Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91EE8AC/5038EC8C7DEB11EDA7CA4A7EC4F9AE02/lQfxHRNjrFs5Lzb17zgixc_NaPk.mft
File:                     lQfxHRNjrFs5Lzb17zgixc_NaPk.mft (raw, json)
Hash identifier:          qrRX9pTozNV1iOHWCy34suWfkwkMuA2qbBertZ7dqR8=
Subject key identifier:   D1:65:B5:AC:3B:32:57:E7:D9:64:89:02:07:A2:25:93:24:88:2C:72
Authority key identifier: 95:07:F1:1D:13:63:AC:5B:39:2F:36:F5:EF:38:22:C5:CF:CD:68:F9
Certificate issuer:       /CN=A91EE8AC/serialNumber=9507F11D1363AC5B392F36F5EF3822C5CFCD68F9
Certificate serial:       021C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lQfxHRNjrFs5Lzb17zgixc_NaPk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91EE8AC/5038EC8C7DEB11EDA7CA4A7EC4F9AE02/lQfxHRNjrFs5Lzb17zgixc_NaPk.mft
Manifest number:          0342
Signing time:             Sun 19 Oct 2025 04:31:08 +0000
Manifest this update:     Sun 19 Oct 2025 04:31:08 +0000
Manifest next update:     Sun 26 Oct 2025 04:31:08 +0000
Files and hashes:         1: lQfxHRNjrFs5Lzb17zgixc_NaPk.crl (hash: r90mGd/77zoYFoeOW67SholKadWclHkK+PYz8wKQUnI=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91EE8AC/5038EC8C7DEB11EDA7CA4A7EC4F9AE02/lQfxHRNjrFs5Lzb17zgixc_NaPk.crl
                          rsync://rpki.apnic.net/member_repository/A91EE8AC/5038EC8C7DEB11EDA7CA4A7EC4F9AE02/lQfxHRNjrFs5Lzb17zgixc_NaPk.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lQfxHRNjrFs5Lzb17zgixc_NaPk.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 26 Oct 2025 04:31:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 540 (0x21c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91EE8AC, serialNumber=9507F11D1363AC5B392F36F5EF3822C5CFCD68F9
        Validity
            Not Before: Oct 19 04:31:08 2025 GMT
            Not After : Oct 26 04:31:08 2025 GMT
        Subject: CN=68f4698c-638f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:42:1f:45:37:f6:65:aa:98:0f:1a:a5:93:af:
                    79:df:02:ca:34:53:2e:9f:37:c2:3e:ee:1f:95:a3:
                    19:75:5d:6d:fc:6a:e6:69:ae:c6:1d:52:3f:54:ca:
                    97:2f:7b:b7:77:f9:81:9a:dd:6e:e9:93:0b:ae:a2:
                    f0:96:af:e7:eb:b9:2e:f4:36:5e:91:62:df:a0:83:
                    69:ef:f7:7d:e1:32:cc:59:52:d0:a1:32:f5:c3:99:
                    09:57:8a:f1:a3:b7:a8:8f:99:4f:c6:f8:04:99:4c:
                    41:45:e2:63:5d:24:e8:de:02:fa:d0:74:b1:5d:a9:
                    05:68:76:ba:8a:5d:52:e5:fe:71:22:0e:0f:c5:96:
                    86:b8:a2:f9:62:de:dc:ce:54:c0:a0:42:fd:59:08:
                    73:a4:1d:a1:36:60:72:f2:fb:83:95:3c:80:69:92:
                    34:9b:cb:75:d8:83:3c:9a:2a:c9:bc:c1:66:01:64:
                    15:c1:a7:2c:23:9a:23:e3:82:46:f3:07:4b:a7:7f:
                    80:88:08:d4:34:6d:47:48:ce:23:50:a7:57:d8:d7:
                    8a:96:59:14:26:21:4c:b8:8f:bb:c4:54:c5:2d:e9:
                    e2:74:b7:a6:59:6c:ca:01:5d:7b:6a:b5:ba:15:43:
                    97:7e:e0:2d:b0:24:8f:da:0c:6c:a6:7b:db:bd:cf:
                    1a:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:65:B5:AC:3B:32:57:E7:D9:64:89:02:07:A2:25:93:24:88:2C:72
