Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/y6GXwEyqm9KV9XiEcqahCqP773A.mft
File:                     y6GXwEyqm9KV9XiEcqahCqP773A.mft (raw, json)
Hash identifier:          CTjXM6gr3rx1z4YBLe6JG4t/C0nu/ezUF1otBMdyrdE=
Subject key identifier:   49:ED:38:82:BD:0C:21:43:DC:9A:DF:68:5B:C9:6E:F5:F3:8C:BB:3F
Authority key identifier: CB:A1:97:C0:4C:AA:9B:D2:95:F5:78:84:72:A6:A1:0A:A3:FB:EF:70
Certificate issuer:       /CN=A9143CB3/serialNumber=CBA197C04CAA9BD295F5788472A6A10AA3FBEF70
Certificate serial:       1B7C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y6GXwEyqm9KV9XiEcqahCqP773A.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/y6GXwEyqm9KV9XiEcqahCqP773A.mft
Manifest number:          1B4E
Signing time:             Wed 22 Oct 2025 16:34:03 +0000
Manifest this update:     Wed 22 Oct 2025 16:34:02 +0000
Manifest next update:     Wed 29 Oct 2025 16:34:02 +0000
Files and hashes:         1: y6GXwEyqm9KV9XiEcqahCqP773A.crl (hash: D7NNO2DxePkcQ3Ohp9m51BkmCPVN68hVIAQN34Wx82A=)
                          2: D90961489C1311EFA0BF1480C4F9AE02.roa (hash: oDUDCtB16Or1sjmfh66q9QNKG7wVjA7QhKP9OaRJ6BM=)
                          3: DE0A76C805B511EE95562E2AC4F9AE02.roa (hash: nIAs30E8H29mzqDFrdKOfE9HHVMVMBE4sIisN1lJHH8=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/y6GXwEyqm9KV9XiEcqahCqP773A.crl
                          rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/y6GXwEyqm9KV9XiEcqahCqP773A.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y6GXwEyqm9KV9XiEcqahCqP773A.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 29 Oct 2025 16:34:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7036 (0x1b7c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9143CB3, serialNumber=CBA197C04CAA9BD295F5788472A6A10AA3FBEF70
        Validity
            Not Before: Oct 22 16:34:02 2025 GMT
            Not After : Oct 29 16:34:02 2025 GMT
        Subject: CN=68f9077a-0264
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:86:20:04:13:b2:fa:c4:f9:2d:e9:17:10:ee:
                    1d:d5:cb:18:9d:7a:88:d0:37:66:a9:c3:da:a7:bb:
                    93:d6:fb:6e:0c:01:1a:64:14:17:05:a1:12:30:72:
                    3f:52:49:bf:d4:05:1d:e3:96:53:39:61:ca:17:82:
                    be:0b:1d:7e:04:eb:8a:7b:7d:59:aa:0c:f6:13:f6:
                    18:8b:2b:c8:96:34:1d:6d:5f:77:1c:5b:d1:0f:1f:
                    d1:4b:f0:29:d8:66:24:8c:db:38:e1:1c:09:8e:56:
                    25:8c:d8:12:09:43:9c:93:33:d6:68:7e:3c:84:31:
                    36:d0:83:86:dc:ec:00:7c:7c:c4:d1:f3:3e:5c:59:
                    52:6c:f9:07:ae:ff:1a:24:a1:b5:f5:44:25:0a:f8:
                    7e:91:f8:2a:63:a1:d7:0c:35:10:3e:5c:f9:e5:80:
                    3e:fe:35:0a:0e:20:40:f4:35:46:f0:30:83:71:01:
                    c9:9e:fd:4b:71:55:ad:60:e3:14:7c:a5:4e:b3:88:
                    cd:3b:70:9a:3b:25:10:5f:d8:85:95:5e:8b:c1:19:
                    7d:f1:05:45:b6:bf:41:6b:4e:f7:2a:33:7b:23:fa:
                    ad:4e:c8:b0:06:0f:e9:5d:a8:f6:09:d1:fc:5d:f1:
                    5c:fc:46:e6:5f:d7:2f:c6:6f:48:4a:7b:00:12:d8:
                    61:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:ED:38:82:BD:0C:21:43:DC:9A:DF:68:5B:C9:6E:F5:F3:8C:BB:3F
            X509v3 Authority Key Identifier:
                keyid:CB:A1:97:C0:4C:AA:9B:D2:95:F5:78:84:72:A6:A1:0A:A3:FB:EF:70

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/y6GXwEyqm9KV9XiEcqahCqP773A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y6GXwEyqm9KV9XiEcqahCqP773A.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/y6GXwEyqm9KV9XiEcqahCqP773A.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         ad:96:84:07:b7:ba:db:9c:da:fa:08:68:f3:2d:85:61:9f:30:
         b4:cb:f4:a7:70:0c:18:2d:f1:b3:98:82:30:94:db:cb:ff:01:
         a5:7b:7b:43:34:ea:29:47:a1:88:db:33:a4:27:15:54:05:d0:
         da:a7:7d:3d:37:ac:98:40:21:20:d2:07:38:83:38:aa:77:38:
         f2:3a:aa:5e:bf:88:fc:b6:bb:ee:0f:62:00:51:a9:58:20:0a:
         09:a4:82:32:71:26:ff:77:22:be:23:17:53:0f:28:5b:ff:01:
         fe:3d:b1:8d:1f:a0:98:ed:fd:f8:fa:9f:88:0a:01:e2:61:af:
         1d:7f:fa:98:ec:fe:83:e8:5e:be:64:57:23:3b:f2:1e:ca:e4:
         0d:f7:fe:24:46:06:b0:71:7d:44:54:54:c2:cc:a3:3e:bd:05:
         bc:fa:a3:b4:f2:e1:a6:c2:20:07:f1:03:5d:32:4f:fa:1e:fa:
         71:3c:36:10:ee:b3:27:aa:2e:96:8f:83:5e:ef:c7:d5:0f:ed:
         ff:f0:3e:98:f1:4f:88:9a:78:98:8a:5b:a3:14:37:2d:8f:c2:
         b4:de:2f:e0:46:38:18:bc:b9:af:77:be:25:62:d3:77:97:16:
         51:95:aa:20:fa:fb:f2:59:da:4b:85:4e:a4:ae:a4:5a:ea:bf:
         ea:19:c1:5f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICG3wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDNDQjMxMTAvBgNVBAUTKENCQTE5N0MwNENBQTlCRDI5NUY1Nzg4NDcyQTZBMTBB
QTNGQkVGNzAwHhcNMjUxMDIyMTYzNDAyWhcNMjUxMDI5MTYzNDAyWjAYMRYwFAYD
VQQDEw02OGY5MDc3YS0wMjY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw4YgBBOy+sT5LekXEO4d1csYnXqI0DdmqcPap7uT1vtuDAEaZBQXBaESMHI/
Ukm/1AUd45ZTOWHKF4K+Cx1+BOuKe31Zqgz2E/YYiyvIljQdbV93HFvRDx/RS/Ap
2GYkjNs44RwJjlYljNgSCUOckzPWaH48hDE20IOG3OwAfHzE0fM+XFlSbPkHrv8a
JKG19UQlCvh+kfgqY6HXDDUQPlz55YA+/jUKDiBA9DVG8DCDcQHJnv1LcVWtYOMU
fKVOs4jNO3CaOyUQX9iFlV6LwRl98QVFtr9Ba073KjN7I/qtTsiwBg/pXaj2CdH8
XfFc/EbmX9cvxm9ISnsAEthhpwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEntOIK9
DCFD3JrfaFvJbvXzjLs/MB8GA1UdIwQYMBaAFMuhl8BMqpvSlfV4hHKmoQqj++9w
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0NCMy8xREI3OTgzQzI1
OUQxMUU3ODVEMzI1MEFDNEY5QUUwMi95NkdYd0V5cW05S1Y5WGlFY3FhaENxUDc3
M0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3k2R1h3RXlxbTlLVjlYaUVjcWFoQ3FQNzczQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
M0NCMy8xREI3OTgzQzI1OUQxMUU3ODVEMzI1MEFDNEY5QUUwMi95NkdYd0V5cW05
S1Y5WGlFY3FhaENxUDc3M0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCtloQHt7rbnNr6CGjzLYVhnzC0y/SncAwYLfGzmIIwlNvL/wGle3tD
NOopR6GI2zOkJxVUBdDap309N6yYQCEg0gc4gziqdzjyOqpev4j8trvuD2IAUalY
IAoJpIIycSb/dyK+IxdTDyhb/wH+PbGNH6CY7f34+p+ICgHiYa8df/qY7P6D6F6+
ZFcjO/IeyuQN9/4kRgawcX1EVFTCzKM+vQW8+qO08uGmwiAH8QNdMk/6HvpxPDYQ
7rMnqi6Wj4Ne78fVD+3/8D6Y8U+ImniYilujFDctj8K03i/gRjgYvLmvd74lYtN3
lxZRlaog+vvyWdpLhU6krqRa6r/qGcFf
-----END CERTIFICATE-----
Generated at Thu Oct 23 16:17:58 2025 by rpki-client