Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.mft
File:                     3kzpYKOTCrTCJ_zo-FfAhBl_CNA.mft (raw, json)
Hash identifier:          lu0SOjtx+91pBlyRTQh/9Adix1DF3HJ/GcFoYbrDiYc=
Subject key identifier:   15:06:37:08:05:FF:A2:66:22:4F:2A:61:5A:FD:36:D6:1F:25:54:F0
Authority key identifier: DE:4C:E9:60:A3:93:0A:B4:C2:27:FC:E8:F8:57:C0:84:19:7F:08:D0
Certificate issuer:       /CN=A918F1C9/serialNumber=DE4CE960A3930AB4C227FCE8F857C084197F08D0
Certificate serial:       87
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.mft
Manifest number:          0AB9
Signing time:             Sat 18 Oct 2025 20:47:50 +0000
Manifest this update:     Sat 18 Oct 2025 20:47:49 +0000
Manifest next update:     Sat 25 Oct 2025 20:47:49 +0000
Files and hashes:         1: 3kzpYKOTCrTCJ_zo-FfAhBl_CNA.crl (hash: yHOWNL2VDFb+QZ+dVVUgr5GKjQSbogw4rz0waBGI4/w=)
                          2: 93E4B52CE43E11EF91571D16C4F9AE02.roa (hash: bxEMXPw0Uf6AR6ksTo+EYnAV7IQpuoAnSjrI4XOmEWM=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.crl
                          rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 25 Oct 2025 20:47:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 135 (0x87)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918F1C9, serialNumber=DE4CE960A3930AB4C227FCE8F857C084197F08D0
        Validity
            Not Before: Oct 18 20:47:49 2025 GMT
            Not After : Oct 25 20:47:49 2025 GMT
        Subject: CN=68f3fcf5-c5e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:29:a8:7e:61:e0:02:0e:00:98:89:f6:76:b6:
                    a8:24:e0:1f:6f:5e:b2:f5:cd:d0:8e:1e:95:d1:cb:
                    1b:c1:08:5f:07:2b:47:16:3b:fc:7b:37:23:87:2a:
                    9d:0b:fa:51:a0:74:8f:f3:d6:da:a9:bd:47:2e:28:
                    33:8a:ad:f2:84:12:1f:34:f2:5d:0b:3f:c3:51:63:
                    59:7e:28:85:f1:e8:cf:2b:ef:19:32:e7:9c:01:be:
                    d2:0b:10:f4:09:59:22:09:52:d1:64:15:85:6c:f4:
                    a1:9f:31:14:dd:39:ac:49:d9:e6:4f:56:a2:84:2a:
                    4b:bd:8c:5c:2d:01:3c:34:b2:64:ef:38:00:aa:bf:
                    30:5b:56:48:0f:2d:70:cb:b1:28:06:62:70:6d:0c:
                    3e:b8:10:d0:8a:f5:e9:8a:af:ce:43:80:3a:44:82:
                    50:d2:09:c9:b6:03:60:35:8d:ee:3e:01:dc:34:66:
                    c1:a1:de:e5:2e:5f:78:84:27:6d:b3:66:10:64:5d:
                    93:05:fb:95:da:03:ee:d8:df:47:40:cb:26:89:b3:
                    ac:36:a5:ca:21:81:68:58:64:0a:72:67:47:1d:be:
                    0f:ab:43:48:97:93:be:b0:48:d7:e3:84:89:12:a1:
                    e6:a5:60:03:b0:df:e6:c4:66:9a:00:b9:bd:df:7e:
                    c0:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:06:37:08:05:FF:A2:66:22:4F:2A:61:5A:FD:36:D6:1F:25:54:F0
