Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E91BC/A4E673CADBE911EC95110515C4F9AE02/QU-2F4hpEw-Cbp4wwLeUCE2XYN0.mft
File:                     QU-2F4hpEw-Cbp4wwLeUCE2XYN0.mft (raw, json)
Hash identifier:          kR6dzFOMG7riKC4B9592bbwdMg6bmRScEb3/H38eGBE=
Subject key identifier:   EC:37:D2:1A:42:9C:CF:BE:10:C2:03:F4:FE:FF:4D:E2:D6:2F:DC:0B
Authority key identifier: 41:4F:B6:17:88:69:13:0F:82:6E:9E:30:C0:B7:94:08:4D:97:60:DD
Certificate issuer:       /CN=A91E91BC/serialNumber=414FB6178869130F826E9E30C0B794084D9760DD
Certificate serial:       0349
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/QU-2F4hpEw-Cbp4wwLeUCE2XYN0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E91BC/A4E673CADBE911EC95110515C4F9AE02/QU-2F4hpEw-Cbp4wwLeUCE2XYN0.mft
Manifest number:          0343
Signing time:             Sun 19 Oct 2025 03:05:47 +0000
Manifest this update:     Sun 19 Oct 2025 03:05:47 +0000
Manifest next update:     Sun 26 Oct 2025 03:05:47 +0000
Files and hashes:         1: QU-2F4hpEw-Cbp4wwLeUCE2XYN0.crl (hash: OaycbNKj7nZOhehHzjsclsPSccv7AbWKxZuOj9pRW4A=)
                          2: 7BCC4B32E85C11EE9593933FC4F9AE02.roa (hash: C9cBIgp62dlijuyH/TsefWQ1spYTduwHvoUlA7V/520=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91E91BC/A4E673CADBE911EC95110515C4F9AE02/QU-2F4hpEw-Cbp4wwLeUCE2XYN0.crl
                          rsync://rpki.apnic.net/member_repository/A91E91BC/A4E673CADBE911EC95110515C4F9AE02/QU-2F4hpEw-Cbp4wwLeUCE2XYN0.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/QU-2F4hpEw-Cbp4wwLeUCE2XYN0.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 26 Oct 2025 03:05:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 841 (0x349)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E91BC, serialNumber=414FB6178869130F826E9E30C0B794084D9760DD
        Validity
            Not Before: Oct 19 03:05:47 2025 GMT
            Not After : Oct 26 03:05:47 2025 GMT
        Subject: CN=68f4558b-dfe6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:f4:25:a4:ef:a0:be:12:8c:a2:07:c6:72:42:
                    d9:d4:36:56:5d:51:fb:8f:4e:43:f8:f6:0a:b8:fc:
                    03:03:88:09:66:d9:7b:12:3f:b3:d4:3f:47:cd:57:
                    d3:ea:5d:b7:e8:e1:53:77:7e:5a:6c:e4:a0:3f:0b:
                    ef:21:67:18:bb:1b:36:93:03:fd:5c:c2:34:7a:f1:
                    b8:6c:21:a7:31:59:c2:5a:af:72:e5:37:d7:e5:db:
                    34:7d:37:67:7d:1f:cf:f7:f1:ba:f9:25:6e:f9:e8:
                    98:b4:a0:ea:93:79:69:38:36:af:a3:9d:fd:32:d8:
                    81:d8:ee:6a:b6:41:84:e8:2f:b6:c6:1d:bf:c6:be:
                    35:25:71:07:cc:b7:a0:3a:92:a8:ff:8e:66:64:08:
                    bc:c5:45:37:67:a2:29:52:8c:fa:e5:6d:d6:2a:06:
                    22:b8:8a:19:a5:28:df:1f:1f:df:e9:6c:7b:db:32:
                    31:85:21:54:19:56:fa:8d:ff:9c:87:92:c8:be:1b:
                    b7:c8:36:43:66:20:af:1a:e2:c0:59:70:e8:fe:30:
                    02:1c:ce:f1:d3:d0:18:c6:e9:b5:83:f9:c4:96:37:
                    11:e2:e1:69:9a:9f:76:1c:be:da:b6:9b:67:a4:b8:
                    bb:0a:d7:86:22:a7:23:98:ff:06:18:23:38:f9:cf:
                    44:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:37:D2:1A:42:9C:CF:BE:10:C2:03:F4:FE:FF:4D:E2:D6:2F:DC:0B
            X509v3 Authority Key Identifier:
                keyid:41:4F:B6:17:88:69:13:0F:82:6E:9E:30:C0:B7:94:08:4D:97:60:DD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E91BC/A4E673CADBE911EC95110515C4F9AE02/QU-2F4hpEw-Cbp4wwLeUCE2XYN0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/QU-2F4hpEw-Cbp4wwLeUCE2XYN0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E91BC/A4E673CADBE911EC95110515C4F9AE02/QU-2F4hpEw-Cbp4wwLeUCE2XYN0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:5c:5a:97:55:75:16:0c:b8:4b:50:a7:fe:8e:3e:8a:a1:2f:
         84:c0:38:67:82:c5:b6:46:d4:a6:9b:f9:d6:ad:e9:af:9e:b6:
         f2:4a:e0:72:82:95:cd:1d:7c:0c:50:7a:27:e9:2c:a7:a0:de:
         e2:5a:5a:c6:9e:40:2e:2f:4b:c9:c2:9f:28:80:4c:8a:fc:72:
         80:b8:f5:78:04:da:6b:97:49:b9:15:ef:e9:bb:a5:5c:3b:e8:
         87:a3:e5:86:ab:66:bf:00:0a:06:41:79:3d:e3:e4:ae:ab:d6:
         0c:97:78:06:4a:e3:49:5c:07:cd:ae:a0:0e:61:14:e7:9b:7b:
         c5:24:87:ab:dc:28:aa:cd:64:b4:c9:2b:af:7c:57:44:69:aa:
         a2:f4:3e:ae:e4:7d:44:69:18:ab:0a:d6:0e:64:26:8c:8e:eb:
         d0:76:7c:bb:c9:c3:14:3c:13:5d:82:05:00:da:f6:d3:67:2e:
         39:4b:dd:3c:41:15:c7:13:2d:91:7b:56:2f:df:78:76:ba:70:
         c8:2e:4b:bf:db:6e:4e:e4:35:18:c2:35:cf:3a:e9:14:d9:72:
         b0:f8:1d:c6:e5:eb:00:d0:ef:45:7a:a6:31:01:a0:63:be:74:
         a4:a5:0b:87:43:6d:4a:e3:ab:69:4b:a3:5a:72:8e:f8:38:35:
         3b:66:e2:88
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICA0kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTkxQkMxMTAvBgNVBAUTKDQxNEZCNjE3ODg2OTEzMEY4MjZFOUUzMEMwQjc5NDA4
NEQ5NzYwREQwHhcNMjUxMDE5MDMwNTQ3WhcNMjUxMDI2MDMwNTQ3WjAYMRYwFAYD
VQQDEw02OGY0NTU4Yi1kZmU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAlfQlpO+gvhKMogfGckLZ1DZWXVH7j05D+PYKuPwDA4gJZtl7Ej+z1D9HzVfT
6l236OFTd35abOSgPwvvIWcYuxs2kwP9XMI0evG4bCGnMVnCWq9y5TfX5ds0fTdn
fR/P9/G6+SVu+eiYtKDqk3lpODavo539MtiB2O5qtkGE6C+2xh2/xr41JXEHzLeg
OpKo/45mZAi8xUU3Z6IpUoz65W3WKgYiuIoZpSjfHx/f6Wx72zIxhSFUGVb6jf+c
h5LIvhu3yDZDZiCvGuLAWXDo/jACHM7x09AYxum1g/nEljcR4uFpmp92HL7atptn
pLi7CteGIqcjmP8GGCM4+c9ERQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOw30hpC
nM++EMID9P7/TeLWL9wLMB8GA1UdIwQYMBaAFEFPtheIaRMPgm6eMMC3lAhNl2Dd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOTFCQy9BNEU2NzNDQURC
RTkxMUVDOTUxMTA1MTVDNEY5QUUwMi9RVS0yRjRocEV3LUNicDR3d0xlVUNFMlhZ
TjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1FVLTJGNGhwRXctQ2JwNHd3TGVVQ0UyWFlOMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
OTFCQy9BNEU2NzNDQURCRTkxMUVDOTUxMTA1MTVDNEY5QUUwMi9RVS0yRjRocEV3
LUNicDR3d0xlVUNFMlhZTjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAkXFqXVXUWDLhLUKf+jj6KoS+EwDhngsW2RtSmm/nWremvnrbySuBy
gpXNHXwMUHon6SynoN7iWlrGnkAuL0vJwp8ogEyK/HKAuPV4BNprl0m5Fe/pu6Vc
O+iHo+WGq2a/AAoGQXk94+Suq9YMl3gGSuNJXAfNrqAOYRTnm3vFJIer3CiqzWS0
ySuvfFdEaaqi9D6u5H1EaRirCtYOZCaMjuvQdny7ycMUPBNdggUA2vbTZy45S908
QRXHEy2Re1Yv33h2unDILku/225O5DUYwjXPOukU2XKw+B3G5esA0O9FeqYxAaBj
vnSkpQuHQ21K46tpS6Naco74ODU7ZuKI
-----END CERTIFICATE-----
Generated at Mon Oct 20 22:24:22 2025 by rpki-client