Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6B27/82BF2BF4305411EAAFC9116EC4F9AE02/nssirN4JZ6BYN-WPxzHTV-N2N_g.mft
File:                     nssirN4JZ6BYN-WPxzHTV-N2N_g.mft (raw, json)
Hash identifier:          pGCHHSg+ZMfd4JAbRRlrHI47PJJZ+9H3AEOL5wNZdTE=
Subject key identifier:   98:A2:6E:FB:F1:BB:73:AE:97:52:9F:08:78:91:D5:B2:51:E3:B6:35
Authority key identifier: 9E:CB:22:AC:DE:09:67:A0:58:37:E5:8F:C7:31:D3:57:E3:76:37:F8
Certificate issuer:       /CN=A91C6B27/serialNumber=9ECB22ACDE0967A05837E58FC731D357E37637F8
Certificate serial:       0BC1
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nssirN4JZ6BYN-WPxzHTV-N2N_g.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C6B27/82BF2BF4305411EAAFC9116EC4F9AE02/nssirN4JZ6BYN-WPxzHTV-N2N_g.mft
Manifest number:          0BAC
Signing time:             Sat 18 Oct 2025 19:47:27 +0000
Manifest this update:     Sat 18 Oct 2025 19:47:26 +0000
Manifest next update:     Sat 25 Oct 2025 19:47:26 +0000
Files and hashes:         1: nssirN4JZ6BYN-WPxzHTV-N2N_g.crl (hash: y1Njx6Fkk3jcdZHCmNo7bLy8dmnVZUaK/HZPAF5uZBk=)
                          2: 2B1D3BB2305811EA8D5B6479C4F9AE02.roa (hash: SccF8HRtnWqPr6dbqcwFHPaBm6ma5y4QuMfEodFq0x8=)
                          3: E4BB99E2336E11EA94623E18C4F9AE02.roa (hash: qucjAVGWpouOPQ3WeFCClp/39PYcY3aBfMI0Mahgzo8=)
                          4: E5675F48336E11EA94623E18C4F9AE02.roa (hash: SLgBz/egPkek4QY9s+goKoqiOELjoV2wU84pCw7L2Bw=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91C6B27/82BF2BF4305411EAAFC9116EC4F9AE02/nssirN4JZ6BYN-WPxzHTV-N2N_g.crl
                          rsync://rpki.apnic.net/member_repository/A91C6B27/82BF2BF4305411EAAFC9116EC4F9AE02/nssirN4JZ6BYN-WPxzHTV-N2N_g.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nssirN4JZ6BYN-WPxzHTV-N2N_g.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 25 Oct 2025 19:47:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3009 (0xbc1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C6B27, serialNumber=9ECB22ACDE0967A05837E58FC731D357E37637F8
        Validity
            Not Before: Oct 18 19:47:26 2025 GMT
            Not After : Oct 25 19:47:26 2025 GMT
        Subject: CN=68f3eece-9235
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:58:06:19:ff:b5:9b:6d:c5:98:e7:87:fd:2e:
                    08:d8:92:b6:2d:70:10:51:09:63:4c:f8:86:b0:53:
                    ff:d9:67:dc:f3:d2:95:d9:37:d1:1c:a0:23:63:81:
                    89:cc:62:6d:6d:b1:f4:cb:81:ab:b3:62:52:bb:ce:
                    c5:ee:5c:b1:09:70:df:8a:ed:f4:2e:68:60:8d:8a:
                    a3:dd:2d:70:96:26:6f:cf:5e:a3:53:bf:d7:49:a2:
                    e0:c6:6f:d4:de:57:f2:f7:75:ae:0f:19:6d:44:24:
                    6c:ae:52:72:19:12:fb:96:63:81:b2:9a:38:13:82:
                    40:58:c6:63:c3:d6:b5:73:57:74:8e:d1:8f:1d:fb:
                    31:13:da:3a:76:4e:c4:a5:ee:f0:5e:22:8a:d2:3f:
                    b7:fd:51:35:47:6b:29:21:4e:89:f5:c7:86:e6:6b:
                    eb:48:41:67:4c:01:0e:0d:6b:73:9a:f4:89:05:00:
                    4c:03:33:77:ca:10:5c:6c:0f:09:b4:78:eb:9b:8d:
                    f6:8c:a7:18:4c:29:5a:6a:2e:fe:ba:e5:5f:18:c9:
                    95:df:74:ca:db:6f:07:a0:37:50:80:63:d4:39:af:
                    e4:9b:58:c0:7f:58:bf:e0:9f:e3:eb:b2:1f:da:80:
                    bc:af:6c:53:fb:c3:7f:be:f0:a7:f9:90:20:56:4e:
                    08:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:A2:6E:FB:F1:BB:73:AE:97:52:9F:08:78:91:D5:B2:51:E3:B6:35
            X509v3 Authority Key Identifier:
                keyid:9E:CB:22:AC:DE:09:67:A0:58:37:E5:8F:C7:31:D3:57:E3:76:37:F8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C6B27/82BF2BF4305411EAAFC9116EC4F9AE02/nssirN4JZ6BYN-WPxzHTV-N2N_g.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nssirN4JZ6BYN-WPxzHTV-N2N_g.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6B27/82BF2BF4305411EAAFC9116EC4F9AE02/nssirN4JZ6BYN-WPxzHTV-N2N_g.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:3d:ce:6f:cb:cf:c1:f7:78:c3:4a:b7:97:e3:94:d6:8a:16:
         6b:fd:36:18:e1:e3:36:25:d0:cd:61:39:c7:fd:48:22:9c:cb:
         da:e6:de:0f:1d:42:bf:3a:9e:e2:69:4c:c4:37:aa:0e:d8:0c:
         10:69:06:eb:0a:0c:ee:64:84:bc:42:71:3f:35:7d:1b:7f:37:
         f6:37:61:96:fc:be:bc:4e:f1:46:73:7c:fd:1e:72:0e:05:f3:
         e6:33:d5:54:78:87:7b:6e:46:18:8c:20:99:33:68:90:43:2e:
         f6:1a:96:60:02:06:77:33:74:d3:d4:19:71:6c:51:6c:f3:17:
         fc:f5:10:a6:cb:f6:d8:db:68:b9:e4:9b:18:c0:51:c3:6b:55:
         8d:5a:40:f5:76:81:c7:4c:95:0f:4e:d3:9e:ef:f2:f6:da:e2:
         38:16:b6:57:e7:9a:d9:db:6e:a2:16:7f:0d:18:cc:29:02:ca:
         ad:20:ca:a7:b8:18:f5:f1:be:eb:93:6a:8b:67:52:d4:0b:b6:
         b8:ef:94:58:cb:b6:2c:bd:2c:60:c1:1b:35:23:d0:6c:b3:5f:
         7c:57:19:7f:2d:37:d3:27:a9:fd:bf:3f:e0:ce:41:26:ba:c4:
         d8:0f:d8:27:53:a9:b1:f0:a4:0c:1b:ee:2f:a9:0c:3d:35:36:
         54:93:30:ac
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICC8EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzZCMjcxMTAvBgNVBAUTKDlFQ0IyMkFDREUwOTY3QTA1ODM3RTU4RkM3MzFEMzU3
RTM3NjM3RjgwHhcNMjUxMDE4MTk0NzI2WhcNMjUxMDI1MTk0NzI2WjAYMRYwFAYD
VQQDEw02OGYzZWVjZS05MjM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAo1gGGf+1m23FmOeH/S4I2JK2LXAQUQljTPiGsFP/2Wfc89KV2TfRHKAjY4GJ
zGJtbbH0y4Grs2JSu87F7lyxCXDfiu30LmhgjYqj3S1wliZvz16jU7/XSaLgxm/U
3lfy93WuDxltRCRsrlJyGRL7lmOBspo4E4JAWMZjw9a1c1d0jtGPHfsxE9o6dk7E
pe7wXiKK0j+3/VE1R2spIU6J9ceG5mvrSEFnTAEODWtzmvSJBQBMAzN3yhBcbA8J
tHjrm432jKcYTClaai7+uuVfGMmV33TK228HoDdQgGPUOa/km1jAf1i/4J/j67If
2oC8r2xT+8N/vvCn+ZAgVk4IiwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJiibvvx
u3Oul1KfCHiR1bJR47Y1MB8GA1UdIwQYMBaAFJ7LIqzeCWegWDflj8cx01fjdjf4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNkIyNy84MkJGMkJGNDMw
NTQxMUVBQUZDOTExNkVDNEY5QUUwMi9uc3Npck40Slo2QllOLVdQeHpIVFYtTjJO
X2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25zc2lyTjRKWjZCWU4tV1B4ekhUVi1OMk5fZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
NkIyNy84MkJGMkJGNDMwNTQxMUVBQUZDOTExNkVDNEY5QUUwMi9uc3Npck40Slo2
QllOLVdQeHpIVFYtTjJOX2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAdPc5vy8/B93jDSreX45TWihZr/TYY4eM2JdDNYTnH/UginMva5t4P
HUK/Op7iaUzEN6oO2AwQaQbrCgzuZIS8QnE/NX0bfzf2N2GW/L68TvFGc3z9HnIO
BfPmM9VUeId7bkYYjCCZM2iQQy72GpZgAgZ3M3TT1BlxbFFs8xf89RCmy/bY22i5
5JsYwFHDa1WNWkD1doHHTJUPTtOe7/L22uI4FrZX55rZ226iFn8NGMwpAsqtIMqn
uBj18b7rk2qLZ1LUC7a475RYy7YsvSxgwRs1I9Bss198Vxl/LTfTJ6n9vz/gzkEm
usTYD9gnU6mx8KQMG+4vqQw9NTZUkzCs
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:45:14 2025 by rpki-client