Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91F428C/52FCC6481DA011E2B6D8709108B02CD2/1xhrKGW4YA1mKCKv65AVcAbg9BA.mft
File:                     1xhrKGW4YA1mKCKv65AVcAbg9BA.mft (raw, json)
Hash identifier:          jsA0szUNu0FCpn1awEd/xlNrTgns/b+p1gGRiQboUzM=
Subject key identifier:   50:9B:AD:9D:B0:68:18:60:4F:FF:92:DF:68:0C:AA:16:EA:80:F4:DB
Authority key identifier: D7:18:6B:28:65:B8:60:0D:66:28:22:AF:EB:90:15:70:06:E0:F4:10
Certificate issuer:       /CN=A91F428C/serialNumber=D7186B2865B8600D662822AFEB90157006E0F410
Certificate serial:       34D7
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1xhrKGW4YA1mKCKv65AVcAbg9BA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91F428C/52FCC6481DA011E2B6D8709108B02CD2/1xhrKGW4YA1mKCKv65AVcAbg9BA.mft
Manifest number:          34D2
Signing time:             Sat 18 Oct 2025 15:11:48 +0000
Manifest this update:     Sat 18 Oct 2025 15:11:48 +0000
Manifest next update:     Sat 25 Oct 2025 15:11:48 +0000
Files and hashes:         1: 1xhrKGW4YA1mKCKv65AVcAbg9BA.crl (hash: rilqHX1QAtHk50LVOJoM7zVYrkPkIuI0gOkS8YjUzO4=)
                          2: B8201598BED111EC93B74C4FC4F9AE02.roa (hash: JdQUVUw03f+72nj/VMFdFXWPwrE8S++NWd90s/zu6jk=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91F428C/52FCC6481DA011E2B6D8709108B02CD2/1xhrKGW4YA1mKCKv65AVcAbg9BA.crl
                          rsync://rpki.apnic.net/member_repository/A91F428C/52FCC6481DA011E2B6D8709108B02CD2/1xhrKGW4YA1mKCKv65AVcAbg9BA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1xhrKGW4YA1mKCKv65AVcAbg9BA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 25 Oct 2025 15:11:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13527 (0x34d7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F428C, serialNumber=D7186B2865B8600D662822AFEB90157006E0F410
        Validity
            Not Before: Oct 18 15:11:48 2025 GMT
            Not After : Oct 25 15:11:48 2025 GMT
        Subject: CN=68f3ae34-2d2b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:7a:4b:c2:91:d6:56:ea:a7:39:c5:70:91:b0:
                    26:7f:87:67:60:11:b6:bc:79:a2:a2:3a:9c:9f:29:
                    be:31:f2:a3:e7:6a:f2:c8:36:49:dd:5b:4d:18:62:
                    c7:6b:34:b4:65:4d:34:e1:8a:af:69:41:4b:7a:dd:
                    e9:22:4a:d2:7a:9a:01:13:cf:a9:2e:5f:52:08:57:
                    de:75:91:b2:b2:bb:e5:2c:be:fa:34:15:dc:94:4a:
                    ae:9a:aa:33:ac:77:01:4a:c6:b3:f7:11:b9:11:43:
                    a1:fb:03:db:99:26:0a:04:b2:7d:0d:d3:c2:c0:82:
                    12:14:72:c1:b2:f7:e1:6f:bd:45:0a:15:d3:07:d7:
                    44:88:9b:9f:f5:2c:14:64:d7:f3:d5:28:02:fe:7e:
                    7a:34:d5:55:37:ce:54:0e:63:67:48:9f:3d:d7:31:
                    d6:f1:16:8e:ee:e4:6d:db:7d:23:40:ff:f7:7e:fe:
                    53:af:5c:fe:27:d7:fd:8f:8a:ac:5b:0f:26:ce:7a:
                    fb:0f:f3:80:7a:91:38:23:fc:a0:46:e1:7c:8a:77:
                    ae:c5:08:fc:b2:c9:b2:1f:f7:dc:c8:f3:e1:63:60:
                    98:ec:9a:f2:75:3b:8d:64:1b:f6:f7:a2:c8:cd:69:
                    e8:2a:bb:6f:81:18:d2:a6:85:bc:35:52:f3:09:47:
                    6e:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:9B:AD:9D:B0:68:18:60:4F:FF:92:DF:68:0C:AA:16:EA:80:F4:DB
            X509v3 Authority Key Identifier:
                keyid:D7:18:6B:28:65:B8:60:0D:66:28:22:AF:EB:90:15:70:06:E0:F4:10

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91F428C/52FCC6481DA011E2B6D8709108B02CD2/1xhrKGW4YA1mKCKv65AVcAbg9BA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1xhrKGW4YA1mKCKv65AVcAbg9BA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F428C/52FCC6481DA011E2B6D8709108B02CD2/1xhrKGW4YA1mKCKv65AVcAbg9BA.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         b9:7c:f7:07:15:fe:86:e7:c1:24:d1:f2:e7:05:e3:da:12:ff:
         45:03:17:23:7e:7e:f6:e5:56:cd:90:8f:13:00:96:b4:90:5e:
         c7:85:44:49:53:6f:dc:5e:24:eb:60:a5:4a:73:47:eb:62:df:
         4e:6a:9e:6e:04:0b:a5:4d:08:9a:f8:4b:e3:9f:c8:af:63:ef:
         6f:0a:4f:6f:97:94:f9:5a:6d:a1:02:c9:9a:c1:9c:e6:d7:58:
         e2:cb:b1:81:b2:43:58:c0:53:92:cc:75:c2:54:40:08:0f:c7:
         fe:81:50:b8:44:14:90:6c:99:f5:91:f0:9a:5b:d2:ab:68:9f:
         a4:60:58:55:ba:38:1d:36:8b:3c:cc:32:78:6b:41:87:f1:dc:
         e2:85:ba:2c:83:6d:85:7e:b4:36:47:82:5c:52:8e:41:27:65:
         fb:cd:d7:be:7c:e4:37:b7:3c:0b:94:e0:42:cb:9f:4c:88:f3:
         19:1a:7e:d5:f5:ea:03:50:3a:f1:a9:f5:6a:80:3d:3b:a2:44:
         74:39:1d:3b:e0:dc:be:b6:20:3b:7e:58:73:16:45:3d:70:d2:
         0b:77:fe:6c:0f:1b:0f:12:84:52:7c:d9:03:14:97:50:77:62:
         7d:6f:13:d9:7f:52:c2:a3:5c:91:fa:97:11:40:3c:ad:b4:dc:
         06:19:c1:f4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICNNcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjQyOEMxMTAvBgNVBAUTKEQ3MTg2QjI4NjVCODYwMEQ2NjI4MjJBRkVCOTAxNTcw
MDZFMEY0MTAwHhcNMjUxMDE4MTUxMTQ4WhcNMjUxMDI1MTUxMTQ4WjAYMRYwFAYD
VQQDEw02OGYzYWUzNC0yZDJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzHpLwpHWVuqnOcVwkbAmf4dnYBG2vHmiojqcnym+MfKj52ryyDZJ3VtNGGLH
azS0ZU004YqvaUFLet3pIkrSepoBE8+pLl9SCFfedZGysrvlLL76NBXclEqumqoz
rHcBSsaz9xG5EUOh+wPbmSYKBLJ9DdPCwIISFHLBsvfhb71FChXTB9dEiJuf9SwU
ZNfz1SgC/n56NNVVN85UDmNnSJ891zHW8RaO7uRt230jQP/3fv5Tr1z+J9f9j4qs
Ww8mznr7D/OAepE4I/ygRuF8ineuxQj8ssmyH/fcyPPhY2CY7JrydTuNZBv296LI
zWnoKrtvgRjSpoW8NVLzCUdukQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFCbrZ2w
aBhgT/+S32gMqhbqgPTbMB8GA1UdIwQYMBaAFNcYayhluGANZigir+uQFXAG4PQQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNDI4Qy81MkZDQzY0ODFE
QTAxMUUyQjZEODcwOTEwOEIwMkNEMi8xeGhyS0dXNFlBMW1LQ0t2NjVBVmNBYmc5
QkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzF4aHJLR1c0WUExbUtDS3Y2NUFWY0FiZzlCQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
NDI4Qy81MkZDQzY0ODFEQTAxMUUyQjZEODcwOTEwOEIwMkNEMi8xeGhyS0dXNFlB
MW1LQ0t2NjVBVmNBYmc5QkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQC5fPcHFf6G58Ek0fLnBePaEv9FAxcjfn725VbNkI8TAJa0kF7HhURJ
U2/cXiTrYKVKc0frYt9Oap5uBAulTQia+Evjn8ivY+9vCk9vl5T5Wm2hAsmawZzm
11jiy7GBskNYwFOSzHXCVEAID8f+gVC4RBSQbJn1kfCaW9KraJ+kYFhVujgdNos8
zDJ4a0GH8dzihbosg22FfrQ2R4JcUo5BJ2X7zde+fOQ3tzwLlOBCy59MiPMZGn7V
9eoDUDrxqfVqgD07okR0OR074Ny+tiA7flhzFkU9cNILd/5sDxsPEoRSfNkDFJdQ
d2J9bxPZf1LCo1yR+pcRQDyttNwGGcH0
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:43:26 2025 by rpki-client