Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B23B3/E6465A108E9811EAAB58BD3AC4F9AE02/XDaEOcvF9aRXFdZHa-qmaG0JUbE.mft
File:                     XDaEOcvF9aRXFdZHa-qmaG0JUbE.mft (raw, json)
Hash identifier:          vGDg70WA2fOxvn+i5yqMcyWXRAl9Nd1mXj0LfYjfyU0=
Subject key identifier:   8D:D4:4F:78:95:34:84:5D:0A:32:C9:F3:15:5B:1F:73:5B:77:86:51
Authority key identifier: 5C:36:84:39:CB:C5:F5:A4:57:15:D6:47:6B:EA:A6:68:6D:09:51:B1
Certificate issuer:       /CN=A91B23B3/serialNumber=5C368439CBC5F5A45715D6476BEAA6686D0951B1
Certificate serial:       09FD
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDaEOcvF9aRXFdZHa-qmaG0JUbE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B23B3/E6465A108E9811EAAB58BD3AC4F9AE02/XDaEOcvF9aRXFdZHa-qmaG0JUbE.mft
Manifest number:          09DA
Signing time:             Mon 20 Oct 2025 20:47:10 +0000
Manifest this update:     Mon 20 Oct 2025 20:47:09 +0000
Manifest next update:     Mon 27 Oct 2025 20:47:09 +0000
Files and hashes:         1: XDaEOcvF9aRXFdZHa-qmaG0JUbE.crl (hash: 92+sfy4GENm2AWqeTYa3e0ATeKBWp21EYjltv2XurhY=)
                          2: 3818D9A09A9011EFB14F1729C4F9AE02.roa (hash: XjGmTLSTgsODpSCPTs5pCmUy9NRCIk0AE9Vg9MOaVdU=)
                          3: 2109DFF2EFBB11EC95A1FD0DC4F9AE02.roa (hash: 2XvjAuC6Hirm3HWv88SHGUEeMWi9XgXjvYQVlXNxZVI=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91B23B3/E6465A108E9811EAAB58BD3AC4F9AE02/XDaEOcvF9aRXFdZHa-qmaG0JUbE.crl
                          rsync://rpki.apnic.net/member_repository/A91B23B3/E6465A108E9811EAAB58BD3AC4F9AE02/XDaEOcvF9aRXFdZHa-qmaG0JUbE.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDaEOcvF9aRXFdZHa-qmaG0JUbE.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 27 Oct 2025 20:47:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2557 (0x9fd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B23B3, serialNumber=5C368439CBC5F5A45715D6476BEAA6686D0951B1
        Validity
            Not Before: Oct 20 20:47:09 2025 GMT
            Not After : Oct 27 20:47:09 2025 GMT
        Subject: CN=68f69fcd-b288
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:29:aa:51:25:95:7a:20:9b:42:0d:e0:ad:ec:
                    f8:79:1b:50:c3:06:87:79:23:7a:db:ce:1c:27:27:
                    61:6d:f8:1e:a4:ec:81:4a:a2:21:90:fa:86:70:da:
                    2d:43:56:60:e9:a6:70:56:3a:31:4d:40:85:56:2c:
                    ed:22:9f:b7:7e:2e:06:23:df:2d:42:ca:54:b8:91:
                    7e:96:80:42:c9:5b:cb:12:78:67:83:cd:18:28:d2:
                    be:7e:29:ac:ce:15:80:d2:c7:7a:fc:7a:f5:fc:ae:
                    de:b9:a5:4e:91:ce:c8:1d:26:fb:e9:74:49:12:75:
                    1a:d5:be:6d:9d:3b:6d:fc:91:8a:5b:34:08:09:e5:
                    8f:13:ce:68:3f:bf:81:bc:f8:74:8e:4c:09:50:d8:
                    52:d7:04:45:84:b8:de:94:5e:53:24:98:bc:e9:05:
                    71:bf:26:d1:45:4f:60:f2:0b:87:53:50:97:68:1e:
                    d0:3b:cc:70:63:97:03:17:cf:d3:c6:66:13:f1:38:
                    4b:d5:b3:76:65:ad:05:5d:c8:e3:ea:99:2c:78:59:
                    41:7c:84:7b:f5:97:cc:e8:ca:30:43:f6:57:ab:26:
                    ad:36:6a:89:59:ca:7b:4e:a8:92:89:d5:73:31:6e:
                    bb:0b:01:ea:6d:fd:e3:d3:21:1d:93:54:b1:6c:d1:
