Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91ACFEB/CB2C33E6936E11EAA5E56B7EC4F9AE02/U4XhOhtYRftEzutr7Y3rTomvOCk.mft
File:                     U4XhOhtYRftEzutr7Y3rTomvOCk.mft (raw, json)
Hash identifier:          hhxbTuIpgOXUCNIqFgw3uRPRVlc09zvVMfa4pPbNYxo=
Subject key identifier:   81:76:11:94:F3:42:A8:AE:05:D2:D8:73:06:46:23:9B:F5:0A:5C:E6
Authority key identifier: 53:85:E1:3A:1B:58:45:FB:44:CE:EB:6B:ED:8D:EB:4E:89:AF:38:29
Certificate issuer:       /CN=A91ACFEB/serialNumber=5385E13A1B5845FB44CEEB6BED8DEB4E89AF3829
Certificate serial:       09C7
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4XhOhtYRftEzutr7Y3rTomvOCk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91ACFEB/CB2C33E6936E11EAA5E56B7EC4F9AE02/U4XhOhtYRftEzutr7Y3rTomvOCk.mft
Manifest number:          09B7
Signing time:             Wed 22 Oct 2025 20:42:16 +0000
Manifest this update:     Wed 22 Oct 2025 20:42:15 +0000
Manifest next update:     Wed 29 Oct 2025 20:42:15 +0000
Files and hashes:         1: U4XhOhtYRftEzutr7Y3rTomvOCk.crl (hash: x53vBCOS3gI+46GYRyFPVFVwrgI90aHNqcvVGv1Vrw0=)
                          2: 3636BCD2937011EA8A795583C4F9AE02.roa (hash: Xd/9pByFb2cbZ9xoUnmDVjNmjmus87X0lFOERhfsZNI=)
                          3: 35831FCE937011EA8A795583C4F9AE02.roa (hash: N79J5/addSjvuTRJUjHpGEDoonJ5OZtfdl2v8Aonsr8=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91ACFEB/CB2C33E6936E11EAA5E56B7EC4F9AE02/U4XhOhtYRftEzutr7Y3rTomvOCk.crl
                          rsync://rpki.apnic.net/member_repository/A91ACFEB/CB2C33E6936E11EAA5E56B7EC4F9AE02/U4XhOhtYRftEzutr7Y3rTomvOCk.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4XhOhtYRftEzutr7Y3rTomvOCk.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 29 Oct 2025 20:42:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2503 (0x9c7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91ACFEB, serialNumber=5385E13A1B5845FB44CEEB6BED8DEB4E89AF3829
        Validity
            Not Before: Oct 22 20:42:15 2025 GMT
            Not After : Oct 29 20:42:15 2025 GMT
        Subject: CN=68f941a8-ee8c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:6e:a8:ab:86:77:3c:fa:a8:94:15:85:55:a0:
                    85:38:99:82:3c:a7:2b:0b:47:78:f9:cf:60:a8:49:
                    46:cb:92:0d:16:ba:54:f0:64:e0:80:2b:49:6b:44:
                    e5:be:37:4b:e7:97:97:2b:22:f1:09:7f:c1:79:93:
                    05:e8:80:c3:89:5a:87:94:8d:db:02:f1:3e:8e:28:
                    30:c4:5e:17:51:55:69:b9:9c:74:41:63:db:cb:62:
                    f8:dc:7d:c8:e3:83:9e:ad:c9:3e:7f:1c:a2:a4:d8:
                    de:09:25:70:ac:db:6d:5f:db:a0:c5:17:14:cf:a7:
                    80:1f:8d:84:66:8f:cd:47:a9:69:a4:01:05:cb:ea:
                    51:d3:21:7c:6f:b5:3f:b6:b9:bf:f0:b5:a7:02:17:
                    b1:62:eb:4c:95:37:1e:9e:bb:54:70:d5:68:f0:73:
                    eb:99:9d:be:36:6a:c0:c2:19:8d:29:d1:73:e7:63:
                    22:2b:a5:00:16:90:9b:3b:56:56:1b:eb:0c:ab:65:
                    1a:5f:6b:06:ed:44:57:9f:55:5c:10:e5:c7:e4:4d:
                    14:4f:99:30:b5:9b:1a:c8:0f:63:a3:e9:b9:f0:5a:
                    f1:70:96:73:4b:fd:f7:7d:56:e1:53:c7:7d:e7:d0:
                    4e:de:92:5d:7e:89:6c:7e:e6:7e:d1:79:48:4b:4d:
                    e9:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:76:11:94:F3:42:A8:AE:05:D2:D8:73:06:46:23:9B:F5:0A:5C:E6
            X509v3 Authority Key Identifier:
                keyid:53:85:E1:3A:1B:58:45:FB:44:CE:EB:6B:ED:8D:EB:4E:89:AF:38:29

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91ACFEB/CB2C33E6936E11EAA5E56B7EC4F9AE02/U4XhOhtYRftEzutr7Y3rTomvOCk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4XhOhtYRftEzutr7Y3rTomvOCk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ACFEB/CB2C33E6936E11EAA5E56B7EC4F9AE02/U4XhOhtYRftEzutr7Y3rTomvOCk.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:e3:67:c2:6b:cc:5b:e8:46:d5:10:34:8f:18:a1:15:63:ce:
         55:94:e5:19:f1:21:93:83:c2:e9:31:75:03:fa:c8:14:1c:9c:
         ff:dd:4f:51:61:68:4c:c9:36:37:17:96:ac:81:7a:3c:eb:75:
         01:f2:bb:e1:7b:b1:72:bd:42:58:38:b3:64:a8:21:c2:a7:ca:
         a6:e3:be:90:70:91:dc:78:f9:d9:8d:b6:d9:ef:87:b6:cc:a8:
         6a:b8:7b:a0:55:1a:7e:2b:7e:f0:0b:35:22:dc:83:d1:9d:29:
         ac:86:02:41:23:15:19:04:f7:d1:7a:54:fd:c7:02:28:5a:92:
         ed:08:d1:21:0b:1a:a2:81:cf:a8:de:31:b1:e3:37:5d:3b:5b:
         10:ff:98:70:69:02:c2:cc:59:34:17:27:d6:60:81:de:d6:5c:
         bc:51:73:6d:72:31:51:e8:c1:89:1e:f7:ff:42:c2:9a:80:97:
         eb:17:03:58:d9:8e:01:9d:f7:3e:c6:57:9a:16:75:9c:1c:d2:
         95:ce:15:08:9c:37:05:9b:65:14:47:29:96:c4:7d:ce:d4:ed:
         43:af:97:b1:e7:c9:02:24:04:db:7d:47:fc:d8:13:fd:18:47:
         3c:7f:2a:e0:25:9d:52:a2:11:b5:5e:ec:c6:9b:cb:54:48:ae:
         d6:e4:49:76
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCccwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUNGRUIxMTAvBgNVBAUTKDUzODVFMTNBMUI1ODQ1RkI0NENFRUI2QkVEOERFQjRF
ODlBRjM4MjkwHhcNMjUxMDIyMjA0MjE1WhcNMjUxMDI5MjA0MjE1WjAYMRYwFAYD
VQQDEw02OGY5NDFhOC1lZThjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAp26oq4Z3PPqolBWFVaCFOJmCPKcrC0d4+c9gqElGy5INFrpU8GTggCtJa0Tl
vjdL55eXKyLxCX/BeZMF6IDDiVqHlI3bAvE+jigwxF4XUVVpuZx0QWPby2L43H3I
44Oerck+fxyipNjeCSVwrNttX9ugxRcUz6eAH42EZo/NR6lppAEFy+pR0yF8b7U/
trm/8LWnAhexYutMlTcenrtUcNVo8HPrmZ2+NmrAwhmNKdFz52MiK6UAFpCbO1ZW
G+sMq2UaX2sG7URXn1VcEOXH5E0UT5kwtZsayA9jo+m58FrxcJZzS/33fVbhU8d9
59BO3pJdfolsfuZ+0XlIS03pUwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIF2EZTz
QqiuBdLYcwZGI5v1ClzmMB8GA1UdIwQYMBaAFFOF4TobWEX7RM7ra+2N606Jrzgp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQ0ZFQi9DQjJDMzNFNjkz
NkUxMUVBQTVFNTZCN0VDNEY5QUUwMi9VNFhoT2h0WVJmdEV6dXRyN1kzclRvbXZP
Q2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1U0WGhPaHRZUmZ0RXp1dHI3WTNyVG9tdk9Day5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
Q0ZFQi9DQjJDMzNFNjkzNkUxMUVBQTVFNTZCN0VDNEY5QUUwMi9VNFhoT2h0WVJm
dEV6dXRyN1kzclRvbXZPQ2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAn42fCa8xb6EbVEDSPGKEVY85VlOUZ8SGTg8LpMXUD+sgUHJz/3U9R
YWhMyTY3F5asgXo863UB8rvhe7FyvUJYOLNkqCHCp8qm476QcJHcePnZjbbZ74e2
zKhquHugVRp+K37wCzUi3IPRnSmshgJBIxUZBPfRelT9xwIoWpLtCNEhCxqigc+o
3jGx4zddO1sQ/5hwaQLCzFk0FyfWYIHe1ly8UXNtcjFR6MGJHvf/QsKagJfrFwNY
2Y4Bnfc+xleaFnWcHNKVzhUInDcFm2UURymWxH3O1O1Dr5ex58kCJATbfUf82BP9
GEc8fyrgJZ1SohG1XuzGm8tUSK7W5El2
-----END CERTIFICATE-----
Generated at Thu Oct 23 16:17:58 2025 by rpki-client