Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/XdRoWi6WsUFvfNM1zetK0YIvfes.mft
File:                     XdRoWi6WsUFvfNM1zetK0YIvfes.mft (raw, json)
Hash identifier:          pgdQQdOgMp+u2Nomgx7gruf60FRFJcO7W0Vn2QAFDxM=
Subject key identifier:   F4:83:C1:10:5B:E6:8A:20:13:41:F3:A8:48:06:78:19:70:BF:FA:1C
Authority key identifier: 5D:D4:68:5A:2E:96:B1:41:6F:7C:D3:35:CD:EB:4A:D1:82:2F:7D:EB
Certificate issuer:       /CN=A91AF01C/serialNumber=5DD4685A2E96B1416F7CD335CDEB4AD1822F7DEB
Certificate serial:       01D2
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XdRoWi6WsUFvfNM1zetK0YIvfes.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/XdRoWi6WsUFvfNM1zetK0YIvfes.mft
Manifest number:          01CA
Signing time:             Sun 19 Oct 2025 05:26:02 +0000
Manifest this update:     Sun 19 Oct 2025 05:26:01 +0000
Manifest next update:     Sun 26 Oct 2025 05:26:01 +0000
Files and hashes:         1: XdRoWi6WsUFvfNM1zetK0YIvfes.crl (hash: 8AHJIXQGYb3/hauDcsEdDKZCxRUCPj6ToEvOAkMRHTM=)
                          2: 3474AD64FAD311ED9CEE0E29C4F9AE02.roa (hash: bZ3DvcSU67WmMaGW0gpbOJ7oihqEunDO2oztcjKXnww=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/XdRoWi6WsUFvfNM1zetK0YIvfes.crl
                          rsync://rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/XdRoWi6WsUFvfNM1zetK0YIvfes.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XdRoWi6WsUFvfNM1zetK0YIvfes.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 26 Oct 2025 05:26:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 466 (0x1d2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91AF01C, serialNumber=5DD4685A2E96B1416F7CD335CDEB4AD1822F7DEB
        Validity
            Not Before: Oct 19 05:26:01 2025 GMT
            Not After : Oct 26 05:26:01 2025 GMT
        Subject: CN=68f4766a-8800
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:36:d9:69:b7:50:a5:42:3c:c0:7a:46:be:ca:
                    e6:9e:c9:ab:de:09:75:12:59:f3:23:bc:c6:01:91:
                    19:2d:0f:5b:92:27:d2:bb:a5:a8:99:05:79:f1:18:
                    db:c5:4a:d8:64:4d:7d:f3:1e:e7:d2:ba:5e:0c:9e:
                    d8:77:1a:4a:5a:4f:83:86:9b:37:4e:49:44:b7:1d:
                    4d:89:24:27:82:24:45:76:9a:67:f2:1a:db:51:fa:
                    1c:d6:ca:83:84:90:c6:8d:f9:bc:f4:19:07:d6:ad:
                    a1:75:8a:a2:4e:43:c9:af:eb:50:6b:e4:c2:df:37:
                    9f:fa:20:14:71:19:1e:85:53:d8:28:ea:99:c7:e5:
                    54:87:50:54:91:15:1c:04:02:1d:2d:de:c2:a3:c2:
                    82:fc:5e:12:17:f0:2e:c0:76:29:c7:ae:2c:25:3c:
                    d2:c0:a1:99:33:c6:79:6f:f7:ab:bc:d7:0e:e3:8e:
                    6e:7a:3f:4e:bd:bc:20:44:9a:94:1a:e2:77:f6:0c:
                    b3:b3:25:7d:1e:10:17:9e:e0:11:dd:07:09:e6:d0:
                    7c:fa:0e:94:b6:41:2f:1d:87:56:07:f3:48:4a:90:
                    32:4b:2f:ea:6f:c3:f6:d6:b6:4e:df:b6:76:ca:92:
                    16:a5:a1:99:23:98:b1:99:dc:2b:9a:38:06:51:3e:
                    70:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:83:C1:10:5B:E6:8A:20:13:41:F3:A8:48:06:78:19:70:BF:FA:1C
