Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/OYkRMAEE18WLMm5WZLPXmi1GRuA.mft
File:                     OYkRMAEE18WLMm5WZLPXmi1GRuA.mft (raw, json)
Hash identifier:          FjPjzGg6vwoxt4ScvV6TlXPhm43kWBq5Y1hfEOiKxVg=
Subject key identifier:   A8:8F:B7:5E:88:40:38:CE:14:6A:7B:97:1F:E3:3D:96:15:44:58:6D
Authority key identifier: 39:89:11:30:01:04:D7:C5:8B:32:6E:56:64:B3:D7:9A:2D:46:46:E0
Certificate issuer:       /CN=A918F1C9/serialNumber=398911300104D7C58B326E5664B3D79A2D4646E0
Certificate serial:       0A4E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OYkRMAEE18WLMm5WZLPXmi1GRuA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/OYkRMAEE18WLMm5WZLPXmi1GRuA.mft
Manifest number:          0AB8
Signing time:             Sat 18 Oct 2025 20:47:47 +0000
Manifest this update:     Sat 18 Oct 2025 20:47:46 +0000
Manifest next update:     Sat 25 Oct 2025 20:47:46 +0000
Files and hashes:         1: OYkRMAEE18WLMm5WZLPXmi1GRuA.crl (hash: 80HcqU1GHDj5ajTMxT1vOxFksbf288qTpNvp+EmKrFk=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/OYkRMAEE18WLMm5WZLPXmi1GRuA.crl
                          rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/OYkRMAEE18WLMm5WZLPXmi1GRuA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OYkRMAEE18WLMm5WZLPXmi1GRuA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 25 Oct 2025 20:47:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2638 (0xa4e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918F1C9, serialNumber=398911300104D7C58B326E5664B3D79A2D4646E0
        Validity
            Not Before: Oct 18 20:47:46 2025 GMT
            Not After : Oct 25 20:47:46 2025 GMT
        Subject: CN=68f3fcf3-4191
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:c2:5b:66:0d:b4:bf:37:97:09:5e:4b:2c:f3:
                    27:52:7e:8c:1f:5c:2c:ed:24:4b:0f:b5:99:f1:f9:
                    e5:16:7b:f2:52:6c:e9:23:74:cf:1f:b3:98:0a:0c:
                    26:33:05:c3:52:38:5f:84:58:30:e8:ba:7d:bb:d5:
                    64:69:a8:b8:a6:f2:20:c1:f2:13:6c:fe:7b:0d:14:
                    6f:02:40:cd:0f:70:44:b8:0b:6e:46:65:9b:ea:3a:
                    a6:ba:98:3f:1c:59:89:f9:03:82:ea:40:b6:2d:1c:
                    e9:42:f1:51:22:fb:6e:51:9e:51:4c:8b:d4:b5:b9:
                    78:57:54:6c:6d:94:73:df:01:df:10:d5:1b:82:6a:
                    21:7d:f0:97:71:5a:97:71:b9:63:de:f1:21:e2:e3:
                    31:bd:b4:d0:c9:96:1a:4d:54:83:c2:9f:3a:9c:4e:
                    99:f4:61:b4:1b:27:67:1f:64:5b:c5:62:2c:f7:df:
                    c9:29:1b:aa:fd:71:65:51:7a:8f:6e:4e:b3:e1:d3:
                    54:ae:6e:10:d8:a2:b7:87:b5:a0:91:06:77:7d:b1:
                    60:d4:8b:53:63:1d:8f:1a:00:b5:2f:70:89:1c:35:
                    0d:0d:11:bc:01:2c:0a:97:6c:36:32:2c:b4:d1:ad:
                    00:84:c8:99:16:e6:e0:e9:03:1c:40:0a:14:2b:64:
                    7f:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:8F:B7:5E:88:40:38:CE:14:6A:7B:97:1F:E3:3D:96:15:44:58:6D
