Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C1A37/6868E028E7F011E28C2805845911EA32/zIQ-FAouPvvguUneDtgDg5BgVB0.mft
File:                     zIQ-FAouPvvguUneDtgDg5BgVB0.mft (raw, json)
Hash identifier:          TB0JBAgv83nBmEydj9Q3C0Ao2pX6MjCkKc/tUjy6ECI=
Subject key identifier:   32:3A:67:0E:85:6B:88:A8:D4:9F:F6:F7:FC:D6:47:1F:E7:3D:13:78
Authority key identifier: CC:84:3E:14:0A:2E:3E:FB:E0:B9:49:DE:0E:D8:03:83:90:60:54:1D
Certificate issuer:       /CN=A91C1A37/serialNumber=CC843E140A2E3EFBE0B949DE0ED803839060541D
Certificate serial:       30F5
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zIQ-FAouPvvguUneDtgDg5BgVB0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C1A37/6868E028E7F011E28C2805845911EA32/zIQ-FAouPvvguUneDtgDg5BgVB0.mft
Manifest number:          30DC
Signing time:             Sat 18 Oct 2025 15:37:09 +0000
Manifest this update:     Sat 18 Oct 2025 15:37:08 +0000
Manifest next update:     Sat 25 Oct 2025 15:37:08 +0000
Files and hashes:         1: zIQ-FAouPvvguUneDtgDg5BgVB0.crl (hash: ZbH/w1iyuti2f/AStDMO6HEbBqkgZdNvdRGBq+HTy1A=)
                          2: C3F53A0654F011E7BE4A6431C4F9AE02.roa (hash: 54WI7bxOwof+H1Cz8+uPiLZ+tzpprbk2GuCnR0w5MUY=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91C1A37/6868E028E7F011E28C2805845911EA32/zIQ-FAouPvvguUneDtgDg5BgVB0.crl
                          rsync://rpki.apnic.net/member_repository/A91C1A37/6868E028E7F011E28C2805845911EA32/zIQ-FAouPvvguUneDtgDg5BgVB0.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zIQ-FAouPvvguUneDtgDg5BgVB0.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 25 Oct 2025 15:37:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12533 (0x30f5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C1A37, serialNumber=CC843E140A2E3EFBE0B949DE0ED803839060541D
        Validity
            Not Before: Oct 18 15:37:08 2025 GMT
            Not After : Oct 25 15:37:08 2025 GMT
        Subject: CN=68f3b424-2445
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:cf:b6:dc:86:ea:5e:41:1a:ef:b9:12:67:e5:
                    71:f3:6d:af:4f:f6:16:e0:2b:74:ef:61:bb:5a:9c:
                    53:5f:d6:25:b4:74:2c:eb:0a:2a:d0:e8:64:d6:a6:
                    10:e8:f7:fe:d5:cb:ed:b7:41:65:8e:0e:74:57:b5:
                    3e:d5:92:82:7d:83:87:4c:ea:91:69:87:bc:d5:0d:
                    83:f8:ef:1d:fd:af:1b:e8:b2:15:d8:91:b9:e5:04:
                    c6:19:8f:64:bc:48:75:7d:58:49:de:ad:c7:9d:75:
                    9d:26:79:6f:7c:b0:8e:4b:ea:c0:2a:76:c6:8b:77:
                    89:d7:b6:67:6d:89:29:62:29:8b:49:09:5b:11:2a:
                    61:58:ba:95:72:fc:b3:a8:e7:df:a2:b8:b9:d7:ed:
                    38:de:6c:4c:e6:2a:f5:8b:ed:76:ab:32:56:74:6c:
                    f7:2a:ad:e4:9b:8f:49:ab:93:82:64:a9:5a:83:c8:
                    ab:85:6f:fc:ad:c6:b9:24:60:c3:c2:b8:68:24:d1:
                    08:6d:4c:6e:e5:ad:7f:de:90:dd:60:b6:d4:c0:90:
                    33:ab:6e:54:50:21:bc:06:75:cc:0a:d8:0f:bd:50:
                    86:ea:91:31:ad:5c:97:fe:de:7a:5c:3f:0a:0b:58:
                    01:b1:2f:1c:08:a9:07:af:48:7e:d3:f6:f7:b0:f6:
