Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91D83D0/03116312AFBC11EAA961CB86C4F9AE02/HLS_2cCnMryPSmDIaUyR-DTKvBM.mft
File:                     HLS_2cCnMryPSmDIaUyR-DTKvBM.mft (raw, json)
Hash identifier:          eLw1LnvmrZnmJLgSN3k3aHVRQmnRwCIQBFq6v2e/f7E=
Subject key identifier:   6D:86:02:1A:8C:A4:D9:FE:03:31:89:63:A4:B5:70:72:8D:A0:E3:00
Authority key identifier: 1C:B4:BF:D9:C0:A7:32:BC:8F:4A:60:C8:69:4C:91:F8:34:CA:BC:13
Certificate issuer:       /CN=A91D83D0/serialNumber=1CB4BFD9C0A732BC8F4A60C8694C91F834CABC13
Certificate serial:       092B
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HLS_2cCnMryPSmDIaUyR-DTKvBM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91D83D0/03116312AFBC11EAA961CB86C4F9AE02/HLS_2cCnMryPSmDIaUyR-DTKvBM.mft
Manifest number:          0924
Signing time:             Mon 20 Oct 2025 21:07:21 +0000
Manifest this update:     Mon 20 Oct 2025 21:07:20 +0000
Manifest next update:     Mon 27 Oct 2025 21:07:20 +0000
Files and hashes:         1: HLS_2cCnMryPSmDIaUyR-DTKvBM.crl (hash: Se6Xtog42Q7LfQ7JxQGQbtMGiAmjny+AtxRftDtWCh0=)
                          2: 3C52563E781F11EE9787607FC4F9AE02.roa (hash: iGx2/OJLyjhg1Fasnl64EO8+YlI70PVJOH1c6PHse0Y=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91D83D0/03116312AFBC11EAA961CB86C4F9AE02/HLS_2cCnMryPSmDIaUyR-DTKvBM.crl
                          rsync://rpki.apnic.net/member_repository/A91D83D0/03116312AFBC11EAA961CB86C4F9AE02/HLS_2cCnMryPSmDIaUyR-DTKvBM.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HLS_2cCnMryPSmDIaUyR-DTKvBM.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 27 Oct 2025 19:55:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2347 (0x92b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D83D0, serialNumber=1CB4BFD9C0A732BC8F4A60C8694C91F834CABC13
        Validity
            Not Before: Oct 20 21:07:20 2025 GMT
            Not After : Oct 27 21:07:20 2025 GMT
        Subject: CN=68f6a489-ef12
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:4a:d1:ca:45:55:64:79:ff:1f:0a:1d:2d:9e:
                    1b:9a:3e:b8:93:ac:0d:a7:de:19:01:9b:ad:a4:c5:
                    2d:4d:6e:99:2e:48:6f:a4:2a:b3:a8:ce:fa:c5:21:
                    e0:a7:7c:49:ba:b6:5e:ab:1f:b1:7b:7d:6b:ec:03:
                    83:d3:96:99:d5:c5:a1:a3:f3:9d:5b:5a:b7:50:74:
                    d9:68:df:a5:ca:0f:1c:ed:e6:4d:3b:15:10:1e:16:
                    1f:14:f5:0c:c5:bd:0b:c6:5a:00:81:d3:ef:d1:a0:
                    a6:82:f5:cf:2e:cb:70:3c:70:be:d9:20:f4:2a:06:
                    ad:35:67:7e:00:4a:a0:85:c3:87:d6:06:1f:55:3a:
                    3e:05:f8:98:8e:c5:0c:6e:38:c8:14:72:ea:0e:da:
                    33:14:98:ee:cf:d5:aa:3a:7d:71:8d:77:c9:e5:03:
                    dc:b3:0b:43:be:96:64:43:87:9b:e7:dc:7c:af:b2:
                    99:e4:e0:f5:6f:2f:10:e3:35:a4:ae:8a:a7:f4:b1:
                    6f:05:90:9e:68:be:76:b1:c4:e0:88:5c:ef:9e:3e:
                    90:59:ce:82:43:f5:14:12:fb:0b:d8:4a:ca:3d:bf:
                    fd:2a:f6:de:1c:04:f8:c9:ec:25:41:16:da:4d:52:
                    46:53:5f:9a:77:3e:ec:36:c2:d6:26:58:91:01:af:
                    99:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:86:02:1A:8C:A4:D9:FE:03:31:89:63:A4:B5:70:72:8D:A0:E3:00
            X509v3 Authority Key Identifier:
                keyid:1C:B4:BF:D9:C0:A7:32:BC:8F:4A:60:C8:69:4C:91:F8:34:CA:BC:13

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91D83D0/03116312AFBC11EAA961CB86C4F9AE02/HLS_2cCnMryPSmDIaUyR-DTKvBM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HLS_2cCnMryPSmDIaUyR-DTKvBM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D83D0/03116312AFBC11EAA961CB86C4F9AE02/HLS_2cCnMryPSmDIaUyR-DTKvBM.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         cf:08:b1:20:44:74:90:39:1a:ee:19:ff:77:ca:e3:50:7f:ca:
         a0:4c:78:2f:03:28:6e:36:6d:67:cb:ca:e2:18:ca:1f:11:48:
         d3:44:bd:34:d4:09:1b:2b:8d:60:26:2e:94:c4:b5:78:48:a1:
         8c:3c:db:99:92:1e:6a:6b:e8:7a:c3:a4:f9:04:c3:81:1c:1e:
         fd:9e:b7:83:bd:94:7c:8b:b3:68:60:ba:4e:80:bf:ef:80:f2:
         49:e8:7c:ba:0d:bb:84:0f:1e:3c:b2:cf:96:08:35:9c:59:06:
         f2:c3:cd:54:8a:ae:fc:54:16:10:ef:3a:d8:df:00:68:8e:43:
         de:53:a3:04:5d:fb:b7:d8:b6:e6:b1:20:9b:07:57:21:41:70:
         60:ed:c0:8d:29:67:1d:37:6f:cd:20:3f:4c:25:9d:04:51:9e:
         34:af:ab:ac:c6:59:34:40:b9:ba:53:8a:d8:36:a0:ba:60:6c:
         b1:58:a3:1a:bd:16:03:11:bc:2f:de:75:e8:53:88:1a:d5:1a:
         48:55:ad:51:6d:75:08:45:3e:ff:b4:96:6c:19:e7:55:72:bf:
         97:aa:bd:93:46:10:84:39:9b:55:2f:4a:f2:e2:0e:fa:39:c1:
         c7:22:25:f2:c8:78:f0:02:4d:4a:c9:4b:3c:e9:b8:28:88:ff:
         4b:95:bf:83
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCSswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDgzRDAxMTAvBgNVBAUTKDFDQjRCRkQ5QzBBNzMyQkM4RjRBNjBDODY5NEM5MUY4
MzRDQUJDMTMwHhcNMjUxMDIwMjEwNzIwWhcNMjUxMDI3MjEwNzIwWjAYMRYwFAYD
VQQDEw02OGY2YTQ4OS1lZjEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1krRykVVZHn/HwodLZ4bmj64k6wNp94ZAZutpMUtTW6ZLkhvpCqzqM76xSHg
p3xJurZeqx+xe31r7AOD05aZ1cWho/OdW1q3UHTZaN+lyg8c7eZNOxUQHhYfFPUM
xb0LxloAgdPv0aCmgvXPLstwPHC+2SD0KgatNWd+AEqghcOH1gYfVTo+BfiYjsUM
bjjIFHLqDtozFJjuz9WqOn1xjXfJ5QPcswtDvpZkQ4eb59x8r7KZ5OD1by8Q4zWk
roqn9LFvBZCeaL52scTgiFzvnj6QWc6CQ/UUEvsL2ErKPb/9KvbeHAT4yewlQRba
TVJGU1+adz7sNsLWJliRAa+ZWwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFG2GAhqM
pNn+AzGJY6S1cHKNoOMAMB8GA1UdIwQYMBaAFBy0v9nApzK8j0pgyGlMkfg0yrwT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEODNEMC8wMzExNjMxMkFG
QkMxMUVBQTk2MUNCODZDNEY5QUUwMi9ITFNfMmNDbk1yeVBTbURJYVV5Ui1EVEt2
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0hMU18yY0NuTXJ5UFNtRElhVXlSLURUS3ZCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
ODNEMC8wMzExNjMxMkFGQkMxMUVBQTk2MUNCODZDNEY5QUUwMi9ITFNfMmNDbk1y
eVBTbURJYVV5Ui1EVEt2Qk0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQDPCLEgRHSQORruGf93yuNQf8qgTHgvAyhuNm1ny8riGMofEUjTRL00
1AkbK41gJi6UxLV4SKGMPNuZkh5qa+h6w6T5BMOBHB79nreDvZR8i7NoYLpOgL/v
gPJJ6Hy6DbuEDx48ss+WCDWcWQbyw81Uiq78VBYQ7zrY3wBojkPeU6MEXfu32Lbm
sSCbB1chQXBg7cCNKWcdN2/NID9MJZ0EUZ40r6usxlk0QLm6U4rYNqC6YGyxWKMa
vRYDEbwv3nXoU4ga1RpIVa1RbXUIRT7/tJZsGedVcr+Xqr2TRhCEOZtVL0ry4g76
OcHHIiXyyHjwAk1KyUs86bgoiP9Llb+D
-----END CERTIFICATE-----
Generated at Tue Oct 21 02:09:19 2025 by rpki-client