Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.mft
File:                     TK4677Gsir3bmbzO5PpakW0VezQ.mft (raw, json)
Hash identifier:          qfFkPA+beoVgxzzmvPAb8593th3J0H8Ix0jiLHBb+38=
Subject key identifier:   B0:64:42:56:9B:C3:75:89:2A:82:A4:B4:AA:58:57:4E:2F:C0:6E:DA
Authority key identifier: 4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
Certificate issuer:       /CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Certificate serial:       366B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.mft
Manifest number:          358E
Signing time:             Sat 18 Oct 2025 14:31:41 +0000
Manifest this update:     Sat 18 Oct 2025 14:31:41 +0000
Manifest next update:     Sat 25 Oct 2025 14:31:41 +0000
Files and hashes:         1: TK4677Gsir3bmbzO5PpakW0VezQ.crl (hash: 5PJo7O37tRRAC8TlFiJqKkWYe5dv9FYFZuGZtoimZcY=)
                          2: D166652A072211EF9AC24D5BC4F9AE02.roa (hash: RL1lTbOt6Av5nEYA4DHBlIKK0hqxvZRiBkpLy29xghs=)
                          3: 8FD552C071F111F0AE49323FC4F9AE02.roa (hash: k0XECPDgxEsPxo1hnPOQ8t+HVImApkPuGWwQ5OUwJvs=)
                          4: 945922AECEBA11EDBBFD9E28C4F9AE02.roa (hash: 2rH+VWOcuPOah5bNHP9sMT7gm/W2BD5Lz0whslurntk=)
                          5: 24D7D74C978011EE87BB7D53C4F9AE02.roa (hash: CuyEAz/Z+ba3st2KGZYRh65vVcO9Be9AbPEfcjuGd9k=)
                          6: 31D56A8E06C711EF9A0E1D0AC4F9AE02.roa (hash: Yqwo5M588Yfv+JXGuvZtKg0Gtdf+iGVakUUN+3KDHdo=)
                          7: CE997E2EEA9B11EFA6A3D730C4F9AE02.roa (hash: uN0e+cUzXR0q+zRv9FKfvDWSlrjYXQb/CNzmut03rlU=)
                          8: D630A6B206D511EFB6CFDF2DC4F9AE02.roa (hash: oGdV623K9DaOonzZkenCae7aE6BqwAo6RdH7Y25n0b4=)
                          9: 4DC27210558111EF880A8679C4F9AE02.roa (hash: m1XRr2iAq+1TVgkspEslzx6eWsdA8L2B6700lAxn/d4=)
                          10: 4DFF14DE71F211F08D45AC42C4F9AE02.roa (hash: gBF3Jk34am1InKRIBH9CrloJz67l7rFKCD8FkbkPjyM=)
                          11: E83E047071F111F0BBD1B63FC4F9AE02.roa (hash: vqgqViMpJQbvpRF0eRLHvKsvOmM8OQ5c7Ho2iOiRHUM=)
                          12: 4B2AFD54ABA611EEA4B59A6AC4F9AE02.roa (hash: 92OU291hR0YIYqWJJIcvZXszn84NKrAjVspQkxjVbEI=)
                          13: 77D96D4A4F3411EFBA0A2659C4F9AE02.roa (hash: ol23eWYMbqFxa7AzTOzpz7Em2i4wKmL7cxMptLBFr00=)
                          14: 8FF00754732F11EE90078C13C4F9AE02.roa (hash: FvhGoDcJkl/uVyMeuA2e84lQ0fEQXKW9fiAoOj29wy4=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl
                          rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 25 Oct 2025 14:31:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13931 (0x366b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B5D7E, serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
        Validity
            Not Before: Oct 18 14:31:41 2025 GMT
            Not After : Oct 25 14:31:41 2025 GMT
        Subject: CN=68f3a4cd-c880
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:c8:b3:8a:06:55:e1:3f:9f:6b:ec:0d:59:0d:
                    55:a2:8a:12:3f:6d:53:85:71:bf:8d:a5:ed:c7:6b:
                    d3:9d:9b:9b:10:7b:5f:af:0f:b7:bb:97:04:0c:c6:
                    02:5e:be:d0:cb:80:41:11:20:25:96:81:8f:a3:b9:
                    da:40:98:b7:d7:f2:50:c4:f4:e6:bb:68:26:bd:68:
                    9b:2b:67:69:28:84:66:b3:b9:f0:10:89:3b:9a:68:
                    6e:66:e5:f9:9a:53:61:6f:3c:f6:6b:2c:ab:fd:78:
                    68:e1:fe:f2:8c:84:5e:a7:66:4b:47:40:bc:51:c3:
