Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91DCCB3/41FD6016895C11EA890C6343C4F9AE02/yq3LrMUbKkZS3XMHTygsM00BAnc.mft
File:                     yq3LrMUbKkZS3XMHTygsM00BAnc.mft (raw, json)
Hash identifier:          LOtEDxizYrEw9ouNDooJ2Ly8Zv43lSMJmTNiKEHiqgA=
Subject key identifier:   CB:A3:16:38:98:4B:50:6A:AB:59:1B:20:95:5C:E6:59:CC:61:07:C5
Authority key identifier: CA:AD:CB:AC:C5:1B:2A:46:52:DD:73:07:4F:28:2C:33:4D:01:02:77
Certificate issuer:       /CN=A91DCCB3/serialNumber=CAADCBACC51B2A4652DD73074F282C334D010277
Certificate serial:       09E7
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yq3LrMUbKkZS3XMHTygsM00BAnc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91DCCB3/41FD6016895C11EA890C6343C4F9AE02/yq3LrMUbKkZS3XMHTygsM00BAnc.mft
Manifest number:          09E1
Signing time:             Sat 18 Oct 2025 20:55:53 +0000
Manifest this update:     Sat 18 Oct 2025 20:55:53 +0000
Manifest next update:     Sat 25 Oct 2025 20:55:53 +0000
Files and hashes:         1: yq3LrMUbKkZS3XMHTygsM00BAnc.crl (hash: eJd0FHnuFAbcp2L5cf8Ke4Wy7sSX+v58dstmgKuFBXs=)
                          2: 57EE11D0895D11EA81B43245C4F9AE02.roa (hash: LX76oihYc6Vcq0IqMjxINDxugVvobb/j/buf30BAPmQ=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91DCCB3/41FD6016895C11EA890C6343C4F9AE02/yq3LrMUbKkZS3XMHTygsM00BAnc.crl
                          rsync://rpki.apnic.net/member_repository/A91DCCB3/41FD6016895C11EA890C6343C4F9AE02/yq3LrMUbKkZS3XMHTygsM00BAnc.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yq3LrMUbKkZS3XMHTygsM00BAnc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 25 Oct 2025 20:55:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2535 (0x9e7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91DCCB3, serialNumber=CAADCBACC51B2A4652DD73074F282C334D010277
        Validity
            Not Before: Oct 18 20:55:53 2025 GMT
            Not After : Oct 25 20:55:53 2025 GMT
        Subject: CN=68f3fed9-195a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:fc:2a:2f:cc:91:26:f0:58:1b:38:90:23:3e:
                    e2:b9:82:eb:2f:b2:43:ec:0c:50:20:54:b5:b7:8d:
                    ed:cc:61:39:c5:9d:8b:80:2e:f4:2f:6a:8c:44:4a:
                    b0:db:2b:99:e9:db:41:fe:a8:47:33:35:9d:60:ab:
                    a2:9c:ba:3b:b5:af:6b:82:fa:6f:55:ee:51:0b:e5:
                    85:79:e2:df:e7:01:86:f5:3a:03:32:6b:cc:76:94:
                    47:dc:3d:0a:8e:6d:72:eb:13:ef:aa:b1:34:4a:64:
                    52:40:53:e0:fe:d6:4d:c2:5f:6f:3b:27:a6:9c:22:
                    2a:31:c4:db:a4:72:dc:b2:99:f4:51:52:ca:cc:9b:
                    9a:01:73:d9:ad:29:fb:56:27:09:d8:b9:c0:55:4f:
                    d1:bc:6d:47:0a:34:d4:74:3c:3f:bd:43:e5:78:65:
                    5b:84:97:78:e2:c9:47:a2:0d:3b:75:d8:8c:fe:c6:
                    4e:42:fd:08:f4:83:2e:bf:69:9f:13:98:15:de:56:
                    1d:48:f7:8b:ca:30:5d:79:35:0e:bd:12:ad:82:f3:
                    34:b5:10:36:dd:99:63:b4:ba:26:85:1f:48:3d:9d:
                    50:69:58:14:e8:8b:62:dc:b3:7b:e8:48:83:e3:09:
                    b5:e1:91:05:cc:96:fd:ca:14:4d:ff:0c:a4:58:db:
                    75:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:A3:16:38:98:4B:50:6A:AB:59:1B:20:95:5C:E6:59:CC:61:07:C5
            X509v3 Authority Key Identifier:
                keyid:CA:AD:CB:AC:C5:1B:2A:46:52:DD:73:07:4F:28:2C:33:4D:01:02:77

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91DCCB3/41FD6016895C11EA890C6343C4F9AE02/yq3LrMUbKkZS3XMHTygsM00BAnc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yq3LrMUbKkZS3XMHTygsM00BAnc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DCCB3/41FD6016895C11EA890C6343C4F9AE02/yq3LrMUbKkZS3XMHTygsM00BAnc.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:21:35:58:4a:84:e9:ca:d1:70:d5:f3:94:a3:5d:67:4b:23:
         87:a2:fd:76:55:4f:a9:e5:e0:89:81:bf:14:e8:9e:3c:59:0d:
         05:81:01:85:24:d3:14:34:83:6e:f9:be:a6:24:65:0a:c9:43:
         48:c6:14:6d:de:c5:0d:34:0a:50:7c:51:8b:04:81:44:93:cf:
         2f:6d:f4:34:76:e6:25:97:1a:5e:05:5d:7d:73:5a:2b:10:aa:
         03:a6:de:e2:f5:2c:53:c2:29:8a:bb:56:6a:b6:e0:21:89:a3:
         37:25:5a:43:60:57:79:57:eb:03:6c:e5:93:7f:b2:d7:d2:8e:
         20:e6:b6:81:41:86:0b:0c:a2:3d:49:ce:55:f1:c8:a1:05:ef:
         03:63:bd:20:77:3c:a1:2b:9a:3f:0d:51:d8:76:c5:75:58:4e:
         92:d5:e8:ef:0e:31:26:93:78:bb:bd:b5:60:3d:33:38:17:b2:
         62:74:83:8f:0b:83:70:6c:cf:50:91:85:1d:34:9e:aa:8f:a6:
         eb:80:3e:6e:7d:b9:b4:41:1a:73:57:dc:77:2a:f2:2b:23:e4:
         3d:93:40:0e:d7:42:50:38:87:13:a7:9c:3f:e8:b1:46:d3:d4:
         72:99:a6:96:6c:88:3c:5b:7a:ee:4a:30:de:e1:93:d4:58:30:
         ee:81:f8:e6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCecwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RENDQjMxMTAvBgNVBAUTKENBQURDQkFDQzUxQjJBNDY1MkRENzMwNzRGMjgyQzMz
NEQwMTAyNzcwHhcNMjUxMDE4MjA1NTUzWhcNMjUxMDI1MjA1NTUzWjAYMRYwFAYD
VQQDEw02OGYzZmVkOS0xOTVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1PwqL8yRJvBYGziQIz7iuYLrL7JD7AxQIFS1t43tzGE5xZ2LgC70L2qMREqw
2yuZ6dtB/qhHMzWdYKuinLo7ta9rgvpvVe5RC+WFeeLf5wGG9ToDMmvMdpRH3D0K
jm1y6xPvqrE0SmRSQFPg/tZNwl9vOyemnCIqMcTbpHLcspn0UVLKzJuaAXPZrSn7
VicJ2LnAVU/RvG1HCjTUdDw/vUPleGVbhJd44slHog07ddiM/sZOQv0I9IMuv2mf
E5gV3lYdSPeLyjBdeTUOvRKtgvM0tRA23ZljtLomhR9IPZ1QaVgU6Iti3LN76EiD
4wm14ZEFzJb9yhRN/wykWNt1NQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMujFjiY
S1Bqq1kbIJVc5lnMYQfFMB8GA1UdIwQYMBaAFMqty6zFGypGUt1zB08oLDNNAQJ3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQ0NCMy80MUZENjAxNjg5
NUMxMUVBODkwQzYzNDNDNEY5QUUwMi95cTNMck1VYktrWlMzWE1IVHlnc00wMEJB
bmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3lxM0xyTVViS2taUzNYTUhUeWdzTTAwQkFuYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
Q0NCMy80MUZENjAxNjg5NUMxMUVBODkwQzYzNDNDNEY5QUUwMi95cTNMck1VYktr
WlMzWE1IVHlnc00wMEJBbmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAmITVYSoTpytFw1fOUo11nSyOHov12VU+p5eCJgb8U6J48WQ0FgQGF
JNMUNINu+b6mJGUKyUNIxhRt3sUNNApQfFGLBIFEk88vbfQ0duYllxpeBV19c1or
EKoDpt7i9SxTwimKu1ZqtuAhiaM3JVpDYFd5V+sDbOWTf7LX0o4g5raBQYYLDKI9
Sc5V8cihBe8DY70gdzyhK5o/DVHYdsV1WE6S1ejvDjEmk3i7vbVgPTM4F7JidIOP
C4NwbM9QkYUdNJ6qj6brgD5ufbm0QRpzV9x3KvIrI+Q9k0AO10JQOIcTp5w/6LFG
09RymaaWbIg8W3ruSjDe4ZPUWDDugfjm
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:00:26 2025 by rpki-client