            X509v3 Authority Key Identifier:
                keyid:5D:D4:68:5A:2E:96:B1:41:6F:7C:D3:35:CD:EB:4A:D1:82:2F:7D:EB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/XdRoWi6WsUFvfNM1zetK0YIvfes.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XdRoWi6WsUFvfNM1zetK0YIvfes.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/XdRoWi6WsUFvfNM1zetK0YIvfes.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:39:bd:1d:d6:43:6f:b3:78:fc:14:36:34:74:38:ed:8e:9d:
         9a:7f:00:5b:e0:71:ed:37:6a:0b:5d:7b:1d:50:71:de:49:48:
         3b:7d:27:05:06:0d:eb:75:f1:db:06:cf:52:4f:77:44:e8:f5:
         17:8b:8f:29:1f:74:9b:00:25:89:af:4d:48:1e:50:fc:90:a0:
         50:c5:ab:1c:28:69:e4:80:2e:6b:cc:f4:41:5e:2b:63:9f:e4:
         0b:ec:20:84:9b:24:51:1a:01:7f:6b:ee:17:dd:d7:4e:c8:14:
         c1:77:1e:10:dc:83:67:fc:ea:fa:d6:fe:03:73:91:c7:61:4e:
         61:7d:26:d6:b4:49:8d:9f:c9:9b:ca:a5:9b:ab:7e:a0:05:9d:
         8c:c9:7e:18:46:46:08:06:0d:40:01:fc:d7:9d:20:3d:9a:fc:
         c7:db:0e:2c:40:71:75:6a:0c:32:81:10:13:f8:36:a1:34:04:
         c6:ed:fc:fd:d9:b2:fd:38:f7:b9:9a:c2:6f:ed:54:44:81:bb:
         5e:6f:3e:13:6b:bf:34:0b:48:df:4b:9f:a2:79:ef:29:45:0a:
         22:b2:7c:80:7a:39:b9:8c:ca:33:94:99:62:ec:f6:2c:04:bb:
         3e:67:16:9f:a2:7c:3e:16:e6:f8:6d:ea:ab:23:eb:bb:97:33:
         4f:38:34:01
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAdIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUYwMUMxMTAvBgNVBAUTKDVERDQ2ODVBMkU5NkIxNDE2RjdDRDMzNUNERUI0QUQx
ODIyRjdERUIwHhcNMjUxMDE5MDUyNjAxWhcNMjUxMDI2MDUyNjAxWjAYMRYwFAYD
VQQDEw02OGY0NzY2YS04ODAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmzbZabdQpUI8wHpGvsrmnsmr3gl1ElnzI7zGAZEZLQ9bkifSu6WomQV58Rjb
xUrYZE198x7n0rpeDJ7YdxpKWk+Dhps3TklEtx1NiSQngiRFdppn8hrbUfoc1sqD
hJDGjfm89BkH1q2hdYqiTkPJr+tQa+TC3zef+iAUcRkehVPYKOqZx+VUh1BUkRUc
BAIdLd7Co8KC/F4SF/AuwHYpx64sJTzSwKGZM8Z5b/ervNcO445uej9OvbwgRJqU
GuJ39gyzsyV9HhAXnuAR3QcJ5tB8+g6UtkEvHYdWB/NISpAySy/qb8P21rZO37Z2
ypIWpaGZI5ixmdwrmjgGUT5wiwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPSDwRBb
5oogE0HzqEgGeBlwv/ocMB8GA1UdIwQYMBaAFF3UaFoulrFBb3zTNc3rStGCL33r
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRjAxQy9FNUQ5RTczNEZB
Q0IxMUVEQjhGOTdEODVDNEY5QUUwMi9YZFJvV2k2V3NVRnZmTk0xemV0SzBZSXZm
ZXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hkUm9XaTZXc1VGdmZOTTF6ZXRLMFlJdmZlcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
RjAxQy9FNUQ5RTczNEZBQ0IxMUVEQjhGOTdEODVDNEY5QUUwMi9YZFJvV2k2V3NV
RnZmTk0xemV0SzBZSXZmZXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBTOb0d1kNvs3j8FDY0dDjtjp2afwBb4HHtN2oLXXsdUHHeSUg7fScF
Bg3rdfHbBs9ST3dE6PUXi48pH3SbACWJr01IHlD8kKBQxascKGnkgC5rzPRBXitj
n+QL7CCEmyRRGgF/a+4X3ddOyBTBdx4Q3INn/Or61v4Dc5HHYU5hfSbWtEmNn8mb
yqWbq36gBZ2MyX4YRkYIBg1AAfzXnSA9mvzH2w4sQHF1agwygRAT+DahNATG7fz9
2bL9OPe5msJv7VREgbtebz4Ta780C0jfS5+iee8pRQoisnyAejm5jMozlJli7PYs
BLs+Zxafonw+Fub4beqrI+u7lzNPODQB
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:16:32 2025 by rpki-client