Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B56F0/7D67E4D4384C11EABEA2DB71C4F9AE02/L4dzyVEFOxQ4vCfsxV45KvteK7I.mft
File:                     L4dzyVEFOxQ4vCfsxV45KvteK7I.mft (raw, json)
Hash identifier:          ZCsVuvuOPSDeVTOQowgND+kBxcxUM5pdjSLDtt7wiaE=
Subject key identifier:   AD:14:12:11:57:B2:27:9D:8A:2E:88:1B:86:FC:23:48:A2:3A:DB:F0
Authority key identifier: 2F:87:73:C9:51:05:3B:14:38:BC:27:EC:C5:5E:39:2A:FB:5E:2B:B2
Certificate issuer:       /CN=A91B56F0/serialNumber=2F8773C951053B1438BC27ECC55E392AFB5E2BB2
Certificate serial:       0BA5
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/L4dzyVEFOxQ4vCfsxV45KvteK7I.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B56F0/7D67E4D4384C11EABEA2DB71C4F9AE02/L4dzyVEFOxQ4vCfsxV45KvteK7I.mft
Manifest number:          0B8C
Signing time:             Sat 18 Oct 2025 19:53:36 +0000
Manifest this update:     Sat 18 Oct 2025 19:53:35 +0000
Manifest next update:     Sat 25 Oct 2025 19:53:35 +0000
Files and hashes:         1: L4dzyVEFOxQ4vCfsxV45KvteK7I.crl (hash: 73K18/UTxO9hyzky0xmwBo9rJwWKGdEozYpur+fEN7s=)
                          2: 83407C26744C11F0B13EF277C4F9AE02.roa (hash: 5vDMHEqxZbdIA4ss4l4IIZRuHWQzVA0rRAeBvXbSbaI=)
                          3: 84AC17989B0811EDB5FDAF75C4F9AE02.roa (hash: eX92U/H+ZCVecCeGgTVqWhOCqzFSaTsYmsLKYsy4M8s=)
                          4: 843804BE744C11F0B13EF277C4F9AE02.roa (hash: KVcRx1AIexKUEoEWUnnAhnjFkWCaA/g6jhGPzAyzQQ4=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91B56F0/7D67E4D4384C11EABEA2DB71C4F9AE02/L4dzyVEFOxQ4vCfsxV45KvteK7I.crl
                          rsync://rpki.apnic.net/member_repository/A91B56F0/7D67E4D4384C11EABEA2DB71C4F9AE02/L4dzyVEFOxQ4vCfsxV45KvteK7I.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/L4dzyVEFOxQ4vCfsxV45KvteK7I.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 25 Oct 2025 19:53:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2981 (0xba5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B56F0, serialNumber=2F8773C951053B1438BC27ECC55E392AFB5E2BB2
        Validity
            Not Before: Oct 18 19:53:35 2025 GMT
            Not After : Oct 25 19:53:35 2025 GMT
        Subject: CN=68f3f040-bd7f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:ee:a5:81:b3:d3:60:57:9b:fb:fe:0a:a8:a0:
                    9f:9b:95:73:71:9f:17:3b:a4:39:3a:67:34:02:f0:
                    2f:c6:1f:36:23:10:a0:1f:02:8b:db:ab:24:b1:b7:
                    c3:91:f7:2a:98:5b:e7:88:20:f2:c9:11:ee:a8:e5:
                    79:43:cf:4d:93:01:5f:fa:de:10:32:42:39:1f:2e:
                    5e:3f:45:b5:ea:ae:95:3a:e2:98:44:14:6d:5b:56:
                    b7:6c:7e:bf:06:43:bf:ea:d2:0c:2d:9e:eb:f3:01:
                    4e:68:dc:96:b6:35:d9:ca:9f:34:56:5e:72:03:00:
                    96:48:7a:11:d8:dd:55:b9:82:66:35:fb:f5:c1:0b:
                    a7:c1:6c:0c:1a:8b:60:92:ab:e4:4d:49:d0:20:85:
                    45:c2:ff:23:f2:ee:eb:49:77:e4:e8:78:17:80:56:
                    81:09:0b:32:02:20:dd:94:43:10:ab:18:cc:af:78:
                    a9:00:48:a1:a9:9c:00:76:a4:af:25:f1:76:19:e9:
                    88:7a:25:3b:3f:8e:ea:02:d1:d9:7f:c7:58:76:d2:
                    f6:41:9c:f6:ce:0c:fb:93:af:91:e1:ad:90:bd:15:
                    4a:f7:b4:e9:3d:89:37:5a:cd:14:58:64:9d:8c:6e:
