Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A2F88/4C7DA3C0E0A311EC8F9C0E58C4F9AE02/NpQoPSE6XlZ5WORs29gStcxynXE.mft
File:                     NpQoPSE6XlZ5WORs29gStcxynXE.mft (raw, json)
Hash identifier:          qsmQFcqLnw68F1ehRsOZ3H96Rg9xoI5/moN9swel3EU=
Subject key identifier:   87:85:AF:25:C5:D1:96:B9:9F:B2:0C:D5:BA:C4:C4:16:78:F6:CE:BE
Authority key identifier: 36:94:28:3D:21:3A:5E:56:79:58:E4:6C:DB:D8:12:B5:CC:72:9D:71
Certificate issuer:       /CN=A91A2F88/serialNumber=3694283D213A5E567958E46CDBD812B5CC729D71
Certificate serial:       033C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NpQoPSE6XlZ5WORs29gStcxynXE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A2F88/4C7DA3C0E0A311EC8F9C0E58C4F9AE02/NpQoPSE6XlZ5WORs29gStcxynXE.mft
Manifest number:          0337
Signing time:             Sun 19 Oct 2025 03:08:08 +0000
Manifest this update:     Sun 19 Oct 2025 03:08:06 +0000
Manifest next update:     Sun 26 Oct 2025 03:08:06 +0000
Files and hashes:         1: NpQoPSE6XlZ5WORs29gStcxynXE.crl (hash: Wa74wWKUksnRBEfLRO/onyLGWY/b8Sv6SHgQ8gcVAYE=)
                          2: 54467164E0A711EC8F4D5B5FC4F9AE02.roa (hash: HwkSTw7raizrXpljDXnHXfZQCr+VPlFOvS2ci48bY0A=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91A2F88/4C7DA3C0E0A311EC8F9C0E58C4F9AE02/NpQoPSE6XlZ5WORs29gStcxynXE.crl
                          rsync://rpki.apnic.net/member_repository/A91A2F88/4C7DA3C0E0A311EC8F9C0E58C4F9AE02/NpQoPSE6XlZ5WORs29gStcxynXE.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NpQoPSE6XlZ5WORs29gStcxynXE.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 26 Oct 2025 03:08:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 828 (0x33c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A2F88, serialNumber=3694283D213A5E567958E46CDBD812B5CC729D71
        Validity
            Not Before: Oct 19 03:08:06 2025 GMT
            Not After : Oct 26 03:08:06 2025 GMT
        Subject: CN=68f45618-3a99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:d5:f5:1d:de:7d:97:22:9d:fc:a6:6a:80:be:
                    ed:59:3e:90:f5:b5:4b:c2:43:ff:d7:e3:76:f6:78:
                    de:12:3a:58:24:a3:19:6d:ef:17:c4:28:94:00:8b:
                    b5:37:18:d8:1c:fd:21:a3:1a:88:45:60:ca:24:0e:
                    80:91:a7:e2:6e:c7:b8:b1:d1:92:0a:1e:77:a4:a4:
                    97:ca:8c:a7:23:c4:7e:16:df:df:e0:e6:06:1a:68:
                    be:94:b8:ba:a0:e3:77:98:0f:04:80:ec:2c:60:a5:
                    85:13:a6:36:dc:d1:ca:1c:cc:ea:e0:c0:16:ce:52:
                    f4:d4:25:d6:f5:f7:64:8e:41:c4:aa:44:f9:24:2b:
                    29:af:f0:1c:df:e3:8a:f0:f9:b6:9d:b7:26:4d:f9:
                    47:53:8c:f0:01:cd:73:d3:96:53:3e:26:9e:fb:21:
                    c5:47:78:fd:d1:52:a4:54:3b:76:e8:04:c7:d9:aa:
                    37:2c:e1:e9:fc:e3:b8:e9:f3:68:20:ba:f9:ff:81:
                    3b:d4:b8:98:35:d8:fc:be:93:a3:dd:12:30:8a:18:
                    8d:5d:56:5a:f2:2f:1f:79:a4:77:56:8f:6c:2a:d6:
                    b5:a8:4e:83:0e:24:1e:e4:18:0b:26:80:ba:31:2e:
                    18:17:6f:d6:0a:45:0d:f3:96:5c:e2:2b:c6:9c:eb:
                    03:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:85:AF:25:C5:D1:96:B9:9F:B2:0C:D5:BA:C4:C4:16:78:F6:CE:BE
            X509v3 Authority Key Identifier:
                keyid:36:94:28:3D:21:3A:5E:56:79:58:E4:6C:DB:D8:12:B5:CC:72:9D:71

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A2F88/4C7DA3C0E0A311EC8F9C0E58C4F9AE02/NpQoPSE6XlZ5WORs29gStcxynXE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NpQoPSE6XlZ5WORs29gStcxynXE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A2F88/4C7DA3C0E0A311EC8F9C0E58C4F9AE02/NpQoPSE6XlZ5WORs29gStcxynXE.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:a4:8d:d4:e6:25:83:18:6b:e5:b5:cb:4a:ff:e6:57:0b:1a:
         b3:2a:48:16:4a:46:88:45:f6:0d:ce:02:8c:e9:f5:28:d1:56:
         9e:f1:2e:03:c3:72:c3:b4:19:6a:88:c7:c8:f4:a8:b3:8e:2f:
         5f:01:59:3b:da:59:c4:94:20:07:83:4a:22:3a:e2:1f:2f:34:
         7b:e2:73:d4:d2:1d:e5:73:22:21:89:54:9e:d9:97:a2:8e:d5:
         ad:2f:5d:0b:d8:c1:c4:97:84:5c:af:80:70:32:85:ab:f9:56:
         ca:84:32:db:f7:b2:2e:89:76:f3:65:ad:dd:64:a2:5b:e5:10:
         e4:37:da:7d:9d:4d:28:61:a6:c1:2b:82:17:cb:7a:b7:67:f7:
         ee:6b:16:88:97:1a:f8:c0:83:0b:72:40:6e:b4:54:fc:16:ba:
         21:9a:02:11:33:28:d8:0d:76:c2:77:51:4c:33:ea:29:31:79:
         0e:20:24:d3:03:f0:a9:5f:1b:b2:cb:e1:df:86:fe:5b:f5:e9:
         5d:b5:24:43:e7:3f:38:a4:88:1e:47:3e:96:01:69:eb:f7:73:
         5e:41:ec:30:9e:66:1e:fa:3b:88:dc:5c:fc:12:16:36:5b:77:
         fc:47:94:f5:e9:17:bb:7b:59:14:95:cb:41:b3:b5:9d:3f:a9:
         2b:02:91:87
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAzwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTJGODgxMTAvBgNVBAUTKDM2OTQyODNEMjEzQTVFNTY3OTU4RTQ2Q0RCRDgxMkI1
Q0M3MjlENzEwHhcNMjUxMDE5MDMwODA2WhcNMjUxMDI2MDMwODA2WjAYMRYwFAYD
VQQDEw02OGY0NTYxOC0zYTk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA69X1Hd59lyKd/KZqgL7tWT6Q9bVLwkP/1+N29njeEjpYJKMZbe8XxCiUAIu1
NxjYHP0hoxqIRWDKJA6Akafibse4sdGSCh53pKSXyoynI8R+Ft/f4OYGGmi+lLi6
oON3mA8EgOwsYKWFE6Y23NHKHMzq4MAWzlL01CXW9fdkjkHEqkT5JCspr/Ac3+OK
8Pm2nbcmTflHU4zwAc1z05ZTPiae+yHFR3j90VKkVDt26ATH2ao3LOHp/OO46fNo
ILr5/4E71LiYNdj8vpOj3RIwihiNXVZa8i8feaR3Vo9sKta1qE6DDiQe5BgLJoC6
MS4YF2/WCkUN85Zc4ivGnOsDDQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIeFryXF
0Za5n7IM1brExBZ49s6+MB8GA1UdIwQYMBaAFDaUKD0hOl5WeVjkbNvYErXMcp1x
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMkY4OC80QzdEQTNDMEUw
QTMxMUVDOEY5QzBFNThDNEY5QUUwMi9OcFFvUFNFNlhsWjVXT1JzMjlnU3RjeHlu
WEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL05wUW9QU0U2WGxaNVdPUnMyOWdTdGN4eW5YRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
MkY4OC80QzdEQTNDMEUwQTMxMUVDOEY5QzBFNThDNEY5QUUwMi9OcFFvUFNFNlhs
WjVXT1JzMjlnU3RjeHluWEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBnpI3U5iWDGGvltctK/+ZXCxqzKkgWSkaIRfYNzgKM6fUo0Vae8S4D
w3LDtBlqiMfI9Kizji9fAVk72lnElCAHg0oiOuIfLzR74nPU0h3lcyIhiVSe2Zei
jtWtL10L2MHEl4Rcr4BwMoWr+VbKhDLb97IuiXbzZa3dZKJb5RDkN9p9nU0oYabB
K4IXy3q3Z/fuaxaIlxr4wIMLckButFT8FrohmgIRMyjYDXbCd1FMM+opMXkOICTT
A/CpXxuyy+Hfhv5b9eldtSRD5z84pIgeRz6WAWnr93NeQewwnmYe+juI3Fz8EhY2
W3f8R5T16Re7e1kUlctBs7WdP6krApGH
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:15:01 2025 by rpki-client