Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91F8F9B/F902E5305DBD11EF8A06ED40C4F9AE02/z7sDj9uDhlQgSWKYCtIhyUFdXP8.mft
File:                     z7sDj9uDhlQgSWKYCtIhyUFdXP8.mft (raw, json)
Hash identifier:          esA29rTo3PrUkg9+gIg7D0zCyppe6pJh7kM9zsIWk5E=
Subject key identifier:   C7:BC:1A:BC:56:21:5C:B3:8B:D2:92:95:D4:C5:54:D8:0B:55:87:78
Authority key identifier: CF:BB:03:8F:DB:83:86:54:20:49:62:98:0A:D2:21:C9:41:5D:5C:FF
Certificate issuer:       /CN=A91F8F9B/serialNumber=CFBB038FDB838654204962980AD221C9415D5CFF
Certificate serial:       DE
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/z7sDj9uDhlQgSWKYCtIhyUFdXP8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91F8F9B/F902E5305DBD11EF8A06ED40C4F9AE02/z7sDj9uDhlQgSWKYCtIhyUFdXP8.mft
Manifest number:          DC
Signing time:             Sun 19 Oct 2025 08:33:39 +0000
Manifest this update:     Sun 19 Oct 2025 08:33:39 +0000
Manifest next update:     Sun 26 Oct 2025 08:33:39 +0000
Files and hashes:         1: z7sDj9uDhlQgSWKYCtIhyUFdXP8.crl (hash: g7DD91T7dTPAyGbqMJsavDdDwsCXo+hZYjVHa39QRiA=)
                          2: 7143C5B85DBF11EFB8714857C4F9AE02.roa (hash: nTbnCk4P5H9oOH4eL195jhnWczLlGOgjmjreKYWM0EU=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91F8F9B/F902E5305DBD11EF8A06ED40C4F9AE02/z7sDj9uDhlQgSWKYCtIhyUFdXP8.crl
                          rsync://rpki.apnic.net/member_repository/A91F8F9B/F902E5305DBD11EF8A06ED40C4F9AE02/z7sDj9uDhlQgSWKYCtIhyUFdXP8.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/z7sDj9uDhlQgSWKYCtIhyUFdXP8.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 26 Oct 2025 08:33:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 222 (0xde)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F8F9B, serialNumber=CFBB038FDB838654204962980AD221C9415D5CFF
        Validity
            Not Before: Oct 19 08:33:39 2025 GMT
            Not After : Oct 26 08:33:39 2025 GMT
        Subject: CN=68f4a263-5681
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:7a:a8:5b:77:e2:b6:cd:4b:61:8f:31:4f:b1:
                    c0:fe:50:00:3c:03:c6:2c:8d:e8:a6:bf:f3:00:22:
                    97:ee:f0:57:16:a1:8f:51:1c:a5:58:8c:3d:25:05:
                    a5:ab:4c:e1:8a:32:55:ec:a6:b0:24:59:44:0d:fc:
                    c1:6e:b8:50:b8:a1:1d:3f:0c:97:bd:c4:d6:8f:1e:
                    ea:8f:17:f9:4c:f7:8f:3d:b4:9e:4b:b6:46:a2:1c:
                    76:28:ab:32:9a:5a:ff:2d:1a:a6:02:22:f8:f6:28:
                    46:e5:e7:d3:7e:93:b9:33:6d:a4:ff:f2:42:63:e6:
                    e5:95:88:c8:75:77:4c:2a:ab:be:e6:bd:f8:4b:90:
                    6e:57:e3:0b:be:db:01:57:53:21:9e:e9:6a:36:1d:
                    88:7a:05:f4:b5:2a:a5:7a:0a:97:2f:f6:8e:c6:74:
                    5c:3e:77:34:36:7d:ff:85:dc:b9:48:0a:ae:81:a8:
                    b7:7a:62:e8:7d:46:0b:a6:53:47:26:20:81:df:80:
                    98:8b:af:d3:4e:56:a0:91:e0:e3:68:5f:15:04:0f:
                    cd:04:cf:d0:b7:ae:ad:50:02:d5:70:75:73:2a:97:
                    4c:b0:19:7d:c2:fb:1b:ae:20:c5:ef:13:74:15:9e:
                    92:70:0b:76:4e:b1:9f:c3:83:6b:63:5c:18:85:84:
                    ef:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:BC:1A:BC:56:21:5C:B3:8B:D2:92:95:D4:C5:54:D8:0B:55:87:78
            X509v3 Authority Key Identifier:
                keyid:CF:BB:03:8F:DB:83:86:54:20:49:62:98:0A:D2:21:C9:41:5D:5C:FF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91F8F9B/F902E5305DBD11EF8A06ED40C4F9AE02/z7sDj9uDhlQgSWKYCtIhyUFdXP8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/z7sDj9uDhlQgSWKYCtIhyUFdXP8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F8F9B/F902E5305DBD11EF8A06ED40C4F9AE02/z7sDj9uDhlQgSWKYCtIhyUFdXP8.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:78:99:20:77:e1:07:d5:9c:54:69:33:cc:87:91:b7:f1:88:
         08:07:49:96:f2:fb:a6:bc:6e:16:4c:05:a8:8f:bd:66:c3:80:
         9f:48:2d:4e:6d:0d:6c:92:77:54:ac:26:ed:f5:e3:5d:ba:24:
         08:b7:bd:ca:d2:22:b0:e5:06:e8:c1:12:4b:58:6a:bb:27:42:
         6e:28:1f:51:e5:e9:d9:45:5a:14:ac:3d:eb:ba:fb:a6:f3:e4:
         73:db:cd:44:05:5e:8f:04:be:a5:c9:82:8f:82:30:18:c5:84:
         1e:6f:f7:07:9e:ec:db:f9:48:14:a2:a5:54:87:79:e0:0e:15:
         70:d3:4e:bf:2e:b0:fd:43:8d:7f:63:bf:1e:d0:c7:17:68:c2:
         b6:2f:e8:c6:5f:94:e8:c6:db:5a:52:d1:9a:8c:1a:f1:01:c3:
         e8:fd:c6:2a:88:be:05:2f:ca:a3:df:15:f4:d1:5e:2f:8c:e2:
         2c:bf:6c:4e:28:11:bb:49:52:d2:76:8b:50:9a:2d:81:b5:5a:
         2a:46:98:62:ef:9f:67:f9:25:8a:aa:7f:f4:3b:be:b1:03:ce:
         dd:6e:77:5d:26:76:9e:dc:02:1a:24:de:11:d5:4d:92:75:4e:
         7e:aa:31:d1:8f:75:8a:53:bb:bc:d5:3b:71:69:74:59:3c:01:
         10:1d:cc:93
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAN4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjhGOUIxMTAvBgNVBAUTKENGQkIwMzhGREI4Mzg2NTQyMDQ5NjI5ODBBRDIyMUM5
NDE1RDVDRkYwHhcNMjUxMDE5MDgzMzM5WhcNMjUxMDI2MDgzMzM5WjAYMRYwFAYD
VQQDEw02OGY0YTI2My01NjgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwHqoW3fits1LYY8xT7HA/lAAPAPGLI3opr/zACKX7vBXFqGPURylWIw9JQWl
q0zhijJV7KawJFlEDfzBbrhQuKEdPwyXvcTWjx7qjxf5TPePPbSeS7ZGohx2KKsy
mlr/LRqmAiL49ihG5efTfpO5M22k//JCY+bllYjIdXdMKqu+5r34S5BuV+MLvtsB
V1MhnulqNh2IegX0tSqlegqXL/aOxnRcPnc0Nn3/hdy5SAqugai3emLofUYLplNH
JiCB34CYi6/TTlagkeDjaF8VBA/NBM/Qt66tUALVcHVzKpdMsBl9wvsbriDF7xN0
FZ6ScAt2TrGfw4NrY1wYhYTvHQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMe8GrxW
IVyzi9KSldTFVNgLVYd4MB8GA1UdIwQYMBaAFM+7A4/bg4ZUIElimArSIclBXVz/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOEY5Qi9GOTAyRTUzMDVE
QkQxMUVGOEEwNkVENDBDNEY5QUUwMi96N3NEajl1RGhsUWdTV0tZQ3RJaHlVRmRY
UDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3o3c0RqOXVEaGxRZ1NXS1lDdEloeVVGZFhQOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
OEY5Qi9GOTAyRTUzMDVEQkQxMUVGOEEwNkVENDBDNEY5QUUwMi96N3NEajl1RGhs
UWdTV0tZQ3RJaHlVRmRYUDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCbeJkgd+EH1ZxUaTPMh5G38YgIB0mW8vumvG4WTAWoj71mw4CfSC1O
bQ1skndUrCbt9eNduiQIt73K0iKw5QbowRJLWGq7J0JuKB9R5enZRVoUrD3ruvum
8+Rz281EBV6PBL6lyYKPgjAYxYQeb/cHnuzb+UgUoqVUh3ngDhVw006/LrD9Q41/
Y78e0McXaMK2L+jGX5ToxttaUtGajBrxAcPo/cYqiL4FL8qj3xX00V4vjOIsv2xO
KBG7SVLSdotQmi2BtVoqRphi759n+SWKqn/0O76xA87dbnddJnae3AIaJN4R1U2S
dU5+qjHRj3WKU7u81TtxaXRZPAEQHcyT
-----END CERTIFICATE-----
Generated at Tue Oct 21 02:26:06 2025 by rpki-client