Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A7273/FC50500EE77111EF9DFBDD50C4F9AE02/3aSfQfYYpV-cp8_FW66nthbZV2I.mft
File:                     3aSfQfYYpV-cp8_FW66nthbZV2I.mft (raw, json)
Hash identifier:          qPQoyiJlb0H1TR4YbECmPn4xia2QVMnywcbrwKX/5b0=
Subject key identifier:   C4:00:F6:CB:4A:E5:27:25:FA:E1:A8:7A:6E:3E:92:D5:D6:63:47:61
Authority key identifier: DD:A4:9F:41:F6:18:A5:5F:9C:A7:CF:C5:5B:AE:A7:B6:16:D9:57:62
Certificate issuer:       /CN=A91A7273/serialNumber=DDA49F41F618A55F9CA7CFC55BAEA7B616D95762
Certificate serial:       85
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3aSfQfYYpV-cp8_FW66nthbZV2I.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A7273/FC50500EE77111EF9DFBDD50C4F9AE02/3aSfQfYYpV-cp8_FW66nthbZV2I.mft
Manifest number:          84
Signing time:             Sun 19 Oct 2025 09:57:09 +0000
Manifest this update:     Sun 19 Oct 2025 09:57:09 +0000
Manifest next update:     Sun 26 Oct 2025 09:57:09 +0000
Files and hashes:         1: 3aSfQfYYpV-cp8_FW66nthbZV2I.crl (hash: idylJ7tLWkoFGIwOZp1K45xTWZ4KFY0xCnWPBk3EKiI=)
                          2: 3958EEC642BB11F0B449BB81C4F9AE02.roa (hash: SygYrtM3v/MPPC9qe7TYDUy1/kulSQDEnXRN8vMuKwo=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91A7273/FC50500EE77111EF9DFBDD50C4F9AE02/3aSfQfYYpV-cp8_FW66nthbZV2I.crl
                          rsync://rpki.apnic.net/member_repository/A91A7273/FC50500EE77111EF9DFBDD50C4F9AE02/3aSfQfYYpV-cp8_FW66nthbZV2I.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3aSfQfYYpV-cp8_FW66nthbZV2I.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 26 Oct 2025 09:57:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 133 (0x85)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A7273, serialNumber=DDA49F41F618A55F9CA7CFC55BAEA7B616D95762
        Validity
            Not Before: Oct 19 09:57:09 2025 GMT
            Not After : Oct 26 09:57:09 2025 GMT
        Subject: CN=68f4b5f5-8157
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:49:e3:72:4a:ed:94:58:69:03:26:a6:b0:2f:
                    63:f7:4d:9c:8e:1e:2c:f0:d2:c1:fa:f7:40:f7:87:
                    6d:61:61:26:c5:0a:2e:88:b9:62:b5:2d:b6:be:42:
                    71:4e:dc:e0:a7:10:1a:8e:d2:f1:57:6d:67:55:76:
                    dc:cc:d4:4a:7f:b8:17:50:99:86:38:46:16:91:65:
                    d0:75:86:7a:16:d0:62:75:fd:d0:d2:de:d0:b7:0f:
                    df:8a:5c:06:85:b8:b0:8a:45:09:57:e0:5a:ab:66:
                    a9:23:8e:ae:8b:b0:49:c3:2d:08:6c:35:cc:d2:07:
                    33:a8:99:f8:85:20:47:26:31:d7:a8:2e:93:6c:b3:
                    66:90:d9:18:83:01:7a:1e:6a:3c:4f:ea:a8:70:53:
                    7a:59:b5:f4:00:ec:ec:f1:55:a8:37:c3:bd:b4:20:
                    c5:9a:94:cb:c4:bc:d5:a3:78:d9:48:11:b3:ee:ea:
                    79:89:05:42:22:92:5c:fb:c2:59:fe:6d:7d:e8:f5:
                    b9:74:a7:88:cd:06:60:18:db:82:3b:65:68:cc:41:
                    54:8d:7e:59:11:27:1c:a0:1b:ba:89:3a:5e:27:c1:
                    79:e2:ed:c8:70:7f:77:f0:6a:96:dd:f2:0b:4b:fc:
                    86:65:6d:7f:17:a3:65:59:76:f0:e4:9d:01:7d:51:
                    21:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:00:F6:CB:4A:E5:27:25:FA:E1:A8:7A:6E:3E:92:D5:D6:63:47:61
            X509v3 Authority Key Identifier:
                keyid:DD:A4:9F:41:F6:18:A5:5F:9C:A7:CF:C5:5B:AE:A7:B6:16:D9:57:62

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A7273/FC50500EE77111EF9DFBDD50C4F9AE02/3aSfQfYYpV-cp8_FW66nthbZV2I.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3aSfQfYYpV-cp8_FW66nthbZV2I.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A7273/FC50500EE77111EF9DFBDD50C4F9AE02/3aSfQfYYpV-cp8_FW66nthbZV2I.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         a8:30:c7:ea:f5:43:0f:ac:68:2a:62:41:4a:09:96:ff:4f:8d:
         15:24:e7:3a:b0:36:e1:30:64:d6:13:3a:fa:c6:5c:43:c4:ba:
         a3:48:93:06:ff:f7:62:f2:43:da:24:bf:00:57:0c:21:fd:c6:
         92:a4:c9:92:54:1e:38:49:db:f7:3e:c1:3c:1d:ab:dc:aa:3c:
         9f:ca:b7:dc:bd:28:6f:39:d6:11:da:31:2f:2e:a7:d7:fc:9d:
         99:62:b8:04:0a:bd:4d:f4:d0:05:77:f4:2f:3d:19:25:50:c8:
         98:59:f3:3b:e3:b7:61:45:4f:c7:e1:96:da:b6:bf:50:6e:67:
         7f:80:85:0d:bd:30:67:32:d1:f0:6e:69:b0:bd:ce:f8:ba:ab:
         14:3d:6a:c2:b0:80:b6:c2:a1:c6:4a:d7:0c:7c:56:e0:6a:4f:
         ca:c9:fa:92:ab:c1:a8:24:8c:ef:c5:56:06:b7:25:75:65:dd:
         b6:23:99:e4:57:5f:8f:f9:e5:52:00:e4:ec:52:9a:db:71:88:
         e0:38:a1:72:9f:4e:f3:ef:ce:84:42:42:64:c2:00:c7:af:ad:
         1c:15:f4:e3:ab:d7:9f:f4:78:b7:e5:fe:92:37:91:a8:4f:c4:
         2d:f3:43:6e:1e:a4:aa:00:36:06:d7:bd:1e:12:8b:7f:ed:e2:
         c6:a4:56:07
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAIUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTcyNzMxMTAvBgNVBAUTKEREQTQ5RjQxRjYxOEE1NUY5Q0E3Q0ZDNTVCQUVBN0I2
MTZEOTU3NjIwHhcNMjUxMDE5MDk1NzA5WhcNMjUxMDI2MDk1NzA5WjAYMRYwFAYD
VQQDEw02OGY0YjVmNS04MTU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5knjckrtlFhpAyamsC9j902cjh4s8NLB+vdA94dtYWEmxQouiLlitS22vkJx
TtzgpxAajtLxV21nVXbczNRKf7gXUJmGOEYWkWXQdYZ6FtBidf3Q0t7Qtw/filwG
hbiwikUJV+Baq2apI46ui7BJwy0IbDXM0gczqJn4hSBHJjHXqC6TbLNmkNkYgwF6
Hmo8T+qocFN6WbX0AOzs8VWoN8O9tCDFmpTLxLzVo3jZSBGz7up5iQVCIpJc+8JZ
/m196PW5dKeIzQZgGNuCO2VozEFUjX5ZESccoBu6iTpeJ8F54u3IcH938GqW3fIL
S/yGZW1/F6NlWXbw5J0BfVEh6QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMQA9stK
5Scl+uGoem4+ktXWY0dhMB8GA1UdIwQYMBaAFN2kn0H2GKVfnKfPxVuup7YW2Vdi
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNzI3My9GQzUwNTAwRUU3
NzExMUVGOURGQkRENTBDNEY5QUUwMi8zYVNmUWZZWXBWLWNwOF9GVzY2bnRoYlpW
MkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNhU2ZRZllZcFYtY3A4X0ZXNjZudGhiWlYySS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
NzI3My9GQzUwNTAwRUU3NzExMUVGOURGQkRENTBDNEY5QUUwMi8zYVNmUWZZWXBW
LWNwOF9GVzY2bnRoYlpWMkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCoMMfq9UMPrGgqYkFKCZb/T40VJOc6sDbhMGTWEzr6xlxDxLqjSJMG
//di8kPaJL8AVwwh/caSpMmSVB44Sdv3PsE8HavcqjyfyrfcvShvOdYR2jEvLqfX
/J2ZYrgECr1N9NAFd/QvPRklUMiYWfM747dhRU/H4Zbatr9Qbmd/gIUNvTBnMtHw
bmmwvc74uqsUPWrCsIC2wqHGStcMfFbgak/KyfqSq8GoJIzvxVYGtyV1Zd22I5nk
V1+P+eVSAOTsUprbcYjgOKFyn07z786EQkJkwgDHr60cFfTjq9ef9Hi35f6SN5Go
T8Qt80NuHqSqADYG170eEot/7eLGpFYH
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:01:48 2025 by rpki-client