                    46:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:D4:4F:78:95:34:84:5D:0A:32:C9:F3:15:5B:1F:73:5B:77:86:51
            X509v3 Authority Key Identifier:
                keyid:5C:36:84:39:CB:C5:F5:A4:57:15:D6:47:6B:EA:A6:68:6D:09:51:B1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B23B3/E6465A108E9811EAAB58BD3AC4F9AE02/XDaEOcvF9aRXFdZHa-qmaG0JUbE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDaEOcvF9aRXFdZHa-qmaG0JUbE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B23B3/E6465A108E9811EAAB58BD3AC4F9AE02/XDaEOcvF9aRXFdZHa-qmaG0JUbE.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:30:90:35:10:7d:53:6a:83:73:7c:e4:ff:b5:78:90:74:5c:
         ef:74:9e:44:8e:c9:f0:16:e9:87:b4:3b:2d:03:1a:ed:b3:97:
         10:d4:95:df:7c:ff:34:1a:32:51:3b:a2:53:11:f4:7c:26:6c:
         4a:67:ca:52:1f:20:1a:75:36:cb:11:4b:4f:f4:4d:24:e8:7d:
         aa:4c:30:0c:72:7c:1d:80:66:35:c3:13:8b:45:18:7b:31:05:
         00:8e:b5:23:8a:53:e9:a4:6b:08:dd:7c:b5:ab:d7:51:60:2b:
         f5:6e:d5:c0:9a:f5:df:8a:a8:66:2b:51:d7:9c:7f:a6:e3:af:
         3c:90:96:f4:99:14:d8:7d:2d:ae:0c:1f:bf:f8:d9:fa:2e:e4:
         30:cc:b8:d5:8b:54:f1:97:e5:de:a7:86:b6:9b:68:f1:99:84:
         db:a5:4b:b7:1b:fe:72:5b:7f:c6:a3:d9:24:38:c7:56:b9:fb:
         39:30:1f:74:b7:64:b4:f4:de:a7:e7:f6:db:ee:3c:05:3b:72:
         4b:2e:67:f1:f5:57:9f:79:94:38:6d:54:4e:70:cb:34:a5:bb:
         d6:6c:ab:0f:b2:f7:de:9a:4f:14:da:58:05:e4:8e:0a:62:cc:
         7a:09:63:8b:87:40:d4:5d:85:56:5d:02:52:10:f5:29:06:4c:
         16:45:b3:86
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCf0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjIzQjMxMTAvBgNVBAUTKDVDMzY4NDM5Q0JDNUY1QTQ1NzE1RDY0NzZCRUFBNjY4
NkQwOTUxQjEwHhcNMjUxMDIwMjA0NzA5WhcNMjUxMDI3MjA0NzA5WjAYMRYwFAYD
VQQDEw02OGY2OWZjZC1iMjg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzCmqUSWVeiCbQg3grez4eRtQwwaHeSN6284cJydhbfgepOyBSqIhkPqGcNot
Q1Zg6aZwVjoxTUCFViztIp+3fi4GI98tQspUuJF+loBCyVvLEnhng80YKNK+fims
zhWA0sd6/Hr1/K7euaVOkc7IHSb76XRJEnUa1b5tnTtt/JGKWzQICeWPE85oP7+B
vPh0jkwJUNhS1wRFhLjelF5TJJi86QVxvybRRU9g8guHU1CXaB7QO8xwY5cDF8/T
xmYT8ThL1bN2Za0FXcjj6pkseFlBfIR79ZfM6MowQ/ZXqyatNmqJWcp7TqiSidVz
MW67CwHqbf3j0yEdk1SxbNFGOQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFI3UT3iV
NIRdCjLJ8xVbH3Nbd4ZRMB8GA1UdIwQYMBaAFFw2hDnLxfWkVxXWR2vqpmhtCVGx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMjNCMy9FNjQ2NUExMDhF
OTgxMUVBQUI1OEJEM0FDNEY5QUUwMi9YRGFFT2N2RjlhUlhGZFpIYS1xbWFHMEpV
YkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hEYUVPY3ZGOWFSWEZkWkhhLXFtYUcwSlViRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
MjNCMy9FNjQ2NUExMDhFOTgxMUVBQUI1OEJEM0FDNEY5QUUwMi9YRGFFT2N2Rjlh
UlhGZFpIYS1xbWFHMEpVYkUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAOMJA1EH1TaoNzfOT/tXiQdFzvdJ5EjsnwFumHtDstAxrts5cQ1JXf
fP80GjJRO6JTEfR8JmxKZ8pSHyAadTbLEUtP9E0k6H2qTDAMcnwdgGY1wxOLRRh7
MQUAjrUjilPppGsI3Xy1q9dRYCv1btXAmvXfiqhmK1HXnH+m4688kJb0mRTYfS2u
DB+/+Nn6LuQwzLjVi1Txl+Xep4a2m2jxmYTbpUu3G/5yW3/Go9kkOMdWufs5MB90
t2S09N6n5/bb7jwFO3JLLmfx9VefeZQ4bVROcMs0pbvWbKsPsvfemk8U2lgF5I4K
Ysx6CWOLh0DUXYVWXQJSEPUpBkwWRbOG
-----END CERTIFICATE-----
Generated at Tue Oct 21 07:17:06 2025 by rpki-client