Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91DCB25/2C60DFD8FDA511E88859C06BC4F9AE02/YcuQhfAv-PpF5zL1gDQPQkngDKI.mft
File:                     YcuQhfAv-PpF5zL1gDQPQkngDKI.mft (raw, json)
Hash identifier:          OYRHLBmFcUJB9s9a9JXaxsFECDh3eG7xHWmy40j8aQI=
Subject key identifier:   24:CD:1F:C7:1E:95:19:20:56:5A:7F:7C:E7:CE:65:EA:D4:91:DA:78
Authority key identifier: 61:CB:90:85:F0:2F:F8:FA:45:E7:32:F5:80:34:0F:42:49:E0:0C:A2
Certificate issuer:       /CN=A91DCB25/serialNumber=61CB9085F02FF8FA45E732F580340F4249E00CA2
Certificate serial:       11CD
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YcuQhfAv-PpF5zL1gDQPQkngDKI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91DCB25/2C60DFD8FDA511E88859C06BC4F9AE02/YcuQhfAv-PpF5zL1gDQPQkngDKI.mft
Manifest number:          11C4
Signing time:             Sat 18 Oct 2025 17:42:47 +0000
Manifest this update:     Sat 18 Oct 2025 17:42:45 +0000
Manifest next update:     Sat 25 Oct 2025 17:42:45 +0000
Files and hashes:         1: YcuQhfAv-PpF5zL1gDQPQkngDKI.crl (hash: Voa+nJqyaQfeaAlfpB9HUSPI1LiL4aNM3e/jqypptuY=)
                          2: BDC1AB0AFDA611E88FA5E26DC4F9AE02.roa (hash: SB9Ipu4AFekvf7xWy+dJxrZfjpqZ4b1Xx/G1XVRpODY=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91DCB25/2C60DFD8FDA511E88859C06BC4F9AE02/YcuQhfAv-PpF5zL1gDQPQkngDKI.crl
                          rsync://rpki.apnic.net/member_repository/A91DCB25/2C60DFD8FDA511E88859C06BC4F9AE02/YcuQhfAv-PpF5zL1gDQPQkngDKI.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YcuQhfAv-PpF5zL1gDQPQkngDKI.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 25 Oct 2025 17:42:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4557 (0x11cd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91DCB25, serialNumber=61CB9085F02FF8FA45E732F580340F4249E00CA2
        Validity
            Not Before: Oct 18 17:42:45 2025 GMT
            Not After : Oct 25 17:42:45 2025 GMT
        Subject: CN=68f3d195-d040
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:42:60:3b:51:90:fe:6d:2f:27:e0:09:0d:40:
                    c1:d7:1d:d9:49:bf:8a:0c:57:35:08:fc:5f:40:9b:
                    f0:46:a7:04:c0:ac:8e:3c:ba:8e:4f:39:32:a6:7c:
                    8a:f0:cb:9d:4b:e7:ec:04:dc:86:af:a9:3f:5b:7a:
                    dd:ae:2f:d2:0b:60:98:37:3b:75:1a:c3:35:a5:aa:
                    ee:55:4f:80:21:2d:c3:bb:26:c0:04:ea:84:5a:13:
                    ea:21:0a:08:03:63:fd:d5:e8:c3:43:95:35:2f:15:
                    b8:86:a3:a0:0c:39:10:81:a8:38:3b:8e:c7:60:df:
                    2a:e9:00:ae:fc:e9:1c:79:68:5e:0e:93:68:1b:1b:
                    d6:b2:54:e4:d6:f3:84:ae:4b:e2:06:2a:57:48:4c:
                    52:22:4c:c7:b7:11:80:0c:22:e8:97:27:2c:1c:ee:
                    9e:2d:0a:0a:66:80:bb:c6:3e:20:02:22:4b:2a:72:
                    57:89:84:d6:9b:ae:d5:4a:d5:a5:69:f6:d5:29:ed:
                    18:c2:37:49:91:c9:9a:f6:8f:0a:19:04:25:d9:a7:
                    d0:3c:41:85:75:19:a5:e3:b2:db:3e:bd:92:eb:8a:
                    bd:5c:35:a3:81:3d:00:48:07:f8:d3:ac:7a:d2:c4:
                    20:04:5f:51:d7:e3:b2:43:31:87:6f:92:c5:e7:b0:
