Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91BFD4B/AA47893AABD911EB833D4C6AC4F9AE02/a4J2B8F85j5hIUwuZCxaqFHuOE4.mft
File:                     a4J2B8F85j5hIUwuZCxaqFHuOE4.mft (raw, json)
Hash identifier:          /4l70TULQDLNN3UNXDkqILJyFhDvW0sCGA7gp+LBWQg=
Subject key identifier:   E4:39:93:EB:62:AC:59:4E:FC:45:A0:24:4B:3A:91:C6:02:E4:AD:34
Authority key identifier: 6B:82:76:07:C1:7C:E6:3E:61:21:4C:2E:64:2C:5A:A8:51:EE:38:4E
Certificate issuer:       /CN=A91BFD4B/serialNumber=6B827607C17CE63E61214C2E642C5AA851EE384E
Certificate serial:       0645
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a4J2B8F85j5hIUwuZCxaqFHuOE4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91BFD4B/AA47893AABD911EB833D4C6AC4F9AE02/a4J2B8F85j5hIUwuZCxaqFHuOE4.mft
Manifest number:          0641
Signing time:             Sun 19 Oct 2025 00:14:51 +0000
Manifest this update:     Sun 19 Oct 2025 00:14:51 +0000
Manifest next update:     Sun 26 Oct 2025 00:14:51 +0000
Files and hashes:         1: a4J2B8F85j5hIUwuZCxaqFHuOE4.crl (hash: kgxysIAU/ULNADkvXeMn29QEKvUbtG6lyCujdIitN9g=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91BFD4B/AA47893AABD911EB833D4C6AC4F9AE02/a4J2B8F85j5hIUwuZCxaqFHuOE4.crl
                          rsync://rpki.apnic.net/member_repository/A91BFD4B/AA47893AABD911EB833D4C6AC4F9AE02/a4J2B8F85j5hIUwuZCxaqFHuOE4.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a4J2B8F85j5hIUwuZCxaqFHuOE4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 26 Oct 2025 00:14:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1605 (0x645)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91BFD4B, serialNumber=6B827607C17CE63E61214C2E642C5AA851EE384E
        Validity
            Not Before: Oct 19 00:14:51 2025 GMT
            Not After : Oct 26 00:14:51 2025 GMT
        Subject: CN=68f42d7b-a13d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:3f:31:86:21:c1:40:11:eb:91:9f:d6:41:51:
                    79:4d:f8:ca:94:7e:61:35:72:40:76:63:67:12:c5:
                    cd:5b:1f:26:04:9d:44:e9:de:e2:80:fc:70:54:47:
                    e1:f4:4c:e3:80:3f:ae:af:8a:ca:bd:f3:2c:d7:cb:
                    c1:07:50:77:6f:fd:d0:4d:30:71:83:5d:50:3f:29:
                    d6:7a:ab:99:9f:3f:6b:0b:af:a3:f5:01:3a:b7:ca:
                    a1:e0:22:5f:15:0b:ea:19:2d:81:fe:d2:a4:ff:40:
                    0e:57:c0:d1:8b:e0:f5:dc:6b:a3:72:5a:d7:a0:b3:
                    f0:15:8b:00:70:4d:83:93:c6:24:89:03:06:87:ee:
                    08:8a:db:8e:7d:a8:15:5a:50:c7:ae:9a:92:67:84:
                    1a:e0:24:18:74:5c:f9:07:05:90:7f:b1:ad:06:e7:
                    16:28:44:7a:1f:3b:ba:91:ef:ce:6b:0d:fc:c2:a4:
                    53:67:c1:de:ab:77:f1:7b:f4:ba:ea:cb:68:4d:b4:
                    13:d0:57:d5:ff:37:49:b3:eb:e1:39:8e:4a:1e:dd:
                    2a:11:45:34:a3:68:15:30:54:25:a2:4f:d6:16:f6:
                    b9:ab:fa:7e:4f:13:43:5d:2b:9f:3c:12:3b:fc:d3:
                    06:1a:79:56:db:4d:c0:de:45:c0:12:9a:9b:83:19:
                    80:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:39:93:EB:62:AC:59:4E:FC:45:A0:24:4B:3A:91:C6:02:E4:AD:34
