Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.mft
File:                     RITQfaaNUwUM3PaxPAwFReZFfOU.mft (raw, json)
Hash identifier:          AJMPG9J5P5Yzmxu0c2v3C6khtiQkJBXAaegBg5awR8M=
Subject key identifier:   56:2E:B7:84:F1:48:6C:BC:81:17:40:C2:A9:70:C5:DF:0F:31:15:F0
Authority key identifier: 44:84:D0:7D:A6:8D:53:05:0C:DC:F6:B1:3C:0C:05:45:E6:45:7C:E5
Certificate issuer:       /CN=A91B5CEA/serialNumber=4484D07DA68D53050CDCF6B13C0C0545E6457CE5
Certificate serial:       022B
Authority info access:    rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/RITQfaaNUwUM3PaxPAwFReZFfOU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.mft
Manifest number:          0227
Signing time:             Sun 19 Oct 2025 04:16:36 +0000
Manifest this update:     Sun 19 Oct 2025 04:16:35 +0000
Manifest next update:     Sun 26 Oct 2025 04:16:35 +0000
Files and hashes:         1: RITQfaaNUwUM3PaxPAwFReZFfOU.crl (hash: HKGD8DcUXOXYBpVz6U9xgKj6XfUOcY6ZnoV/8WDCzH4=)
                          2: B3795CBC64F211ED9AEC046FC4F9AE02.roa (hash: tX50rThQWeAbKIESIwrC0zdSKgD+i4OgX2qNIGi6fqk=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.crl
                          rsync://rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.mft
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/RITQfaaNUwUM3PaxPAwFReZFfOU.cer
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 26 Oct 2025 04:16:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 555 (0x22b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B5CEA, serialNumber=4484D07DA68D53050CDCF6B13C0C0545E6457CE5
        Validity
            Not Before: Oct 19 04:16:35 2025 GMT
            Not After : Oct 26 04:16:35 2025 GMT
        Subject: CN=68f46624-cd24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:9c:04:7a:0e:93:78:53:b6:3b:2b:f0:b0:5d:
                    4c:ca:4f:06:08:11:a4:50:88:b8:f6:13:a9:4e:0d:
                    84:67:be:2f:f0:c0:60:29:06:a2:c6:4e:3f:61:65:
                    19:bf:a4:3b:e9:3f:0f:9e:2f:b9:37:0a:62:53:2c:
                    86:09:75:85:32:9d:d5:ea:c9:87:3e:d0:b2:eb:68:
                    14:18:19:cf:2b:cb:08:a8:49:23:e9:84:ff:d9:99:
                    3d:02:9f:6d:92:a1:68:c3:53:cc:c0:69:43:8c:83:
                    30:62:d9:90:e1:bc:bb:29:03:d5:c6:e4:12:5d:05:
                    75:59:a1:5a:b6:85:8a:7a:67:48:f0:6a:02:47:de:
                    f7:a2:28:2b:53:71:f6:02:fb:45:c4:6d:e0:bc:b7:
                    71:61:1f:57:8d:f5:29:2f:ed:a4:77:df:8a:1b:4e:
                    07:ef:30:50:0d:8a:4b:1d:da:f2:54:0f:6f:13:e0:
                    40:07:ea:98:58:e5:b2:6e:d7:db:12:25:1d:47:e5:
                    89:f1:55:1b:2c:3b:b0:28:95:01:e1:b5:9d:9c:0f:
                    aa:f1:32:f2:5b:c6:87:e9:d4:42:3b:ae:04:e1:64:
                    b4:57:b1:a5:7a:ac:cb:7a:c2:94:82:ae:31:21:15:
                    ba:dd:76:89:65:ec:c4:ce:3d:7c:4a:c6:2b:a3:cf:
                    94:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:2E:B7:84:F1:48:6C:BC:81:17:40:C2:A9:70:C5:DF:0F:31:15:F0
            X509v3 Authority Key Identifier:
                keyid:44:84:D0:7D:A6:8D:53:05:0C:DC:F6:B1:3C:0C:05:45:E6:45:7C:E5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/RITQfaaNUwUM3PaxPAwFReZFfOU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:e2:12:b2:d2:16:77:b8:84:29:90:6b:4f:20:c8:ef:2f:0f:
         5b:f3:3a:64:2a:86:81:6e:8a:b9:13:7c:bf:bd:56:e5:17:2c:
         f3:72:91:cf:ab:72:dc:f3:2f:6b:2f:d3:a4:c1:89:ad:49:93:
         97:82:d0:56:50:d7:67:00:db:3f:6d:58:1d:51:94:39:a1:f3:
         4c:6d:15:b3:0b:59:44:57:0e:b0:93:7e:b3:dc:da:ec:a6:ad:
         8e:29:4c:b3:47:04:7b:45:6f:4f:af:e7:0a:a8:c6:c1:99:64:
         36:fb:a5:7e:32:fa:9a:c1:89:4b:75:6b:f2:93:27:d5:91:93:
         e2:72:3d:4e:97:6c:ed:4d:74:bf:c2:e5:70:2b:53:54:c5:78:
         58:a9:90:62:60:50:23:95:ef:ea:5d:10:a3:cd:a2:8d:74:e8:
         d4:fb:ba:bd:95:48:65:05:10:c9:3c:00:fd:c9:eb:1e:a5:be:
         14:4d:6a:fe:fc:82:59:44:dc:fb:e2:51:98:c5:57:24:c9:25:
         7b:d3:19:03:71:52:a8:d2:9a:56:b0:bd:de:e8:c5:22:41:92:
         ef:eb:d4:e4:81:33:4f:b6:40:77:3f:c5:d6:cf:45:89:45:a6:
         11:60:33:e8:5d:60:e8:0d:02:0a:b2:bf:50:af:bb:80:d7:85:
         76:1c:00:a4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAiswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjVDRUExMTAvBgNVBAUTKDQ0ODREMDdEQTY4RDUzMDUwQ0RDRjZCMTNDMEMwNTQ1
RTY0NTdDRTUwHhcNMjUxMDE5MDQxNjM1WhcNMjUxMDI2MDQxNjM1WjAYMRYwFAYD
VQQDEw02OGY0NjYyNC1jZDI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAlpwEeg6TeFO2OyvwsF1Myk8GCBGkUIi49hOpTg2EZ74v8MBgKQaixk4/YWUZ
v6Q76T8Pni+5NwpiUyyGCXWFMp3V6smHPtCy62gUGBnPK8sIqEkj6YT/2Zk9Ap9t
kqFow1PMwGlDjIMwYtmQ4by7KQPVxuQSXQV1WaFatoWKemdI8GoCR973oigrU3H2
AvtFxG3gvLdxYR9XjfUpL+2kd9+KG04H7zBQDYpLHdryVA9vE+BAB+qYWOWybtfb
EiUdR+WJ8VUbLDuwKJUB4bWdnA+q8TLyW8aH6dRCO64E4WS0V7GleqzLesKUgq4x
IRW63XaJZezEzj18SsYro8+UnQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFYut4Tx
SGy8gRdAwqlwxd8PMRXwMB8GA1UdIwQYMBaAFESE0H2mjVMFDNz2sTwMBUXmRXzl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUNFQS8xRjYzQTU2ODY0
RUUxMUVEQTRBMzQ1MTNDNEY5QUUwMi9SSVRRZmFhTlV3VU0zUGF4UEF3RlJlWkZm
T1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyL1JJVFFmYWFOVXdVTTNQYXhQQXdGUmVaRmZPVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
NUNFQS8xRjYzQTU2ODY0RUUxMUVEQTRBMzQ1MTNDNEY5QUUwMi9SSVRRZmFhTlV3
VU0zUGF4UEF3RlJlWkZmT1UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQB64hKy0hZ3uIQpkGtPIMjvLw9b8zpkKoaBboq5E3y/vVblFyzzcpHP
q3Lc8y9rL9OkwYmtSZOXgtBWUNdnANs/bVgdUZQ5ofNMbRWzC1lEVw6wk36z3Nrs
pq2OKUyzRwR7RW9Pr+cKqMbBmWQ2+6V+MvqawYlLdWvykyfVkZPicj1Ol2ztTXS/
wuVwK1NUxXhYqZBiYFAjle/qXRCjzaKNdOjU+7q9lUhlBRDJPAD9yesepb4UTWr+
/IJZRNz74lGYxVckySV70xkDcVKo0ppWsL3e6MUiQZLv69TkgTNPtkB3P8XWz0WJ
RaYRYDPoXWDoDQIKsr9Qr7uA14V2HACk
-----END CERTIFICATE-----
Generated at Tue Oct 21 00:39:04 2025 by rpki-client