                    ff:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:CD:1F:C7:1E:95:19:20:56:5A:7F:7C:E7:CE:65:EA:D4:91:DA:78
            X509v3 Authority Key Identifier:
                keyid:61:CB:90:85:F0:2F:F8:FA:45:E7:32:F5:80:34:0F:42:49:E0:0C:A2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91DCB25/2C60DFD8FDA511E88859C06BC4F9AE02/YcuQhfAv-PpF5zL1gDQPQkngDKI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YcuQhfAv-PpF5zL1gDQPQkngDKI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DCB25/2C60DFD8FDA511E88859C06BC4F9AE02/YcuQhfAv-PpF5zL1gDQPQkngDKI.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:8d:7d:7d:2a:9f:62:d1:8a:91:c9:af:f5:ce:d8:f8:c4:34:
         cd:24:66:9b:6e:fd:16:aa:b1:83:12:71:e1:bc:94:02:1a:29:
         f2:20:15:84:6c:28:ca:25:ee:e0:3e:93:22:7d:35:20:2a:d9:
         2e:9d:b5:1b:93:f6:19:f7:a4:b3:d7:ea:b7:9d:10:6f:44:ac:
         d9:2b:62:ce:61:db:6c:74:d6:67:c8:59:54:65:35:0c:fd:b4:
         91:78:08:0a:dd:34:35:37:0e:35:7c:93:8a:c0:59:b8:ba:90:
         1d:21:75:84:c5:8c:81:95:c0:c9:d4:51:8d:9c:d9:33:8f:67:
         d2:8a:ca:12:75:a5:e6:8c:f1:fd:93:08:0f:7c:81:0d:69:eb:
         ba:1f:a3:81:ed:3e:fe:d8:f9:36:76:98:8b:cf:4d:71:71:ca:
         f6:f1:3c:9e:f0:c4:a4:fa:7f:47:f7:f7:44:b9:b3:13:eb:d5:
         b5:0d:55:05:53:aa:ac:3e:0e:01:67:82:41:74:57:61:bd:15:
         fd:74:79:cb:f0:c1:8d:3a:fc:a0:8f:54:7e:2c:c4:e1:fc:c9:
         3a:ca:d7:f5:64:4e:f6:bf:de:c7:67:f9:45:b8:73:2f:b6:09:
         89:7d:1d:96:5e:3d:04:c5:a9:de:83:80:07:69:1c:3e:c6:03:
         55:46:e5:27
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICEc0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RENCMjUxMTAvBgNVBAUTKDYxQ0I5MDg1RjAyRkY4RkE0NUU3MzJGNTgwMzQwRjQy
NDlFMDBDQTIwHhcNMjUxMDE4MTc0MjQ1WhcNMjUxMDI1MTc0MjQ1WjAYMRYwFAYD
VQQDEw02OGYzZDE5NS1kMDQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5EJgO1GQ/m0vJ+AJDUDB1x3ZSb+KDFc1CPxfQJvwRqcEwKyOPLqOTzkypnyK
8MudS+fsBNyGr6k/W3rdri/SC2CYNzt1GsM1paruVU+AIS3DuybABOqEWhPqIQoI
A2P91ejDQ5U1LxW4hqOgDDkQgag4O47HYN8q6QCu/OkceWheDpNoGxvWslTk1vOE
rkviBipXSExSIkzHtxGADCLolycsHO6eLQoKZoC7xj4gAiJLKnJXiYTWm67VStWl
afbVKe0YwjdJkcma9o8KGQQl2afQPEGFdRml47LbPr2S64q9XDWjgT0ASAf406x6
0sQgBF9R1+OyQzGHb5LF57D/yQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCTNH8ce
lRkgVlp/fOfOZerUkdp4MB8GA1UdIwQYMBaAFGHLkIXwL/j6Recy9YA0D0JJ4Ayi
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQ0IyNS8yQzYwREZEOEZE
QTUxMUU4ODg1OUMwNkJDNEY5QUUwMi9ZY3VRaGZBdi1QcEY1ekwxZ0RRUFFrbmdE
S0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ljdVFoZkF2LVBwRjV6TDFnRFFQUWtuZ0RLSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
Q0IyNS8yQzYwREZEOEZEQTUxMUU4ODg1OUMwNkJDNEY5QUUwMi9ZY3VRaGZBdi1Q
cEY1ekwxZ0RRUFFrbmdES0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAjjX19Kp9i0YqRya/1ztj4xDTNJGabbv0WqrGDEnHhvJQCGinyIBWE
bCjKJe7gPpMifTUgKtkunbUbk/YZ96Sz1+q3nRBvRKzZK2LOYdtsdNZnyFlUZTUM
/bSReAgK3TQ1Nw41fJOKwFm4upAdIXWExYyBlcDJ1FGNnNkzj2fSisoSdaXmjPH9
kwgPfIENaeu6H6OB7T7+2Pk2dpiLz01xccr28Tye8MSk+n9H9/dEubMT69W1DVUF
U6qsPg4BZ4JBdFdhvRX9dHnL8MGNOvygj1R+LMTh/Mk6ytf1ZE72v97HZ/lFuHMv
tgmJfR2WXj0Exaneg4AHaRw+xgNVRuUn
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:43:16 2025 by rpki-client