Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91CC711/C7D1B0541EE311EF90D21234C4F9AE02/5CnUKeZreXs9ihy-JJFXetw4pI4.mft
File:                     5CnUKeZreXs9ihy-JJFXetw4pI4.mft (raw, json)
Hash identifier:          Ep8IbJU8sXS70Rx0a0PfTsI6F4HZIygoZim1i5zfvlc=
Subject key identifier:   BF:E2:78:C3:84:89:35:F5:0D:75:56:52:DC:19:CE:6C:D2:E0:25:DB
Authority key identifier: E4:29:D4:29:E6:6B:79:7B:3D:8A:1C:BE:24:91:57:7A:DC:38:A4:8E
Certificate issuer:       /CN=A91CC711/serialNumber=E429D429E66B797B3D8A1CBE2491577ADC38A48E
Certificate serial:       0149
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5CnUKeZreXs9ihy-JJFXetw4pI4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91CC711/C7D1B0541EE311EF90D21234C4F9AE02/5CnUKeZreXs9ihy-JJFXetw4pI4.mft
Manifest number:          0129
Signing time:             Sun 19 Oct 2025 07:56:53 +0000
Manifest this update:     Sun 19 Oct 2025 07:56:53 +0000
Manifest next update:     Sun 26 Oct 2025 07:56:53 +0000
Files and hashes:         1: 5CnUKeZreXs9ihy-JJFXetw4pI4.crl (hash: DC4HEP/dFzQ8Ykn5PhykkWXkoDliSDJuoZZFcc2AzkI=)
                          2: 06FA65A81F2711EF98DA2926C4F9AE02.roa (hash: oS4PRK+VFwkVhFqqmzFtlUlVZ/0tESve4AVvdpaS7tg=)
                          3: 25ED44B41EE411EFA62B1335C4F9AE02.roa (hash: zb91MkoqcDkuzuZwD7VYBRLCNDf9oSeL0ikN94ozVn8=)
                          4: A7FC5DEE8D0411EFBD7A0057C4F9AE02.roa (hash: TGsIq74Qma+U6c7Ey8qeEz04VjG5STVU5SpvAS46Q6U=)
                          5: 359CBDB28D0D11EF90882959C4F9AE02.roa (hash: qdwbcsIyL1f3wI2tO7dwB6BR0n7SfSV/G7xRpNDHqtU=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91CC711/C7D1B0541EE311EF90D21234C4F9AE02/5CnUKeZreXs9ihy-JJFXetw4pI4.crl
                          rsync://rpki.apnic.net/member_repository/A91CC711/C7D1B0541EE311EF90D21234C4F9AE02/5CnUKeZreXs9ihy-JJFXetw4pI4.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5CnUKeZreXs9ihy-JJFXetw4pI4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 26 Oct 2025 07:56:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 329 (0x149)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91CC711, serialNumber=E429D429E66B797B3D8A1CBE2491577ADC38A48E
        Validity
            Not Before: Oct 19 07:56:53 2025 GMT
            Not After : Oct 26 07:56:53 2025 GMT
        Subject: CN=68f499c5-8f8b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:90:24:e9:dc:71:7d:43:67:76:ec:31:da:9e:
                    ca:d2:27:57:da:d2:f7:7a:f6:54:80:74:10:62:93:
                    f2:de:28:56:c7:71:97:91:87:05:53:3a:80:1f:8f:
                    f1:39:16:df:74:b5:16:13:2a:6f:76:a4:76:86:08:
                    e0:50:c3:be:b9:91:ea:67:a1:1f:d8:d2:b1:0b:5e:
                    98:83:f9:d7:2a:95:86:f0:1e:8d:c6:66:ad:c6:6a:
                    47:37:3b:65:3b:da:34:7f:31:2c:49:5b:f0:ef:d0:
                    5c:5b:28:9c:fa:c7:75:76:72:f3:27:6c:9e:1f:81:
                    c7:12:5e:5b:63:02:4f:f5:1a:46:01:15:9b:a2:67:
                    5b:40:d1:f0:3f:dc:6d:90:3c:af:05:f8:1c:56:06:
                    38:81:30:25:64:ed:ee:6e:38:74:ec:10:92:4a:f6:
                    11:0b:58:91:6a:08:94:65:db:e7:69:dd:d2:0a:04:
                    f2:dc:83:6a:ae:fd:41:5f:30:9d:98:d1:52:43:95:
                    76:50:20:5c:2e:f0:bd:aa:79:dd:1e:37:b4:46:fb:
                    bb:52:36:cb:d4:73:3e:c6:a9:52:56:10:db:04:11:
                    4b:2a:03:58:2e:c7:36:8e:d7:9a:37:bb:27:ed:d6:
                    aa:b1:71:ad:19:66:06:56:27:37:22:e6:0a:82:d3:
                    b1:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:E2:78:C3:84:89:35:F5:0D:75:56:52:DC:19:CE:6C:D2:E0:25:DB
            X509v3 Authority Key Identifier:
                keyid:E4:29:D4:29:E6:6B:79:7B:3D:8A:1C:BE:24:91:57:7A:DC:38:A4:8E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91CC711/C7D1B0541EE311EF90D21234C4F9AE02/5CnUKeZreXs9ihy-JJFXetw4pI4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5CnUKeZreXs9ihy-JJFXetw4pI4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CC711/C7D1B0541EE311EF90D21234C4F9AE02/5CnUKeZreXs9ihy-JJFXetw4pI4.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:a5:6d:3f:d3:ee:d7:54:eb:8d:3f:6d:04:01:89:72:99:ad:
         fd:00:83:c6:41:34:79:a9:ba:fe:82:cc:61:90:62:b1:11:78:
         33:2f:85:14:d4:64:95:05:cc:6e:48:5f:e8:a5:41:7d:08:5e:
         16:c9:49:63:70:49:a7:d0:9c:d4:0c:d9:58:64:a5:e9:7f:67:
         b0:56:33:44:48:cc:cb:b3:ef:e0:13:e8:e0:99:20:f2:92:24:
         46:86:76:ba:41:cc:21:3b:9d:76:44:17:c6:2b:85:c0:a2:d2:
         8d:34:a3:b5:ff:cf:32:e6:ac:33:bf:19:b6:f5:fb:9e:c5:c6:
         d3:07:4e:27:3c:11:d8:77:9c:89:21:6a:d5:17:dd:32:1e:d7:
         70:bb:78:65:83:47:de:e1:47:fa:20:dd:da:e8:51:a2:25:50:
         9c:f9:bc:ea:23:80:b5:0e:58:ba:73:4c:e0:d3:84:32:ec:76:
         be:da:f1:18:44:4c:d6:5d:90:ac:16:46:6f:67:5b:45:11:82:
         a6:a4:2a:28:a3:73:eb:b4:7f:ff:5b:7c:f3:fd:ac:9e:69:9a:
         f6:9f:93:3c:db:33:e6:04:7d:87:ac:5d:49:ea:d0:2d:5a:cf:
         32:30:fa:53:71:e0:cf:1e:f7:28:e9:2d:55:e7:b4:bc:99:8a:
         67:80:94:e2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAUkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0M3MTExMTAvBgNVBAUTKEU0MjlENDI5RTY2Qjc5N0IzRDhBMUNCRTI0OTE1NzdB
REMzOEE0OEUwHhcNMjUxMDE5MDc1NjUzWhcNMjUxMDI2MDc1NjUzWjAYMRYwFAYD
VQQDEw02OGY0OTljNS04ZjhiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2JAk6dxxfUNnduwx2p7K0idX2tL3evZUgHQQYpPy3ihWx3GXkYcFUzqAH4/x
ORbfdLUWEypvdqR2hgjgUMO+uZHqZ6Ef2NKxC16Yg/nXKpWG8B6NxmatxmpHNztl
O9o0fzEsSVvw79BcWyic+sd1dnLzJ2yeH4HHEl5bYwJP9RpGARWbomdbQNHwP9xt
kDyvBfgcVgY4gTAlZO3ubjh07BCSSvYRC1iRagiUZdvnad3SCgTy3INqrv1BXzCd
mNFSQ5V2UCBcLvC9qnndHje0Rvu7UjbL1HM+xqlSVhDbBBFLKgNYLsc2jteaN7sn
7daqsXGtGWYGVic3IuYKgtOxhwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL/ieMOE
iTX1DXVWUtwZzmzS4CXbMB8GA1UdIwQYMBaAFOQp1Cnma3l7PYocviSRV3rcOKSO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQzcxMS9DN0QxQjA1NDFF
RTMxMUVGOTBEMjEyMzRDNEY5QUUwMi81Q25VS2VacmVYczlpaHktSkpGWGV0dzRw
STQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVDblVLZVpyZVhzOWloeS1KSkZYZXR3NHBJNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
QzcxMS9DN0QxQjA1NDFFRTMxMUVGOTBEMjEyMzRDNEY5QUUwMi81Q25VS2VacmVY
czlpaHktSkpGWGV0dzRwSTQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAzpW0/0+7XVOuNP20EAYlyma39AIPGQTR5qbr+gsxhkGKxEXgzL4UU
1GSVBcxuSF/opUF9CF4WyUljcEmn0JzUDNlYZKXpf2ewVjNESMzLs+/gE+jgmSDy
kiRGhna6QcwhO512RBfGK4XAotKNNKO1/88y5qwzvxm29fuexcbTB04nPBHYd5yJ
IWrVF90yHtdwu3hlg0fe4Uf6IN3a6FGiJVCc+bzqI4C1Dli6c0zg04Qy7Ha+2vEY
REzWXZCsFkZvZ1tFEYKmpCooo3PrtH//W3zz/ayeaZr2n5M82zPmBH2HrF1J6tAt
Ws8yMPpTceDPHvco6S1V57S8mYpngJTi
-----END CERTIFICATE-----
Generated at Mon Oct 20 19:45:41 2025 by rpki-client