Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B3CA4/15F68B5CCF1911EAAEF60B1EC4F9AE02/tY0p97gQfxWFtf_nDFAsbI9dMwI.mft
File:                     tY0p97gQfxWFtf_nDFAsbI9dMwI.mft (raw, json)
Hash identifier:          6mda1dBvZFiKcEZ4uWcmCdTit6/BVYHtVelo+r3oqRo=
Subject key identifier:   3A:E6:1F:02:B9:72:4D:A4:BA:65:EA:B7:F8:DE:F7:55:3F:99:D1:85
Authority key identifier: B5:8D:29:F7:B8:10:7F:15:85:B5:FF:E7:0C:50:2C:6C:8F:5D:33:02
Certificate issuer:       /CN=A91B3CA4/serialNumber=B58D29F7B8107F1585B5FFE70C502C6C8F5D3302
Certificate serial:       08A6
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tY0p97gQfxWFtf_nDFAsbI9dMwI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B3CA4/15F68B5CCF1911EAAEF60B1EC4F9AE02/tY0p97gQfxWFtf_nDFAsbI9dMwI.mft
Manifest number:          088C
Signing time:             Sat 18 Oct 2025 21:44:37 +0000
Manifest this update:     Sat 18 Oct 2025 21:44:37 +0000
Manifest next update:     Sat 25 Oct 2025 21:44:37 +0000
Files and hashes:         1: tY0p97gQfxWFtf_nDFAsbI9dMwI.crl (hash: h15lepkaxMY0OUMqDn4DLohLi74SOuRD0XTcI+1spFo=)
                          2: C33EB0EC7C4211EB933D233EC4F9AE02.roa (hash: V3s4r52s3OPKDLcYcdmKSn/0GHVPcogcj1iQaYzRFaU=)
                          3: F6F5BCCE53E711F084348F87C4F9AE02.roa (hash: eEq3ZG4qI8pUpOyGlAwoIW1Iq8bp1Jor6FtXouhYCXM=)
                          4: 3C3F21BAD6F011EE9B38B67DC4F9AE02.roa (hash: w/43LlQIYPABEvYlfxDIIPmu3emguiTlymMjfBLzQJU=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91B3CA4/15F68B5CCF1911EAAEF60B1EC4F9AE02/tY0p97gQfxWFtf_nDFAsbI9dMwI.crl
                          rsync://rpki.apnic.net/member_repository/A91B3CA4/15F68B5CCF1911EAAEF60B1EC4F9AE02/tY0p97gQfxWFtf_nDFAsbI9dMwI.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tY0p97gQfxWFtf_nDFAsbI9dMwI.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 25 Oct 2025 21:44:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2214 (0x8a6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B3CA4, serialNumber=B58D29F7B8107F1585B5FFE70C502C6C8F5D3302
        Validity
            Not Before: Oct 18 21:44:37 2025 GMT
            Not After : Oct 25 21:44:37 2025 GMT
        Subject: CN=68f40a45-ee8f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:4d:24:87:af:ba:63:8c:5d:ff:d9:03:bf:db:
                    94:9b:e8:5d:08:21:7c:2f:2d:a7:bb:fc:3f:e2:43:
                    93:fd:2b:06:e1:33:c9:da:d6:53:32:18:c3:8f:e3:
                    f5:54:a8:ad:f1:f5:9a:81:d1:18:31:a9:f2:6d:3f:
                    9c:df:be:fa:78:b7:97:f9:08:fd:aa:e1:a6:44:91:
                    91:6c:84:c5:0b:6d:e8:47:86:38:1a:db:6b:c7:b3:
                    0e:ce:08:47:7e:7b:33:a9:39:e8:87:89:0d:45:ae:
                    13:9b:2a:f1:4a:26:21:28:11:63:4f:3a:27:4b:22:
                    e4:d5:24:8b:9a:2a:68:95:ef:fb:c4:13:a8:37:ca:
                    79:0e:b4:ef:c3:25:14:dc:db:c4:b9:7f:e6:e3:bf:
                    6a:b9:c5:14:b1:f3:54:14:12:47:ab:11:7a:b0:b4:
                    cc:c6:55:a0:4b:d4:f6:c6:7e:aa:1f:5e:63:82:39:
                    e6:17:e8:4d:c6:c0:3a:fa:3f:95:75:24:f0:bc:40:
                    09:b9:ae:d8:96:9d:49:f4:b5:e6:61:26:2a:c2:a9:
                    0a:7e:5b:46:6e:89:35:a3:b4:35:70:fc:b6:56:2c:
                    aa:96:10:5c:b8:68:17:3b:89:7e:cc:79:40:f5:8b:
                    f1:a5:cb:79:90:e8:13:42:4c:52:dd:c2:38:df:a7:
                    be:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:E6:1F:02:B9:72:4D:A4:BA:65:EA:B7:F8:DE:F7:55:3F:99:D1:85
            X509v3 Authority Key Identifier:
                keyid:B5:8D:29:F7:B8:10:7F:15:85:B5:FF:E7:0C:50:2C:6C:8F:5D:33:02

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B3CA4/15F68B5CCF1911EAAEF60B1EC4F9AE02/tY0p97gQfxWFtf_nDFAsbI9dMwI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tY0p97gQfxWFtf_nDFAsbI9dMwI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B3CA4/15F68B5CCF1911EAAEF60B1EC4F9AE02/tY0p97gQfxWFtf_nDFAsbI9dMwI.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:a1:67:ad:bb:66:7c:b3:43:a2:73:28:28:c9:23:3a:6e:c1:
         d7:88:fb:76:89:54:fe:40:b4:80:6e:8d:f6:f9:d3:f7:b5:6c:
         12:ce:50:d1:9a:36:d4:30:3c:4b:d7:1f:d8:af:6c:ca:0b:a1:
         8c:47:dc:62:52:e5:dd:9d:8b:fc:bb:d3:e4:60:fb:89:ff:2f:
         8f:05:0a:3e:c2:33:a1:07:2b:a1:c5:3a:0c:54:25:96:17:3a:
         27:a0:38:5f:10:b5:61:e2:6c:2c:30:ed:8a:94:f3:f3:da:52:
         43:35:26:76:ab:16:8c:97:aa:29:1f:64:6f:42:f5:bc:9e:82:
         de:e4:db:f5:a6:ca:66:0a:e9:fe:0e:28:b3:e5:3c:81:d2:d0:
         d6:a7:5a:3f:f8:77:ba:09:60:2e:03:2b:c5:54:7d:f5:18:e9:
         b4:48:b3:b1:58:a1:22:af:1f:a3:13:e6:ae:2a:ba:65:b8:f6:
         1f:cf:40:30:df:e1:ed:6a:d4:f9:cc:04:8c:7a:e2:2a:52:f5:
         03:69:72:fc:dd:d0:4f:de:ce:9a:4f:e6:9e:83:3b:f2:33:94:
         bb:e2:f0:2e:bb:4d:a9:34:40:76:0f:db:75:56:86:78:41:30:
         53:80:1d:75:66:a5:03:4b:63:36:33:1f:14:07:20:15:8b:eb:
         19:ee:51:5d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCKYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjNDQTQxMTAvBgNVBAUTKEI1OEQyOUY3QjgxMDdGMTU4NUI1RkZFNzBDNTAyQzZD
OEY1RDMzMDIwHhcNMjUxMDE4MjE0NDM3WhcNMjUxMDI1MjE0NDM3WjAYMRYwFAYD
VQQDEw02OGY0MGE0NS1lZThmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA200kh6+6Y4xd/9kDv9uUm+hdCCF8Ly2nu/w/4kOT/SsG4TPJ2tZTMhjDj+P1
VKit8fWagdEYManybT+c3776eLeX+Qj9quGmRJGRbITFC23oR4Y4Gttrx7MOzghH
fnszqTnoh4kNRa4TmyrxSiYhKBFjTzonSyLk1SSLmipole/7xBOoN8p5DrTvwyUU
3NvEuX/m479qucUUsfNUFBJHqxF6sLTMxlWgS9T2xn6qH15jgjnmF+hNxsA6+j+V
dSTwvEAJua7Ylp1J9LXmYSYqwqkKfltGbok1o7Q1cPy2ViyqlhBcuGgXO4l+zHlA
9Yvxpct5kOgTQkxS3cI436e+SwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDrmHwK5
ck2kumXqt/je91U/mdGFMB8GA1UdIwQYMBaAFLWNKfe4EH8VhbX/5wxQLGyPXTMC
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCM0NBNC8xNUY2OEI1Q0NG
MTkxMUVBQUVGNjBCMUVDNEY5QUUwMi90WTBwOTdnUWZ4V0Z0Zl9uREZBc2JJOWRN
d0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RZMHA5N2dRZnhXRnRmX25ERkFzYkk5ZE13SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
M0NBNC8xNUY2OEI1Q0NGMTkxMUVBQUVGNjBCMUVDNEY5QUUwMi90WTBwOTdnUWZ4
V0Z0Zl9uREZBc2JJOWRNd0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQA9oWetu2Z8s0OicygoySM6bsHXiPt2iVT+QLSAbo32+dP3tWwSzlDR
mjbUMDxL1x/Yr2zKC6GMR9xiUuXdnYv8u9PkYPuJ/y+PBQo+wjOhByuhxToMVCWW
FzonoDhfELVh4mwsMO2KlPPz2lJDNSZ2qxaMl6opH2RvQvW8noLe5Nv1pspmCun+
Diiz5TyB0tDWp1o/+He6CWAuAyvFVH31GOm0SLOxWKEirx+jE+auKrpluPYfz0Aw
3+HtatT5zASMeuIqUvUDaXL83dBP3s6aT+aegzvyM5S74vAuu02pNEB2D9t1VoZ4
QTBTgB11ZqUDS2M2Mx8UByAVi+sZ7lFd
-----END CERTIFICATE-----
Generated at Mon Oct 20 17:25:10 2025 by rpki-client