Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91D1AC7/81A4C4D66E4311EA949D9922C4F9AE02/akXWGoN3DJDQWMdBUx2NnGtnk1o.mft
File:                     akXWGoN3DJDQWMdBUx2NnGtnk1o.mft (raw, json)
Hash identifier:          Lwp7KRnpLn9GedTJUgkCn++5J+hh991p3yUzUFFVK74=
Subject key identifier:   56:4E:79:51:BD:F8:75:A6:DB:27:98:3A:0D:7B:34:30:EF:DD:F7:EA
Authority key identifier: 6A:45:D6:1A:83:77:0C:90:D0:58:C7:41:53:1D:8D:9C:6B:67:93:5A
Certificate issuer:       /CN=A91D1AC7/serialNumber=6A45D61A83770C90D058C741531D8D9C6B67935A
Certificate serial:       0A89
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/akXWGoN3DJDQWMdBUx2NnGtnk1o.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91D1AC7/81A4C4D66E4311EA949D9922C4F9AE02/akXWGoN3DJDQWMdBUx2NnGtnk1o.mft
Manifest number:          0A74
Signing time:             Sat 18 Oct 2025 20:36:12 +0000
Manifest this update:     Sat 18 Oct 2025 20:36:12 +0000
Manifest next update:     Sat 25 Oct 2025 20:36:12 +0000
Files and hashes:         1: akXWGoN3DJDQWMdBUx2NnGtnk1o.crl (hash: gqykZCNwtEbBZl8fcmCGJFqiU1Av+FrI6S40QU2y0V0=)
                          2: 57C25DB2E42811EA881AB667C4F9AE02.roa (hash: E9181+VVT+rwNNkc7uINFuNWW6wPgms9gTqr7A850dY=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91D1AC7/81A4C4D66E4311EA949D9922C4F9AE02/akXWGoN3DJDQWMdBUx2NnGtnk1o.crl
                          rsync://rpki.apnic.net/member_repository/A91D1AC7/81A4C4D66E4311EA949D9922C4F9AE02/akXWGoN3DJDQWMdBUx2NnGtnk1o.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/akXWGoN3DJDQWMdBUx2NnGtnk1o.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 25 Oct 2025 20:36:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2697 (0xa89)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D1AC7, serialNumber=6A45D61A83770C90D058C741531D8D9C6B67935A
        Validity
            Not Before: Oct 18 20:36:12 2025 GMT
            Not After : Oct 25 20:36:12 2025 GMT
        Subject: CN=68f3fa3c-b5d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:72:2a:07:cd:c6:aa:90:c6:80:7f:55:cd:00:
                    df:a0:24:c4:4c:ce:95:cc:ff:4c:ef:26:20:7d:0d:
                    f7:15:31:ed:16:2f:cd:f6:6d:24:bd:c9:7c:de:ff:
                    e4:f6:32:3e:e5:ee:ff:35:ba:be:b6:54:0f:f2:7f:
                    98:b6:e3:c5:53:08:74:80:da:b3:62:b4:bc:84:11:
                    b2:8d:aa:91:1a:29:ab:ec:20:ad:59:5c:a3:ce:67:
                    7d:91:6f:7e:16:aa:11:76:cd:26:58:cd:b4:31:03:
                    65:47:d4:3c:a3:f0:75:78:2c:51:06:af:30:e0:5d:
                    ed:0c:b2:13:0c:f2:4e:48:84:4a:d4:ca:8b:b8:c0:
                    21:6c:6b:0e:a8:25:be:e3:35:19:33:5f:96:a7:1f:
                    34:14:d6:a9:15:7e:63:81:14:27:6e:06:22:8e:03:
                    87:87:7c:fd:74:57:c1:5e:c7:24:b8:e6:60:30:6e:
                    bd:d8:81:e6:81:2f:76:5f:cb:03:86:9c:63:96:fb:
                    80:38:c0:92:82:b9:4b:a5:5a:77:89:75:c1:41:1e:
                    35:17:f5:dd:87:d8:43:22:78:cc:01:47:b5:d7:d7:
                    78:13:57:e0:17:67:3b:a0:13:3e:8b:9c:19:26:15:
                    5d:31:45:1c:60:74:53:22:23:98:9f:d9:86:3d:78:
