Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B25F2/EF90CD4E03B011EA85F02934C4F9AE02/tsh7tYco929vkKCd_WuqGtTnO8o.mft
File:                     tsh7tYco929vkKCd_WuqGtTnO8o.mft (raw, json)
Hash identifier:          MuWxjdjEigkG9Hp2zd2+pJM0WGQiqoDm8wi4RyF+AcQ=
Subject key identifier:   39:39:6F:3B:2B:C7:DD:69:E0:A8:D4:CC:71:AF:EC:C0:3E:57:C5:07
Authority key identifier: B6:C8:7B:B5:87:28:F7:6F:6F:90:A0:9D:FD:6B:AA:1A:D4:E7:3B:CA
Certificate issuer:       /CN=A91B25F2/serialNumber=B6C87BB58728F76F6F90A09DFD6BAA1AD4E73BCA
Certificate serial:       0CCD
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tsh7tYco929vkKCd_WuqGtTnO8o.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B25F2/EF90CD4E03B011EA85F02934C4F9AE02/tsh7tYco929vkKCd_WuqGtTnO8o.mft
Manifest number:          0CB2
Signing time:             Mon 20 Oct 2025 18:52:29 +0000
Manifest this update:     Mon 20 Oct 2025 18:52:29 +0000
Manifest next update:     Mon 27 Oct 2025 18:52:29 +0000
Files and hashes:         1: tsh7tYco929vkKCd_WuqGtTnO8o.crl (hash: ngSIKQvArNVClPagm6XDKNimzXL7JwWbNPdV0avjueI=)
                          2: E8F85ED4EC5811EFA9B9C618C4F9AE02.roa (hash: ykoz29uCG/11xDnxQBhHvrkmfn5Ejy8eSvfC/XRGcV0=)
                          3: 47DADED8EC5211EFBF551F6DC4F9AE02.roa (hash: Ns3EqlAuypXsdC/A5rNqIcQNoK/ntkU/96rQkctaiRc=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91B25F2/EF90CD4E03B011EA85F02934C4F9AE02/tsh7tYco929vkKCd_WuqGtTnO8o.crl
                          rsync://rpki.apnic.net/member_repository/A91B25F2/EF90CD4E03B011EA85F02934C4F9AE02/tsh7tYco929vkKCd_WuqGtTnO8o.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tsh7tYco929vkKCd_WuqGtTnO8o.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 27 Oct 2025 18:52:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3277 (0xccd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B25F2, serialNumber=B6C87BB58728F76F6F90A09DFD6BAA1AD4E73BCA
        Validity
            Not Before: Oct 20 18:52:29 2025 GMT
            Not After : Oct 27 18:52:29 2025 GMT
        Subject: CN=68f684ed-e681
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:d4:3a:fc:77:14:a6:14:2f:b4:f3:a1:b0:21:
                    80:66:32:29:2f:3a:bf:f2:24:d1:91:0d:c2:6a:0c:
                    c3:d2:c4:0d:eb:ee:be:b2:82:8e:97:a2:81:a2:c3:
                    7b:66:74:e3:d4:f6:d2:8e:80:f7:f5:35:c3:57:c8:
                    02:65:b5:bc:27:56:db:8e:a8:58:a6:04:bb:3b:25:
                    e5:b3:fc:fa:d6:45:e4:71:1f:05:f3:b5:39:6b:7c:
                    51:bd:85:94:41:c3:93:57:2f:ee:91:06:19:71:72:
                    75:a7:39:82:1d:c2:58:ca:99:5a:e9:e6:5e:88:18:
                    bd:2e:e3:a5:d7:6f:4d:71:57:bc:90:28:19:3d:68:
                    70:d4:92:d0:c8:0f:5a:3d:d2:da:55:01:d0:ca:91:
                    cb:46:a4:ad:72:fd:04:a1:33:8b:03:e0:e7:f9:a2:
                    a8:ab:4e:ff:96:57:40:0f:69:24:de:6e:74:3c:cb:
                    aa:0c:be:59:1e:bd:30:36:63:1a:ad:4f:fa:c2:1d:
                    56:53:52:c9:43:ed:b0:d2:60:c1:87:f7:dd:b2:69:
                    c2:ef:d3:b0:99:fc:7b:73:af:53:30:5e:32:3e:0d:
                    85:49:9d:6e:72:34:9f:53:ca:9a:81:85:0d:60:4a:
                    ed:fd:18:78:d2:b9:e2:1c:d0:11:db:9d:ca:14:7a:
