Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91F479C/32BF850E98E411EC937D615CC4F9AE02/MZdALMHUBvlwfS4iBDY7wNE8Apk.mft
File:                     MZdALMHUBvlwfS4iBDY7wNE8Apk.mft (raw, json)
Hash identifier:          ue2uIPKIkquGztPEtk8FzLXzqVdUE7nPuTWkGGnCnDk=
Subject key identifier:   9A:F8:91:2E:C1:A2:CF:23:2B:90:D0:0A:99:48:73:7B:A8:C1:DD:FB
Authority key identifier: 31:97:40:2C:C1:D4:06:F9:70:7D:2E:22:04:36:3B:C0:D1:3C:02:99
Certificate issuer:       /CN=A91F479C/serialNumber=3197402CC1D406F9707D2E2204363BC0D13C0299
Certificate serial:       03EC
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MZdALMHUBvlwfS4iBDY7wNE8Apk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91F479C/32BF850E98E411EC937D615CC4F9AE02/MZdALMHUBvlwfS4iBDY7wNE8Apk.mft
Manifest number:          03E8
Signing time:             Sun 19 Oct 2025 02:27:58 +0000
Manifest this update:     Sun 19 Oct 2025 02:27:58 +0000
Manifest next update:     Sun 26 Oct 2025 02:27:58 +0000
Files and hashes:         1: MZdALMHUBvlwfS4iBDY7wNE8Apk.crl (hash: YpyvwH+VQl0qBOeOzOPa+S9/00r85VFkTIsl1P17+3A=)
                          2: 751D2C1A98E611EC849D155FC4F9AE02.roa (hash: CkImo8IsUmsaya0jHXM103+CNWFzYVltZI4TafvBrlE=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91F479C/32BF850E98E411EC937D615CC4F9AE02/MZdALMHUBvlwfS4iBDY7wNE8Apk.crl
                          rsync://rpki.apnic.net/member_repository/A91F479C/32BF850E98E411EC937D615CC4F9AE02/MZdALMHUBvlwfS4iBDY7wNE8Apk.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MZdALMHUBvlwfS4iBDY7wNE8Apk.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 26 Oct 2025 02:27:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1004 (0x3ec)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F479C, serialNumber=3197402CC1D406F9707D2E2204363BC0D13C0299
        Validity
            Not Before: Oct 19 02:27:58 2025 GMT
            Not After : Oct 26 02:27:58 2025 GMT
        Subject: CN=68f44cae-bc7a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:0c:3c:9f:32:80:95:62:a6:bd:30:e1:22:c4:
                    74:2d:4e:d5:83:1b:b7:6e:21:1d:e6:a1:90:d9:2c:
                    b0:2c:59:ba:0d:67:07:4e:ac:e3:7d:c9:01:c5:42:
                    db:e0:08:ee:d3:52:68:8c:86:77:d4:0f:c9:11:ef:
                    2c:49:ec:24:84:e4:09:8f:a5:77:dd:81:94:5b:d8:
                    2d:3a:e2:3d:7a:9e:7e:6d:bf:be:24:84:67:54:34:
                    fc:e9:a8:bc:83:15:87:73:e7:7c:ba:18:72:9a:31:
                    57:ee:f8:9b:b3:14:89:56:06:64:9e:04:0f:af:09:
                    6a:53:27:43:13:f2:01:b9:fe:04:5f:7f:72:14:11:
                    98:da:5f:42:9b:a8:ea:93:5d:11:97:57:a0:42:d8:
                    c9:6b:80:0a:9a:08:c6:33:78:a6:6e:42:f9:03:40:
                    50:c7:54:48:7a:62:eb:8b:2b:a9:b0:27:92:09:a3:
                    cb:c9:99:83:55:4b:f3:6a:ae:87:ab:ca:89:a3:bd:
                    c5:51:3a:2e:c9:a1:c0:da:ac:6d:cd:8b:82:46:6a:
                    cc:04:56:49:68:87:7a:52:d3:d7:05:8f:56:d1:fc:
                    c8:09:5e:bf:1f:29:53:cf:d8:92:f4:36:01:8e:eb:
                    63:4e:5a:ee:1d:ee:ad:c1:c1:47:f6:21:1f:ef:1a:
