Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91998BE/150E57C6CF4911EA9CC9353EC4F9AE02/0NDWzWh3DDh4O764QbES0FYBdKI.mft
File:                     0NDWzWh3DDh4O764QbES0FYBdKI.mft (raw, json)
Hash identifier:          5IZqwICsmiWf51sAsiVE0H3yhfdb7O7RNEQAwcXz/GY=
Subject key identifier:   0E:54:DC:3A:51:5C:C3:A8:7B:30:71:E1:2C:78:E3:E5:9C:E7:03:18
Authority key identifier: D0:D0:D6:CD:68:77:0C:38:78:3B:BE:B8:41:B1:12:D0:56:01:74:A2
Certificate issuer:       /CN=A91998BE/serialNumber=D0D0D6CD68770C38783BBEB841B112D0560174A2
Certificate serial:       08D5
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0NDWzWh3DDh4O764QbES0FYBdKI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91998BE/150E57C6CF4911EA9CC9353EC4F9AE02/0NDWzWh3DDh4O764QbES0FYBdKI.mft
Manifest number:          08A1
Signing time:             Sat 18 Oct 2025 21:44:45 +0000
Manifest this update:     Sat 18 Oct 2025 21:44:45 +0000
Manifest next update:     Sat 25 Oct 2025 21:44:45 +0000
Files and hashes:         1: 0NDWzWh3DDh4O764QbES0FYBdKI.crl (hash: jI/57iRWHE9P8+Cjej2X6BYc6cubSo/diwfJwnlrDhQ=)
                          2: 577FD5BE067C11ED882FC127C4F9AE02.roa (hash: FZgwTWzQksQtmk/Nfe/JqxwRHSDF1+BlazvC8MqkPtA=)
                          3: 4EF79184489411ED86987260C4F9AE02.roa (hash: a8Efs0GAW5Tg39h9an5o87GfSDA70jqZExOy2QFYQOc=)
                          4: BD1D670AA9AE11F0BAAC4E40C4F9AE02.roa (hash: 50ACgx85pKWBSdecvm1PzIpRWx2Le1Y9DodxHydptpU=)
                          5: 12FD08CAC88411ECAAB5BD09C4F9AE02.roa (hash: Rk9fezvR7MLf0U22xpSZ4jUyV+Jwv2bIeNDcvnRfGXA=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91998BE/150E57C6CF4911EA9CC9353EC4F9AE02/0NDWzWh3DDh4O764QbES0FYBdKI.crl
                          rsync://rpki.apnic.net/member_repository/A91998BE/150E57C6CF4911EA9CC9353EC4F9AE02/0NDWzWh3DDh4O764QbES0FYBdKI.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0NDWzWh3DDh4O764QbES0FYBdKI.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 25 Oct 2025 21:44:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2261 (0x8d5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91998BE, serialNumber=D0D0D6CD68770C38783BBEB841B112D0560174A2
        Validity
            Not Before: Oct 18 21:44:45 2025 GMT
            Not After : Oct 25 21:44:45 2025 GMT
        Subject: CN=68f40a4d-ee83
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:14:6e:74:00:52:15:e8:f7:f3:1b:c3:32:49:
                    db:6a:eb:ab:2c:14:81:0a:ad:1a:42:f8:c3:fe:ad:
                    d7:1d:ef:ab:4f:81:c4:4f:f3:3b:0d:1f:1e:4d:81:
                    b9:cf:70:32:0c:4a:a1:36:a1:06:dc:6c:3f:e2:11:
                    aa:14:3f:75:44:a5:32:03:52:2a:ba:a0:a1:21:a4:
                    49:90:c4:d7:52:fb:c6:13:9f:96:9b:17:25:78:76:
                    34:6f:b7:05:d4:05:2f:59:3c:bc:b8:9b:d1:b0:4b:
                    7f:d1:3b:47:4c:08:82:21:37:ae:6a:ba:a1:bc:83:
                    99:e6:11:69:16:9f:10:5b:31:1a:01:1f:30:f4:cd:
                    6e:42:26:1c:28:b6:2d:44:ab:d3:38:17:89:ef:ea:
                    85:4c:86:dd:d5:5c:9e:c5:df:01:7d:34:1f:6c:32:
                    66:0b:9b:c9:67:91:c2:19:44:26:e2:95:bd:6d:42:
                    eb:43:2a:6f:ba:3b:55:ce:e6:b6:38:8c:4b:04:3a:
                    f1:d7:5b:ee:6b:1d:b0:28:be:b7:65:4e:20:1d:f0:
                    2f:4a:aa:69:e5:04:7b:a4:6a:27:7b:43:01:7f:ab:
                    c2:7d:c5:d7:27:4e:c8:37:ee:4a:20:e0:70:4c:c8:
                    60:c2:38:eb:35:6a:93:06:b1:3e:7f:eb:70:0c:61:
                    84:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:54:DC:3A:51:5C:C3:A8:7B:30:71:E1:2C:78:E3:E5:9C:E7:03:18
            X509v3 Authority Key Identifier:
                keyid:D0:D0:D6:CD:68:77:0C:38:78:3B:BE:B8:41:B1:12:D0:56:01:74:A2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91998BE/150E57C6CF4911EA9CC9353EC4F9AE02/0NDWzWh3DDh4O764QbES0FYBdKI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0NDWzWh3DDh4O764QbES0FYBdKI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91998BE/150E57C6CF4911EA9CC9353EC4F9AE02/0NDWzWh3DDh4O764QbES0FYBdKI.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:72:18:42:86:77:4f:e9:eb:4d:4c:6e:50:89:d6:ff:33:69:
         84:db:53:84:3c:d4:79:92:4c:09:c4:c5:ee:18:15:f1:11:7d:
         79:e1:cf:a7:bc:6c:5f:d1:77:b7:07:63:23:24:6a:1e:8d:42:
         da:75:fb:5c:54:92:6d:a8:17:96:67:59:5c:f5:3f:22:8f:08:
         ef:75:e8:8a:b5:ca:f4:be:70:01:33:35:ab:a2:38:ab:a2:e9:
         8e:95:68:64:09:5d:5b:ff:88:56:f5:48:35:ab:a7:d0:18:4c:
         e8:13:9d:8f:a6:29:d4:9d:d3:3a:76:41:b6:a2:f7:62:ef:f7:
         9b:81:59:8b:7f:82:31:c4:41:da:39:07:ce:98:d2:9c:2e:d7:
         96:ac:74:f6:da:80:7d:8d:f0:6d:45:b4:89:09:88:c3:1a:92:
         43:24:c6:1c:cf:06:ba:48:81:e0:3f:17:e5:9a:41:31:f9:ac:
         05:3d:f5:18:8c:5c:94:35:3f:ee:36:17:32:95:92:79:a6:06:
         7b:53:39:37:1c:25:3f:f3:f2:b8:3d:93:83:b0:ae:25:dd:0b:
         52:68:ed:8a:bb:f4:03:cb:87:0b:b7:f3:e4:24:eb:6a:ef:c6:
         d6:f6:e2:99:85:3d:c6:cc:44:ef:fe:ad:55:ee:80:42:08:4a:
         98:0c:71:a0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCNUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTk4QkUxMTAvBgNVBAUTKEQwRDBENkNENjg3NzBDMzg3ODNCQkVCODQxQjExMkQw
NTYwMTc0QTIwHhcNMjUxMDE4MjE0NDQ1WhcNMjUxMDI1MjE0NDQ1WjAYMRYwFAYD
VQQDEw02OGY0MGE0ZC1lZTgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5RRudABSFej38xvDMknbauurLBSBCq0aQvjD/q3XHe+rT4HET/M7DR8eTYG5
z3AyDEqhNqEG3Gw/4hGqFD91RKUyA1IquqChIaRJkMTXUvvGE5+WmxcleHY0b7cF
1AUvWTy8uJvRsEt/0TtHTAiCITeuarqhvIOZ5hFpFp8QWzEaAR8w9M1uQiYcKLYt
RKvTOBeJ7+qFTIbd1Vyexd8BfTQfbDJmC5vJZ5HCGUQm4pW9bULrQypvujtVzua2
OIxLBDrx11vuax2wKL63ZU4gHfAvSqpp5QR7pGone0MBf6vCfcXXJ07IN+5KIOBw
TMhgwjjrNWqTBrE+f+twDGGEdQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFA5U3DpR
XMOoezBx4Sx44+Wc5wMYMB8GA1UdIwQYMBaAFNDQ1s1odww4eDu+uEGxEtBWAXSi
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5OThCRS8xNTBFNTdDNkNG
NDkxMUVBOUNDOTM1M0VDNEY5QUUwMi8wTkRXeldoM0REaDRPNzY0UWJFUzBGWUJk
S0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzBORFd6V2gzRERoNE83NjRRYkVTMEZZQmRLSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
OThCRS8xNTBFNTdDNkNGNDkxMUVBOUNDOTM1M0VDNEY5QUUwMi8wTkRXeldoM0RE
aDRPNzY0UWJFUzBGWUJkS0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBGchhChndP6etNTG5Qidb/M2mE21OEPNR5kkwJxMXuGBXxEX154c+n
vGxf0Xe3B2MjJGoejULadftcVJJtqBeWZ1lc9T8ijwjvdeiKtcr0vnABMzWrojir
oumOlWhkCV1b/4hW9Ug1q6fQGEzoE52PpinUndM6dkG2ovdi7/ebgVmLf4IxxEHa
OQfOmNKcLteWrHT22oB9jfBtRbSJCYjDGpJDJMYczwa6SIHgPxflmkEx+awFPfUY
jFyUNT/uNhcylZJ5pgZ7Uzk3HCU/8/K4PZODsK4l3QtSaO2Ku/QDy4cLt/PkJOtq
78bW9uKZhT3GzETv/q1V7oBCCEqYDHGg
-----END CERTIFICATE-----
Generated at Mon Oct 20 11:28:26 2025 by rpki-client