Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E9D1A/C59B02DA1D7011E286F147B508B02CD2/CXb8PSMYbUjGcXc3QIkc9U4xuA4.mft
File:                     CXb8PSMYbUjGcXc3QIkc9U4xuA4.mft (raw, json)
Hash identifier:          jMznW3lorf81x2JtSk8wKgi4VL4iDA8x6XVRK2/n6j4=
Subject key identifier:   21:A6:34:34:15:7A:2B:38:8B:12:A2:F0:C0:2B:A3:F7:B1:23:3E:58
Authority key identifier: 09:76:FC:3D:23:18:6D:48:C6:71:77:37:40:89:1C:F5:4E:31:B8:0E
Certificate issuer:       /CN=A91E9D1A/serialNumber=0976FC3D23186D48C671773740891CF54E31B80E
Certificate serial:       350F
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CXb8PSMYbUjGcXc3QIkc9U4xuA4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E9D1A/C59B02DA1D7011E286F147B508B02CD2/CXb8PSMYbUjGcXc3QIkc9U4xuA4.mft
Manifest number:          34EF
Signing time:             Sat 18 Oct 2025 14:20:32 +0000
Manifest this update:     Sat 18 Oct 2025 14:20:32 +0000
Manifest next update:     Sat 25 Oct 2025 14:20:32 +0000
Files and hashes:         1: CXb8PSMYbUjGcXc3QIkc9U4xuA4.crl (hash: +HJhc/OTgl0M1HqiZ2hsbKSFQrPQwossqznZUWNWYxs=)
                          2: 81C9B5A4BBFA11ED99272016C4F9AE02.roa (hash: 5TYvs++Mvewysf2Y0/6vpFA2+467A8J4q0CP6JqLCQs=)
                          3: E404430CB0F811E595E0F761C4F9AE02.roa (hash: aPLpTjVx3H8dG+sQrN1VcBaFu+dKTfAESi5mspAt7yo=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91E9D1A/C59B02DA1D7011E286F147B508B02CD2/CXb8PSMYbUjGcXc3QIkc9U4xuA4.crl
                          rsync://rpki.apnic.net/member_repository/A91E9D1A/C59B02DA1D7011E286F147B508B02CD2/CXb8PSMYbUjGcXc3QIkc9U4xuA4.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CXb8PSMYbUjGcXc3QIkc9U4xuA4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 25 Oct 2025 14:20:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13583 (0x350f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E9D1A, serialNumber=0976FC3D23186D48C671773740891CF54E31B80E
        Validity
            Not Before: Oct 18 14:20:32 2025 GMT
            Not After : Oct 25 14:20:32 2025 GMT
        Subject: CN=68f3a230-88af
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:66:0b:e7:7c:d7:82:fa:fe:c3:8d:f5:f0:19:
                    a9:05:4b:c8:99:99:4b:9e:08:53:d5:b6:10:2c:52:
                    40:83:8e:7c:51:57:2d:35:a4:a9:83:cd:15:03:40:
                    4a:6f:51:74:7d:96:27:a3:c8:3b:3e:8e:3a:9f:1c:
                    47:04:db:eb:03:28:14:27:39:5e:0f:3d:b0:2e:94:
                    6c:fe:7f:64:04:a7:89:b7:10:49:6d:ff:f7:36:86:
                    47:ac:d6:b6:6d:9c:96:8b:4b:df:bd:b0:e4:fb:be:
                    e4:9f:c5:9a:4e:f2:83:68:42:96:cf:01:ed:83:84:
                    83:d7:43:e4:40:b8:f2:67:8b:85:21:e7:89:f8:4d:
                    fb:d0:56:34:ed:95:41:11:d0:a3:37:cb:a9:ed:59:
                    ed:be:9c:d8:2f:7d:90:75:e1:1a:eb:a1:41:b8:9a:
                    61:ce:49:fa:84:dc:a8:cd:61:e2:1f:6d:8a:15:07:
                    1c:34:2a:d2:f0:1e:13:7a:e2:ea:fb:4b:d0:28:1c:
                    0a:1b:2e:a4:6f:4f:73:9a:d0:fe:69:6e:09:47:a8:
                    81:54:77:ba:f5:a2:b3:29:4a:31:89:af:43:15:e6:
                    3c:a3:ad:27:32:69:df:9a:bb:6a:e7:83:f3:2b:38:
                    08:ac:6c:84:e1:46:d6:f0:23:54:42:5a:e2:e6:eb:
