Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B0F90/04779B9CED8111EFA0036616C4F9AE02/XAo1I_02RadjWvJRmtzQAuEy-84.mft
File:                     XAo1I_02RadjWvJRmtzQAuEy-84.mft (raw, json)
Hash identifier:          HPJmU9DYHxtpWgPEmvt6oC9ghldd3puG39/d3HyLilo=
Subject key identifier:   47:62:56:66:7E:96:0A:20:BD:B0:56:7B:66:3D:2C:89:69:33:F0:EB
Authority key identifier: 5C:0A:35:23:FD:36:45:A7:63:5A:F2:51:9A:DC:D0:02:E1:32:FB:CE
Certificate issuer:       /CN=A91B0F90/serialNumber=5C0A3523FD3645A7635AF2519ADCD002E132FBCE
Certificate serial:       93
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAo1I_02RadjWvJRmtzQAuEy-84.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B0F90/04779B9CED8111EFA0036616C4F9AE02/XAo1I_02RadjWvJRmtzQAuEy-84.mft
Manifest number:          89
Signing time:             Sun 19 Oct 2025 10:01:49 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:49 +0000
Manifest next update:     Sun 26 Oct 2025 10:01:49 +0000
Files and hashes:         1: XAo1I_02RadjWvJRmtzQAuEy-84.crl (hash: y0KqdUrL++1A2+LV52hPBCdRLvcNv5ZvjgwrSdecv9o=)
                          2: 304DD002EFAB11EF97C9610FC4F9AE02.roa (hash: nY9SnH3XV0jBQtfc+UOqx27pO7JEzdlFPgYbBdgEcrs=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91B0F90/04779B9CED8111EFA0036616C4F9AE02/XAo1I_02RadjWvJRmtzQAuEy-84.crl
                          rsync://rpki.apnic.net/member_repository/A91B0F90/04779B9CED8111EFA0036616C4F9AE02/XAo1I_02RadjWvJRmtzQAuEy-84.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAo1I_02RadjWvJRmtzQAuEy-84.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 26 Oct 2025 10:01:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 147 (0x93)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B0F90, serialNumber=5C0A3523FD3645A7635AF2519ADCD002E132FBCE
        Validity
            Not Before: Oct 19 10:01:49 2025 GMT
            Not After : Oct 26 10:01:49 2025 GMT
        Subject: CN=68f4b70d-a5e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:44:7a:e8:e4:83:70:00:69:89:f0:d0:e0:c9:
                    4e:5d:5b:05:26:79:8e:22:a7:4d:64:37:39:b9:16:
                    4d:89:b1:06:8f:71:f5:dd:2e:7f:ff:da:cc:25:03:
                    46:f7:38:92:7a:e1:0e:b6:af:5b:09:a3:2b:30:34:
                    06:cf:2a:78:cd:cd:74:da:30:be:7f:f8:a4:06:14:
                    91:68:d7:fc:e4:fa:21:4a:32:0b:92:31:21:af:27:
                    66:6b:47:25:a1:67:a0:01:5f:df:73:11:b7:9c:43:
                    d0:b6:c8:bd:8c:ac:29:96:35:41:97:f6:29:66:15:
                    61:78:13:0c:3e:90:18:9b:49:da:87:83:4b:e8:cd:
                    a7:01:83:f9:82:4f:be:ab:4b:93:8e:39:51:7d:59:
                    d6:98:f5:58:4d:da:11:c8:d8:c3:74:80:39:46:e8:
                    3e:51:09:2e:d2:b4:f8:e3:2e:ec:e7:5d:8e:39:8d:
                    f0:da:33:90:80:9c:ef:38:32:93:c4:68:48:3b:d0:
                    09:cc:75:43:57:30:53:3b:57:85:01:be:a1:40:55:
                    6a:c3:c3:05:cb:a4:5e:9d:e0:b3:1b:95:30:31:79:
                    c9:ff:93:e2:27:ae:2a:19:3d:a5:e5:60:aa:3b:a5:
                    ab:53:1f:f6:7b:3b:57:c6:25:bc:83:51:4e:53:6c:
