Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B23B3/E6465A108E9811EAAB58BD3AC4F9AE02/XDaEOcvF9aRXFdZHa-qmaG0JUbE.mft
File:                     XDaEOcvF9aRXFdZHa-qmaG0JUbE.mft (raw, json)
Hash identifier:          lC6dGT5/mOI37lMFfPKWk/Chm3OMDhN48kTpR2fES2I=
Subject key identifier:   9A:FC:20:1F:42:FD:8B:72:0C:DE:E0:31:73:BD:2C:C7:FB:82:D0:CB
Authority key identifier: 5C:36:84:39:CB:C5:F5:A4:57:15:D6:47:6B:EA:A6:68:6D:09:51:B1
Certificate issuer:       /CN=A91B23B3/serialNumber=5C368439CBC5F5A45715D6476BEAA6686D0951B1
Certificate serial:       09FC
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDaEOcvF9aRXFdZHa-qmaG0JUbE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B23B3/E6465A108E9811EAAB58BD3AC4F9AE02/XDaEOcvF9aRXFdZHa-qmaG0JUbE.mft
Manifest number:          09D9
Signing time:             Sat 18 Oct 2025 21:00:11 +0000
Manifest this update:     Sat 18 Oct 2025 21:00:10 +0000
Manifest next update:     Sat 25 Oct 2025 21:00:10 +0000
Files and hashes:         1: XDaEOcvF9aRXFdZHa-qmaG0JUbE.crl (hash: qsxFcBSwT2DLl6dblvzdZNSuEFb/Zwpk+HWITj6Os/M=)
                          2: 3818D9A09A9011EFB14F1729C4F9AE02.roa (hash: XjGmTLSTgsODpSCPTs5pCmUy9NRCIk0AE9Vg9MOaVdU=)
                          3: 2109DFF2EFBB11EC95A1FD0DC4F9AE02.roa (hash: 2XvjAuC6Hirm3HWv88SHGUEeMWi9XgXjvYQVlXNxZVI=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91B23B3/E6465A108E9811EAAB58BD3AC4F9AE02/XDaEOcvF9aRXFdZHa-qmaG0JUbE.crl
                          rsync://rpki.apnic.net/member_repository/A91B23B3/E6465A108E9811EAAB58BD3AC4F9AE02/XDaEOcvF9aRXFdZHa-qmaG0JUbE.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDaEOcvF9aRXFdZHa-qmaG0JUbE.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 25 Oct 2025 21:00:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2556 (0x9fc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B23B3, serialNumber=5C368439CBC5F5A45715D6476BEAA6686D0951B1
        Validity
            Not Before: Oct 18 21:00:10 2025 GMT
            Not After : Oct 25 21:00:10 2025 GMT
        Subject: CN=68f3ffda-1f2a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:18:54:2d:3b:32:a0:46:7e:0e:1c:41:de:07:
                    2e:11:55:4c:6a:15:59:79:e4:ea:9a:92:3f:01:1c:
                    83:23:92:f5:81:51:3f:3b:de:65:12:63:dd:c4:57:
                    2a:e9:38:82:13:51:eb:a0:84:9e:1f:eb:9f:ee:01:
                    25:9f:63:27:51:08:76:90:e9:3a:ae:02:0b:4c:ba:
                    19:65:9a:06:60:f4:7f:5e:0f:a1:3e:c9:82:9e:75:
                    0e:c8:52:90:d6:e6:53:b1:bd:93:0a:b8:a4:66:d9:
                    68:3e:6b:fb:06:d5:3f:83:7a:31:a6:42:b8:cb:e1:
                    e8:68:ce:4b:90:84:8b:5f:ed:ca:b8:c5:df:0b:29:
                    98:c3:cc:32:17:91:c4:9e:33:23:0a:44:04:f7:3d:
                    63:d7:c4:d3:fb:e3:43:b4:9a:d2:a5:e9:f1:03:d9:
                    42:ec:3f:5a:a2:75:98:c5:f6:d0:ba:25:3a:db:bc:
                    62:b5:a3:3d:90:4a:53:0b:55:12:ec:f3:dc:5a:46:
                    c8:2b:20:8b:b2:c4:4d:97:01:46:35:d7:21:6c:29:
                    e8:29:2a:38:f7:37:14:84:5b:48:d2:b5:5f:5c:4f:
                    4e:12:19:6f:9e:f0:65:d4:de:c5:29:99:9e:80:fe:
                    7c:68:dd:04:05:9e:89:51:19:b8:dd:c0:6c:b9:1a:
