Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E554A/795E73D091F711EFADE11266C4F9AE02/EhrxRNkD4_iJffD-0gcaFkd17U8.mft
File:                     EhrxRNkD4_iJffD-0gcaFkd17U8.mft (raw, json)
Hash identifier:          uZsQ1+YpweJr/TjJZvibsk0LO17y6PmumGHbB7MB460=
Subject key identifier:   72:EB:F7:BF:92:E9:B7:89:2B:18:A6:61:A2:46:20:56:91:C4:9B:B2
Authority key identifier: 12:1A:F1:44:D9:03:E3:F8:89:7D:F0:FE:D2:07:1A:16:47:75:ED:4F
Certificate issuer:       /CN=A91E554A/serialNumber=121AF144D903E3F8897DF0FED2071A164775ED4F
Certificate serial:       C4
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/EhrxRNkD4_iJffD-0gcaFkd17U8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E554A/795E73D091F711EFADE11266C4F9AE02/EhrxRNkD4_iJffD-0gcaFkd17U8.mft
Manifest number:          BF
Signing time:             Sun 19 Oct 2025 09:07:44 +0000
Manifest this update:     Sun 19 Oct 2025 09:07:43 +0000
Manifest next update:     Sun 26 Oct 2025 09:07:43 +0000
Files and hashes:         1: EhrxRNkD4_iJffD-0gcaFkd17U8.crl (hash: PZdifjTUlC1j7Ez/FOw/3SFdVl0SdGYr4JpqCCUXHpg=)
                          2: 7C304160FECB11EFB755BB45C4F9AE02.roa (hash: 96JJ4xS4XL/KIJ4tbueQ63oeM+4CMNy+gkgjGzK0Myk=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91E554A/795E73D091F711EFADE11266C4F9AE02/EhrxRNkD4_iJffD-0gcaFkd17U8.crl
                          rsync://rpki.apnic.net/member_repository/A91E554A/795E73D091F711EFADE11266C4F9AE02/EhrxRNkD4_iJffD-0gcaFkd17U8.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/EhrxRNkD4_iJffD-0gcaFkd17U8.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 26 Oct 2025 09:07:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 196 (0xc4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E554A, serialNumber=121AF144D903E3F8897DF0FED2071A164775ED4F
        Validity
            Not Before: Oct 19 09:07:43 2025 GMT
            Not After : Oct 26 09:07:43 2025 GMT
        Subject: CN=68f4aa60-04c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:52:92:be:54:fb:54:da:e1:a5:92:c7:bb:2b:
                    a9:bc:f5:cc:fa:bc:5e:07:a9:17:dc:d3:ff:bf:c1:
                    f4:ae:15:62:9c:e8:9e:97:b2:0f:06:0d:93:ec:88:
                    89:75:4f:fe:91:31:d2:59:4c:30:be:1e:57:bc:19:
                    ef:90:70:0f:e2:35:32:b4:83:4a:71:f6:cf:18:2a:
                    1f:7c:82:32:2c:31:67:b5:3d:63:03:00:b4:78:46:
                    84:2a:b7:33:07:01:00:d8:29:5e:f4:7c:39:e1:dc:
                    6b:01:2e:8b:1e:83:3c:80:5c:88:b2:3f:41:9a:68:
                    f9:77:62:86:85:4c:d5:47:ee:d8:dd:8f:e7:81:15:
                    c5:c5:3b:5b:3d:98:37:e1:85:a0:28:13:e9:00:6e:
                    b2:9c:18:23:26:74:42:7b:49:79:7b:55:8f:75:0e:
                    2f:c2:e6:d5:c0:d4:53:80:89:2b:b6:a1:8c:0e:95:
                    76:81:50:e7:e6:8f:73:c1:ee:d1:e7:fd:bd:38:0f:
                    1f:93:47:be:63:c1:e6:68:11:88:24:77:0c:de:31:
                    ea:b5:69:88:26:63:84:f0:94:60:3a:28:d3:8e:f5:
                    e2:1a:d4:fa:86:47:a6:ae:29:60:19:88:2d:9f:17:
                    2b:00:c6:1a:fc:42:31:b1:7a:e3:18:06:a1:5e:ba:
                    5b:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:EB:F7:BF:92:E9:B7:89:2B:18:A6:61:A2:46:20:56:91:C4:9B:B2
            X509v3 Authority Key Identifier:
                keyid:12:1A:F1:44:D9:03:E3:F8:89:7D:F0:FE:D2:07:1A:16:47:75:ED:4F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E554A/795E73D091F711EFADE11266C4F9AE02/EhrxRNkD4_iJffD-0gcaFkd17U8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/EhrxRNkD4_iJffD-0gcaFkd17U8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E554A/795E73D091F711EFADE11266C4F9AE02/EhrxRNkD4_iJffD-0gcaFkd17U8.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:d9:c5:aa:50:a3:eb:74:03:c2:4c:49:06:21:4d:cf:31:ad:
         11:ce:26:5b:7d:3c:87:dd:96:ec:e4:80:b0:94:53:92:d0:63:
         33:fc:d9:4c:e6:aa:e8:97:4d:80:c8:a2:6e:11:4f:6e:b5:01:
         9e:a4:c0:24:e3:1c:ba:4d:62:b7:0c:29:02:a0:83:2d:01:51:
         57:b9:c5:43:39:72:37:24:06:63:7f:16:e0:01:7d:15:08:2c:
         0e:cf:80:d4:08:ef:5e:75:96:d2:7a:fb:1c:d6:12:36:1f:de:
         ca:76:1f:c3:ce:c5:65:cd:6a:3a:2a:cb:99:c5:da:22:68:09:
         ed:3a:ac:b3:d9:a7:41:55:15:c1:76:a3:3f:a6:e0:7b:d5:29:
         66:46:80:aa:d2:63:38:4c:65:00:79:93:ba:97:92:f0:48:87:
         c8:6d:ca:41:81:dc:2c:92:79:c0:aa:c1:db:e0:a2:3d:53:a5:
         48:73:85:fd:11:e1:36:97:6b:da:e5:6f:cf:25:8e:e6:fe:d3:
         ec:a7:a9:1d:3f:3e:05:5f:fa:1e:c0:e7:5f:0c:1b:7b:4b:02:
         8e:b5:c8:49:bc:e1:7b:1d:2b:e0:be:fc:9f:f8:0d:72:dc:59:
         8f:91:e3:b0:06:10:0a:7f:b8:6f:00:f0:ad:4a:cf:fa:21:b1:
         cb:91:aa:1d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAMQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTU1NEExMTAvBgNVBAUTKDEyMUFGMTQ0RDkwM0UzRjg4OTdERjBGRUQyMDcxQTE2
NDc3NUVENEYwHhcNMjUxMDE5MDkwNzQzWhcNMjUxMDI2MDkwNzQzWjAYMRYwFAYD
VQQDEw02OGY0YWE2MC0wNGM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4lKSvlT7VNrhpZLHuyupvPXM+rxeB6kX3NP/v8H0rhVinOiel7IPBg2T7IiJ
dU/+kTHSWUwwvh5XvBnvkHAP4jUytINKcfbPGCoffIIyLDFntT1jAwC0eEaEKrcz
BwEA2Cle9Hw54dxrAS6LHoM8gFyIsj9Bmmj5d2KGhUzVR+7Y3Y/ngRXFxTtbPZg3
4YWgKBPpAG6ynBgjJnRCe0l5e1WPdQ4vwubVwNRTgIkrtqGMDpV2gVDn5o9zwe7R
5/29OA8fk0e+Y8HmaBGIJHcM3jHqtWmIJmOE8JRgOijTjvXiGtT6hkemrilgGYgt
nxcrAMYa/EIxsXrjGAahXrpbzwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHLr97+S
6beJKximYaJGIFaRxJuyMB8GA1UdIwQYMBaAFBIa8UTZA+P4iX3w/tIHGhZHde1P
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNTU0QS83OTVFNzNEMDkx
RjcxMUVGQURFMTEyNjZDNEY5QUUwMi9FaHJ4Uk5rRDRfaUpmZkQtMGdjYUZrZDE3
VTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0VocnhSTmtENF9pSmZmRC0wZ2NhRmtkMTdVOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
NTU0QS83OTVFNzNEMDkxRjcxMUVGQURFMTEyNjZDNEY5QUUwMi9FaHJ4Uk5rRDRf
aUpmZkQtMGdjYUZrZDE3VTgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBD2cWqUKPrdAPCTEkGIU3PMa0RziZbfTyH3Zbs5ICwlFOS0GMz/NlM
5qrol02AyKJuEU9utQGepMAk4xy6TWK3DCkCoIMtAVFXucVDOXI3JAZjfxbgAX0V
CCwOz4DUCO9edZbSevsc1hI2H97Kdh/DzsVlzWo6KsuZxdoiaAntOqyz2adBVRXB
dqM/puB71SlmRoCq0mM4TGUAeZO6l5LwSIfIbcpBgdwsknnAqsHb4KI9U6VIc4X9
EeE2l2va5W/PJY7m/tPsp6kdPz4FX/oewOdfDBt7SwKOtchJvOF7HSvgvvyf+A1y
3FmPkeOwBhAKf7hvAPCtSs/6IbHLkaod
-----END CERTIFICATE-----
Generated at Tue Oct 21 00:58:39 2025 by rpki-client