                    08:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:39:6F:3B:2B:C7:DD:69:E0:A8:D4:CC:71:AF:EC:C0:3E:57:C5:07
            X509v3 Authority Key Identifier:
                keyid:B6:C8:7B:B5:87:28:F7:6F:6F:90:A0:9D:FD:6B:AA:1A:D4:E7:3B:CA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B25F2/EF90CD4E03B011EA85F02934C4F9AE02/tsh7tYco929vkKCd_WuqGtTnO8o.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tsh7tYco929vkKCd_WuqGtTnO8o.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B25F2/EF90CD4E03B011EA85F02934C4F9AE02/tsh7tYco929vkKCd_WuqGtTnO8o.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:1d:ec:f5:f4:df:bb:ee:61:cc:e5:09:e4:17:4a:1f:bc:47:
         5a:5f:8b:d1:1e:eb:d0:13:b3:a5:88:97:b1:94:c3:af:36:c6:
         ac:bd:e4:f3:0c:d1:15:81:3f:69:ad:0b:e7:5c:48:75:e4:d6:
         0b:fe:7d:fa:99:c0:97:06:de:f6:1e:9e:86:c5:d6:3d:31:de:
         43:76:08:f6:f5:0e:45:56:0b:4e:5b:d1:86:bc:15:d6:ab:83:
         e5:8e:6d:42:6a:c1:4f:f0:39:a5:81:b5:d3:e5:9e:96:7e:0b:
         f8:e1:35:e0:07:a6:99:5a:df:f5:68:43:eb:48:a1:d3:ca:88:
         ed:ff:b0:73:36:5a:fb:ca:ba:5d:88:8c:16:0d:06:d4:11:7a:
         54:3a:dd:45:2b:e2:01:2e:69:c6:2f:af:09:e3:d9:bf:a3:99:
         ad:50:5c:fc:4b:39:18:9b:47:6c:59:ff:79:ac:2f:85:bc:18:
         be:26:4b:21:8b:41:c6:79:4e:cf:7d:43:e0:b7:30:a5:cf:0a:
         15:17:95:b6:2b:e1:68:77:35:07:55:51:e6:9a:65:ab:83:38:
         00:88:dc:74:e0:6d:8c:b7:e6:f5:41:f4:87:da:5e:f1:8b:e9:
         0f:a5:ca:0d:b9:aa:82:55:47:94:50:c7:b8:e1:5a:ac:a8:a9:
         41:b7:5f:3d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICDM0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjI1RjIxMTAvBgNVBAUTKEI2Qzg3QkI1ODcyOEY3NkY2RjkwQTA5REZENkJBQTFB
RDRFNzNCQ0EwHhcNMjUxMDIwMTg1MjI5WhcNMjUxMDI3MTg1MjI5WjAYMRYwFAYD
VQQDEw02OGY2ODRlZC1lNjgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvNQ6/HcUphQvtPOhsCGAZjIpLzq/8iTRkQ3CagzD0sQN6+6+soKOl6KBosN7
ZnTj1PbSjoD39TXDV8gCZbW8J1bbjqhYpgS7OyXls/z61kXkcR8F87U5a3xRvYWU
QcOTVy/ukQYZcXJ1pzmCHcJYypla6eZeiBi9LuOl129NcVe8kCgZPWhw1JLQyA9a
PdLaVQHQypHLRqStcv0EoTOLA+Dn+aKoq07/lldAD2kk3m50PMuqDL5ZHr0wNmMa
rU/6wh1WU1LJQ+2w0mDBh/fdsmnC79Owmfx7c69TMF4yPg2FSZ1ucjSfU8qagYUN
YErt/Rh40rniHNAR253KFHoIOwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDk5bzsr
x91p4KjUzHGv7MA+V8UHMB8GA1UdIwQYMBaAFLbIe7WHKPdvb5Cgnf1rqhrU5zvK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMjVGMi9FRjkwQ0Q0RTAz
QjAxMUVBODVGMDI5MzRDNEY5QUUwMi90c2g3dFljbzkyOXZrS0NkX1d1cUd0VG5P
OG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RzaDd0WWNvOTI5dmtLQ2RfV3VxR3RUbk84by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
MjVGMi9FRjkwQ0Q0RTAzQjAxMUVBODVGMDI5MzRDNEY5QUUwMi90c2g3dFljbzky
OXZrS0NkX1d1cUd0VG5POG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBdHez19N+77mHM5QnkF0ofvEdaX4vRHuvQE7OliJexlMOvNsasveTz
DNEVgT9prQvnXEh15NYL/n36mcCXBt72Hp6GxdY9Md5Ddgj29Q5FVgtOW9GGvBXW
q4Pljm1CasFP8DmlgbXT5Z6Wfgv44TXgB6aZWt/1aEPrSKHTyojt/7BzNlr7yrpd
iIwWDQbUEXpUOt1FK+IBLmnGL68J49m/o5mtUFz8SzkYm0dsWf95rC+FvBi+Jksh
i0HGeU7PfUPgtzClzwoVF5W2K+FodzUHVVHmmmWrgzgAiNx04G2Mt+b1QfSH2l7x
i+kPpcoNuaqCVUeUUMe44VqsqKlBt189
-----END CERTIFICATE-----
Generated at Tue Oct 21 05:26:01 2025 by rpki-client