                    4e:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:FC:20:1F:42:FD:8B:72:0C:DE:E0:31:73:BD:2C:C7:FB:82:D0:CB
            X509v3 Authority Key Identifier:
                keyid:5C:36:84:39:CB:C5:F5:A4:57:15:D6:47:6B:EA:A6:68:6D:09:51:B1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B23B3/E6465A108E9811EAAB58BD3AC4F9AE02/XDaEOcvF9aRXFdZHa-qmaG0JUbE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDaEOcvF9aRXFdZHa-qmaG0JUbE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B23B3/E6465A108E9811EAAB58BD3AC4F9AE02/XDaEOcvF9aRXFdZHa-qmaG0JUbE.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:30:80:61:04:31:3b:5f:f4:f7:5c:1e:aa:f6:66:e0:1c:a7:
         08:7f:d0:9d:69:9f:fc:cb:7a:25:e3:a3:d0:6b:44:d1:8d:e7:
         4d:9e:6f:c2:05:a5:83:b1:f6:44:0b:b1:72:bb:b8:55:81:9f:
         f6:7e:d1:1d:7f:00:a8:21:4a:d3:90:74:39:3f:8a:cf:57:f2:
         13:7d:63:07:18:56:5c:36:9f:51:73:c9:45:48:50:a6:db:b0:
         33:8b:d9:25:c8:a8:04:57:5d:0f:14:de:b7:ba:4d:c5:3d:5b:
         7f:eb:4c:fd:34:e8:f5:24:f8:50:ee:38:ce:c2:d4:02:21:bf:
         04:eb:83:60:67:9a:8d:1e:30:ca:19:35:f8:86:48:12:e6:4f:
         86:15:3c:88:6a:8c:9d:f5:8c:c2:2a:79:25:14:91:e4:5c:27:
         99:8f:57:f6:d3:63:77:07:2e:b0:ef:84:39:87:e9:2c:54:aa:
         6b:c4:e2:5f:c1:aa:20:56:13:4b:df:6a:59:c5:56:51:df:87:
         5f:18:ee:d7:73:a2:0d:35:01:bd:32:bb:cc:ab:9b:12:38:32:
         4d:f8:96:8e:b8:e3:35:62:28:5a:17:9b:ff:64:f2:4a:32:dd:
         63:c5:6a:f1:90:90:98:3a:2e:80:21:13:0d:35:f4:7c:73:3c:
         57:51:fb:33
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCfwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjIzQjMxMTAvBgNVBAUTKDVDMzY4NDM5Q0JDNUY1QTQ1NzE1RDY0NzZCRUFBNjY4
NkQwOTUxQjEwHhcNMjUxMDE4MjEwMDEwWhcNMjUxMDI1MjEwMDEwWjAYMRYwFAYD
VQQDEw02OGYzZmZkYS0xZjJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6RhULTsyoEZ+DhxB3gcuEVVMahVZeeTqmpI/ARyDI5L1gVE/O95lEmPdxFcq
6TiCE1HroISeH+uf7gEln2MnUQh2kOk6rgILTLoZZZoGYPR/Xg+hPsmCnnUOyFKQ
1uZTsb2TCrikZtloPmv7BtU/g3oxpkK4y+HoaM5LkISLX+3KuMXfCymYw8wyF5HE
njMjCkQE9z1j18TT++NDtJrSpenxA9lC7D9aonWYxfbQuiU627xitaM9kEpTC1US
7PPcWkbIKyCLssRNlwFGNdchbCnoKSo49zcUhFtI0rVfXE9OEhlvnvBl1N7FKZme
gP58aN0EBZ6JURm43cBsuRpO1wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJr8IB9C
/YtyDN7gMXO9LMf7gtDLMB8GA1UdIwQYMBaAFFw2hDnLxfWkVxXWR2vqpmhtCVGx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMjNCMy9FNjQ2NUExMDhF
OTgxMUVBQUI1OEJEM0FDNEY5QUUwMi9YRGFFT2N2RjlhUlhGZFpIYS1xbWFHMEpV
YkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hEYUVPY3ZGOWFSWEZkWkhhLXFtYUcwSlViRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
MjNCMy9FNjQ2NUExMDhFOTgxMUVBQUI1OEJEM0FDNEY5QUUwMi9YRGFFT2N2Rjlh
UlhGZFpIYS1xbWFHMEpVYkUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCEMIBhBDE7X/T3XB6q9mbgHKcIf9CdaZ/8y3ol46PQa0TRjedNnm/C
BaWDsfZEC7Fyu7hVgZ/2ftEdfwCoIUrTkHQ5P4rPV/ITfWMHGFZcNp9Rc8lFSFCm
27Azi9klyKgEV10PFN63uk3FPVt/60z9NOj1JPhQ7jjOwtQCIb8E64NgZ5qNHjDK
GTX4hkgS5k+GFTyIaoyd9YzCKnklFJHkXCeZj1f202N3By6w74Q5h+ksVKprxOJf
waogVhNL32pZxVZR34dfGO7Xc6INNQG9MrvMq5sSODJN+JaOuOM1YihaF5v/ZPJK
Mt1jxWrxkJCYOi6AIRMNNfR8czxXUfsz
-----END CERTIFICATE-----
Generated at Mon Oct 20 19:49:30 2025 by rpki-client