            X509v3 Authority Key Identifier:
                keyid:DE:4C:E9:60:A3:93:0A:B4:C2:27:FC:E8:F8:57:C0:84:19:7F:08:D0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:0a:c5:79:b0:99:db:3d:f8:df:27:63:d8:8f:cd:1a:b1:ec:
         d4:ab:2e:2c:aa:9b:bd:10:0d:e4:0c:86:52:5b:d8:78:12:b4:
         53:6e:e0:ba:65:b3:59:cc:1a:b6:09:71:50:e1:88:fe:25:85:
         2b:b7:de:a3:d8:21:24:53:d7:5e:5f:72:4f:54:ce:1e:4a:f8:
         17:f1:e6:85:ea:f7:f7:08:2c:c0:d5:a3:91:5b:14:10:56:49:
         5f:e9:45:1b:dc:62:fa:b5:21:d4:2d:5b:6b:af:95:f1:67:d2:
         b0:18:57:8e:19:8a:bd:da:b5:65:3d:b4:24:66:cf:21:cd:94:
         e8:86:ef:8b:7d:fa:8c:96:fd:a7:a8:30:df:a1:f7:11:92:06:
         55:f5:a0:a9:c5:0d:45:82:0f:d6:32:c3:49:84:8c:2a:d4:bc:
         93:d1:a8:a3:d7:a8:ef:85:09:84:c9:73:00:98:24:b0:46:80:
         83:9f:ea:c6:4c:05:1f:dd:e1:88:54:ac:e5:d9:85:2b:c5:dd:
         db:1f:2c:a5:18:52:1f:9e:be:12:54:8b:ef:01:ef:6b:cf:0c:
         dc:61:8f:6a:ab:e4:62:e0:7d:d0:52:85:67:6b:81:8e:87:96:
         ef:dd:1b:23:94:58:50:8e:89:09:6e:e3:3b:8a:02:88:7c:71:
         24:d1:85:4d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAIcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEYxQzkxMTAvBgNVBAUTKERFNENFOTYwQTM5MzBBQjRDMjI3RkNFOEY4NTdDMDg0
MTk3RjA4RDAwHhcNMjUxMDE4MjA0NzQ5WhcNMjUxMDI1MjA0NzQ5WjAYMRYwFAYD
VQQDEw02OGYzZmNmNS1jNWU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuymofmHgAg4AmIn2draoJOAfb16y9c3Qjh6V0csbwQhfBytHFjv8ezcjhyqd
C/pRoHSP89baqb1HLigziq3yhBIfNPJdCz/DUWNZfiiF8ejPK+8ZMuecAb7SCxD0
CVkiCVLRZBWFbPShnzEU3TmsSdnmT1aihCpLvYxcLQE8NLJk7zgAqr8wW1ZIDy1w
y7EoBmJwbQw+uBDQivXpiq/OQ4A6RIJQ0gnJtgNgNY3uPgHcNGbBod7lLl94hCdt
s2YQZF2TBfuV2gPu2N9HQMsmibOsNqXKIYFoWGQKcmdHHb4Pq0NIl5O+sEjX44SJ
EqHmpWADsN/mxGaaALm9337AhQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBUGNwgF
/6JmIk8qYVr9NtYfJVTwMB8GA1UdIwQYMBaAFN5M6WCjkwq0wif86PhXwIQZfwjQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RjFDOS82QTU3QUI4QzdG
OTUxMUVBQjBFRDg1MzdDNEY5QUUwMi8za3pwWUtPVENyVENKX3pvLUZmQWhCbF9D
TkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNrenBZS09UQ3JUQ0pfem8tRmZBaEJsX0NOQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
RjFDOS82QTU3QUI4QzdGOTUxMUVBQjBFRDg1MzdDNEY5QUUwMi8za3pwWUtPVENy
VENKX3pvLUZmQWhCbF9DTkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBHCsV5sJnbPfjfJ2PYj80asezUqy4sqpu9EA3kDIZSW9h4ErRTbuC6
ZbNZzBq2CXFQ4Yj+JYUrt96j2CEkU9deX3JPVM4eSvgX8eaF6vf3CCzA1aORWxQQ
Vklf6UUb3GL6tSHULVtrr5XxZ9KwGFeOGYq92rVlPbQkZs8hzZTohu+LffqMlv2n
qDDfofcRkgZV9aCpxQ1Fgg/WMsNJhIwq1LyT0aij16jvhQmEyXMAmCSwRoCDn+rG
TAUf3eGIVKzl2YUrxd3bHyylGFIfnr4SVIvvAe9rzwzcYY9qq+Ri4H3QUoVna4GO
h5bv3RsjlFhQjokJbuM7igKIfHEk0YVN
-----END CERTIFICATE-----
Generated at Mon Oct 20 05:44:17 2025 by rpki-client