Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91964B3/E65851121D8411E2A1BA30DB08B02CD2/s5hmqZ0c2fTn6PU8iK0U2omhhiU.mft
File:                     s5hmqZ0c2fTn6PU8iK0U2omhhiU.mft (raw, json)
Hash identifier:          tN6w+WXdppp/944z6YFLc86xlMabi6HVnzExmnQlJLU=
Subject key identifier:   6C:D4:A3:FE:CD:9A:37:21:A8:55:38:36:B7:F6:F5:63:70:59:0D:26
Authority key identifier: B3:98:66:A9:9D:1C:D9:F4:E7:E8:F5:3C:88:AD:14:DA:89:A1:86:25
Certificate issuer:       /CN=A91964B3/serialNumber=B39866A99D1CD9F4E7E8F53C88AD14DA89A18625
Certificate serial:       3727
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s5hmqZ0c2fTn6PU8iK0U2omhhiU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91964B3/E65851121D8411E2A1BA30DB08B02CD2/s5hmqZ0c2fTn6PU8iK0U2omhhiU.mft
Manifest number:          3617
Signing time:             Sat 18 Oct 2025 14:26:39 +0000
Manifest this update:     Sat 18 Oct 2025 14:26:38 +0000
Manifest next update:     Sat 25 Oct 2025 14:26:38 +0000
Files and hashes:         1: s5hmqZ0c2fTn6PU8iK0U2omhhiU.crl (hash: wtIbujDevdKKQeDH6DNDjdDO5osml/avXskeOJULKug=)
                          2: B36EA83C70B111E98CFFF710C4F9AE02.roa (hash: YPxJgAFP2pm+e64iG82yJRkFHNHfja4F2rH7VSVuFpA=)
                          3: B81E038AAB2B11F0B1F65E12C4F9AE02.roa (hash: M4hjsDFfjO6vpLrqlKRqCxOehABopd9y2sc52i15Nq0=)
                          4: 160B219870BA11E99E0F6D2DC4F9AE02.roa (hash: 3QqIb/PpEMe7CSOMb9cfzIUcXW1tet3HABkiD8A3zkU=)
                          5: 26A143C291EB11EF8A024083C4F9AE02.roa (hash: apyNb0gzlP7QIPlzF+1SGVtUOjpAimi2EUrocnrYZRM=)
                          6: 18F4FD76918111EC93DCA42AC4F9AE02.roa (hash: 8JKaEfgtThOrevd/FI1wUsWQCsjDZCsWDfH4rtPvYOM=)
                          7: B0EB27B470B811E9B32F6726C4F9AE02.roa (hash: Yn6iyp3sOHzht7NrUVV1K95CTLrIyR+zeCU6DhPlbi0=)
                          8: 9538F912A09511EE9616A86EC4F9AE02.roa (hash: UIhH1UdXX1/WldxbBw/5eFdUsW8H5rv3xowCVi4x/js=)
                          9: 71D60BC2F6BA11EB865C4246C4F9AE02.roa (hash: E9Q0DLQxOx2PNLNxJzUPOmEekE0nfR8RNH8+NziMkYc=)
                          10: 9AF37E96D71B11EA9532F30CC4F9AE02.roa (hash: UB9M+LLNN3sS8I2EFsp8N9BHGeanS2Z+lbFEvYsOTeM=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91964B3/E65851121D8411E2A1BA30DB08B02CD2/s5hmqZ0c2fTn6PU8iK0U2omhhiU.crl
                          rsync://rpki.apnic.net/member_repository/A91964B3/E65851121D8411E2A1BA30DB08B02CD2/s5hmqZ0c2fTn6PU8iK0U2omhhiU.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s5hmqZ0c2fTn6PU8iK0U2omhhiU.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 25 Oct 2025 14:26:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 14119 (0x3727)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91964B3, serialNumber=B39866A99D1CD9F4E7E8F53C88AD14DA89A18625
        Validity
            Not Before: Oct 18 14:26:38 2025 GMT
            Not After : Oct 25 14:26:38 2025 GMT
        Subject: CN=68f3a39e-ac57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:10:96:65:7e:28:26:a4:70:f2:cb:1c:5b:8c:
                    c9:7e:32:12:df:d2:63:de:cc:ef:8c:d9:40:9e:e0:
                    e5:53:b3:0a:62:99:30:ad:3b:50:e9:80:4f:c3:56:
                    6e:c6:b0:6c:0c:05:22:a6:e3:65:c4:52:c9:e8:17:
                    65:23:8e:9a:2f:4f:db:71:4f:f0:88:24:76:cb:2d:
                    ff:fe:b9:4a:e9:27:e4:b9:28:c2:be:72:d6:20:55:
                    4c:4a:66:a0:f9:3f:9b:be:85:b5:99:0d:00:c0:d7:
                    5b:4a:46:32:95:32:46:5b:62:9d:a6:c7:45:33:04:
                    8f:9c:de:47:9f:0c:49:95:37:48:7c:a7:88:4e:de:
                    c7:77:8c:34:d1:05:c2:bd:15:7f:93:5c:4f:46:9e:
