Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B3CA4/15F68B5CCF1911EAAEF60B1EC4F9AE02/tY0p97gQfxWFtf_nDFAsbI9dMwI.mft
File:                     tY0p97gQfxWFtf_nDFAsbI9dMwI.mft (raw, json)
Hash identifier:          LE8EUg9ct48mE4so3TcL0LiL3xpli/tt1YB4UeMYcXU=
Subject key identifier:   E9:15:76:59:59:80:B1:BF:39:71:1A:A8:73:A9:B4:8E:42:4D:9F:8D
Authority key identifier: B5:8D:29:F7:B8:10:7F:15:85:B5:FF:E7:0C:50:2C:6C:8F:5D:33:02
Certificate issuer:       /CN=A91B3CA4/serialNumber=B58D29F7B8107F1585B5FFE70C502C6C8F5D3302
Certificate serial:       08A7
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tY0p97gQfxWFtf_nDFAsbI9dMwI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B3CA4/15F68B5CCF1911EAAEF60B1EC4F9AE02/tY0p97gQfxWFtf_nDFAsbI9dMwI.mft
Manifest number:          088D
Signing time:             Mon 20 Oct 2025 21:29:31 +0000
Manifest this update:     Mon 20 Oct 2025 21:29:30 +0000
Manifest next update:     Mon 27 Oct 2025 21:29:30 +0000
Files and hashes:         1: tY0p97gQfxWFtf_nDFAsbI9dMwI.crl (hash: jvlpqH3o+Nd3hJUt+oJA8yfu5VRp1J6PeVtmhc/7yxc=)
                          2: C33EB0EC7C4211EB933D233EC4F9AE02.roa (hash: V3s4r52s3OPKDLcYcdmKSn/0GHVPcogcj1iQaYzRFaU=)
                          3: F6F5BCCE53E711F084348F87C4F9AE02.roa (hash: eEq3ZG4qI8pUpOyGlAwoIW1Iq8bp1Jor6FtXouhYCXM=)
                          4: 3C3F21BAD6F011EE9B38B67DC4F9AE02.roa (hash: w/43LlQIYPABEvYlfxDIIPmu3emguiTlymMjfBLzQJU=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91B3CA4/15F68B5CCF1911EAAEF60B1EC4F9AE02/tY0p97gQfxWFtf_nDFAsbI9dMwI.crl
                          rsync://rpki.apnic.net/member_repository/A91B3CA4/15F68B5CCF1911EAAEF60B1EC4F9AE02/tY0p97gQfxWFtf_nDFAsbI9dMwI.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tY0p97gQfxWFtf_nDFAsbI9dMwI.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 27 Oct 2025 21:29:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2215 (0x8a7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B3CA4, serialNumber=B58D29F7B8107F1585B5FFE70C502C6C8F5D3302
        Validity
            Not Before: Oct 20 21:29:30 2025 GMT
            Not After : Oct 27 21:29:30 2025 GMT
        Subject: CN=68f6a9bb-f6c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:88:47:f8:c7:87:fe:f6:74:41:bd:14:8f:6a:
                    f1:87:b8:d8:30:73:a3:b6:08:59:e3:40:30:cb:79:
                    b6:6c:30:fd:90:e4:02:27:fc:cf:bf:8d:03:34:06:
                    9a:35:18:fc:02:12:35:1d:f9:9a:4b:1c:0e:2c:dd:
                    cc:fb:4e:13:03:a2:25:5f:50:4a:6d:3f:a2:70:13:
                    3c:f1:35:08:70:4d:8c:b6:af:73:41:51:fe:d8:85:
                    eb:76:1a:b2:7b:d1:2d:96:79:cb:d5:49:be:78:f6:
                    96:7c:b9:dd:1b:0f:2a:6d:12:fb:09:9d:42:aa:e9:
                    15:7a:51:23:9e:a7:e6:62:88:2d:25:cd:0d:4a:67:
                    0f:68:3d:a0:76:e0:61:20:15:74:f5:08:52:ab:2e:
                    f1:83:98:12:11:76:0d:10:8d:30:af:2a:da:37:07:
                    82:32:f7:d9:3c:67:a4:7d:9c:5d:d7:c0:88:de:1c:
                    8b:07:52:ce:4c:74:9e:0f:b4:c4:16:16:58:a9:e8:
                    78:5b:6d:b3:ae:8c:c5:5c:ed:17:8b:9b:d6:8b:1d:
                    6d:d4:5a:c6:a1:0c:bb:39:f2:e4:ad:74:e4:46:65:
                    c4:83:31:d2:cb:bb:dc:85:08:3e:05:98:2b:88:17:
                    d0:57:c6:eb:6a:7f:bf:56:f2:ae:f1:0f:68:e9:1b:
                    3a:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:15:76:59:59:80:B1:BF:39:71:1A:A8:73:A9:B4:8E:42:4D:9F:8D
            X509v3 Authority Key Identifier:
                keyid:B5:8D:29:F7:B8:10:7F:15:85:B5:FF:E7:0C:50:2C:6C:8F:5D:33:02

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B3CA4/15F68B5CCF1911EAAEF60B1EC4F9AE02/tY0p97gQfxWFtf_nDFAsbI9dMwI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tY0p97gQfxWFtf_nDFAsbI9dMwI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B3CA4/15F68B5CCF1911EAAEF60B1EC4F9AE02/tY0p97gQfxWFtf_nDFAsbI9dMwI.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:8b:32:c9:c9:03:54:e8:a8:12:5e:31:eb:1a:96:46:ea:b1:
         52:36:be:6a:31:44:33:b5:d7:cb:c3:59:5b:9d:df:dd:65:e9:
         f4:71:64:bc:bc:36:a1:4a:b8:89:4b:8f:d1:c9:1f:63:df:0b:
         c4:9c:e8:40:4a:0a:e2:dc:b7:9b:cd:2c:ee:91:27:a7:72:cc:
         ea:46:07:f4:12:ed:60:d3:33:6a:d6:a2:32:01:f8:c2:b6:57:
         85:5a:cf:35:f0:a6:1b:96:e6:e5:22:2f:1e:b1:f3:4e:eb:7e:
         f5:10:63:c8:e8:cc:f9:40:8c:88:71:89:44:c1:ce:7f:e3:7d:
         97:06:35:83:b0:58:72:3f:5b:82:77:d1:1b:f4:c3:4c:31:39:
         3d:34:4e:cf:a7:f9:6c:cb:f5:de:77:c0:f5:71:5a:f2:95:6f:
         37:47:89:53:8c:81:c6:ed:f1:2d:f7:94:2f:c0:91:a8:2f:69:
         ca:03:80:16:e0:8f:ac:27:60:c7:5d:cf:d0:28:8b:a4:59:35:
         87:f7:01:c5:e0:be:29:2a:ec:98:c2:32:9d:21:db:2c:af:cf:
         69:2f:1d:fc:0c:eb:35:cd:69:1b:06:b3:c2:06:32:4e:12:be:
         f4:b4:52:86:82:c7:f1:c1:f9:1a:7a:c4:18:ac:39:77:cd:63:
         58:d4:88:48
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCKcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjNDQTQxMTAvBgNVBAUTKEI1OEQyOUY3QjgxMDdGMTU4NUI1RkZFNzBDNTAyQzZD
OEY1RDMzMDIwHhcNMjUxMDIwMjEyOTMwWhcNMjUxMDI3MjEyOTMwWjAYMRYwFAYD
VQQDEw02OGY2YTliYi1mNmM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy4hH+MeH/vZ0Qb0Uj2rxh7jYMHOjtghZ40Awy3m2bDD9kOQCJ/zPv40DNAaa
NRj8AhI1HfmaSxwOLN3M+04TA6IlX1BKbT+icBM88TUIcE2Mtq9zQVH+2IXrdhqy
e9EtlnnL1Um+ePaWfLndGw8qbRL7CZ1CqukVelEjnqfmYogtJc0NSmcPaD2gduBh
IBV09QhSqy7xg5gSEXYNEI0wryraNweCMvfZPGekfZxd18CI3hyLB1LOTHSeD7TE
FhZYqeh4W22zrozFXO0Xi5vWix1t1FrGoQy7OfLkrXTkRmXEgzHSy7vchQg+BZgr
iBfQV8bran+/VvKu8Q9o6Rs6ZwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOkVdllZ
gLG/OXEaqHOptI5CTZ+NMB8GA1UdIwQYMBaAFLWNKfe4EH8VhbX/5wxQLGyPXTMC
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCM0NBNC8xNUY2OEI1Q0NG
MTkxMUVBQUVGNjBCMUVDNEY5QUUwMi90WTBwOTdnUWZ4V0Z0Zl9uREZBc2JJOWRN
d0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RZMHA5N2dRZnhXRnRmX25ERkFzYkk5ZE13SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
M0NBNC8xNUY2OEI1Q0NGMTkxMUVBQUVGNjBCMUVDNEY5QUUwMi90WTBwOTdnUWZ4
V0Z0Zl9uREZBc2JJOWRNd0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQB4izLJyQNU6KgSXjHrGpZG6rFSNr5qMUQztdfLw1lbnd/dZen0cWS8
vDahSriJS4/RyR9j3wvEnOhASgri3LebzSzukSencszqRgf0Eu1g0zNq1qIyAfjC
tleFWs818KYblublIi8esfNO6371EGPI6Mz5QIyIcYlEwc5/432XBjWDsFhyP1uC
d9Eb9MNMMTk9NE7Pp/lsy/Xed8D1cVrylW83R4lTjIHG7fEt95QvwJGoL2nKA4AW
4I+sJ2DHXc/QKIukWTWH9wHF4L4pKuyYwjKdIdssr89pLx38DOs1zWkbBrPCBjJO
Er70tFKGgsfxwfkaesQYrDl3zWNY1IhI
-----END CERTIFICATE-----
Generated at Tue Oct 21 00:29:32 2025 by rpki-client