            X509v3 Authority Key Identifier:
                keyid:39:89:11:30:01:04:D7:C5:8B:32:6E:56:64:B3:D7:9A:2D:46:46:E0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/OYkRMAEE18WLMm5WZLPXmi1GRuA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OYkRMAEE18WLMm5WZLPXmi1GRuA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/OYkRMAEE18WLMm5WZLPXmi1GRuA.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         b2:84:0b:e4:44:09:32:52:fa:09:2e:fb:6f:49:e2:27:8e:38:
         72:dd:8f:43:14:fd:27:a0:97:79:59:5e:5e:56:18:1f:3b:1a:
         2e:45:9f:f7:98:cf:50:77:9f:fd:dc:a2:90:eb:bf:7a:76:38:
         d8:09:11:e7:4a:38:77:2e:99:44:53:00:3c:48:e6:45:81:00:
         c9:90:f5:44:fc:a9:35:79:14:09:3a:47:f4:db:46:fd:18:00:
         f7:c4:cf:64:90:84:61:ce:f0:bf:ef:64:1c:9d:67:a2:33:54:
         4d:0c:1f:b2:2e:69:9e:f4:6c:6c:29:e2:23:1b:b4:68:0e:94:
         88:03:a2:2d:2a:c5:20:2c:c6:7b:5f:e5:2c:34:1b:75:a5:6a:
         f5:d5:d1:62:d0:81:c5:31:1c:55:2d:92:03:56:6b:03:08:d1:
         31:92:88:f7:f3:0c:dc:6e:2f:3f:8a:8b:af:9f:9c:70:03:eb:
         02:43:31:68:37:69:de:a5:62:fc:7e:b7:18:57:58:67:2b:b8:
         51:de:5f:18:9e:8e:6e:f4:f1:53:b2:bb:7c:5e:54:ec:f4:e1:
         49:fc:f7:74:fb:65:48:01:97:f4:c0:61:ea:ef:5b:2d:31:b5:
         47:df:b4:cd:55:ec:d7:f9:65:db:60:1a:7d:e2:a1:1b:cb:1b:
         79:32:b2:cb
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCk4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEYxQzkxMTAvBgNVBAUTKDM5ODkxMTMwMDEwNEQ3QzU4QjMyNkU1NjY0QjNENzlB
MkQ0NjQ2RTAwHhcNMjUxMDE4MjA0NzQ2WhcNMjUxMDI1MjA0NzQ2WjAYMRYwFAYD
VQQDEw02OGYzZmNmMy00MTkxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzsJbZg20vzeXCV5LLPMnUn6MH1ws7SRLD7WZ8fnlFnvyUmzpI3TPH7OYCgwm
MwXDUjhfhFgw6Lp9u9Vkaai4pvIgwfITbP57DRRvAkDND3BEuAtuRmWb6jqmupg/
HFmJ+QOC6kC2LRzpQvFRIvtuUZ5RTIvUtbl4V1RsbZRz3wHfENUbgmohffCXcVqX
cblj3vEh4uMxvbTQyZYaTVSDwp86nE6Z9GG0GydnH2RbxWIs99/JKRuq/XFlUXqP
bk6z4dNUrm4Q2KK3h7WgkQZ3fbFg1ItTYx2PGgC1L3CJHDUNDRG8ASwKl2w2Miy0
0a0AhMiZFubg6QMcQAoUK2R/5wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKiPt16I
QDjOFGp7lx/jPZYVRFhtMB8GA1UdIwQYMBaAFDmJETABBNfFizJuVmSz15otRkbg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RjFDOS82QTU3QUI4QzdG
OTUxMUVBQjBFRDg1MzdDNEY5QUUwMi9PWWtSTUFFRTE4V0xNbTVXWkxQWG1pMUdS
dUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09Za1JNQUVFMThXTE1tNVdaTFBYbWkxR1J1QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
RjFDOS82QTU3QUI4QzdGOTUxMUVBQjBFRDg1MzdDNEY5QUUwMi9PWWtSTUFFRTE4
V0xNbTVXWkxQWG1pMUdSdUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCyhAvkRAkyUvoJLvtvSeInjjhy3Y9DFP0noJd5WV5eVhgfOxouRZ/3
mM9Qd5/93KKQ6796djjYCRHnSjh3LplEUwA8SOZFgQDJkPVE/Kk1eRQJOkf020b9
GAD3xM9kkIRhzvC/72QcnWeiM1RNDB+yLmme9GxsKeIjG7RoDpSIA6ItKsUgLMZ7
X+UsNBt1pWr11dFi0IHFMRxVLZIDVmsDCNExkoj38wzcbi8/iouvn5xwA+sCQzFo
N2nepWL8frcYV1hnK7hR3l8Yno5u9PFTsrt8XlTs9OFJ/Pd0+2VIAZf0wGHq71st
MbVH37TNVezX+WXbYBp94qEbyxt5MrLL
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:58:38 2025 by rpki-client