                    b2:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:62:56:66:7E:96:0A:20:BD:B0:56:7B:66:3D:2C:89:69:33:F0:EB
            X509v3 Authority Key Identifier:
                keyid:5C:0A:35:23:FD:36:45:A7:63:5A:F2:51:9A:DC:D0:02:E1:32:FB:CE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B0F90/04779B9CED8111EFA0036616C4F9AE02/XAo1I_02RadjWvJRmtzQAuEy-84.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAo1I_02RadjWvJRmtzQAuEy-84.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B0F90/04779B9CED8111EFA0036616C4F9AE02/XAo1I_02RadjWvJRmtzQAuEy-84.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:d7:40:4f:19:75:77:41:b5:94:fe:7a:9f:98:21:86:a9:09:
         e6:de:fd:e1:20:c3:6d:94:54:9a:f5:6c:e4:b1:ac:ef:56:56:
         55:7d:1e:47:3c:4e:41:d6:9b:a1:cd:ac:65:56:d4:be:e2:0a:
         13:dd:66:f4:6c:1e:6b:4f:f2:3e:df:c1:81:6c:fc:3d:fe:6b:
         39:96:3b:27:96:06:5a:52:93:a1:83:f4:c2:0d:20:e0:4d:39:
         e4:ee:27:4e:4b:d5:55:1f:bc:e6:b7:0f:27:3e:d6:1a:ec:95:
         aa:43:d9:f5:33:cf:6d:e4:c6:a5:93:65:20:6c:94:1f:45:19:
         91:27:ac:b8:8c:35:69:59:1a:92:4b:bb:a2:6c:43:80:c0:18:
         0b:cd:30:7c:0b:98:8a:72:f3:b1:e2:5b:a4:0d:98:1b:ef:98:
         b2:7f:98:d4:aa:73:3e:b1:5c:fa:18:76:50:51:b0:54:ad:72:
         61:9f:b4:22:6a:96:95:a7:92:98:9d:3c:21:13:25:a3:1a:c5:
         2b:09:95:fa:e8:4c:b5:f6:b0:a9:e4:cd:0a:d0:1c:4e:f5:55:
         4f:53:1c:43:7a:90:73:a6:dd:df:99:54:31:69:14:d2:68:0f:
         96:b1:c6:65:d2:36:14:d7:fd:3e:94:3b:38:bc:bb:30:5f:54:
         cb:3e:1b:0c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAJMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjBGOTAxMTAvBgNVBAUTKDVDMEEzNTIzRkQzNjQ1QTc2MzVBRjI1MTlBRENEMDAy
RTEzMkZCQ0UwHhcNMjUxMDE5MTAwMTQ5WhcNMjUxMDI2MTAwMTQ5WjAYMRYwFAYD
VQQDEw02OGY0YjcwZC1hNWU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7kR66OSDcABpifDQ4MlOXVsFJnmOIqdNZDc5uRZNibEGj3H13S5//9rMJQNG
9ziSeuEOtq9bCaMrMDQGzyp4zc102jC+f/ikBhSRaNf85PohSjILkjEhrydma0cl
oWegAV/fcxG3nEPQtsi9jKwpljVBl/YpZhVheBMMPpAYm0nah4NL6M2nAYP5gk++
q0uTjjlRfVnWmPVYTdoRyNjDdIA5Rug+UQku0rT44y7s512OOY3w2jOQgJzvODKT
xGhIO9AJzHVDVzBTO1eFAb6hQFVqw8MFy6ReneCzG5UwMXnJ/5PiJ64qGT2l5WCq
O6WrUx/2eztXxiW8g1FOU2yyTwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEdiVmZ+
lgogvbBWe2Y9LIlpM/DrMB8GA1UdIwQYMBaAFFwKNSP9NkWnY1ryUZrc0ALhMvvO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMEY5MC8wNDc3OUI5Q0VE
ODExMUVGQTAwMzY2MTZDNEY5QUUwMi9YQW8xSV8wMlJhZGpXdkpSbXR6UUF1RXkt
ODQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hBbzFJXzAyUmFkald2SlJtdHpRQXVFeS04NC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
MEY5MC8wNDc3OUI5Q0VEODExMUVGQTAwMzY2MTZDNEY5QUUwMi9YQW8xSV8wMlJh
ZGpXdkpSbXR6UUF1RXktODQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCf10BPGXV3QbWU/nqfmCGGqQnm3v3hIMNtlFSa9WzksazvVlZVfR5H
PE5B1puhzaxlVtS+4goT3Wb0bB5rT/I+38GBbPw9/ms5ljsnlgZaUpOhg/TCDSDg
TTnk7idOS9VVH7zmtw8nPtYa7JWqQ9n1M89t5Malk2UgbJQfRRmRJ6y4jDVpWRqS
S7uibEOAwBgLzTB8C5iKcvOx4lukDZgb75iyf5jUqnM+sVz6GHZQUbBUrXJhn7Qi
apaVp5KYnTwhEyWjGsUrCZX66Ey19rCp5M0K0BxO9VVPUxxDepBzpt3fmVQxaRTS
aA+WscZl0jYU1/0+lDs4vLswX1TLPhsM
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:46:49 2025 by rpki-client