            X509v3 Authority Key Identifier:
                keyid:95:07:F1:1D:13:63:AC:5B:39:2F:36:F5:EF:38:22:C5:CF:CD:68:F9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91EE8AC/5038EC8C7DEB11EDA7CA4A7EC4F9AE02/lQfxHRNjrFs5Lzb17zgixc_NaPk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lQfxHRNjrFs5Lzb17zgixc_NaPk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EE8AC/5038EC8C7DEB11EDA7CA4A7EC4F9AE02/lQfxHRNjrFs5Lzb17zgixc_NaPk.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:e2:c4:ef:e3:05:13:56:e5:75:18:29:3a:87:b2:4a:0f:29:
         84:5d:72:fe:52:f5:90:3e:1c:7a:c6:57:89:86:54:26:a2:03:
         c6:d6:9d:b2:48:31:1e:7b:bc:35:e1:60:df:13:81:a2:45:e3:
         2f:45:07:a2:9c:c3:02:3a:09:29:8a:7a:7b:bf:21:03:a1:44:
         2d:a5:0d:15:cb:83:49:01:e8:1c:13:53:d2:4c:ec:fb:f5:21:
         61:26:28:bd:e0:f4:ab:a9:39:99:b6:04:89:c7:64:59:72:65:
         f6:8c:d0:c4:eb:3b:ac:85:91:ec:25:67:58:c9:eb:80:a1:86:
         65:ef:af:a3:40:4d:d5:dc:ac:b1:0b:d0:fa:ef:7c:26:f5:d9:
         28:8c:d7:ac:83:81:f4:56:59:28:66:dd:64:ad:ef:99:7b:de:
         ab:77:67:93:91:f0:41:a8:8c:05:2e:3f:92:6d:5b:f0:30:77:
         68:00:a3:71:fe:31:d9:a8:94:d5:2f:68:b5:40:50:45:8a:a9:
         e8:0d:47:93:cc:2d:03:52:9a:36:e4:f9:3a:5d:1e:a8:19:6d:
         d0:e9:7f:0c:aa:21:26:ef:3a:18:65:c9:e0:43:b5:56:bb:8e:
         ec:28:5c:40:2e:14:b3:dc:2c:6c:08:17:cc:f4:86:8b:b0:a3:
         88:28:80:82
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAhwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUU4QUMxMTAvBgNVBAUTKDk1MDdGMTFEMTM2M0FDNUIzOTJGMzZGNUVGMzgyMkM1
Q0ZDRDY4RjkwHhcNMjUxMDE5MDQzMTA4WhcNMjUxMDI2MDQzMTA4WjAYMRYwFAYD
VQQDEw02OGY0Njk4Yy02MzhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuEIfRTf2ZaqYDxqlk6953wLKNFMunzfCPu4flaMZdV1t/Grmaa7GHVI/VMqX
L3u3d/mBmt1u6ZMLrqLwlq/n67ku9DZekWLfoINp7/d94TLMWVLQoTL1w5kJV4rx
o7eoj5lPxvgEmUxBReJjXSTo3gL60HSxXakFaHa6il1S5f5xIg4PxZaGuKL5Yt7c
zlTAoEL9WQhzpB2hNmBy8vuDlTyAaZI0m8t12IM8mirJvMFmAWQVwacsI5oj44JG
8wdLp3+AiAjUNG1HSM4jUKdX2NeKllkUJiFMuI+7xFTFLenidLemWWzKAV17arW6
FUOXfuAtsCSP2gxspnvbvc8a3QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNFltaw7
Mlfn2WSJAgeiJZMkiCxyMB8GA1UdIwQYMBaAFJUH8R0TY6xbOS829e84IsXPzWj5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRThBQy81MDM4RUM4QzdE
RUIxMUVEQTdDQTRBN0VDNEY5QUUwMi9sUWZ4SFJOanJGczVMemIxN3pnaXhjX05h
UGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2xRZnhIUk5qckZzNUx6YjE3emdpeGNfTmFQay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
RThBQy81MDM4RUM4QzdERUIxMUVEQTdDQTRBN0VDNEY5QUUwMi9sUWZ4SFJOanJG
czVMemIxN3pnaXhjX05hUGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCW4sTv4wUTVuV1GCk6h7JKDymEXXL+UvWQPhx6xleJhlQmogPG1p2y
SDEee7w14WDfE4GiReMvRQeinMMCOgkpinp7vyEDoUQtpQ0Vy4NJAegcE1PSTOz7
9SFhJii94PSrqTmZtgSJx2RZcmX2jNDE6zushZHsJWdYyeuAoYZl76+jQE3V3Kyx
C9D673wm9dkojNesg4H0VlkoZt1kre+Ze96rd2eTkfBBqIwFLj+SbVvwMHdoAKNx
/jHZqJTVL2i1QFBFiqnoDUeTzC0DUpo25Pk6XR6oGW3Q6X8MqiEm7zoYZcngQ7VW
u47sKFxALhSz3CxsCBfM9IaLsKOIKICC
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:15:00 2025 by rpki-client