Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A918BDA2/70E69C18D0EE11ECBC5C4973C4F9AE02/32d9hpNHe5Kh6f58IEImls6oYJ0.mft
File:                     32d9hpNHe5Kh6f58IEImls6oYJ0.mft (raw, json)
Hash identifier:          FM9H70AQdF7kYtafFORoKOmdnazlt3v+npewUfq+gXk=
Subject key identifier:   89:58:CA:38:8A:85:4A:13:5D:9C:78:C0:26:E3:69:47:FB:29:83:52
Authority key identifier: DF:67:7D:86:93:47:7B:92:A1:E9:FE:7C:20:42:26:96:CE:A8:60:9D
Certificate issuer:       /CN=A918BDA2/serialNumber=DF677D8693477B92A1E9FE7C20422696CEA8609D
Certificate serial:       0342
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/32d9hpNHe5Kh6f58IEImls6oYJ0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918BDA2/70E69C18D0EE11ECBC5C4973C4F9AE02/32d9hpNHe5Kh6f58IEImls6oYJ0.mft
Manifest number:          033D
Signing time:             Sat 23 Aug 2025 01:19:06 +0000
Manifest this update:     Sat 23 Aug 2025 01:19:05 +0000
Manifest next update:     Sat 30 Aug 2025 01:19:05 +0000
Files and hashes:         1: 32d9hpNHe5Kh6f58IEImls6oYJ0.crl (hash: dSvUyaJseOVVarZq7DA5L5jgWfmq5swmuHiq8uLObcw=)
                          2: 756558C6D19611ECB75A996BC4F9AE02.roa (hash: jBN+GZ5K5hQcx74ci+Zj74gtJO93V93U4mPbsdd8SsY=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A918BDA2/70E69C18D0EE11ECBC5C4973C4F9AE02/32d9hpNHe5Kh6f58IEImls6oYJ0.crl
                          rsync://rpki.apnic.net/member_repository/A918BDA2/70E69C18D0EE11ECBC5C4973C4F9AE02/32d9hpNHe5Kh6f58IEImls6oYJ0.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/32d9hpNHe5Kh6f58IEImls6oYJ0.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Aug 2025 01:19:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 834 (0x342)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918BDA2, serialNumber=DF677D8693477B92A1E9FE7C20422696CEA8609D
        Validity
            Not Before: Aug 23 01:19:05 2025 GMT
            Not After : Aug 30 01:19:05 2025 GMT
        Subject: CN=68a9170a-b4bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:90:a3:b4:d0:d0:c5:b3:1d:b3:a7:5c:4b:9a:
                    c1:02:e2:d2:6b:ce:75:26:90:91:dd:eb:00:1b:ce:
                    f5:41:cd:09:80:8e:38:24:19:23:f1:e6:d4:f5:c2:
                    2a:7f:d0:7d:b9:8f:d4:29:c5:de:90:2d:bf:46:45:
                    f1:bf:13:6e:00:9d:aa:ad:92:bf:19:92:b7:21:02:
                    bc:45:98:a0:b7:0b:02:2a:53:7f:02:f7:98:a5:82:
                    7d:fa:3d:1f:9d:1e:52:ab:88:3b:e1:79:92:0a:87:
                    1f:5b:6d:31:d0:1c:42:f0:97:26:56:97:84:44:10:
                    24:dc:f6:53:7d:cf:bc:57:48:4b:dd:f6:e1:23:69:
                    7a:45:82:f6:bd:07:ef:bf:0b:38:89:3e:fc:7f:ac:
                    9f:ae:85:e7:82:f6:4c:bb:4c:dd:00:68:9c:3e:34:
                    94:a3:87:5b:30:10:a7:1f:4c:bb:58:d0:09:03:a5:
                    48:73:10:52:d4:95:a0:30:5a:9b:c0:9a:84:15:ac:
                    6f:01:62:36:2b:37:6e:00:42:22:3b:e6:32:19:90:
                    62:f3:7f:c9:73:a3:42:fa:c4:bf:15:1b:d0:5f:5f:
                    95:9e:18:e5:81:04:74:0e:f6:3d:b0:ca:f2:7c:74:
                    e1:8d:04:3c:b5:20:ae:2c:8b:6e:80:3e:16:c6:53:
                    e1:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:58:CA:38:8A:85:4A:13:5D:9C:78:C0:26:E3:69:47:FB:29:83:52
            X509v3 Authority Key Identifier:
                keyid:DF:67:7D:86:93:47:7B:92:A1:E9:FE:7C:20:42:26:96:CE:A8:60:9D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918BDA2/70E69C18D0EE11ECBC5C4973C4F9AE02/32d9hpNHe5Kh6f58IEImls6oYJ0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/32d9hpNHe5Kh6f58IEImls6oYJ0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918BDA2/70E69C18D0EE11ECBC5C4973C4F9AE02/32d9hpNHe5Kh6f58IEImls6oYJ0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:60:05:61:e4:ae:cf:6f:1a:98:df:10:79:90:00:97:5c:c6:
         ef:88:ba:fa:ef:81:b3:6d:6f:64:ec:63:6f:ba:13:7d:3c:a2:
         9d:68:40:10:f5:05:b9:4d:90:2c:0a:5a:49:15:d9:2c:92:55:
         d6:7f:53:02:eb:f9:9e:a7:87:b8:68:76:e5:74:9c:8b:04:ad:
         1a:c2:c2:fc:ee:88:4d:12:8d:ad:b1:ec:77:6a:fc:29:46:f7:
         85:b5:d4:f7:29:49:71:52:7f:c3:00:50:b9:f6:3f:e9:36:e0:
         05:22:47:c4:9c:df:48:aa:78:06:3b:1d:8c:2b:b2:43:b4:ea:
         97:f7:72:ca:99:5b:2c:a5:c3:d2:82:1b:e5:5b:fd:f6:1f:d0:
         c0:16:be:5d:6b:f3:63:d7:ba:41:13:3e:f8:62:d0:66:3e:dd:
         bd:b7:a8:ee:e9:b9:cb:20:72:14:42:71:2a:63:97:77:6d:0c:
         9b:53:0c:21:8b:3a:f1:b1:9a:03:f2:74:2f:fe:00:b9:ae:36:
         a1:62:9d:d3:a7:c9:41:57:c3:98:e2:76:5a:39:f6:00:1b:71:
         32:40:3d:35:9b:8d:ee:cd:0d:59:cb:68:4b:a6:6b:a3:35:d2:
         65:8e:ec:86:90:a7:ff:cf:dc:e9:61:0f:f9:f1:0f:56:23:0c:
         f8:e0:d7:2b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICA0IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEJEQTIxMTAvBgNVBAUTKERGNjc3RDg2OTM0NzdCOTJBMUU5RkU3QzIwNDIyNjk2
Q0VBODYwOUQwHhcNMjUwODIzMDExOTA1WhcNMjUwODMwMDExOTA1WjAYMRYwFAYD
VQQDEw02OGE5MTcwYS1iNGJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs5CjtNDQxbMds6dcS5rBAuLSa851JpCR3esAG871Qc0JgI44JBkj8ebU9cIq
f9B9uY/UKcXekC2/RkXxvxNuAJ2qrZK/GZK3IQK8RZigtwsCKlN/AveYpYJ9+j0f
nR5Sq4g74XmSCocfW20x0BxC8JcmVpeERBAk3PZTfc+8V0hL3fbhI2l6RYL2vQfv
vws4iT78f6yfroXngvZMu0zdAGicPjSUo4dbMBCnH0y7WNAJA6VIcxBS1JWgMFqb
wJqEFaxvAWI2KzduAEIiO+YyGZBi83/Jc6NC+sS/FRvQX1+VnhjlgQR0DvY9sMry
fHThjQQ8tSCuLItugD4WxlPhOQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIlYyjiK
hUoTXZx4wCbjaUf7KYNSMB8GA1UdIwQYMBaAFN9nfYaTR3uSoen+fCBCJpbOqGCd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QkRBMi83MEU2OUMxOEQw
RUUxMUVDQkM1QzQ5NzNDNEY5QUUwMi8zMmQ5aHBOSGU1S2g2ZjU4SUVJbWxzNm9Z
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzMyZDlocE5IZTVLaDZmNThJRUltbHM2b1lKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
QkRBMi83MEU2OUMxOEQwRUUxMUVDQkM1QzQ5NzNDNEY5QUUwMi8zMmQ5aHBOSGU1
S2g2ZjU4SUVJbWxzNm9ZSjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBtYAVh5K7PbxqY3xB5kACXXMbviLr674GzbW9k7GNvuhN9PKKdaEAQ
9QW5TZAsClpJFdksklXWf1MC6/mep4e4aHbldJyLBK0awsL87ohNEo2tsex3avwp
RveFtdT3KUlxUn/DAFC59j/pNuAFIkfEnN9IqngGOx2MK7JDtOqX93LKmVsspcPS
ghvlW/32H9DAFr5da/Nj17pBEz74YtBmPt29t6ju6bnLIHIUQnEqY5d3bQybUwwh
izrxsZoD8nQv/gC5rjahYp3Tp8lBV8OY4nZaOfYAG3EyQD01m43uzQ1Zy2hLpmuj
NdJljuyGkKf/z9zpYQ/58Q9WIwz44Ncr
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:57:12 2025 by rpki-client