            X509v3 Authority Key Identifier:
                keyid:6B:82:76:07:C1:7C:E6:3E:61:21:4C:2E:64:2C:5A:A8:51:EE:38:4E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91BFD4B/AA47893AABD911EB833D4C6AC4F9AE02/a4J2B8F85j5hIUwuZCxaqFHuOE4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a4J2B8F85j5hIUwuZCxaqFHuOE4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BFD4B/AA47893AABD911EB833D4C6AC4F9AE02/a4J2B8F85j5hIUwuZCxaqFHuOE4.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         d6:ec:6c:d8:7c:9a:31:c7:22:25:dc:14:69:4e:f9:ed:07:d5:
         fc:cd:65:ae:78:aa:d6:d5:4f:18:dc:6b:50:97:6e:af:ab:b8:
         74:29:b2:8d:9d:f8:b4:69:34:d4:34:3c:9d:ed:9f:5f:c1:c6:
         fc:69:51:eb:dc:26:b9:dc:3b:08:4f:66:21:2f:4f:1a:0d:38:
         02:55:68:cc:78:1c:81:9f:e0:09:11:e9:75:62:c4:70:17:31:
         80:52:e6:b2:d6:6b:e8:33:36:f6:4f:4d:00:fe:33:36:8c:b0:
         a8:99:54:54:b8:19:80:2f:f5:85:f0:eb:9e:92:d8:80:8d:4c:
         8d:17:81:8c:b3:78:d8:29:6a:a6:8a:84:18:4a:85:00:47:c4:
         64:45:e8:a5:73:f2:82:22:a1:34:1c:6c:1d:fb:e7:8d:46:9d:
         71:82:b5:8f:db:07:7b:2a:5d:8c:a2:22:2d:b1:16:d2:a1:1a:
         3c:32:03:09:f2:dd:e0:eb:e4:66:11:bd:ab:61:97:c9:9d:65:
         6c:90:9c:8f:29:9c:47:d0:e4:2a:67:df:83:39:bb:7c:88:2f:
         bd:20:00:72:d4:ef:e4:2f:47:c7:2d:74:46:6d:1a:2b:86:51:
         a9:66:93:37:10:6c:8a:9c:50:44:a1:04:a1:0a:66:c4:4c:71:
         a1:8b:e9:5c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICBkUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkZENEIxMTAvBgNVBAUTKDZCODI3NjA3QzE3Q0U2M0U2MTIxNEMyRTY0MkM1QUE4
NTFFRTM4NEUwHhcNMjUxMDE5MDAxNDUxWhcNMjUxMDI2MDAxNDUxWjAYMRYwFAYD
VQQDEw02OGY0MmQ3Yi1hMTNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsz8xhiHBQBHrkZ/WQVF5TfjKlH5hNXJAdmNnEsXNWx8mBJ1E6d7igPxwVEfh
9EzjgD+ur4rKvfMs18vBB1B3b/3QTTBxg11QPynWequZnz9rC6+j9QE6t8qh4CJf
FQvqGS2B/tKk/0AOV8DRi+D13GujclrXoLPwFYsAcE2Dk8YkiQMGh+4IituOfagV
WlDHrpqSZ4Qa4CQYdFz5BwWQf7GtBucWKER6Hzu6ke/Oaw38wqRTZ8Heq3fxe/S6
6stoTbQT0FfV/zdJs+vhOY5KHt0qEUU0o2gVMFQlok/WFva5q/p+TxNDXSufPBI7
/NMGGnlW203A3kXAEpqbgxmAZQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOQ5k+ti
rFlO/EWgJEs6kcYC5K00MB8GA1UdIwQYMBaAFGuCdgfBfOY+YSFMLmQsWqhR7jhO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRkQ0Qi9BQTQ3ODkzQUFC
RDkxMUVCODMzRDRDNkFDNEY5QUUwMi9hNEoyQjhGODVqNWhJVXd1WkN4YXFGSHVP
RTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2E0SjJCOEY4NWo1aElVd3VaQ3hhcUZIdU9FNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
RkQ0Qi9BQTQ3ODkzQUFCRDkxMUVCODMzRDRDNkFDNEY5QUUwMi9hNEoyQjhGODVq
NWhJVXd1WkN4YXFGSHVPRTQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQDW7GzYfJoxxyIl3BRpTvntB9X8zWWueKrW1U8Y3GtQl26vq7h0KbKN
nfi0aTTUNDyd7Z9fwcb8aVHr3Ca53DsIT2YhL08aDTgCVWjMeByBn+AJEel1YsRw
FzGAUuay1mvoMzb2T00A/jM2jLComVRUuBmAL/WF8OuektiAjUyNF4GMs3jYKWqm
ioQYSoUAR8RkReilc/KCIqE0HGwd++eNRp1xgrWP2wd7Kl2MoiItsRbSoRo8MgMJ
8t3g6+RmEb2rYZfJnWVskJyPKZxH0OQqZ9+DObt8iC+9IABy1O/kL0fHLXRGbRor
hlGpZpM3EGyKnFBEoQShCmbETHGhi+lc
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:13:49 2025 by rpki-client