Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E2EFF/A314847C484911F0BF070370C4F9AE02/BstI9X1UOpeC2KfJbaTh3tvDwws.mft
File:                     BstI9X1UOpeC2KfJbaTh3tvDwws.mft (raw, json)
Hash identifier:          Z8ETg/YmVwLgEo1c0JPG+hxMlu7D5+25n948+lUWBO0=
Subject key identifier:   02:F1:46:90:F8:EA:41:FC:3E:A7:25:53:85:CC:A5:EE:86:EC:80:87
Authority key identifier: 06:CB:48:F5:7D:54:3A:97:82:D8:A7:C9:6D:A4:E1:DE:DB:C3:C3:0B
Certificate issuer:       /CN=A91E2EFF/serialNumber=06CB48F57D543A9782D8A7C96DA4E1DEDBC3C30B
Certificate serial:       44
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BstI9X1UOpeC2KfJbaTh3tvDwws.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E2EFF/A314847C484911F0BF070370C4F9AE02/BstI9X1UOpeC2KfJbaTh3tvDwws.mft
Manifest number:          43
Signing time:             Sun 19 Oct 2025 10:52:08 +0000
Manifest this update:     Sun 19 Oct 2025 10:52:07 +0000
Manifest next update:     Sun 26 Oct 2025 10:52:07 +0000
Files and hashes:         1: BstI9X1UOpeC2KfJbaTh3tvDwws.crl (hash: N8cegtr3DKrhgeLrywiLrdQx1nzTXmQwjrrb+sQdUWg=)
                          2: 3698C9BA484A11F0B96B9D10C4F9AE02.roa (hash: 3/VlviI5lXmsXT9HHGTTjCEqy33hQJaRKWakW7gYvqc=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91E2EFF/A314847C484911F0BF070370C4F9AE02/BstI9X1UOpeC2KfJbaTh3tvDwws.crl
                          rsync://rpki.apnic.net/member_repository/A91E2EFF/A314847C484911F0BF070370C4F9AE02/BstI9X1UOpeC2KfJbaTh3tvDwws.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BstI9X1UOpeC2KfJbaTh3tvDwws.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 26 Oct 2025 10:52:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 68 (0x44)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E2EFF, serialNumber=06CB48F57D543A9782D8A7C96DA4E1DEDBC3C30B
        Validity
            Not Before: Oct 19 10:52:07 2025 GMT
            Not After : Oct 26 10:52:07 2025 GMT
        Subject: CN=68f4c2d7-f350
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:22:c8:e2:04:32:fd:71:c8:51:43:70:d7:fe:
                    fb:b1:70:a3:a2:ad:91:a3:ad:30:a3:c2:a7:80:ca:
                    d6:ce:01:0c:cb:31:67:82:f4:93:bc:07:90:d6:44:
                    98:d7:d8:94:c7:8c:f2:ea:81:9c:0b:12:87:e2:2f:
                    26:18:4a:33:e5:7f:ad:82:b1:fb:d2:7a:9d:68:8e:
                    4e:75:15:96:34:05:a4:09:a9:63:23:68:9d:04:5a:
                    5e:7a:d1:3b:51:5b:ee:6a:49:94:a0:c5:04:fe:47:
                    3b:7b:b0:59:93:07:04:57:33:fb:67:9b:28:78:d3:
                    f0:2e:82:bd:d9:a5:2e:25:3d:00:ac:6c:80:56:6e:
                    f9:ff:0c:c9:31:08:44:5c:90:23:6c:3d:6b:d7:3a:
                    44:65:94:96:02:d9:a1:17:fc:38:a3:95:52:20:13:
                    a0:39:38:98:ca:a2:4f:9b:35:3d:13:50:0c:6e:9e:
                    7c:cb:04:63:ed:c2:82:cd:0a:8c:fe:11:b0:d9:a1:
                    b6:3e:93:5b:c6:1a:f3:05:80:a4:d1:ff:69:0d:c0:
                    9a:4c:4b:54:bc:61:9e:3e:50:9c:cb:2f:10:b8:cd:
                    cb:71:f7:74:c0:b3:2b:be:ce:2f:fa:40:1d:67:a0:
                    6b:5c:da:54:d0:0f:75:27:ce:b4:69:dc:b9:a1:0e:
                    e5:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:F1:46:90:F8:EA:41:FC:3E:A7:25:53:85:CC:A5:EE:86:EC:80:87