                    85:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:F8:91:2E:C1:A2:CF:23:2B:90:D0:0A:99:48:73:7B:A8:C1:DD:FB
            X509v3 Authority Key Identifier:
                keyid:31:97:40:2C:C1:D4:06:F9:70:7D:2E:22:04:36:3B:C0:D1:3C:02:99

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91F479C/32BF850E98E411EC937D615CC4F9AE02/MZdALMHUBvlwfS4iBDY7wNE8Apk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MZdALMHUBvlwfS4iBDY7wNE8Apk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F479C/32BF850E98E411EC937D615CC4F9AE02/MZdALMHUBvlwfS4iBDY7wNE8Apk.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:ce:76:53:3b:f6:c5:c4:23:59:ee:7c:48:cf:9d:1d:4f:e3:
         a7:96:c6:f4:58:1d:17:e7:0a:61:c2:65:27:e3:58:a7:30:32:
         1c:25:c8:bb:be:d0:1a:dd:70:86:c9:39:e0:c5:24:6e:c2:45:
         cb:fb:ba:a4:c4:92:4e:84:c6:89:dd:3a:1a:62:b7:81:67:ce:
         84:ab:bd:57:3a:71:fc:42:12:ab:27:50:77:5a:54:53:03:cf:
         9c:2e:ad:db:37:12:5f:81:86:ec:6d:61:9f:6f:e4:53:86:64:
         53:7f:e1:d6:67:34:8f:c8:19:60:bb:20:1f:e3:38:74:d6:a5:
         a5:c4:b6:00:79:61:5f:6c:18:35:4d:ff:30:48:a5:15:98:6f:
         a4:22:2c:65:67:a9:60:a4:5a:4f:0e:5b:ef:a2:43:c8:9e:c1:
         b4:77:3e:25:84:3e:78:32:e0:de:d2:ae:cc:ba:0b:5d:cb:82:
         17:be:fc:9e:df:0a:e8:b2:ca:8f:40:f0:1e:1a:b2:87:93:ce:
         a7:e4:59:5a:15:3a:0d:97:88:a2:3c:56:cf:94:b4:9e:52:89:
         16:da:45:20:11:09:59:53:20:bc:cc:95:33:9e:fe:96:1a:dc:
         a0:91:d4:48:d6:c0:0c:38:e6:a7:d2:c0:75:90:6e:f3:8a:63:
         e3:f6:ce:ef
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICA+wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjQ3OUMxMTAvBgNVBAUTKDMxOTc0MDJDQzFENDA2Rjk3MDdEMkUyMjA0MzYzQkMw
RDEzQzAyOTkwHhcNMjUxMDE5MDIyNzU4WhcNMjUxMDI2MDIyNzU4WjAYMRYwFAYD
VQQDEw02OGY0NGNhZS1iYzdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnAw8nzKAlWKmvTDhIsR0LU7Vgxu3biEd5qGQ2SywLFm6DWcHTqzjfckBxULb
4Aju01JojIZ31A/JEe8sSewkhOQJj6V33YGUW9gtOuI9ep5+bb++JIRnVDT86ai8
gxWHc+d8uhhymjFX7vibsxSJVgZkngQPrwlqUydDE/IBuf4EX39yFBGY2l9Cm6jq
k10Rl1egQtjJa4AKmgjGM3imbkL5A0BQx1RIemLriyupsCeSCaPLyZmDVUvzaq6H
q8qJo73FUTouyaHA2qxtzYuCRmrMBFZJaId6UtPXBY9W0fzICV6/HylTz9iS9DYB
jutjTlruHe6twcFH9iEf7xqFfwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJr4kS7B
os8jK5DQCplIc3uowd37MB8GA1UdIwQYMBaAFDGXQCzB1Ab5cH0uIgQ2O8DRPAKZ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNDc5Qy8zMkJGODUwRTk4
RTQxMUVDOTM3RDYxNUNDNEY5QUUwMi9NWmRBTE1IVUJ2bHdmUzRpQkRZN3dORThB
cGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01aZEFMTUhVQnZsd2ZTNGlCRFk3d05FOEFway5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
NDc5Qy8zMkJGODUwRTk4RTQxMUVDOTM3RDYxNUNDNEY5QUUwMi9NWmRBTE1IVUJ2
bHdmUzRpQkRZN3dORThBcGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBMznZTO/bFxCNZ7nxIz50dT+Onlsb0WB0X5wphwmUn41inMDIcJci7
vtAa3XCGyTngxSRuwkXL+7qkxJJOhMaJ3ToaYreBZ86Eq71XOnH8QhKrJ1B3WlRT
A8+cLq3bNxJfgYbsbWGfb+RThmRTf+HWZzSPyBlguyAf4zh01qWlxLYAeWFfbBg1
Tf8wSKUVmG+kIixlZ6lgpFpPDlvvokPInsG0dz4lhD54MuDe0q7Mugtdy4IXvvye
3wrossqPQPAeGrKHk86n5FlaFToNl4iiPFbPlLSeUokW2kUgEQlZUyC8zJUznv6W
GtygkdRI1sAMOOan0sB1kG7zimPj9s7v
-----END CERTIFICATE-----
Generated at Mon Oct 20 21:38:11 2025 by rpki-client