Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.mft
File:                     ZKZlgWrv7XOzB1AH2lM3rH3sS4E.mft (raw, json)
Hash identifier:          ybBZdCBRHSJvKXoeHcmz0O4kmeTFp+pJcPH/ftdeKno=
Subject key identifier:   D0:24:5F:3C:D8:B0:CC:C8:B0:8F:1B:B6:F2:46:0C:A5:F1:90:F1:E4
Authority key identifier: 64:A6:65:81:6A:EF:ED:73:B3:07:50:07:DA:53:37:AC:7D:EC:4B:81
Certificate issuer:       /CN=A91E6D5D/serialNumber=64A665816AEFED73B3075007DA5337AC7DEC4B81
Certificate serial:       1B2A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.mft
Manifest number:          A066
Signing time:             Mon 20 Oct 2025 14:32:22 +0000
Manifest this update:     Mon 20 Oct 2025 14:32:22 +0000
Manifest next update:     Mon 27 Oct 2025 14:32:22 +0000
Files and hashes:         1: ZKZlgWrv7XOzB1AH2lM3rH3sS4E.crl (hash: L8gTSig0isXmW2L30d2pyiQxaGfoYuS/MJCdSUKZXWU=)
                          2: 9907DC46D4BC11EF9BDDAF2EC4F9AE02.roa (hash: RYynr8uizf4mxXQD/bYs58a0i9OmwI4vdpj7nHmjiJU=)
                          3: 959AC422557911EBBD21EB2FC4F9AE02.roa (hash: oMF/P2hGXRHcLkAXgbmeUw5lcthqUMWdcFQRgDGmw2Q=)
                          4: 20C6F2EC699D11EAA33EAE83C4F9AE02.roa (hash: 68iXhMXoCKzkvFm4ZJIC/ibhTxkbyNkKn12MmIsJUjc=)
                          5: 191363A69DD911EC99D91668C4F9AE02.roa (hash: oqniAucPfqcKV0mTFTmt9sxkwi/yyX2GOXb0nYNRsyI=)
                          6: ACC8833824DE11EDAEC0E529C4F9AE02.roa (hash: SpN5g9M2rsSW+Cra37fKcK/lk5XqYbPAMh8S4vUS9qk=)
                          7: 4FF339D8F01D11EB8C4B505BC4F9AE02.roa (hash: U9RF+JaWcsKZTr1DEGw1Y5hTdB+oWxy9sRXTz5ZgIuo=)
                          8: C89FD6DA557611EBA04C290BC4F9AE02.roa (hash: Y+JgutBZqKB0sr/67XUkEfaEMyqBwPZIYt+9Yv44r5c=)
                          9: FC6A19D892D511EC8FBFF32AC4F9AE02.roa (hash: kjWRly5sP345NgQNsNa2Y38tsuhMAJkUf7cDKkslnxQ=)
                          10: 1BF3A43C15BE11EF93ABFD7DC4F9AE02.roa (hash: Dnw6VZCydK3JoKDSOzotlEvfgmRpxLVN7ezEA2ZyyGo=)
                          11: 0B24875C7A4411EB804B7430C4F9AE02.roa (hash: Y+xehgtewaeOdOL6PowHHRPVgAd4mQJAADuq74in7FA=)
                          12: 3D68F8C29A4A11EA94706012C4F9AE02.roa (hash: +Q2D0d9yEIcvHWqL458RmFQjgHnoWa/Nyf3wOjdRqJY=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.crl
                          rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 27 Oct 2025 14:32:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6954 (0x1b2a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E6D5D, serialNumber=64A665816AEFED73B3075007DA5337AC7DEC4B81
        Validity
            Not Before: Oct 20 14:32:22 2025 GMT
            Not After : Oct 27 14:32:22 2025 GMT
        Subject: CN=68f647f6-013c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:f2:80:95:75:fd:ea:f1:a6:fd:cc:5c:87:0a:
                    e8:1f:cc:81:4c:5f:8e:8a:d4:c2:65:e7:bb:bd:d2:
                    6e:90:45:ca:0b:ce:00:bb:5e:c3:9b:cf:b1:a6:2a:
                    bb:2f:75:43:45:f9:02:a7:d0:3b:0a:d3:eb:61:56:
                    fc:6a:ba:d4:66:33:18:a8:98:76:70:87:e1:c1:34:
                    2e:db:17:87:e6:3b:a9:a7:d2:8c:b6:7d:5b:90:04:
                    bd:54:23:13:fc:32:ef:ec:4a:41:f2:61:ed:2f:ef:
                    93:d8:e3:70:de:f4:e0:9e:20:a7:50:fe:3f:47:07:
                    ad:4e:04:00:36:47:0a:3b:ea:1d:9a:9e:10:96:93:
                    f9:86:7e:5e:5d:dd:84:9e:ed:f4:63:8a:fc:26:c3:
                    8e:b4:02:22:ca:23:cf:19:46:40:5f:af:5c:01:eb:
                    62:b2:d9:72:bc:e0:40:6b:7b:38:94:c6:c9:3d:be:
                    57:88:47:ca:ed:bf:c6:38:d4:d7:bf:81:72:23:87:
                    da:1e:85:20:18:46:d6:38:30:4e:fc:3d:7b:b9:3b:
                    4b:82:0e:e3:a8:75:1f:47:5f:8b:67:14:d8:06:69:
                    18:b5:29:ac:31:4e:d0:a7:04:70:73:bf:ce:89:ed:
                    8e:4f:43:6d:8c:06:d9:24:19:97:63:72:27:bf:96:
                    d6:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:24:5F:3C:D8:B0:CC:C8:B0:8F:1B:B6:F2:46:0C:A5:F1:90:F1:E4
            X509v3 Authority Key Identifier:
                keyid:64:A6:65:81:6A:EF:ED:73:B3:07:50:07:DA:53:37:AC:7D:EC:4B:81

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:f8:6c:13:43:9f:dd:8f:a3:b5:cc:28:05:4f:94:df:04:a9:
         09:81:95:39:20:c3:4c:04:54:c5:3c:42:56:d6:26:ab:49:e4:
         db:49:04:e9:42:6c:88:37:8b:49:a6:23:e1:9e:8c:68:7b:95:
         1e:f3:f3:be:95:75:81:ea:50:18:87:c2:bb:50:f8:d0:e1:61:
         de:1f:55:2e:17:41:33:ec:5e:1e:99:c6:a9:83:fa:cc:9a:03:
         8c:0a:ce:c1:5b:5c:03:c5:02:32:ec:12:ff:1c:10:11:c4:38:
         49:3a:1c:ff:a6:0e:58:cc:2b:22:c9:bd:cd:62:0c:76:88:d2:
         0b:36:40:6c:21:6c:87:d1:25:9a:9d:e6:9d:a6:7d:bc:5b:27:
         11:7b:1d:0e:d0:87:93:e9:5f:3c:08:f7:b6:fb:5e:4c:d4:d1:
         74:68:17:06:75:6b:35:d9:98:d4:1a:46:22:22:bf:8c:f2:1b:
         e5:90:8e:39:93:3e:e6:d8:19:6d:22:f9:92:97:5d:9d:30:ac:
         fa:27:aa:ea:83:98:23:78:42:73:95:47:85:1e:ca:19:83:dc:
         a2:b9:d7:7b:0e:5e:7e:7e:8f:e5:17:4a:00:b2:14:2c:cc:c7:
         a8:8b:e4:75:54:b1:59:82:e6:1d:80:de:68:e0:55:ab:db:74:
         1e:08:fe:d7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICGyowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTZENUQxMTAvBgNVBAUTKDY0QTY2NTgxNkFFRkVENzNCMzA3NTAwN0RBNTMzN0FD
N0RFQzRCODEwHhcNMjUxMDIwMTQzMjIyWhcNMjUxMDI3MTQzMjIyWjAYMRYwFAYD
VQQDEw02OGY2NDdmNi0wMTNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1vKAlXX96vGm/cxchwroH8yBTF+OitTCZee7vdJukEXKC84Au17Dm8+xpiq7
L3VDRfkCp9A7CtPrYVb8arrUZjMYqJh2cIfhwTQu2xeH5jupp9KMtn1bkAS9VCMT
/DLv7EpB8mHtL++T2ONw3vTgniCnUP4/RwetTgQANkcKO+odmp4QlpP5hn5eXd2E
nu30Y4r8JsOOtAIiyiPPGUZAX69cAetistlyvOBAa3s4lMbJPb5XiEfK7b/GONTX
v4FyI4faHoUgGEbWODBO/D17uTtLgg7jqHUfR1+LZxTYBmkYtSmsMU7QpwRwc7/O
ie2OT0NtjAbZJBmXY3Inv5bWZwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNAkXzzY
sMzIsI8btvJGDKXxkPHkMB8GA1UdIwQYMBaAFGSmZYFq7+1zswdQB9pTN6x97EuB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNkQ1RC85RENCNjhFMDFE
ODgxMUUyOTRCOTU1RTEwOEIwMkNEMi9aS1psZ1dydjdYT3pCMUFIMmxNM3JIM3NT
NEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1pLWmxnV3J2N1hPekIxQUgybE0zckgzc1M0RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
NkQ1RC85RENCNjhFMDFEODgxMUUyOTRCOTU1RTEwOEIwMkNEMi9aS1psZ1dydjdY
T3pCMUFIMmxNM3JIM3NTNEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCF+GwTQ5/dj6O1zCgFT5TfBKkJgZU5IMNMBFTFPEJW1iarSeTbSQTp
QmyIN4tJpiPhnoxoe5Ue8/O+lXWB6lAYh8K7UPjQ4WHeH1UuF0Ez7F4emcapg/rM
mgOMCs7BW1wDxQIy7BL/HBARxDhJOhz/pg5YzCsiyb3NYgx2iNILNkBsIWyH0SWa
neadpn28WycRex0O0IeT6V88CPe2+15M1NF0aBcGdWs12ZjUGkYiIr+M8hvlkI45
kz7m2BltIvmSl12dMKz6J6rqg5gjeEJzlUeFHsoZg9yiudd7Dl5+fo/lF0oAshQs
zMeoi+R1VLFZguYdgN5o4FWr23QeCP7X
-----END CERTIFICATE-----
Generated at Tue Oct 21 02:37:04 2025 by rpki-client