7:cb:d4:f3:f6:ee:c4:1f:a8:d6:ee:65:c4:ac:8a:
         48:c7:ee:02:10:c4:a0:7a:5a:60:a4:a3:01:c2:c6:77:99:54:
         78:45:1b:b5:25:96:14:19:ab:07:2c:95:dc:f9:a4:a1:2b:eb:
         5d:59:d8:5b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCHUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0M5MzMxMTAvBgNVBAUTKDFBMUEyREI2MjI3MDQ5ODYwRDFDQjZGQjM4MUQwMzVG
N0NEREZFNzkwHhcNMjUxMDIwMjEzNjE3WhcNMjUxMDI3MjEzNjE3WjAYMRYwFAYD
VQQDEw02OGY2YWI1MS1mYjgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzNqJY39uYt/A72skFjLvmsq5fpUJIC5LsYX8nGX1D7nqUqQm3LIoRdiMrUzv
XI5jB/oAYLrB5VSVI0kxOVEYu/DM1povE/PUPpF4LY94gDYVHb4Rf+x6CXstcmpj
elmh7SBkCIl+SYfyQxwXBe5U5YYapHDoEu9exk/Cb0BfFepitPs8qbUq3lYPl/Dc
qxdheAAbzNXjCrNvI8BYASfBa2tDaMNLJkqe52CbISCqrR7+iLZw+7D35cWZQlUc
PJK9bQl/vRbTcsGvEt2kuqs6FuhKy2HVvn8VQbIIAFqBi+3NrULPf3/jWaUnFI+B
Q29E+Pw4d0iPQ7A42HwBngvALQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFITblI0H
686S0i3DS3DHcy7gIMwaMB8GA1UdIwQYMBaAFBoaLbYicEmGDRy2+zgdA1983f55
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QzkzMy9GRDk1MjFCMkRD
NTcxMUVBODNFOEVDNjdDNEY5QUUwMi9HaG90dGlKd1NZWU5ITGI3T0IwRFgzemRf
bmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0dob3R0aUp3U1lZTkhMYjdPQjBEWDN6ZF9uay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
QzkzMy9GRDk1MjFCMkRDNTcxMUVBODNFOEVDNjdDNEY5QUUwMi9HaG90dGlKd1NZ
WU5ITGI3T0IwRFgzemRfbmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQC9obVyayfd5BPGWgD8ZK236kKydFNuwVKbdo+bQPIvi1HRbkwM50q7
N8SU9yM+11+kj2pm2Nk6uvvlkYSt8xoqbDMdIzXya/Pz7spc65MCBES9ozqwUyqm
oi+mEyNxidR5N2nagFV280jyREV4PgweppAB8QLEc3zYucByB1/yCgCTs26G4XyH
CfMJNwMfUk5/oUnBxXbmO61xjRaZnFvFypWmDclUDChCclM28rou3GMwMXfw3sUW
y3wASUnOlge3f3iKMimKLpyny9Tz9u7EH6jW7mXErIpIx+4CEMSgelpgpKMBwsZ3
mVR4RRu1JZYUGasHLJXc+aShK+tdWdhb
-----END CERTIFICATE-----
Generated at Tue Oct 21 02:57:09 2025 by rpki-client