                    4a:52:ee:7a:50:1d:73:cd:49:16:37:58:f7:52:98:
                    a6:ac:c3:8e:cb:61:15:0e:67:a4:e2:0d:f6:e7:45:
                    db:7b:a9:b4:4c:fc:38:f4:f1:c1:75:5a:6e:65:c1:
                    3f:d5:bb:f0:82:7e:f4:4f:3a:d0:b9:87:bd:49:a2:
                    d7:46:ec:02:dc:74:31:2c:e9:02:ea:a8:5e:28:e4:
                    97:4c:1f:dd:a0:51:5e:f3:b6:8a:7b:56:e3:fc:26:
                    0f:8c:39:3f:58:a8:fb:87:f5:be:45:17:de:e6:f8:
                    0f:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:D4:A3:FE:CD:9A:37:21:A8:55:38:36:B7:F6:F5:63:70:59:0D:26
            X509v3 Authority Key Identifier:
                keyid:B3:98:66:A9:9D:1C:D9:F4:E7:E8:F5:3C:88:AD:14:DA:89:A1:86:25

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91964B3/E65851121D8411E2A1BA30DB08B02CD2/s5hmqZ0c2fTn6PU8iK0U2omhhiU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s5hmqZ0c2fTn6PU8iK0U2omhhiU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91964B3/E65851121D8411E2A1BA30DB08B02CD2/s5hmqZ0c2fTn6PU8iK0U2omhhiU.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:b1:02:9a:83:6a:f3:91:5c:dd:5e:6c:36:9c:fd:dc:15:1d:
         52:6b:7b:a6:1b:a6:e0:17:b9:6d:5d:05:8d:13:b9:8c:10:98:
         d3:d8:39:34:dd:85:38:76:aa:68:b7:c2:31:a9:f3:20:fe:26:
         8e:c8:62:db:df:92:1d:c0:92:c9:93:6e:dd:75:75:63:f2:76:
         75:3d:87:5b:b5:e5:81:18:1b:7c:0b:f8:98:6c:f3:20:72:07:
         65:bc:79:5c:5b:a1:f9:8e:06:b8:25:36:31:b7:bc:46:50:d0:
         87:3b:eb:08:c0:eb:69:68:5f:b5:a5:ae:33:e7:10:87:5d:d4:
         8b:a7:87:9a:c3:c8:18:14:6a:88:de:48:10:b4:6a:ab:97:b4:
         cb:fc:2b:c0:05:c2:28:8a:8b:97:af:24:59:26:44:d8:9d:fb:
         46:54:04:83:8b:5c:ac:98:3c:9f:0c:38:10:26:b4:d2:26:69:
         ce:c9:f3:0f:b3:a9:52:4e:a8:ce:61:c0:f1:b6:3a:2a:a7:bf:
         6f:fb:4d:2f:85:38:e8:b7:72:66:32:41:f9:d8:bf:fe:22:1d:
         e1:c6:8d:8b:ec:9d:58:a3:33:92:04:08:49:eb:9f:3b:f0:51:
         c1:2a:bb:a8:e5:80:83:c5:aa:6d:82:05:59:99:f0:47:a3:73:
         9c:19:89:fc
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICNycwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTY0QjMxMTAvBgNVBAUTKEIzOTg2NkE5OUQxQ0Q5RjRFN0U4RjUzQzg4QUQxNERB
ODlBMTg2MjUwHhcNMjUxMDE4MTQyNjM4WhcNMjUxMDI1MTQyNjM4WjAYMRYwFAYD
VQQDEw02OGYzYTM5ZS1hYzU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyBCWZX4oJqRw8sscW4zJfjIS39Jj3szvjNlAnuDlU7MKYpkwrTtQ6YBPw1Zu
xrBsDAUipuNlxFLJ6BdlI46aL0/bcU/wiCR2yy3//rlK6SfkuSjCvnLWIFVMSmag
+T+bvoW1mQ0AwNdbSkYylTJGW2KdpsdFMwSPnN5HnwxJlTdIfKeITt7Hd4w00QXC
vRV/k1xPRp5KUu56UB1zzUkWN1j3UpimrMOOy2EVDmek4g3250Xbe6m0TPw49PHB
dVpuZcE/1bvwgn70TzrQuYe9SaLXRuwC3HQxLOkC6qheKOSXTB/doFFe87aKe1bj
/CYPjDk/WKj7h/W+RRfe5vgPrwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGzUo/7N
mjchqFU4Nrf29WNwWQ0mMB8GA1UdIwQYMBaAFLOYZqmdHNn05+j1PIitFNqJoYYl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NjRCMy9FNjU4NTExMjFE
ODQxMUUyQTFCQTMwREIwOEIwMkNEMi9zNWhtcVowYzJmVG42UFU4aUswVTJvbWho
aVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3M1aG1xWjBjMmZUbjZQVThpSzBVMm9taGhpVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
NjRCMy9FNjU4NTExMjFEODQxMUUyQTFCQTMwREIwOEIwMkNEMi9zNWhtcVowYzJm
VG42UFU4aUswVTJvbWhoaVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCrsQKag2rzkVzdXmw2nP3cFR1Sa3umG6bgF7ltXQWNE7mMEJjT2Dk0
3YU4dqpot8IxqfMg/iaOyGLb35IdwJLJk27ddXVj8nZ1PYdbteWBGBt8C/iYbPMg
cgdlvHlcW6H5jga4JTYxt7xGUNCHO+sIwOtpaF+1pa4z5xCHXdSLp4eaw8gYFGqI
3kgQtGqrl7TL/CvABcIoiouXryRZJkTYnftGVASDi1ysmDyfDDgQJrTSJmnOyfMP
s6lSTqjOYcDxtjoqp79v+00vhTjot3JmMkH52L/+Ih3hxo2L7J1YozOSBAhJ6587
8FHBKruo5YCDxaptggVZmfBHo3OcGYn8
-----END CERTIFICATE-----
Generated at Mon Oct 20 05:44:37 2025 by rpki-client