            X509v3 Authority Key Identifier:
                keyid:06:CB:48:F5:7D:54:3A:97:82:D8:A7:C9:6D:A4:E1:DE:DB:C3:C3:0B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E2EFF/A314847C484911F0BF070370C4F9AE02/BstI9X1UOpeC2KfJbaTh3tvDwws.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BstI9X1UOpeC2KfJbaTh3tvDwws.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E2EFF/A314847C484911F0BF070370C4F9AE02/BstI9X1UOpeC2KfJbaTh3tvDwws.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         c5:71:62:9e:e1:bd:9a:52:c2:c9:d4:12:6b:31:3e:97:72:60:
         19:62:f6:91:72:cc:9b:64:0f:60:8f:69:52:7c:9d:16:4c:8a:
         ae:0a:bb:55:58:b4:f8:2b:a8:34:f5:b1:4d:dd:ee:38:20:18:
         ee:04:16:17:72:72:d9:b3:4f:6b:75:5f:fb:df:d8:b8:f4:c6:
         be:ad:95:50:01:6a:e1:12:5e:f1:18:2a:5e:5e:d6:84:c2:9f:
         f4:00:a1:04:f7:30:a8:d7:53:ac:66:26:3b:8e:93:64:f2:40:
         e3:22:ae:6c:9b:dc:31:6b:9b:29:cd:44:2d:8d:b8:98:9a:60:
         b6:12:88:0b:29:4a:96:64:ed:34:63:20:df:33:2d:ae:ad:80:
         a1:e8:11:31:60:2a:26:5b:19:09:6c:6d:90:be:e6:7c:5f:ef:
         62:52:3c:4f:a4:c4:9c:60:47:6c:94:cb:23:b7:05:ee:41:a2:
         d4:ae:af:32:14:ff:aa:50:d9:c2:8f:59:ba:25:e9:9d:bd:09:
         3c:9f:1c:a5:fd:9f:3f:18:12:8a:b4:ed:92:4f:6b:4c:9c:a3:
         96:d1:6b:d1:ca:ba:39:3b:6b:fd:f3:ec:f2:c5:0b:02:b7:19:
         e5:3c:f0:3a:3d:ca:d9:76:c5:89:d1:19:af:40:1a:62:5f:9e:
         1a:d6:c8:11
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBRDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
MkVGRjExMC8GA1UEBRMoMDZDQjQ4RjU3RDU0M0E5NzgyRDhBN0M5NkRBNEUxREVE
QkMzQzMwQjAeFw0yNTEwMTkxMDUyMDdaFw0yNTEwMjYxMDUyMDdaMBgxFjAUBgNV
BAMTDTY4ZjRjMmQ3LWYzNTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC0IsjiBDL9cchRQ3DX/vuxcKOirZGjrTCjwqeAytbOAQzLMWeC9JO8B5DWRJjX
2JTHjPLqgZwLEofiLyYYSjPlf62CsfvSep1ojk51FZY0BaQJqWMjaJ0EWl560TtR
W+5qSZSgxQT+Rzt7sFmTBwRXM/tnmyh40/Augr3ZpS4lPQCsbIBWbvn/DMkxCERc
kCNsPWvXOkRllJYC2aEX/DijlVIgE6A5OJjKok+bNT0TUAxunnzLBGPtwoLNCoz+
EbDZobY+k1vGGvMFgKTR/2kNwJpMS1S8YZ4+UJzLLxC4zctx93TAsyu+zi/6QB1n
oGtc2lTQD3UnzrRp3LmhDuWjAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUAvFGkPjq
Qfw+pyVThcyl7obsgIcwHwYDVR0jBBgwFoAUBstI9X1UOpeC2KfJbaTh3tvDwwsw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUUyRUZGL0EzMTQ4NDdDNDg0
OTExRjBCRjA3MDM3MEM0RjlBRTAyL0JzdEk5WDFVT3BlQzJLZkpiYVRoM3R2RHd3
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvQnN0STlYMVVPcGVDMktmSmJhVGgzdHZEd3dzLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL
hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUUy
RUZGL0EzMTQ4NDdDNDg0OTExRjBCRjA3MDM3MEM0RjlBRTAyL0JzdEk5WDFVT3Bl
QzJLZkpiYVRoM3R2RHd3cy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h
cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA
MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL
BQADggEBAMVxYp7hvZpSwsnUEmsxPpdyYBli9pFyzJtkD2CPaVJ8nRZMiq4Ku1VY
tPgrqDT1sU3d7jggGO4EFhdyctmzT2t1X/vf2Lj0xr6tlVABauESXvEYKl5e1oTC
n/QAoQT3MKjXU6xmJjuOk2TyQOMirmyb3DFrmynNRC2NuJiaYLYSiAspSpZk7TRj
IN8zLa6tgKHoETFgKiZbGQlsbZC+5nxf72JSPE+kxJxgR2yUyyO3Be5BotSurzIU
/6pQ2cKPWbol6Z29CTyfHKX9nz8YEoq07ZJPa0yco5bRa9HKujk7a/3z7PLFCwK3
GeU88Do9ytl2xYnRGa9AGmJfnhrWyBE=
-----END CERTIFICATE-----
Generated at Tue Oct 21 03:04:42 2025 by rpki-client