Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B65E6/87D1ED067A8711EB908EBD63C4F9AE02/iHgvgx82npb5eaJYXPJzyRbHtP0.mft
File:                     iHgvgx82npb5eaJYXPJzyRbHtP0.mft (raw, json)
Hash identifier:          tfXm+BDtN8W0WqRr3RE9oz22stJDzCx5/Jd+97RUu1Y=
Subject key identifier:   DA:CB:9F:5E:6F:25:70:03:2D:70:9A:8B:23:16:44:69:C5:0C:65:32
Authority key identifier: 88:78:2F:83:1F:36:9E:96:F9:79:A2:58:5C:F2:73:C9:16:C7:B4:FD
Certificate issuer:       /CN=A91B65E6/serialNumber=88782F831F369E96F979A2585CF273C916C7B4FD
Certificate serial:       06D8
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iHgvgx82npb5eaJYXPJzyRbHtP0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B65E6/87D1ED067A8711EB908EBD63C4F9AE02/iHgvgx82npb5eaJYXPJzyRbHtP0.mft
Manifest number:          06C8
Signing time:             Sat 18 Oct 2025 23:33:26 +0000
Manifest this update:     Sat 18 Oct 2025 23:33:25 +0000
Manifest next update:     Sat 25 Oct 2025 23:33:25 +0000
Files and hashes:         1: iHgvgx82npb5eaJYXPJzyRbHtP0.crl (hash: 5Aeg5zJfm9ZzCgz3WMefz7iAPqS8hazRw4DhiDAM2/s=)
                          2: F0C772307F7E11F087D1053FC4F9AE02.roa (hash: DvNrhC8a3h1mD9aZVMuZoFYwKlsezNJ86QOyfNQr7Ak=)
                          3: 0F425E96346711EFA663CD51C4F9AE02.roa (hash: QRognwJk9AvzC5yneK2dgTuODW0yL1x1QHdbXzDSYZ0=)
                          4: 2BC67A2A346711EF9EEB0F52C4F9AE02.roa (hash: JEn605s5uj7twYN8vhMjV/lhtaUfRkimlGOAUbH9hfo=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91B65E6/87D1ED067A8711EB908EBD63C4F9AE02/iHgvgx82npb5eaJYXPJzyRbHtP0.crl
                          rsync://rpki.apnic.net/member_repository/A91B65E6/87D1ED067A8711EB908EBD63C4F9AE02/iHgvgx82npb5eaJYXPJzyRbHtP0.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iHgvgx82npb5eaJYXPJzyRbHtP0.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 25 Oct 2025 23:33:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1752 (0x6d8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B65E6, serialNumber=88782F831F369E96F979A2585CF273C916C7B4FD
        Validity
            Not Before: Oct 18 23:33:25 2025 GMT
            Not After : Oct 25 23:33:25 2025 GMT
        Subject: CN=68f423c6-dd04
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:13:79:aa:e3:61:bc:66:e3:fe:93:cc:25:9d:
                    7b:af:56:82:e8:c2:df:24:48:66:7f:5f:79:17:9a:
                    34:0c:8a:e2:8b:40:8f:b3:71:22:28:7b:36:c6:a2:
                    e3:5d:b8:b1:ab:14:23:8f:90:85:af:3e:46:30:72:
                    95:ea:98:d3:8a:ba:83:6a:4c:25:ae:19:8e:aa:92:
                    c2:07:c5:b4:8e:4e:01:54:17:24:ee:d7:ad:eb:28:
                    5e:9e:bf:59:3c:02:10:09:4a:d5:3e:5a:1b:e0:a5:
                    4b:ee:a9:91:7f:d9:2b:38:42:9f:d1:69:eb:6a:52:
                    64:b6:a8:88:90:97:19:9b:f8:45:ed:24:17:86:13:
                    50:3b:64:d3:ac:68:b7:1e:be:44:72:a2:81:77:b8:
                    b0:f1:58:51:28:4c:d6:f0:1b:8f:40:07:a2:12:90:
                    d6:f8:6e:60:39:66:fe:7c:d8:95:bd:ad:b5:91:80:
                    93:0d:7c:f2:54:de:32:7d:8b:f3:b3:a0:af:86:29:
                    80:94:2f:d6:fd:bd:aa:0d:c2:81:17:27:75:f9:c4:
                    b3:81:27:60:8a:02:0c:44:7a:b0:af:e1:1b:85:91:
                    7e:8d:d9:02:21:b3:fd:a8:fe:9d:a8:7d:7d:08:1e:
                    3a:91:17:e4:15:4a:2f:85:27:5b:db:6d:32:ad:4b:
                    0a:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:CB:9F:5E:6F:25:70:03:2D:70:9A:8B:23:16:44:69:C5:0C:65:32
            X509v3 Authority Key Identifier:
                keyid:88:78:2F:83:1F:36:9E:96:F9:79:A2:58:5C:F2:73:C9:16:C7:B4:FD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B65E6/87D1ED067A8711EB908EBD63C4F9AE02/iHgvgx82npb5eaJYXPJzyRbHtP0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iHgvgx82npb5eaJYXPJzyRbHtP0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B65E6/87D1ED067A8711EB908EBD63C4F9AE02/iHgvgx82npb5eaJYXPJzyRbHtP0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:17:bb:9e:95:8f:84:79:90:cb:e3:8c:ba:2e:55:c7:80:4f:
         d2:9c:6e:cf:2a:09:57:c2:f5:15:f4:03:8b:eb:ce:d4:ef:37:
         14:c5:72:f3:92:16:5f:01:c3:96:3b:2f:8d:31:1a:9e:8a:bb:
         f0:0d:77:3b:0b:f4:ca:30:ba:cc:e1:cf:de:8f:d7:d5:96:bb:
         f8:11:fe:5c:32:c7:2f:d8:12:76:0a:55:6e:f0:83:1d:87:49:
         9a:fb:8b:f9:6e:9d:3c:4d:05:7c:d1:a3:d4:f7:a2:33:c9:da:
         20:a4:f4:4a:5a:2f:85:76:95:6c:28:be:e6:d6:d1:55:5c:94:
         9c:c3:f4:c7:8d:59:ab:c8:d1:c1:b4:e5:5c:da:85:59:60:ba:
         1f:10:a5:f2:81:70:7a:d3:5d:9e:4f:79:cb:0f:b5:d4:2d:81:
         47:27:8f:b6:50:9a:f6:4e:93:3c:15:36:9d:1e:84:cd:b5:5b:
         c8:0f:ac:47:ae:d9:65:90:ea:f1:9a:66:d2:ab:81:ae:23:cb:
         d0:49:78:da:26:92:c6:8b:77:aa:fe:bb:bd:ff:aa:28:6f:16:
         a7:c2:43:24:2c:ea:3d:1f:52:c2:fe:bf:cc:f8:93:ce:58:33:
         83:a0:c8:a6:87:c9:20:d5:85:e5:f0:72:e6:77:54:84:0d:ab:
         82:93:db:9b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICBtgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjY1RTYxMTAvBgNVBAUTKDg4NzgyRjgzMUYzNjlFOTZGOTc5QTI1ODVDRjI3M0M5
MTZDN0I0RkQwHhcNMjUxMDE4MjMzMzI1WhcNMjUxMDI1MjMzMzI1WjAYMRYwFAYD
VQQDEw02OGY0MjNjNi1kZDA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0hN5quNhvGbj/pPMJZ17r1aC6MLfJEhmf195F5o0DIrii0CPs3EiKHs2xqLj
XbixqxQjj5CFrz5GMHKV6pjTirqDakwlrhmOqpLCB8W0jk4BVBck7tet6yhenr9Z
PAIQCUrVPlob4KVL7qmRf9krOEKf0WnralJktqiIkJcZm/hF7SQXhhNQO2TTrGi3
Hr5EcqKBd7iw8VhRKEzW8BuPQAeiEpDW+G5gOWb+fNiVva21kYCTDXzyVN4yfYvz
s6CvhimAlC/W/b2qDcKBFyd1+cSzgSdgigIMRHqwr+EbhZF+jdkCIbP9qP6dqH19
CB46kRfkFUovhSdb220yrUsKMwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNrLn15v
JXADLXCaiyMWRGnFDGUyMB8GA1UdIwQYMBaAFIh4L4MfNp6W+XmiWFzyc8kWx7T9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNjVFNi84N0QxRUQwNjdB
ODcxMUVCOTA4RUJENjNDNEY5QUUwMi9pSGd2Z3g4Mm5wYjVlYUpZWFBKenlSYkh0
UDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2lIZ3ZneDgybnBiNWVhSllYUEp6eVJiSHRQMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
NjVFNi84N0QxRUQwNjdBODcxMUVCOTA4RUJENjNDNEY5QUUwMi9pSGd2Z3g4Mm5w
YjVlYUpZWFBKenlSYkh0UDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAlF7uelY+EeZDL44y6LlXHgE/SnG7PKglXwvUV9AOL687U7zcUxXLz
khZfAcOWOy+NMRqeirvwDXc7C/TKMLrM4c/ej9fVlrv4Ef5cMscv2BJ2ClVu8IMd
h0ma+4v5bp08TQV80aPU96IzydogpPRKWi+FdpVsKL7m1tFVXJScw/THjVmryNHB
tOVc2oVZYLofEKXygXB6012eT3nLD7XULYFHJ4+2UJr2TpM8FTadHoTNtVvID6xH
rtllkOrxmmbSq4GuI8vQSXjaJpLGi3eq/ru9/6oobxanwkMkLOo9H1LC/r/M+JPO
WDODoMimh8kg1YXl8HLmd1SEDauCk9ub
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:42:41 2025 by rpki-client