Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91ED596/0DE23E165AE311EF932C232FC4F9AE02/ciYIDnxlJSNDlihmsxOfAjhyxAI.mft
File:                     ciYIDnxlJSNDlihmsxOfAjhyxAI.mft (raw, json)
Hash identifier:          BtC6OS4ZzuXrCVMSMBW1il7UHiS0qEpl72xl1lSuAJw=
Subject key identifier:   09:ED:A6:02:54:6A:ED:5C:BC:6D:03:1F:A1:7F:02:29:6A:9D:ED:4D
Authority key identifier: 72:26:08:0E:7C:65:25:23:43:96:28:66:B3:13:9F:02:38:72:C4:02
Certificate issuer:       /CN=A91ED596/serialNumber=7226080E7C65252343962866B3139F023872C402
Certificate serial:       E0
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ciYIDnxlJSNDlihmsxOfAjhyxAI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91ED596/0DE23E165AE311EF932C232FC4F9AE02/ciYIDnxlJSNDlihmsxOfAjhyxAI.mft
Manifest number:          DE
Signing time:             Sun 19 Oct 2025 08:29:56 +0000
Manifest this update:     Sun 19 Oct 2025 08:29:55 +0000
Manifest next update:     Sun 26 Oct 2025 08:29:55 +0000
Files and hashes:         1: ciYIDnxlJSNDlihmsxOfAjhyxAI.crl (hash: xUdTp8BC6Le/gizfj6Psxfy75od/smVvKdQ3FnCBgn8=)
                          2: C0C401905AE311EF90924C30C4F9AE02.roa (hash: YxY/TXb7ZV7RLnxJEIm3XTlQ67ELpalTGoTZTqConuI=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91ED596/0DE23E165AE311EF932C232FC4F9AE02/ciYIDnxlJSNDlihmsxOfAjhyxAI.crl
                          rsync://rpki.apnic.net/member_repository/A91ED596/0DE23E165AE311EF932C232FC4F9AE02/ciYIDnxlJSNDlihmsxOfAjhyxAI.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ciYIDnxlJSNDlihmsxOfAjhyxAI.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 26 Oct 2025 08:29:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 224 (0xe0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91ED596, serialNumber=7226080E7C65252343962866B3139F023872C402
        Validity
            Not Before: Oct 19 08:29:55 2025 GMT
            Not After : Oct 26 08:29:55 2025 GMT
        Subject: CN=68f4a183-a3cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:36:fb:a7:27:31:13:08:f2:1b:c6:dc:92:22:
                    1b:1c:25:fe:70:02:20:86:75:25:0a:65:a7:76:c3:
                    68:7c:79:4f:6e:78:03:87:de:b7:59:fe:50:79:cb:
                    42:f4:43:f9:47:f8:56:22:1a:e2:6b:33:52:85:0f:
                    fe:9c:c1:10:d9:f2:d7:2e:93:45:89:80:e6:96:9f:
                    3f:ee:2d:38:d5:74:f1:26:70:34:7c:f5:2f:6b:87:
                    65:16:a6:11:aa:73:80:53:de:10:44:32:f9:da:47:
                    60:10:ce:c4:4b:92:7e:ee:04:44:c0:37:85:e4:f4:
                    de:ee:fe:96:bc:78:4f:89:74:00:33:e3:6b:70:75:
                    7c:61:f3:1f:73:b6:ef:9f:26:55:21:79:10:f8:61:
                    c9:0a:11:d2:63:c1:6c:8a:7f:0d:42:60:64:d6:95:
                    5a:fd:f8:20:6c:cc:58:4d:e5:1c:b7:90:9b:69:b7:
                    a3:a4:b1:ef:4b:4f:0b:f9:5e:2d:12:93:29:54:2b:
                    ad:61:aa:6b:a8:e1:f8:dd:ea:00:a9:1c:17:d0:9f:
                    b7:ed:45:4c:da:87:fd:4d:3d:a5:14:86:95:1c:cf:
                    e1:c1:70:aa:1d:56:c2:87:13:da:a9:a1:6a:c2:23:
                    cd:82:c3:d7:fb:56:01:a5:57:18:49:8c:f2:06:c4:
                    e4:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:ED:A6:02:54:6A:ED:5C:BC:6D:03:1F:A1:7F:02:29:6A:9D:ED:4D
            X509v3 Authority Key Identifier:
                keyid:72:26:08:0E:7C:65:25:23:43:96:28:66:B3:13:9F:02:38:72:C4:02

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91ED596/0DE23E165AE311EF932C232FC4F9AE02/ciYIDnxlJSNDlihmsxOfAjhyxAI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ciYIDnxlJSNDlihmsxOfAjhyxAI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ED596/0DE23E165AE311EF932C232FC4F9AE02/ciYIDnxlJSNDlihmsxOfAjhyxAI.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:27:e5:19:0c:7e:e5:5b:9a:c7:cd:37:f7:96:ce:6d:7a:be:
         31:8d:cf:ba:e5:a4:88:bb:3f:bc:df:1a:8b:97:1c:f4:0a:b2:
         12:2f:ae:4e:ca:e9:1d:21:08:65:fb:65:47:61:86:2e:6c:bf:
         ba:cb:90:56:79:43:ae:6b:db:83:6c:89:2a:a9:67:7f:97:3d:
         f1:9d:7e:5f:09:e5:18:e7:ae:c3:e8:50:3f:bc:bb:73:82:f6:
         f6:5e:4d:fc:14:8a:bb:de:23:9b:45:ec:87:8f:ac:c0:e6:ef:
         b8:73:31:9f:45:d5:e3:9b:73:7b:ea:9a:b3:bf:64:ba:e5:b8:
         45:1b:72:15:3a:dd:04:10:f2:02:ab:2b:01:39:df:53:82:c6:
         23:e2:72:7d:b5:23:24:5f:69:77:95:be:26:2e:4b:5d:75:2d:
         da:a5:0a:e5:b7:93:bc:05:66:bf:22:9a:1b:d2:e7:3a:40:79:
         17:78:65:aa:eb:ba:12:9d:8d:dd:26:d2:31:6d:32:6c:2b:6f:
         05:4b:5d:09:7b:83:b7:64:e8:36:c5:14:fe:82:35:22:f0:77:
         49:26:fd:2e:6f:1c:b6:29:6b:e5:6e:cb:ca:6e:e0:d3:0d:c0:
         61:9f:d3:9b:e2:d0:9f:fd:51:a2:a3:ac:03:b8:0b:6f:35:10:
         4e:90:ae:b9
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAOAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUQ1OTYxMTAvBgNVBAUTKDcyMjYwODBFN0M2NTI1MjM0Mzk2Mjg2NkIzMTM5RjAy
Mzg3MkM0MDIwHhcNMjUxMDE5MDgyOTU1WhcNMjUxMDI2MDgyOTU1WjAYMRYwFAYD
VQQDEw02OGY0YTE4My1hM2NiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApTb7pycxEwjyG8bckiIbHCX+cAIghnUlCmWndsNofHlPbngDh963Wf5QectC
9EP5R/hWIhriazNShQ/+nMEQ2fLXLpNFiYDmlp8/7i041XTxJnA0fPUva4dlFqYR
qnOAU94QRDL52kdgEM7ES5J+7gREwDeF5PTe7v6WvHhPiXQAM+NrcHV8YfMfc7bv
nyZVIXkQ+GHJChHSY8Fsin8NQmBk1pVa/fggbMxYTeUct5CbabejpLHvS08L+V4t
EpMpVCutYaprqOH43eoAqRwX0J+37UVM2of9TT2lFIaVHM/hwXCqHVbChxPaqaFq
wiPNgsPX+1YBpVcYSYzyBsTkNQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAntpgJU
au1cvG0DH6F/Ailqne1NMB8GA1UdIwQYMBaAFHImCA58ZSUjQ5YoZrMTnwI4csQC
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRDU5Ni8wREUyM0UxNjVB
RTMxMUVGOTMyQzIzMkZDNEY5QUUwMi9jaVlJRG54bEpTTkRsaWhtc3hPZkFqaHl4
QUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2NpWUlEbnhsSlNORGxpaG1zeE9mQWpoeXhBSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
RDU5Ni8wREUyM0UxNjVBRTMxMUVGOTMyQzIzMkZDNEY5QUUwMi9jaVlJRG54bEpT
TkRsaWhtc3hPZkFqaHl4QUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQB/J+UZDH7lW5rHzTf3ls5ter4xjc+65aSIuz+83xqLlxz0CrISL65O
yukdIQhl+2VHYYYubL+6y5BWeUOua9uDbIkqqWd/lz3xnX5fCeUY567D6FA/vLtz
gvb2Xk38FIq73iObReyHj6zA5u+4czGfRdXjm3N76pqzv2S65bhFG3IVOt0EEPIC
qysBOd9TgsYj4nJ9tSMkX2l3lb4mLktddS3apQrlt5O8BWa/Ipob0uc6QHkXeGWq
67oSnY3dJtIxbTJsK28FS10Je4O3ZOg2xRT+gjUi8HdJJv0ubxy2KWvlbsvKbuDT
DcBhn9Ob4tCf/VGio6wDuAtvNRBOkK65
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:59:10 2025 by rpki-client