                    ba:a0:13:8d:91:87:cd:3e:5f:99:fc:84:1c:5c:85:
                    24:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:14:12:11:57:B2:27:9D:8A:2E:88:1B:86:FC:23:48:A2:3A:DB:F0
            X509v3 Authority Key Identifier:
                keyid:2F:87:73:C9:51:05:3B:14:38:BC:27:EC:C5:5E:39:2A:FB:5E:2B:B2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B56F0/7D67E4D4384C11EABEA2DB71C4F9AE02/L4dzyVEFOxQ4vCfsxV45KvteK7I.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/L4dzyVEFOxQ4vCfsxV45KvteK7I.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B56F0/7D67E4D4384C11EABEA2DB71C4F9AE02/L4dzyVEFOxQ4vCfsxV45KvteK7I.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:14:4e:c3:d3:6d:09:c4:80:63:2a:72:df:5e:f1:23:64:42:
         b5:e3:e9:f1:be:b7:a5:f8:14:da:c9:52:18:9d:f4:24:35:bb:
         3c:b7:fe:3f:3c:96:e6:d0:69:65:b3:a4:60:87:37:4e:7d:9e:
         62:20:2e:1a:a8:ba:53:07:c2:c6:5a:47:52:14:c2:a9:99:60:
         9d:23:11:e4:c8:e6:92:27:c3:7d:01:fb:ee:f1:4e:c4:44:62:
         b3:88:ae:3d:05:45:54:63:e2:2c:a6:ae:ed:67:43:63:4f:f9:
         03:7c:cf:11:35:05:0b:d7:82:32:36:9e:56:37:bd:73:6e:a7:
         c5:2f:dd:4c:84:f6:0f:0c:3a:03:1c:e9:30:01:a5:d1:65:0d:
         2b:a5:b1:62:6a:a6:30:e7:02:46:ff:59:fd:31:b0:c1:c6:9d:
         3a:49:1e:22:2e:50:50:68:d3:76:c3:05:ff:78:9f:76:47:35:
         23:86:a0:f9:73:f2:96:e2:10:a6:63:08:f9:17:5d:6e:ea:1f:
         f8:05:f9:8c:af:c1:e8:bd:ae:54:14:45:74:12:f0:50:6c:0e:
         33:17:6a:db:fc:2b:a6:a7:7e:a5:33:53:2d:ea:c3:a1:76:52:
         d1:2a:fb:73:a8:32:c1:ff:09:98:5d:9a:b3:0b:82:e4:0f:cd:
         06:1b:4b:ca
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICC6UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjU2RjAxMTAvBgNVBAUTKDJGODc3M0M5NTEwNTNCMTQzOEJDMjdFQ0M1NUUzOTJB
RkI1RTJCQjIwHhcNMjUxMDE4MTk1MzM1WhcNMjUxMDI1MTk1MzM1WjAYMRYwFAYD
VQQDEw02OGYzZjA0MC1iZDdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnO6lgbPTYFeb+/4KqKCfm5VzcZ8XO6Q5Omc0AvAvxh82IxCgHwKL26sksbfD
kfcqmFvniCDyyRHuqOV5Q89NkwFf+t4QMkI5Hy5eP0W16q6VOuKYRBRtW1a3bH6/
BkO/6tIMLZ7r8wFOaNyWtjXZyp80Vl5yAwCWSHoR2N1VuYJmNfv1wQunwWwMGotg
kqvkTUnQIIVFwv8j8u7rSXfk6HgXgFaBCQsyAiDdlEMQqxjMr3ipAEihqZwAdqSv
JfF2GemIeiU7P47qAtHZf8dYdtL2QZz2zgz7k6+R4a2QvRVK97TpPYk3Ws0UWGSd
jG66oBONkYfNPl+Z/IQcXIUkDQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFK0UEhFX
siedii6IG4b8I0iiOtvwMB8GA1UdIwQYMBaAFC+Hc8lRBTsUOLwn7MVeOSr7Xiuy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNTZGMC83RDY3RTRENDM4
NEMxMUVBQkVBMkRCNzFDNEY5QUUwMi9MNGR6eVZFRk94UTR2Q2ZzeFY0NUt2dGVL
N0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0w0ZHp5VkVGT3hRNHZDZnN4VjQ1S3Z0ZUs3SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
NTZGMC83RDY3RTRENDM4NEMxMUVBQkVBMkRCNzFDNEY5QUUwMi9MNGR6eVZFRk94
UTR2Q2ZzeFY0NUt2dGVLN0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBsFE7D020JxIBjKnLfXvEjZEK14+nxvrel+BTayVIYnfQkNbs8t/4/
PJbm0Glls6RghzdOfZ5iIC4aqLpTB8LGWkdSFMKpmWCdIxHkyOaSJ8N9Afvu8U7E
RGKziK49BUVUY+Ispq7tZ0NjT/kDfM8RNQUL14IyNp5WN71zbqfFL91MhPYPDDoD
HOkwAaXRZQ0rpbFiaqYw5wJG/1n9MbDBxp06SR4iLlBQaNN2wwX/eJ92RzUjhqD5
c/KW4hCmYwj5F11u6h/4BfmMr8Hova5UFEV0EvBQbA4zF2rb/Cump36lM1Mt6sOh
dlLRKvtzqDLB/wmYXZqzC4LkD80GG0vK
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:59:56 2025 by rpki-client