Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91F916A/1D7AD0BA458D11E5B3957A79C4F9AE02/z3rG54U-SVgocAZDAHZYRlfgyVA.mft
File:                     z3rG54U-SVgocAZDAHZYRlfgyVA.mft (raw, json)
Hash identifier:          3apE5knrjvDzXAtl1SfJL9uSBfvrlxJv9OqIu/ApXRM=
Subject key identifier:   21:69:45:A7:60:58:D5:B6:71:51:AD:CB:00:56:F9:71:7B:75:04:51
Authority key identifier: CF:7A:C6:E7:85:3E:49:58:28:70:06:43:00:76:58:46:57:E0:C9:50
Certificate issuer:       /CN=A91F916A/serialNumber=CF7AC6E7853E4958287006430076584657E0C950
Certificate serial:       24EC
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3rG54U-SVgocAZDAHZYRlfgyVA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91F916A/1D7AD0BA458D11E5B3957A79C4F9AE02/z3rG54U-SVgocAZDAHZYRlfgyVA.mft
Manifest number:          24D2
Signing time:             Sat 18 Oct 2025 16:00:34 +0000
Manifest this update:     Sat 18 Oct 2025 16:00:34 +0000
Manifest next update:     Sat 25 Oct 2025 16:00:34 +0000
Files and hashes:         1: z3rG54U-SVgocAZDAHZYRlfgyVA.crl (hash: iXjetKih22hE20h/cnRBI12JOy7B6OlCmGxJ2hyU650=)
                          2: 93957C3A25B211ECB5356475C4F9AE02.roa (hash: BdOiTbzqh5XSdUEde1pJSh9jcSbYou4UnLUcs5Z11Mw=)
                          3: 54040CE414F111F08814732CC4F9AE02.roa (hash: uhWwpX7EH4SHxyPNQgHJ8g+4j0iOnCO5ph2jjf0SUwo=)
                          4: 81C0C29CB0F311E5AB30F151C4F9AE02.roa (hash: OW7j0FFz0XfQbm3/I5GoSRUOzPWQeOb92johNE2e0dM=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91F916A/1D7AD0BA458D11E5B3957A79C4F9AE02/z3rG54U-SVgocAZDAHZYRlfgyVA.crl
                          rsync://rpki.apnic.net/member_repository/A91F916A/1D7AD0BA458D11E5B3957A79C4F9AE02/z3rG54U-SVgocAZDAHZYRlfgyVA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3rG54U-SVgocAZDAHZYRlfgyVA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 25 Oct 2025 16:00:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9452 (0x24ec)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F916A, serialNumber=CF7AC6E7853E4958287006430076584657E0C950
        Validity
            Not Before: Oct 18 16:00:34 2025 GMT
            Not After : Oct 25 16:00:34 2025 GMT
        Subject: CN=68f3b9a2-0331
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:f7:0f:e3:01:b2:fc:f2:1f:0b:95:87:61:98:
                    35:5b:2c:f6:66:27:28:d9:2f:cc:c0:e9:5e:96:98:
                    b6:a1:ca:7a:7e:7c:8c:13:39:8e:6f:bc:d0:ea:55:
                    d2:81:5e:23:fe:2e:30:4d:90:91:03:93:ff:4a:a8:
                    72:f7:12:48:70:c7:62:bd:cf:98:95:83:dd:2c:c4:
                    2e:d7:2b:cb:ea:6f:ea:d5:34:9a:fe:59:25:02:67:
                    9a:1b:1f:5c:e3:67:45:b6:87:8c:eb:51:81:a4:a5:
                    d0:b8:b1:dc:33:36:b9:3f:ca:3c:33:f9:0a:0c:b2:
                    7e:84:91:db:30:19:d0:8c:13:fe:bd:85:91:67:62:
                    d0:d2:39:13:d3:36:ef:32:aa:80:e7:7a:e4:3a:e1:
                    5a:40:c7:2a:19:d0:53:69:ea:3f:8c:2d:95:17:ad:
                    2d:b7:bf:ef:e1:fc:6e:0d:5c:f4:9d:7d:64:d3:71:
                    38:7f:b2:3d:c8:e4:04:b2:63:f8:44:30:99:5a:f9:
                    ae:3a:24:81:ba:18:0d:28:bd:c9:5a:7d:23:4c:59:
                    b1:fc:56:cb:e4:6e:2e:d9:46:d9:a6:a6:d6:f4:f8:
                    de:f7:a9:ea:5d:0e:04:b4:5a:58:bd:b6:48:31:33:
                    40:12:ab:cd:c5:00:4d:22:e4:cb:fd:c9:00:97:df:
                    93:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:69:45:A7:60:58:D5:B6:71:51:AD:CB:00:56:F9:71:7B:75:04:51
            X509v3 Authority Key Identifier:
                keyid:CF:7A:C6:E7:85:3E:49:58:28:70:06:43:00:76:58:46:57:E0:C9:50

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91F916A/1D7AD0BA458D11E5B3957A79C4F9AE02/z3rG54U-SVgocAZDAHZYRlfgyVA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3rG54U-SVgocAZDAHZYRlfgyVA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F916A/1D7AD0BA458D11E5B3957A79C4F9AE02/z3rG54U-SVgocAZDAHZYRlfgyVA.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:6e:b1:8e:ca:f8:50:bb:d4:15:b1:55:49:ca:af:f9:bd:1f:
         7f:7f:dc:21:e8:c3:f0:f8:93:1e:c6:17:a5:b2:3e:fc:eb:2e:
         a1:b5:d7:89:b6:c1:7c:62:a7:91:3d:0d:18:67:75:25:64:91:
         af:a8:28:5d:72:85:b1:b0:b3:e1:32:a7:0d:49:1f:2d:95:1f:
         63:2a:47:14:72:11:b8:60:c7:dd:5d:99:a0:74:66:66:40:03:
         5b:b0:6f:49:33:d8:df:13:4c:c6:76:27:90:64:4d:e8:01:54:
         28:cc:26:54:f1:9e:9b:73:66:61:36:9f:84:a3:c0:df:39:53:
         ae:1d:f1:d9:84:07:1f:b7:59:e2:f5:ea:e4:b5:71:eb:b1:35:
         d0:88:37:3f:c6:b6:72:6e:30:4c:28:3e:80:84:99:60:0e:4e:
         67:d9:85:ff:bf:a8:6a:ed:d9:b6:c6:89:eb:68:d7:b1:c7:eb:
         3c:f9:a7:cd:dc:05:63:38:4a:3d:bc:9f:55:ad:d9:a8:c6:97:
         a3:00:fa:de:58:05:a2:94:76:54:74:56:0c:6b:92:7f:83:75:
         87:4d:cb:29:28:00:69:e3:c0:2e:09:5d:f9:94:e6:d9:c2:e6:
         5d:8a:a7:2c:ae:95:6e:65:40:ce:2e:94:21:9f:14:91:c7:ea:
         33:de:89:92
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICJOwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjkxNkExMTAvBgNVBAUTKENGN0FDNkU3ODUzRTQ5NTgyODcwMDY0MzAwNzY1ODQ2
NTdFMEM5NTAwHhcNMjUxMDE4MTYwMDM0WhcNMjUxMDI1MTYwMDM0WjAYMRYwFAYD
VQQDEw02OGYzYjlhMi0wMzMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqPcP4wGy/PIfC5WHYZg1Wyz2Zico2S/MwOlelpi2ocp6fnyMEzmOb7zQ6lXS
gV4j/i4wTZCRA5P/Sqhy9xJIcMdivc+YlYPdLMQu1yvL6m/q1TSa/lklAmeaGx9c
42dFtoeM61GBpKXQuLHcMza5P8o8M/kKDLJ+hJHbMBnQjBP+vYWRZ2LQ0jkT0zbv
MqqA53rkOuFaQMcqGdBTaeo/jC2VF60tt7/v4fxuDVz0nX1k03E4f7I9yOQEsmP4
RDCZWvmuOiSBuhgNKL3JWn0jTFmx/FbL5G4u2UbZpqbW9Pje96nqXQ4EtFpYvbZI
MTNAEqvNxQBNIuTL/ckAl9+TKwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCFpRadg
WNW2cVGtywBW+XF7dQRRMB8GA1UdIwQYMBaAFM96xueFPklYKHAGQwB2WEZX4MlQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOTE2QS8xRDdBRDBCQTQ1
OEQxMUU1QjM5NTdBNzlDNEY5QUUwMi96M3JHNTRVLVNWZ29jQVpEQUhaWVJsZmd5
VkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ozckc1NFUtU1Znb2NBWkRBSFpZUmxmZ3lWQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
OTE2QS8xRDdBRDBCQTQ1OEQxMUU1QjM5NTdBNzlDNEY5QUUwMi96M3JHNTRVLVNW
Z29jQVpEQUhaWVJsZmd5VkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAtbrGOyvhQu9QVsVVJyq/5vR9/f9wh6MPw+JMexhelsj786y6htdeJ
tsF8YqeRPQ0YZ3UlZJGvqChdcoWxsLPhMqcNSR8tlR9jKkcUchG4YMfdXZmgdGZm
QANbsG9JM9jfE0zGdieQZE3oAVQozCZU8Z6bc2ZhNp+Eo8DfOVOuHfHZhAcft1ni
9erktXHrsTXQiDc/xrZybjBMKD6AhJlgDk5n2YX/v6hq7dm2xonraNexx+s8+afN
3AVjOEo9vJ9VrdmoxpejAPreWAWilHZUdFYMa5J/g3WHTcspKABp48AuCV35lObZ
wuZdiqcsrpVuZUDOLpQhnxSRx+oz3omS
-----END CERTIFICATE-----
Generated at Mon Oct 20 16:05:27 2025 by rpki-client