                    b3:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:A6:34:34:15:7A:2B:38:8B:12:A2:F0:C0:2B:A3:F7:B1:23:3E:58
            X509v3 Authority Key Identifier:
                keyid:09:76:FC:3D:23:18:6D:48:C6:71:77:37:40:89:1C:F5:4E:31:B8:0E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E9D1A/C59B02DA1D7011E286F147B508B02CD2/CXb8PSMYbUjGcXc3QIkc9U4xuA4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CXb8PSMYbUjGcXc3QIkc9U4xuA4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E9D1A/C59B02DA1D7011E286F147B508B02CD2/CXb8PSMYbUjGcXc3QIkc9U4xuA4.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:66:df:91:76:57:87:df:a8:91:a2:90:db:8a:ff:c1:20:a0:
         f5:0f:27:75:19:3a:85:41:3a:63:2b:aa:7a:47:bf:89:1f:17:
         4a:64:06:eb:17:72:05:b9:ec:b0:2b:e2:ef:08:de:51:d8:c6:
         1b:e7:f3:9a:d7:16:fa:e1:71:b9:fe:73:c3:07:38:49:ab:be:
         d8:da:3a:46:91:b1:a6:19:8a:0d:82:34:47:45:5a:fa:c3:1b:
         2b:5e:b0:ea:ef:d2:84:fd:94:cb:8c:35:37:67:18:b1:62:3f:
         f6:7d:b0:be:03:c9:a5:5d:62:16:70:cf:c7:d0:f6:4c:be:43:
         35:81:39:c0:f6:9a:f9:fd:06:f9:19:1a:1f:2c:59:b6:f2:27:
         74:f1:2d:0e:63:38:0a:56:62:9e:ed:d8:d5:10:de:c1:8e:2b:
         5b:c2:7a:30:55:f3:d8:69:97:d2:f2:de:d1:f3:cd:95:5a:3c:
         84:71:61:bd:4d:8f:53:d9:d7:fd:f8:d2:90:6f:84:27:bf:bd:
         7b:5d:0f:8b:ac:f2:cc:5d:41:45:f5:e2:7b:35:9b:f9:68:a4:
         f9:98:1a:d7:e4:37:8e:b8:97:9c:db:1d:b8:76:91:40:49:33:
         4a:4d:8d:8b:5f:5e:9c:0f:d7:c8:ec:35:21:38:71:b5:39:a5:
         07:39:ee:bd
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICNQ8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTlEMUExMTAvBgNVBAUTKDA5NzZGQzNEMjMxODZENDhDNjcxNzczNzQwODkxQ0Y1
NEUzMUI4MEUwHhcNMjUxMDE4MTQyMDMyWhcNMjUxMDI1MTQyMDMyWjAYMRYwFAYD
VQQDEw02OGYzYTIzMC04OGFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6mYL53zXgvr+w4318BmpBUvImZlLnghT1bYQLFJAg458UVctNaSpg80VA0BK
b1F0fZYno8g7Po46nxxHBNvrAygUJzleDz2wLpRs/n9kBKeJtxBJbf/3NoZHrNa2
bZyWi0vfvbDk+77kn8WaTvKDaEKWzwHtg4SD10PkQLjyZ4uFIeeJ+E370FY07ZVB
EdCjN8up7VntvpzYL32QdeEa66FBuJphzkn6hNyozWHiH22KFQccNCrS8B4TeuLq
+0vQKBwKGy6kb09zmtD+aW4JR6iBVHe69aKzKUoxia9DFeY8o60nMmnfmrtq54Pz
KzgIrGyE4UbW8CNUQlri5uuzbQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCGmNDQV
eis4ixKi8MAro/exIz5YMB8GA1UdIwQYMBaAFAl2/D0jGG1IxnF3N0CJHPVOMbgO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOUQxQS9DNTlCMDJEQTFE
NzAxMUUyODZGMTQ3QjUwOEIwMkNEMi9DWGI4UFNNWWJVakdjWGMzUUlrYzlVNHh1
QTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NYYjhQU01ZYlVqR2NYYzNRSWtjOVU0eHVBNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
OUQxQS9DNTlCMDJEQTFENzAxMUUyODZGMTQ3QjUwOEIwMkNEMi9DWGI4UFNNWWJV
akdjWGMzUUlrYzlVNHh1QTQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQB9Zt+RdleH36iRopDbiv/BIKD1Dyd1GTqFQTpjK6p6R7+JHxdKZAbr
F3IFueywK+LvCN5R2MYb5/Oa1xb64XG5/nPDBzhJq77Y2jpGkbGmGYoNgjRHRVr6
wxsrXrDq79KE/ZTLjDU3ZxixYj/2fbC+A8mlXWIWcM/H0PZMvkM1gTnA9pr5/Qb5
GRofLFm28id08S0OYzgKVmKe7djVEN7BjitbwnowVfPYaZfS8t7R882VWjyEcWG9
TY9T2df9+NKQb4Qnv717XQ+LrPLMXUFF9eJ7NZv5aKT5mBrX5DeOuJec2x24dpFA
STNKTY2LX16cD9fI7DUhOHG1OaUHOe69
-----END CERTIFICATE-----
Generated at Mon Oct 20 00:08:10 2025 by rpki-client