Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9193339/45267970B2FA11ECB574CE7FC4F9AE02/hy5atTm-Q4V0A9T11FpUcrsgem0.mft
File:                     hy5atTm-Q4V0A9T11FpUcrsgem0.mft (raw, json)
Hash identifier:          1wGbrWts2OS1ru67fQzbx51khHYphLmdK7/wVHqt+u8=
Subject key identifier:   76:5F:70:2B:A0:08:32:0D:49:91:51:7D:B4:F3:B9:31:6F:E2:6F:A3
Authority key identifier: 87:2E:5A:B5:39:BE:43:85:74:03:D4:F5:D4:5A:54:72:BB:20:7A:6D
Certificate issuer:       /CN=A9193339/serialNumber=872E5AB539BE43857403D4F5D45A5472BB207A6D
Certificate serial:       03B8
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hy5atTm-Q4V0A9T11FpUcrsgem0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9193339/45267970B2FA11ECB574CE7FC4F9AE02/hy5atTm-Q4V0A9T11FpUcrsgem0.mft
Manifest number:          03A9
Signing time:             Sun 19 Oct 2025 02:43:33 +0000
Manifest this update:     Sun 19 Oct 2025 02:43:32 +0000
Manifest next update:     Sun 26 Oct 2025 02:43:32 +0000
Files and hashes:         1: hy5atTm-Q4V0A9T11FpUcrsgem0.crl (hash: 7pS69I6pUyDDxc9UIhga97uVhgsd2xiWIQYPQs6HKHk=)
                          2: A445EAA0B5B911EC8AADD413C4F9AE02.roa (hash: fxFlUsOaGScQkl9QgTozAWohlmX4iM9s7uV5Ua++ETg=)
                          3: 1D171A58C76211EC95B63648C4F9AE02.roa (hash: u3mehOty6gVz9qRridn7xauePsp938KB+uM0lLKTBHU=)
                          4: 2FCAC3ACC48311ECAAAACC0CC4F9AE02.roa (hash: OvtIBWIONkhrTQi/ko/Qtu38pVg+GOOY2iprHCNF2R8=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9193339/45267970B2FA11ECB574CE7FC4F9AE02/hy5atTm-Q4V0A9T11FpUcrsgem0.crl
                          rsync://rpki.apnic.net/member_repository/A9193339/45267970B2FA11ECB574CE7FC4F9AE02/hy5atTm-Q4V0A9T11FpUcrsgem0.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hy5atTm-Q4V0A9T11FpUcrsgem0.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 26 Oct 2025 02:43:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 952 (0x3b8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9193339, serialNumber=872E5AB539BE43857403D4F5D45A5472BB207A6D
        Validity
            Not Before: Oct 19 02:43:32 2025 GMT
            Not After : Oct 26 02:43:32 2025 GMT
        Subject: CN=68f45055-66f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:5e:3e:b7:03:a9:30:52:b8:90:da:36:d9:4f:
                    8f:eb:c2:47:86:cf:33:5c:d9:e5:42:e8:b7:8a:f1:
                    1b:27:ef:4b:37:95:0f:43:1a:fb:c7:54:1b:26:d5:
                    4c:67:03:fe:2c:7e:59:10:c3:13:d1:08:db:13:8a:
                    c0:1f:f7:0f:3c:b5:62:5c:f0:b5:74:d2:ba:7a:76:
                    62:de:f0:ed:9a:85:96:ce:00:0a:11:ed:f9:b0:a1:
                    4b:18:eb:51:87:c2:72:f3:ab:85:12:70:f3:a0:1c:
                    16:ec:d3:1d:10:fe:de:71:c8:f2:64:47:c3:db:52:
                    23:6d:3a:d0:bc:26:50:04:58:0b:8e:be:e4:3c:f4:
                    e4:f3:6c:d4:6b:f3:30:34:e4:74:81:fd:6b:78:ee:
                    06:15:65:91:ef:6c:2e:f7:26:ff:dd:1e:c6:c9:d9:
                    00:04:e6:a6:5c:07:79:1c:c3:2c:3d:93:74:51:58:
                    f7:ce:03:62:a2:0c:35:0d:68:e3:2f:36:76:4c:cf:
                    17:1e:2a:f5:5f:6c:02:2d:7a:56:15:7c:92:95:84:
                    30:ac:3b:e0:82:99:49:b9:54:ee:a3:72:cd:cf:a6:
                    2b:6e:54:51:db:b5:1e:0d:87:7f:b0:30:d6:0c:f9:
                    e1:72:91:b4:fd:59:12:14:58:f1:39:86:91:ca:f5:
                    b5:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:5F:70:2B:A0:08:32:0D:49:91:51:7D:B4:F3:B9:31:6F:E2:6F:A3
            X509v3 Authority Key Identifier:
                keyid:87:2E:5A:B5:39:BE:43:85:74:03:D4:F5:D4:5A:54:72:BB:20:7A:6D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9193339/45267970B2FA11ECB574CE7FC4F9AE02/hy5atTm-Q4V0A9T11FpUcrsgem0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hy5atTm-Q4V0A9T11FpUcrsgem0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9193339/45267970B2FA11ECB574CE7FC4F9AE02/hy5atTm-Q4V0A9T11FpUcrsgem0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:3c:f0:13:58:40:a7:ba:f1:bf:18:5e:ed:63:f3:67:87:c5:
         44:b3:70:83:9f:cf:15:84:ff:12:6c:e4:2d:20:de:f1:a8:53:
         ff:26:ff:aa:76:64:ef:20:c9:f9:b7:44:25:9c:b7:e5:ed:c1:
         ba:59:3a:20:e0:98:88:23:67:8d:74:d1:da:62:51:7b:72:70:
         99:42:fe:6b:ce:42:7b:c5:eb:ac:78:c9:f2:67:c3:77:bc:4a:
         f5:2d:1f:13:d5:a6:41:ad:30:94:d5:ac:93:8e:85:38:81:66:
         71:99:82:9f:b7:a1:7b:ab:ac:1f:4a:94:fe:52:95:8d:e5:52:
         65:93:80:c4:d0:d3:b2:e6:27:5e:b2:32:01:36:a1:87:96:21:
         a0:8b:a1:75:a0:fd:38:7f:73:33:bb:db:52:3b:9f:76:d2:8f:
         80:fb:9d:4c:b7:7e:2a:9f:b8:68:72:56:0c:0f:df:e8:19:60:
         ad:f0:16:91:1e:a4:9a:cd:51:5c:f8:26:32:ac:ad:b1:d2:36:
         b0:bb:9a:e8:ab:f8:cb:b5:6b:b9:d1:36:62:78:4a:ed:a1:54:
         ce:14:f1:69:86:a5:02:f3:b5:80:6e:b3:09:5c:00:e8:16:76:
         60:40:d5:03:10:cf:72:ff:f9:5f:7c:96:ea:71:9f:74:4c:0d:
         6f:b9:1a:42
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICA7gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTMzMzkxMTAvBgNVBAUTKDg3MkU1QUI1MzlCRTQzODU3NDAzRDRGNUQ0NUE1NDcy
QkIyMDdBNkQwHhcNMjUxMDE5MDI0MzMyWhcNMjUxMDI2MDI0MzMyWjAYMRYwFAYD
VQQDEw02OGY0NTA1NS02NmY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAql4+twOpMFK4kNo22U+P68JHhs8zXNnlQui3ivEbJ+9LN5UPQxr7x1QbJtVM
ZwP+LH5ZEMMT0QjbE4rAH/cPPLViXPC1dNK6enZi3vDtmoWWzgAKEe35sKFLGOtR
h8Jy86uFEnDzoBwW7NMdEP7eccjyZEfD21IjbTrQvCZQBFgLjr7kPPTk82zUa/Mw
NOR0gf1reO4GFWWR72wu9yb/3R7GydkABOamXAd5HMMsPZN0UVj3zgNiogw1DWjj
LzZ2TM8XHir1X2wCLXpWFXySlYQwrDvggplJuVTuo3LNz6YrblRR27UeDYd/sDDW
DPnhcpG0/VkSFFjxOYaRyvW1dwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHZfcCug
CDINSZFRfbTzuTFv4m+jMB8GA1UdIwQYMBaAFIcuWrU5vkOFdAPU9dRaVHK7IHpt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MzMzOS80NTI2Nzk3MEIy
RkExMUVDQjU3NENFN0ZDNEY5QUUwMi9oeTVhdFRtLVE0VjBBOVQxMUZwVWNyc2dl
bTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h5NWF0VG0tUTRWMEE5VDExRnBVY3JzZ2VtMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
MzMzOS80NTI2Nzk3MEIyRkExMUVDQjU3NENFN0ZDNEY5QUUwMi9oeTVhdFRtLVE0
VjBBOVQxMUZwVWNyc2dlbTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBIPPATWECnuvG/GF7tY/Nnh8VEs3CDn88VhP8SbOQtIN7xqFP/Jv+q
dmTvIMn5t0QlnLfl7cG6WTog4JiII2eNdNHaYlF7cnCZQv5rzkJ7xeuseMnyZ8N3
vEr1LR8T1aZBrTCU1ayTjoU4gWZxmYKft6F7q6wfSpT+UpWN5VJlk4DE0NOy5ide
sjIBNqGHliGgi6F1oP04f3Mzu9tSO5920o+A+51Mt34qn7hoclYMD9/oGWCt8BaR
HqSazVFc+CYyrK2x0jawu5roq/jLtWu50TZieErtoVTOFPFphqUC87WAbrMJXADo
FnZgQNUDEM9y//lffJbqcZ90TA1vuRpC
-----END CERTIFICATE-----
Generated at Mon Oct 20 21:45:22 2025 by rpki-client