                    dd:82:29:e0:1b:77:70:c5:8e:bc:ee:16:e5:59:79:
                    5e:6b:5e:68:1f:b8:fb:8c:88:4b:54:b0:6d:d2:61:
                    a1:69:08:6e:71:35:ac:b0:80:f9:18:ab:d0:48:e7:
                    43:8a:34:c5:5d:06:64:92:a8:a7:05:2a:03:34:4e:
                    f7:f4:73:ff:20:0e:db:6f:22:0b:fe:ad:44:21:61:
                    ab:74:12:ff:67:5a:e8:75:6a:db:97:f5:2c:8f:ca:
                    0d:33:42:ca:3b:72:7b:c9:a5:7c:98:1a:ec:8e:45:
                    d6:5f:6f:23:98:8c:98:c1:c9:d9:a2:59:bf:00:3f:
                    ef:e6:27:9d:24:3a:4c:43:8c:7a:66:d9:66:c7:3c:
                    f6:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:64:42:56:9B:C3:75:89:2A:82:A4:B4:AA:58:57:4E:2F:C0:6E:DA
            X509v3 Authority Key Identifier:
                keyid:4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:d0:4d:26:e1:1e:17:a6:73:4c:40:4e:15:2e:45:e7:85:4b:
         70:a0:32:f6:5a:5f:17:39:ec:c6:5a:7b:cc:67:71:5a:f0:be:
         f1:37:0a:8e:d0:0c:fb:a6:42:16:8f:cb:91:6a:71:82:8f:83:
         76:69:af:da:83:ff:2a:cf:c5:21:e1:ab:9e:9f:1d:33:b6:ab:
         b4:22:05:10:80:8b:4a:72:aa:86:c3:e6:e6:bf:c1:4e:6f:b9:
         80:6b:ff:62:eb:99:45:fc:00:30:53:3f:25:ec:db:9e:ee:02:
         11:32:68:e1:4e:66:61:c8:9f:ae:0b:0f:ed:ab:5a:c4:55:49:
         c4:d1:64:40:d8:c0:34:3f:bf:52:f5:f0:ff:61:d6:45:ef:88:
         61:1a:be:b4:1c:7d:7a:3f:01:83:f7:5b:37:20:75:b4:d0:37:
         50:f2:88:1b:88:d9:4d:ce:f0:ef:1c:be:24:2b:16:1e:db:c6:
         e3:ad:be:e3:f3:79:b1:28:bb:62:b3:50:c9:91:db:c3:28:4a:
         aa:ca:3b:ba:35:66:cd:8e:65:09:d2:b7:b3:0a:b9:0f:2b:ea:
         cf:73:d1:c2:55:64:02:9d:66:96:a9:eb:3d:76:ed:8d:ae:b7:
         bb:0f:13:4c:57:ad:86:3e:85:bc:9a:c1:61:5e:dc:fc:54:03:
         7e:49:3f:af
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICNmswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjVEN0UxMTAvBgNVBAUTKDRDQUUzQUVGQjFBQzhBQkREQjk5QkNDRUU0RkE1QTkx
NkQxNTdCMzQwHhcNMjUxMDE4MTQzMTQxWhcNMjUxMDI1MTQzMTQxWjAYMRYwFAYD
VQQDEw02OGYzYTRjZC1jODgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5MizigZV4T+fa+wNWQ1VoooSP21ThXG/jaXtx2vTnZubEHtfrw+3u5cEDMYC
Xr7Qy4BBESAlloGPo7naQJi31/JQxPTmu2gmvWibK2dpKIRms7nwEIk7mmhuZuX5
mlNhbzz2ayyr/Xho4f7yjIRep2ZLR0C8UcPdgingG3dwxY687hblWXlea15oH7j7
jIhLVLBt0mGhaQhucTWssID5GKvQSOdDijTFXQZkkqinBSoDNE739HP/IA7bbyIL
/q1EIWGrdBL/Z1rodWrbl/Usj8oNM0LKO3J7yaV8mBrsjkXWX28jmIyYwcnZolm/
AD/v5iedJDpMQ4x6Ztlmxzz2+QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLBkQlab
w3WJKoKktKpYV04vwG7aMB8GA1UdIwQYMBaAFEyuOu+xrIq925m8zuT6WpFtFXs0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUQ3RS9FQ0E2ODIzNDFE
ODcxMUUyOTgzMjJERTAwOEIwMkNEMi9USzQ2NzdHc2lyM2JtYnpPNVBwYWtXMFZl
elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RLNDY3N0dzaXIzYm1iek81UHBha1cwVmV6US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
NUQ3RS9FQ0E2ODIzNDFEODcxMUUyOTgzMjJERTAwOEIwMkNEMi9USzQ2NzdHc2ly
M2JtYnpPNVBwYWtXMFZlelEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQA+0E0m4R4XpnNMQE4VLkXnhUtwoDL2Wl8XOezGWnvMZ3Fa8L7xNwqO
0Az7pkIWj8uRanGCj4N2aa/ag/8qz8Uh4auenx0ztqu0IgUQgItKcqqGw+bmv8FO
b7mAa/9i65lF/AAwUz8l7Nue7gIRMmjhTmZhyJ+uCw/tq1rEVUnE0WRA2MA0P79S
9fD/YdZF74hhGr60HH16PwGD91s3IHW00DdQ8ogbiNlNzvDvHL4kKxYe28bjrb7j
83mxKLtis1DJkdvDKEqqyju6NWbNjmUJ0rezCrkPK+rPc9HCVWQCnWaWqes9du2N
rre7DxNMV62GPoW8msFhXtz8VAN+ST+v
-----END CERTIFICATE-----
Generated at Mon Oct 20 16:27:40 2025 by rpki-client