Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9A8D/32F1F4C283E911ECB873C871C4F9AE02/gtgYhh3Upw93CNIF5LiehRTKH2w.mft
File:                     gtgYhh3Upw93CNIF5LiehRTKH2w.mft (raw, json)
Hash identifier:          h1aisrPR968+5LDUQ+sF64yGAkJK0SlYB+Px55jxt8U=
Subject key identifier:   46:A6:12:FD:69:7E:FA:46:89:C1:DA:24:7F:58:4D:B8:B9:FB:98:AC
Authority key identifier: 82:D8:18:86:1D:D4:A7:0F:77:08:D2:05:E4:B8:9E:85:14:CA:1F:6C
Certificate issuer:       /CN=A91C9A8D/serialNumber=82D818861DD4A70F7708D205E4B89E8514CA1F6C
Certificate serial:       8B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gtgYhh3Upw93CNIF5LiehRTKH2w.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C9A8D/32F1F4C283E911ECB873C871C4F9AE02/gtgYhh3Upw93CNIF5LiehRTKH2w.mft
Manifest number:          04B1
Signing time:             Sun 19 Oct 2025 02:16:13 +0000
Manifest this update:     Sun 19 Oct 2025 02:16:12 +0000
Manifest next update:     Sun 26 Oct 2025 02:16:12 +0000
Files and hashes:         1: gtgYhh3Upw93CNIF5LiehRTKH2w.crl (hash: WBRnTgpAi0VzbIKtGmQ7ltGftbqyp1gmNPfHS4jOmgg=)
                          2: D2A57AD8DDF111EF969ABC1CC4F9AE02.roa (hash: O1MkwGdKDfVHdsOhHQrlU/aFTqc21EnEwMBW12Asebg=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91C9A8D/32F1F4C283E911ECB873C871C4F9AE02/gtgYhh3Upw93CNIF5LiehRTKH2w.crl
                          rsync://rpki.apnic.net/member_repository/A91C9A8D/32F1F4C283E911ECB873C871C4F9AE02/gtgYhh3Upw93CNIF5LiehRTKH2w.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gtgYhh3Upw93CNIF5LiehRTKH2w.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 26 Oct 2025 02:16:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 139 (0x8b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C9A8D, serialNumber=82D818861DD4A70F7708D205E4B89E8514CA1F6C
        Validity
            Not Before: Oct 19 02:16:12 2025 GMT
            Not After : Oct 26 02:16:12 2025 GMT
        Subject: CN=68f449ec-554d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:32:af:b4:39:ee:e0:8c:d0:5b:b2:02:6c:78:
                    c8:10:e6:39:a4:91:2a:4f:e5:84:cf:30:3e:ea:5c:
                    c8:1c:e3:3b:0e:37:9a:e5:84:1b:f0:44:0c:82:38:
                    1b:f7:f7:9d:d2:c6:58:39:89:2b:80:74:41:db:81:
                    89:4e:bb:7e:76:98:6c:1b:41:dd:6b:83:07:7b:8a:
                    ce:87:5b:12:df:e5:04:af:d8:2a:3a:0e:00:2a:66:
                    82:b3:54:b6:76:96:19:a7:48:ae:4e:c7:83:fa:21:
                    52:fd:ba:d9:a6:bc:b5:32:ad:4b:b3:ce:a4:6f:ce:
                    f6:56:d5:5c:f6:79:0b:39:17:b3:37:14:05:a4:07:
                    45:36:72:61:e2:9c:5c:45:d6:77:ab:f9:a5:31:36:
                    e0:04:44:20:79:3e:21:f4:65:72:fa:75:99:25:6f:
                    39:37:55:12:a4:d6:e3:36:6b:ba:5e:d8:99:bd:27:
                    2b:e4:92:79:e9:9c:8c:6a:17:8f:c3:f6:a4:6b:e6:
                    6c:4a:f7:ed:4b:cd:92:e3:16:9d:a3:98:5a:2a:70:
                    a3:d2:85:06:3a:9d:95:24:bb:33:4c:20:1f:5e:56:
                    2a:15:42:75:d1:1a:bb:8f:07:2c:58:71:08:2b:27:
                    40:0a:8f:32:38:5e:6a:8f:c0:41:d1:de:46:04:bf:
                    c1:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:A6:12:FD:69:7E:FA:46:89:C1:DA:24:7F:58:4D:B8:B9:FB:98:AC
            X509v3 Authority Key Identifier:
                keyid:82:D8:18:86:1D:D4:A7:0F:77:08:D2:05:E4:B8:9E:85:14:CA:1F:6C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C9A8D/32F1F4C283E911ECB873C871C4F9AE02/gtgYhh3Upw93CNIF5LiehRTKH2w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gtgYhh3Upw93CNIF5LiehRTKH2w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9A8D/32F1F4C283E911ECB873C871C4F9AE02/gtgYhh3Upw93CNIF5LiehRTKH2w.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:25:fc:75:4e:37:bc:b5:6b:4c:bf:e9:97:64:0e:56:e9:74:
         3f:3b:77:d6:19:f0:d4:ca:3f:b6:c3:af:6a:68:49:4e:6e:04:
         44:f8:66:1c:23:7c:71:95:38:52:fa:5b:d7:0a:79:2a:d9:b2:
         21:de:0f:b3:c7:0f:8b:7c:b3:b6:23:25:ff:5b:30:3c:69:f1:
         cd:c8:2e:14:29:11:07:f1:4a:fe:30:8b:42:01:67:62:5c:40:
         b4:f8:30:e9:f5:51:f7:36:47:59:d4:c0:77:5a:2d:36:a8:19:
         54:74:5f:c0:2d:03:64:8b:2c:28:10:6f:53:fc:34:75:f6:02:
         95:10:bd:1d:e9:f3:b8:f5:ef:89:1e:16:64:d8:7d:8a:f0:84:
         d7:5a:99:68:a0:6d:af:f2:9d:16:ae:b7:78:8f:76:09:ed:e3:
         fa:0f:a4:64:6e:02:df:28:96:36:a2:a2:ee:ff:ae:6a:c3:e0:
         46:41:77:fe:6f:5b:17:04:05:3e:dc:e6:07:d9:41:21:b4:b6:
         12:f6:38:ae:f6:a3:3d:ae:69:2f:75:40:4e:61:9d:f7:c4:8d:
         83:a0:00:a0:ff:76:77:b0:32:d0:4a:51:53:35:74:bc:b8:b1:
         3e:3e:b9:1b:82:f9:67:c2:f9:2a:09:07:77:e8:00:80:39:e4:
         87:d0:5d:c1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAIswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzlBOEQxMTAvBgNVBAUTKDgyRDgxODg2MURENEE3MEY3NzA4RDIwNUU0Qjg5RTg1
MTRDQTFGNkMwHhcNMjUxMDE5MDIxNjEyWhcNMjUxMDI2MDIxNjEyWjAYMRYwFAYD
VQQDEw02OGY0NDllYy01NTRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2zKvtDnu4IzQW7ICbHjIEOY5pJEqT+WEzzA+6lzIHOM7Djea5YQb8EQMgjgb
9/ed0sZYOYkrgHRB24GJTrt+dphsG0Hda4MHe4rOh1sS3+UEr9gqOg4AKmaCs1S2
dpYZp0iuTseD+iFS/brZpry1Mq1Ls86kb872VtVc9nkLORezNxQFpAdFNnJh4pxc
RdZ3q/mlMTbgBEQgeT4h9GVy+nWZJW85N1USpNbjNmu6XtiZvScr5JJ56ZyMaheP
w/aka+ZsSvftS82S4xado5haKnCj0oUGOp2VJLszTCAfXlYqFUJ10Rq7jwcsWHEI
KydACo8yOF5qj8BB0d5GBL/B/wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEamEv1p
fvpGicHaJH9YTbi5+5isMB8GA1UdIwQYMBaAFILYGIYd1KcPdwjSBeS4noUUyh9s
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOUE4RC8zMkYxRjRDMjgz
RTkxMUVDQjg3M0M4NzFDNEY5QUUwMi9ndGdZaGgzVXB3OTNDTklGNUxpZWhSVEtI
MncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d0Z1loaDNVcHc5M0NOSUY1TGllaFJUS0gydy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
OUE4RC8zMkYxRjRDMjgzRTkxMUVDQjg3M0M4NzFDNEY5QUUwMi9ndGdZaGgzVXB3
OTNDTklGNUxpZWhSVEtIMncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBLJfx1Tje8tWtMv+mXZA5W6XQ/O3fWGfDUyj+2w69qaElObgRE+GYc
I3xxlThS+lvXCnkq2bIh3g+zxw+LfLO2IyX/WzA8afHNyC4UKREH8Ur+MItCAWdi
XEC0+DDp9VH3NkdZ1MB3Wi02qBlUdF/ALQNkiywoEG9T/DR19gKVEL0d6fO49e+J
HhZk2H2K8ITXWplooG2v8p0Wrrd4j3YJ7eP6D6RkbgLfKJY2oqLu/65qw+BGQXf+
b1sXBAU+3OYH2UEhtLYS9jiu9qM9rmkvdUBOYZ33xI2DoACg/3Z3sDLQSlFTNXS8
uLE+PrkbgvlnwvkqCQd36ACAOeSH0F3B
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:11:51 2025 by rpki-client