Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.mft
File:                     ZKZlgWrv7XOzB1AH2lM3rH3sS4E.mft (raw, json)
Hash identifier:          HUg57tuV/o4LXfDjJF9Fj+FJXMlQgg2c396azvHnsSo=
Subject key identifier:   BC:52:70:6A:38:25:64:D5:11:71:9D:6A:C1:C5:D4:56:7C:17:61:65
Authority key identifier: 64:A6:65:81:6A:EF:ED:73:B3:07:50:07:DA:53:37:AC:7D:EC:4B:81
Certificate issuer:       /CN=A91E6D5D/serialNumber=64A665816AEFED73B3075007DA5337AC7DEC4B81
Certificate serial:       1B29
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.mft
Manifest number:          A062
Signing time:             Sat 18 Oct 2025 14:33:01 +0000
Manifest this update:     Sat 18 Oct 2025 14:33:01 +0000
Manifest next update:     Sat 25 Oct 2025 14:33:01 +0000
Files and hashes:         1: ZKZlgWrv7XOzB1AH2lM3rH3sS4E.crl (hash: hs48Lj2JUylKlOJatzZ5xR/7GZ7LIW/5cJZlYaJCIzw=)
                          2: 9907DC46D4BC11EF9BDDAF2EC4F9AE02.roa (hash: RYynr8uizf4mxXQD/bYs58a0i9OmwI4vdpj7nHmjiJU=)
                          3: 959AC422557911EBBD21EB2FC4F9AE02.roa (hash: oMF/P2hGXRHcLkAXgbmeUw5lcthqUMWdcFQRgDGmw2Q=)
                          4: 20C6F2EC699D11EAA33EAE83C4F9AE02.roa (hash: 68iXhMXoCKzkvFm4ZJIC/ibhTxkbyNkKn12MmIsJUjc=)
                          5: 191363A69DD911EC99D91668C4F9AE02.roa (hash: oqniAucPfqcKV0mTFTmt9sxkwi/yyX2GOXb0nYNRsyI=)
                          6: ACC8833824DE11EDAEC0E529C4F9AE02.roa (hash: SpN5g9M2rsSW+Cra37fKcK/lk5XqYbPAMh8S4vUS9qk=)
                          7: 4FF339D8F01D11EB8C4B505BC4F9AE02.roa (hash: U9RF+JaWcsKZTr1DEGw1Y5hTdB+oWxy9sRXTz5ZgIuo=)
                          8: C89FD6DA557611EBA04C290BC4F9AE02.roa (hash: Y+JgutBZqKB0sr/67XUkEfaEMyqBwPZIYt+9Yv44r5c=)
                          9: FC6A19D892D511EC8FBFF32AC4F9AE02.roa (hash: kjWRly5sP345NgQNsNa2Y38tsuhMAJkUf7cDKkslnxQ=)
                          10: 1BF3A43C15BE11EF93ABFD7DC4F9AE02.roa (hash: Dnw6VZCydK3JoKDSOzotlEvfgmRpxLVN7ezEA2ZyyGo=)
                          11: 0B24875C7A4411EB804B7430C4F9AE02.roa (hash: Y+xehgtewaeOdOL6PowHHRPVgAd4mQJAADuq74in7FA=)
                          12: 3D68F8C29A4A11EA94706012C4F9AE02.roa (hash: +Q2D0d9yEIcvHWqL458RmFQjgHnoWa/Nyf3wOjdRqJY=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.crl
                          rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 25 Oct 2025 14:33:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6953 (0x1b29)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E6D5D, serialNumber=64A665816AEFED73B3075007DA5337AC7DEC4B81
        Validity
            Not Before: Oct 18 14:33:01 2025 GMT
            Not After : Oct 25 14:33:01 2025 GMT
        Subject: CN=68f3a51d-be24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:6b:08:49:50:9a:60:10:fd:bf:97:10:9a:b2:
                    7d:0b:0f:36:9f:5d:12:45:b7:2c:cf:32:79:be:be:
                    c3:1e:d9:a7:19:36:61:e2:3a:c3:ea:0b:4f:f7:1c:
                    3d:2e:ae:b4:26:00:24:d0:41:ba:bf:34:43:81:05:
                    e2:cd:92:29:ae:dd:d1:18:4d:c4:b6:4e:af:7a:ee:
                    3f:eb:59:16:77:21:7d:46:37:41:d2:31:16:cd:d7:
                    13:5d:06:2d:b2:ff:17:a3:b1:85:b0:7b:a1:76:50:
                    a4:90:da:fb:9b:7c:5e:e8:61:23:fe:9b:08:49:87:
                    21:ec:0f:8a:b2:68:37:9d:16:e6:56:9c:9c:b2:e7:
                    e2:54:ad:53:ce:73:90:83:66:25:1a:54:16:c2:cc:
                    a9:47:38:25:e8:0c:6c:fa:d5:ec:3e:6b:a5:38:59:
                    de:20:d1:16:49:a0:e0:9b:c1:91:42:9e:f8:a2:37:
                    fa:65:80:cb:0f:53:d6:8a:7c:47:f9:15:78:ed:ea:
                    ff:6c:35:03:a3:d7:78:2f:00:a8:c3:66:b4:f4:03:
                    4f:11:66:16:c9:31:2a:39:ef:ef:e0:e0:f6:f6:d1:
                    ea:0a:72:f1:d5:07:e6:6b:e1:cc:c1:f5:00:32:1d:
                    e8:4c:06:ce:be:46:e5:af:d2:e7:0f:d3:0a:bb:09:
                    87:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:52:70:6A:38:25:64:D5:11:71:9D:6A:C1:C5:D4:56:7C:17:61:65
            X509v3 Authority Key Identifier:
                keyid:64:A6:65:81:6A:EF:ED:73:B3:07:50:07:DA:53:37:AC:7D:EC:4B:81

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:ba:05:ee:f8:5f:44:ec:ad:4b:83:61:b3:f9:ec:44:25:3b:
         5a:b3:c9:4f:22:a1:de:d9:09:8d:35:f1:40:5e:99:83:dc:6c:
         90:39:65:d0:21:4c:c2:fb:a7:5e:01:0d:81:6d:d6:99:f4:6a:
         e9:d7:06:87:86:55:eb:ed:e6:06:37:d1:91:6c:21:44:07:a7:
         ca:96:47:3e:3e:6f:42:0c:97:92:e0:41:9b:c7:b4:99:70:31:
         11:37:f4:e0:63:60:c5:53:27:bf:0b:43:9a:ce:60:f0:04:99:
         8e:a1:b9:94:0d:48:91:35:c3:c1:93:8f:9e:03:06:7e:61:99:
         a1:0a:59:f1:71:81:2f:e0:af:c1:ed:14:2f:49:3f:bd:15:45:
         3d:34:79:ee:9e:fc:58:b1:35:c0:ce:88:26:a5:de:77:ab:25:
         ba:da:fd:0e:24:57:5f:4e:0d:43:fe:7d:d0:f6:01:2e:72:df:
         11:79:b6:ec:e1:e0:8c:07:0b:fb:70:db:2b:2e:55:87:df:11:
         08:66:8c:0b:a6:48:4c:fb:8d:d2:45:fb:4f:36:6f:85:65:e8:
         98:27:b4:f6:b0:c3:b1:f3:98:71:b9:dd:bc:f0:88:b3:ad:c0:
         39:38:95:6c:5f:c0:cc:47:f3:54:aa:84:ba:0f:da:a0:82:32:
         e2:b0:22:cd
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICGykwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTZENUQxMTAvBgNVBAUTKDY0QTY2NTgxNkFFRkVENzNCMzA3NTAwN0RBNTMzN0FD
N0RFQzRCODEwHhcNMjUxMDE4MTQzMzAxWhcNMjUxMDI1MTQzMzAxWjAYMRYwFAYD
VQQDEw02OGYzYTUxZC1iZTI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2GsISVCaYBD9v5cQmrJ9Cw82n10SRbcszzJ5vr7DHtmnGTZh4jrD6gtP9xw9
Lq60JgAk0EG6vzRDgQXizZIprt3RGE3Etk6veu4/61kWdyF9RjdB0jEWzdcTXQYt
sv8Xo7GFsHuhdlCkkNr7m3xe6GEj/psISYch7A+Ksmg3nRbmVpycsufiVK1TznOQ
g2YlGlQWwsypRzgl6Axs+tXsPmulOFneINEWSaDgm8GRQp74ojf6ZYDLD1PWinxH
+RV47er/bDUDo9d4LwCow2a09ANPEWYWyTEqOe/v4OD29tHqCnLx1Qfma+HMwfUA
Mh3oTAbOvkblr9LnD9MKuwmHdwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLxScGo4
JWTVEXGdasHF1FZ8F2FlMB8GA1UdIwQYMBaAFGSmZYFq7+1zswdQB9pTN6x97EuB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNkQ1RC85RENCNjhFMDFE
ODgxMUUyOTRCOTU1RTEwOEIwMkNEMi9aS1psZ1dydjdYT3pCMUFIMmxNM3JIM3NT
NEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1pLWmxnV3J2N1hPekIxQUgybE0zckgzc1M0RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
NkQ1RC85RENCNjhFMDFEODgxMUUyOTRCOTU1RTEwOEIwMkNEMi9aS1psZ1dydjdY
T3pCMUFIMmxNM3JIM3NTNEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAZugXu+F9E7K1Lg2Gz+exEJTtas8lPIqHe2QmNNfFAXpmD3GyQOWXQ
IUzC+6deAQ2BbdaZ9Grp1waHhlXr7eYGN9GRbCFEB6fKlkc+Pm9CDJeS4EGbx7SZ
cDERN/TgY2DFUye/C0OazmDwBJmOobmUDUiRNcPBk4+eAwZ+YZmhClnxcYEv4K/B
7RQvST+9FUU9NHnunvxYsTXAzogmpd53qyW62v0OJFdfTg1D/n3Q9gEuct8Rebbs
4eCMBwv7cNsrLlWH3xEIZowLpkhM+43SRftPNm+FZeiYJ7T2sMOx85hxud288Iiz
rcA5OJVsX8DMR/NUqoS6D9qggjLisCLN
-----END CERTIFICATE-----
Generated at Mon Oct 20 16:04:53 2025 by rpki-client