                    aa:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:4E:79:51:BD:F8:75:A6:DB:27:98:3A:0D:7B:34:30:EF:DD:F7:EA
            X509v3 Authority Key Identifier:
                keyid:6A:45:D6:1A:83:77:0C:90:D0:58:C7:41:53:1D:8D:9C:6B:67:93:5A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91D1AC7/81A4C4D66E4311EA949D9922C4F9AE02/akXWGoN3DJDQWMdBUx2NnGtnk1o.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/akXWGoN3DJDQWMdBUx2NnGtnk1o.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D1AC7/81A4C4D66E4311EA949D9922C4F9AE02/akXWGoN3DJDQWMdBUx2NnGtnk1o.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:bd:18:aa:41:f9:62:61:0c:52:0b:f2:71:5e:a6:03:75:1c:
         cd:72:27:d8:da:ba:46:59:94:1b:a7:50:89:aa:fe:8c:5f:12:
         3f:2d:a7:1e:98:ef:e8:11:7e:f7:4f:80:1f:16:12:82:ee:2d:
         9e:98:16:04:b3:34:cd:e6:a3:e9:53:83:2b:d3:9e:39:0f:29:
         4c:ff:3b:96:4e:83:f3:f2:00:d9:9b:b0:2c:3e:68:43:83:09:
         4f:b7:a3:f3:a3:8e:eb:72:44:cf:79:15:3a:f8:d2:79:fd:a9:
         a8:7c:0c:f3:4f:85:49:12:bc:07:84:18:14:4c:d3:d8:49:9d:
         fa:c2:91:a6:96:c9:f6:7d:10:43:c3:82:b5:8d:78:23:90:c8:
         56:0a:71:c4:38:32:ce:75:b0:f8:b2:75:25:c4:85:f7:a2:a0:
         33:a0:d1:cf:88:d4:11:06:f4:a6:21:a8:8f:d2:4e:d9:2b:54:
         a2:c1:cd:8b:5a:b0:29:fd:34:b8:7c:ad:64:ff:d8:03:45:dd:
         a0:73:d3:45:23:39:a5:b7:53:2d:be:4f:76:3f:07:1b:14:de:
         24:1e:ed:b0:68:94:e5:db:a2:47:e4:b0:30:5c:e7:32:cd:9a:
         19:c0:7e:1e:e2:e1:dc:5b:8f:c8:2e:a1:0e:ca:76:0c:13:16:
         c7:9f:f6:5c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCokwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDFBQzcxMTAvBgNVBAUTKDZBNDVENjFBODM3NzBDOTBEMDU4Qzc0MTUzMUQ4RDlD
NkI2NzkzNUEwHhcNMjUxMDE4MjAzNjEyWhcNMjUxMDI1MjAzNjEyWjAYMRYwFAYD
VQQDEw02OGYzZmEzYy1iNWQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5nIqB83GqpDGgH9VzQDfoCTETM6VzP9M7yYgfQ33FTHtFi/N9m0kvcl83v/k
9jI+5e7/Nbq+tlQP8n+YtuPFUwh0gNqzYrS8hBGyjaqRGimr7CCtWVyjzmd9kW9+
FqoRds0mWM20MQNlR9Q8o/B1eCxRBq8w4F3tDLITDPJOSIRK1MqLuMAhbGsOqCW+
4zUZM1+Wpx80FNapFX5jgRQnbgYijgOHh3z9dFfBXsckuOZgMG692IHmgS92X8sD
hpxjlvuAOMCSgrlLpVp3iXXBQR41F/Xdh9hDInjMAUe119d4E1fgF2c7oBM+i5wZ
JhVdMUUcYHRTIiOYn9mGPXiqgQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFZOeVG9
+HWm2yeYOg17NDDv3ffqMB8GA1UdIwQYMBaAFGpF1hqDdwyQ0FjHQVMdjZxrZ5Na
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMUFDNy84MUE0QzRENjZF
NDMxMUVBOTQ5RDk5MjJDNEY5QUUwMi9ha1hXR29OM0RKRFFXTWRCVXgyTm5HdG5r
MW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FrWFdHb04zREpEUVdNZEJVeDJObkd0bmsxby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
MUFDNy84MUE0QzRENjZFNDMxMUVBOTQ5RDk5MjJDNEY5QUUwMi9ha1hXR29OM0RK
RFFXTWRCVXgyTm5HdG5rMW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAhvRiqQfliYQxSC/JxXqYDdRzNcifY2rpGWZQbp1CJqv6MXxI/Lace
mO/oEX73T4AfFhKC7i2emBYEszTN5qPpU4Mr0545DylM/zuWToPz8gDZm7AsPmhD
gwlPt6Pzo47rckTPeRU6+NJ5/amofAzzT4VJErwHhBgUTNPYSZ36wpGmlsn2fRBD
w4K1jXgjkMhWCnHEODLOdbD4snUlxIX3oqAzoNHPiNQRBvSmIaiP0k7ZK1Siwc2L
WrAp/TS4fK1k/9gDRd2gc9NFIzmlt1Mtvk92PwcbFN4kHu2waJTl26JH5LAwXOcy
zZoZwH4e4uHcW4/ILqEOynYMExbHn/Zc
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:58:59 2025 by rpki-client