Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA9BD/07495890918211E891C4EC10C4F9AE02/2ktcISO6nQ-AI3ja3dSAG1Zwo-0.mft
File:                     2ktcISO6nQ-AI3ja3dSAG1Zwo-0.mft (raw, json)
Hash identifier:          msspC88J3TgLhWQPpKNB6r3VjUC7aWTKwOY08bHmg80=
Subject key identifier:   4F:42:B9:3D:58:2F:C0:28:F2:64:18:5A:2C:9C:18:86:E8:1E:62:5C
Authority key identifier: DA:4B:5C:21:23:BA:9D:0F:80:23:78:DA:DD:D4:80:1B:56:70:A3:ED
Certificate issuer:       /CN=A91EA9BD/serialNumber=DA4B5C2123BA9D0F802378DADDD4801B5670A3ED
Certificate serial:       1426
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2ktcISO6nQ-AI3ja3dSAG1Zwo-0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91EA9BD/07495890918211E891C4EC10C4F9AE02/2ktcISO6nQ-AI3ja3dSAG1Zwo-0.mft
Manifest number:          1406
Signing time:             Mon 20 Oct 2025 15:33:54 +0000
Manifest this update:     Mon 20 Oct 2025 15:33:53 +0000
Manifest next update:     Mon 27 Oct 2025 15:33:53 +0000
Files and hashes:         1: 2ktcISO6nQ-AI3ja3dSAG1Zwo-0.crl (hash: jUH8SQ5j1BcqUziFUCYxsIxcDscsz3zDnZzgPzUdHK0=)
                          2: 76C6BCF6B72811ECAEFC180DC4F9AE02.roa (hash: rJt9UQ2CbATtEyHk+VO1E6DMoo3w2GSd/mE//3ZqYZU=)
                          3: B969D2D0BA4A11EC90B53115C4F9AE02.roa (hash: wPO6Es53IcJapHpeuB8nxOotI3FCiSmj/GNfyH8fyQs=)
                          4: 49678FBCB72B11EC8C8E3017C4F9AE02.roa (hash: Fya/3MhXvM2udSwM4AtG4GxQbuG8VOpcoReRz0Tvy8A=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91EA9BD/07495890918211E891C4EC10C4F9AE02/2ktcISO6nQ-AI3ja3dSAG1Zwo-0.crl
                          rsync://rpki.apnic.net/member_repository/A91EA9BD/07495890918211E891C4EC10C4F9AE02/2ktcISO6nQ-AI3ja3dSAG1Zwo-0.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2ktcISO6nQ-AI3ja3dSAG1Zwo-0.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 27 Oct 2025 15:33:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5158 (0x1426)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91EA9BD, serialNumber=DA4B5C2123BA9D0F802378DADDD4801B5670A3ED
        Validity
            Not Before: Oct 20 15:33:53 2025 GMT
            Not After : Oct 27 15:33:53 2025 GMT
        Subject: CN=68f65662-df0a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:66:e1:d7:20:2e:89:53:97:78:c0:dc:b1:11:
                    dc:48:d3:01:d5:e0:ce:f8:fb:5b:0f:bb:9b:72:f8:
                    24:87:2a:a9:61:38:77:dd:0f:af:f8:3e:83:a8:cb:
                    d9:37:8f:54:4d:ad:5f:d0:7e:18:b8:8c:6c:13:c9:
                    cd:aa:fb:4b:b1:a1:bf:f9:82:8d:7e:eb:bd:40:03:
                    e4:87:ea:04:fa:b8:f9:a8:33:07:45:b2:52:0e:9c:
                    43:25:9d:c7:9e:d9:22:4f:98:d9:35:40:05:6a:71:
                    47:b5:b7:9e:7b:9d:10:01:e7:69:8c:c5:ba:84:ef:
                    9e:89:d0:9a:9d:2a:86:51:bb:28:5f:f3:f3:de:a2:
                    28:a5:c8:22:34:3d:df:e9:be:e5:8a:22:7c:11:e9:
                    31:ef:17:17:33:10:1c:dd:07:3f:c6:d0:f3:25:ab:
                    99:c3:51:b7:5c:68:eb:f6:ef:aa:09:9e:79:0e:14:
                    f3:bf:05:00:38:58:8d:ee:46:0a:23:65:63:2c:84:
                    14:4e:b4:a7:ff:3f:6c:f5:cc:b1:0d:a4:24:e3:57:
                    d5:cc:58:f5:88:8d:65:79:5b:94:21:ac:8b:42:98:
                    f1:a9:c4:4f:27:a1:0c:51:48:1c:2d:34:5e:17:8e:
                    71:3f:ed:cb:2e:66:e3:a8:32:05:71:84:ab:d2:2d:
                    a4:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:42:B9:3D:58:2F:C0:28:F2:64:18:5A:2C:9C:18:86:E8:1E:62:5C
            X509v3 Authority Key Identifier:
                keyid:DA:4B:5C:21:23:BA:9D:0F:80:23:78:DA:DD:D4:80:1B:56:70:A3:ED

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91EA9BD/07495890918211E891C4EC10C4F9AE02/2ktcISO6nQ-AI3ja3dSAG1Zwo-0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2ktcISO6nQ-AI3ja3dSAG1Zwo-0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA9BD/07495890918211E891C4EC10C4F9AE02/2ktcISO6nQ-AI3ja3dSAG1Zwo-0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:89:53:dc:38:57:6c:30:dd:e3:e5:0d:1e:1a:c9:c8:6d:03:
         54:5a:35:11:5c:f8:41:ac:5b:0e:1f:82:4d:da:7f:24:1a:ab:
         db:aa:58:6c:29:8d:f3:04:d7:60:9a:f2:0d:6b:fd:52:77:18:
         a4:1c:d6:35:e1:37:8b:c1:0a:90:84:f3:7b:46:cd:6d:5e:34:
         5a:fe:11:f9:c5:98:6f:fa:28:49:5f:57:4e:5b:2c:8c:61:9d:
         bb:5c:d7:75:95:c5:cd:88:19:66:5e:88:b7:f4:22:ea:19:44:
         27:d4:12:51:fa:56:a1:7b:3c:24:02:b3:d9:bf:40:8d:c0:4a:
         95:c5:3b:33:7d:cb:b3:db:b3:e1:3b:49:81:d2:6e:9d:74:30:
         87:57:fd:10:f6:4f:8c:05:ce:0e:ec:00:92:a2:1a:88:69:fa:
         2b:66:51:fa:3d:3c:ba:da:53:03:63:b5:d4:06:f0:d4:05:d2:
         bb:e1:a1:1f:14:e9:d9:1a:53:58:0a:0d:65:4b:2d:7f:4e:af:
         43:2c:91:4c:c0:6d:eb:7d:59:1e:bb:55:60:bc:1e:19:7a:b3:
         2a:08:44:d9:71:ec:bd:b1:ef:0d:95:f1:25:ef:c7:c2:a6:04:
         0a:a0:f1:79:58:7c:7f:9e:24:0d:b1:09:62:a4:97:86:73:1c:
         c8:17:2a:84
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICFCYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUE5QkQxMTAvBgNVBAUTKERBNEI1QzIxMjNCQTlEMEY4MDIzNzhEQURERDQ4MDFC
NTY3MEEzRUQwHhcNMjUxMDIwMTUzMzUzWhcNMjUxMDI3MTUzMzUzWjAYMRYwFAYD
VQQDEw02OGY2NTY2Mi1kZjBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0mbh1yAuiVOXeMDcsRHcSNMB1eDO+PtbD7ubcvgkhyqpYTh33Q+v+D6DqMvZ
N49UTa1f0H4YuIxsE8nNqvtLsaG/+YKNfuu9QAPkh+oE+rj5qDMHRbJSDpxDJZ3H
ntkiT5jZNUAFanFHtbeee50QAedpjMW6hO+eidCanSqGUbsoX/Pz3qIopcgiND3f
6b7liiJ8Eekx7xcXMxAc3Qc/xtDzJauZw1G3XGjr9u+qCZ55DhTzvwUAOFiN7kYK
I2VjLIQUTrSn/z9s9cyxDaQk41fVzFj1iI1leVuUIayLQpjxqcRPJ6EMUUgcLTRe
F45xP+3LLmbjqDIFcYSr0i2kQwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFE9CuT1Y
L8Ao8mQYWiycGIboHmJcMB8GA1UdIwQYMBaAFNpLXCEjup0PgCN42t3UgBtWcKPt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTlCRC8wNzQ5NTg5MDkx
ODIxMUU4OTFDNEVDMTBDNEY5QUUwMi8ya3RjSVNPNm5RLUFJM2phM2RTQUcxWndv
LTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLzJrdGNJU082blEtQUkzamEzZFNBRzFad28tMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
QTlCRC8wNzQ5NTg5MDkxODIxMUU4OTFDNEVDMTBDNEY5QUUwMi8ya3RjSVNPNm5R
LUFJM2phM2RTQUcxWndvLTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBhiVPcOFdsMN3j5Q0eGsnIbQNUWjURXPhBrFsOH4JN2n8kGqvbqlhs
KY3zBNdgmvINa/1SdxikHNY14TeLwQqQhPN7Rs1tXjRa/hH5xZhv+ihJX1dOWyyM
YZ27XNd1lcXNiBlmXoi39CLqGUQn1BJR+lahezwkArPZv0CNwEqVxTszfcuz27Ph
O0mB0m6ddDCHV/0Q9k+MBc4O7ACSohqIaforZlH6PTy62lMDY7XUBvDUBdK74aEf
FOnZGlNYCg1lSy1/Tq9DLJFMwG3rfVkeu1VgvB4ZerMqCETZcey9se8NlfEl78fC
pgQKoPF5WHx/niQNsQlipJeGcxzIFyqE
-----END CERTIFICATE-----
Generated at Tue Oct 21 00:29:27 2025 by rpki-client