                    4c:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:3A:67:0E:85:6B:88:A8:D4:9F:F6:F7:FC:D6:47:1F:E7:3D:13:78
            X509v3 Authority Key Identifier:
                keyid:CC:84:3E:14:0A:2E:3E:FB:E0:B9:49:DE:0E:D8:03:83:90:60:54:1D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C1A37/6868E028E7F011E28C2805845911EA32/zIQ-FAouPvvguUneDtgDg5BgVB0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zIQ-FAouPvvguUneDtgDg5BgVB0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C1A37/6868E028E7F011E28C2805845911EA32/zIQ-FAouPvvguUneDtgDg5BgVB0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:0c:80:40:30:42:af:21:b0:f7:55:f7:8a:e4:58:7c:ee:92:
         36:b1:dd:b9:9e:65:42:9c:6d:97:d7:0e:96:d9:5d:45:7d:e6:
         cc:c7:e2:0f:1d:24:7b:95:0e:48:ef:9e:2f:7a:4c:93:a0:c3:
         c3:2e:4e:57:9e:23:6c:13:3e:e2:5f:eb:54:00:7c:a8:94:3a:
         0b:4f:5d:f0:f0:00:b5:8e:09:41:28:17:52:d7:b7:89:c6:d6:
         ab:38:b3:20:f1:60:cf:bc:db:6f:d5:ef:a8:86:16:3a:e7:1c:
         30:83:8d:12:8e:78:2f:d8:49:d0:b2:c8:c9:08:7c:c4:2b:37:
         d7:32:4e:cf:b5:90:a7:03:bf:2f:20:c5:01:9b:b4:a2:b3:44:
         87:bf:75:30:f6:6b:49:c3:ff:91:f7:82:29:80:ed:ad:31:01:
         7c:df:9e:c2:68:cd:78:a3:67:e7:06:7d:17:27:c4:31:f6:d2:
         bb:65:8f:c6:11:95:5b:6b:9b:55:c4:99:27:56:24:52:21:c8:
         04:39:ef:ea:5c:c0:8f:22:7c:66:ed:e4:95:52:d3:6b:63:7d:
         ef:19:cc:24:17:78:38:2b:75:d8:a6:64:f2:c7:18:4a:57:c8:
         c5:fa:9b:c3:f3:6b:68:28:88:b9:a7:8d:06:81:62:0e:43:ed:
         e2:16:68:de
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICMPUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzFBMzcxMTAvBgNVBAUTKENDODQzRTE0MEEyRTNFRkJFMEI5NDlERTBFRDgwMzgz
OTA2MDU0MUQwHhcNMjUxMDE4MTUzNzA4WhcNMjUxMDI1MTUzNzA4WjAYMRYwFAYD
VQQDEw02OGYzYjQyNC0yNDQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1s+23IbqXkEa77kSZ+Vx822vT/YW4Ct072G7WpxTX9YltHQs6woq0Ohk1qYQ
6Pf+1cvtt0Fljg50V7U+1ZKCfYOHTOqRaYe81Q2D+O8d/a8b6LIV2JG55QTGGY9k
vEh1fVhJ3q3HnXWdJnlvfLCOS+rAKnbGi3eJ17ZnbYkpYimLSQlbESphWLqVcvyz
qOffori51+043mxM5ir1i+12qzJWdGz3Kq3km49Jq5OCZKlag8irhW/8rca5JGDD
wrhoJNEIbUxu5a1/3pDdYLbUwJAzq25UUCG8BnXMCtgPvVCG6pExrVyX/t56XD8K
C1gBsS8cCKkHr0h+0/b3sPZMpQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDI6Zw6F
a4io1J/29/zWRx/nPRN4MB8GA1UdIwQYMBaAFMyEPhQKLj774LlJ3g7YA4OQYFQd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMUEzNy82ODY4RTAyOEU3
RjAxMUUyOEMyODA1ODQ1OTExRUEzMi96SVEtRkFvdVB2dmd1VW5lRHRnRGc1QmdW
QjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3pJUS1GQW91UHZ2Z3VVbmVEdGdEZzVCZ1ZCMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
MUEzNy82ODY4RTAyOEU3RjAxMUUyOEMyODA1ODQ1OTExRUEzMi96SVEtRkFvdVB2
dmd1VW5lRHRnRGc1QmdWQjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAPDIBAMEKvIbD3VfeK5Fh87pI2sd25nmVCnG2X1w6W2V1FfebMx+IP
HSR7lQ5I754vekyToMPDLk5XniNsEz7iX+tUAHyolDoLT13w8AC1jglBKBdS17eJ
xtarOLMg8WDPvNtv1e+ohhY65xwwg40Sjngv2EnQssjJCHzEKzfXMk7PtZCnA78v
IMUBm7Sis0SHv3Uw9mtJw/+R94IpgO2tMQF8357CaM14o2fnBn0XJ8Qx9tK7ZY/G
EZVba5tVxJknViRSIcgEOe/qXMCPInxm7eSVUtNrY33vGcwkF3g4K3XYpmTyxxhK
V8jF+pvD82toKIi5p40GgWIOQ+3iFmje
-----END CERTIFICATE-----
Generated at Mon Oct 20 16:32:21 2025 by rpki-client