Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.mft
File:                     TK4677Gsir3bmbzO5PpakW0VezQ.mft (raw, json)
Hash identifier:          KsxSG6QRk5Hp6cWpTOIpFW1d44RjdgUGhI4wAa8qaA8=
Subject key identifier:   67:DD:56:B5:61:AB:1A:1F:E8:7B:72:B9:69:B0:8A:72:38:81:00:04
Authority key identifier: 4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
Certificate issuer:       /CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Certificate serial:       366D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.mft
Manifest number:          3590
Signing time:             Wed 22 Oct 2025 14:30:39 +0000
Manifest this update:     Wed 22 Oct 2025 14:30:39 +0000
Manifest next update:     Wed 29 Oct 2025 14:30:39 +0000
Files and hashes:         1: TK4677Gsir3bmbzO5PpakW0VezQ.crl (hash: MlOKV3epHltesHvOcWUsC4fLM9KZFsjQjZAU3gSGyxc=)
                          2: D166652A072211EF9AC24D5BC4F9AE02.roa (hash: RL1lTbOt6Av5nEYA4DHBlIKK0hqxvZRiBkpLy29xghs=)
                          3: 8FD552C071F111F0AE49323FC4F9AE02.roa (hash: k0XECPDgxEsPxo1hnPOQ8t+HVImApkPuGWwQ5OUwJvs=)
                          4: 945922AECEBA11EDBBFD9E28C4F9AE02.roa (hash: 2rH+VWOcuPOah5bNHP9sMT7gm/W2BD5Lz0whslurntk=)
                          5: 24D7D74C978011EE87BB7D53C4F9AE02.roa (hash: CuyEAz/Z+ba3st2KGZYRh65vVcO9Be9AbPEfcjuGd9k=)
                          6: 31D56A8E06C711EF9A0E1D0AC4F9AE02.roa (hash: Yqwo5M588Yfv+JXGuvZtKg0Gtdf+iGVakUUN+3KDHdo=)
                          7: CE997E2EEA9B11EFA6A3D730C4F9AE02.roa (hash: uN0e+cUzXR0q+zRv9FKfvDWSlrjYXQb/CNzmut03rlU=)
                          8: D630A6B206D511EFB6CFDF2DC4F9AE02.roa (hash: oGdV623K9DaOonzZkenCae7aE6BqwAo6RdH7Y25n0b4=)
                          9: 4DC27210558111EF880A8679C4F9AE02.roa (hash: m1XRr2iAq+1TVgkspEslzx6eWsdA8L2B6700lAxn/d4=)
                          10: 4DFF14DE71F211F08D45AC42C4F9AE02.roa (hash: gBF3Jk34am1InKRIBH9CrloJz67l7rFKCD8FkbkPjyM=)
                          11: E83E047071F111F0BBD1B63FC4F9AE02.roa (hash: vqgqViMpJQbvpRF0eRLHvKsvOmM8OQ5c7Ho2iOiRHUM=)
                          12: 4B2AFD54ABA611EEA4B59A6AC4F9AE02.roa (hash: 92OU291hR0YIYqWJJIcvZXszn84NKrAjVspQkxjVbEI=)
                          13: 77D96D4A4F3411EFBA0A2659C4F9AE02.roa (hash: ol23eWYMbqFxa7AzTOzpz7Em2i4wKmL7cxMptLBFr00=)
                          14: 8FF00754732F11EE90078C13C4F9AE02.roa (hash: FvhGoDcJkl/uVyMeuA2e84lQ0fEQXKW9fiAoOj29wy4=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl
                          rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 29 Oct 2025 14:30:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13933 (0x366d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B5D7E, serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
        Validity
            Not Before: Oct 22 14:30:39 2025 GMT
            Not After : Oct 29 14:30:39 2025 GMT
        Subject: CN=68f8ea8f-268d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:e4:2f:6f:b7:8a:03:25:45:c2:02:60:eb:d7:
                    d6:79:eb:99:39:33:90:6a:19:c4:a7:4c:ca:67:6f:
                    7c:7b:97:46:fa:9a:5b:57:9b:76:b6:b2:84:1a:7a:
                    a4:2a:ce:5d:5a:ca:99:77:c5:13:f5:d0:22:4c:03:
                    15:20:0b:6f:d0:9b:ae:42:db:1e:78:86:94:1e:c6:
                    c9:f8:2e:7d:e7:1a:59:42:32:61:93:96:e4:00:ab:
                    a7:94:69:48:a6:59:54:27:bb:41:13:9f:25:99:f0:
                    dd:1e:57:4d:a3:f9:ad:71:15:71:f3:6d:42:02:b0:
                    1c:d6:ed:ed:63:e7:90:23:1f:6f:9e:cf:b8:33:e4:
                    db:a5:2d:dc:b5:d3:71:eb:7a:ed:22:b2:f1:4b:ca:
                    e5:a9:ee:9b:cf:2c:8a:0d:95:14:a8:fb:be:f9:a7:
                    c2:b8:84:0b:b6:b8:6b:d7:e6:6f:74:5d:c8:13:6e:
                    e1:6a:ee:00:b8:4d:cc:28:ea:a5:5d:c1:73:1d:74:
                    e1:0b:0a:f3:ea:5f:ff:40:00:85:98:7d:01:47:be:
                    08:72:ae:27:6e:81:65:c2:14:6f:8c:4a:a3:05:28:
                    78:bc:43:d4:0b:57:74:5b:4f:57:61:0e:fe:ef:3e:
                    f3:da:43:81:b2:ef:1b:5d:4c:e4:e8:aa:79:1a:e0:
                    33:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:DD:56:B5:61:AB:1A:1F:E8:7B:72:B9:69:B0:8A:72:38:81:00:04
            X509v3 Authority Key Identifier:
                keyid:4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:a9:f4:7c:1c:64:68:c9:97:be:2f:c6:c7:56:ea:2e:84:91:
         18:e2:cf:af:f5:4e:7f:0b:a0:ee:42:7e:80:b2:7b:b9:00:ce:
         7d:3e:32:9d:15:f3:b6:1a:f7:19:de:21:95:d9:cf:b4:5c:4b:
         a1:8e:1d:53:f6:49:5c:45:f2:83:ef:97:a7:76:bf:a1:c4:0c:
         c4:77:c8:36:44:29:96:cb:12:42:17:aa:a2:15:8e:28:1c:c8:
         91:00:3a:98:1e:f5:ac:9b:c1:88:3b:36:1f:d5:5f:b7:ee:ac:
         c4:e4:0d:3d:e9:40:ac:0f:e7:b2:df:e0:d8:94:05:48:36:e5:
         f8:6d:87:8d:bc:a4:93:30:36:4c:9c:af:79:0d:5b:b9:56:94:
         a4:9c:cb:f4:b0:de:de:9c:cd:e5:48:9f:1e:7e:9e:81:a4:50:
         fe:04:fa:f0:38:af:a3:62:31:21:87:8f:16:2e:5a:38:e9:7c:
         60:39:65:44:67:de:fa:cf:26:2f:41:4a:f5:43:78:52:32:38:
         6a:f0:d2:a9:0d:45:97:9d:85:d5:94:b1:5c:05:bf:93:32:7a:
         7e:bb:0e:b0:33:f6:4f:f9:ef:1c:09:19:17:64:80:9c:03:00:
         a4:59:f6:5f:16:82:1c:d2:1b:56:ba:0f:dd:e6:c0:d3:96:ce:
         c2:c2:d3:d6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICNm0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjVEN0UxMTAvBgNVBAUTKDRDQUUzQUVGQjFBQzhBQkREQjk5QkNDRUU0RkE1QTkx
NkQxNTdCMzQwHhcNMjUxMDIyMTQzMDM5WhcNMjUxMDI5MTQzMDM5WjAYMRYwFAYD
VQQDEw02OGY4ZWE4Zi0yNjhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyOQvb7eKAyVFwgJg69fWeeuZOTOQahnEp0zKZ298e5dG+ppbV5t2trKEGnqk
Ks5dWsqZd8UT9dAiTAMVIAtv0JuuQtseeIaUHsbJ+C595xpZQjJhk5bkAKunlGlI
pllUJ7tBE58lmfDdHldNo/mtcRVx821CArAc1u3tY+eQIx9vns+4M+TbpS3ctdNx
63rtIrLxS8rlqe6bzyyKDZUUqPu++afCuIQLtrhr1+ZvdF3IE27hau4AuE3MKOql
XcFzHXThCwrz6l//QACFmH0BR74Icq4nboFlwhRvjEqjBSh4vEPUC1d0W09XYQ7+
7z7z2kOBsu8bXUzk6Kp5GuAzJwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGfdVrVh
qxof6HtyuWmwinI4gQAEMB8GA1UdIwQYMBaAFEyuOu+xrIq925m8zuT6WpFtFXs0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUQ3RS9FQ0E2ODIzNDFE
ODcxMUUyOTgzMjJERTAwOEIwMkNEMi9USzQ2NzdHc2lyM2JtYnpPNVBwYWtXMFZl
elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RLNDY3N0dzaXIzYm1iek81UHBha1cwVmV6US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
NUQ3RS9FQ0E2ODIzNDFEODcxMUUyOTgzMjJERTAwOEIwMkNEMi9USzQ2NzdHc2ly
M2JtYnpPNVBwYWtXMFZlelEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQABqfR8HGRoyZe+L8bHVuouhJEY4s+v9U5/C6DuQn6Asnu5AM59PjKd
FfO2GvcZ3iGV2c+0XEuhjh1T9klcRfKD75endr+hxAzEd8g2RCmWyxJCF6qiFY4o
HMiRADqYHvWsm8GIOzYf1V+37qzE5A096UCsD+ey3+DYlAVINuX4bYeNvKSTMDZM
nK95DVu5VpSknMv0sN7enM3lSJ8efp6BpFD+BPrwOK+jYjEhh48WLlo46XxgOWVE
Z976zyYvQUr1Q3hSMjhq8NKpDUWXnYXVlLFcBb+TMnp+uw6wM/ZP+e8cCRkXZICc
AwCkWfZfFoIc0htWug/d5sDTls7CwtPW
-----END CERTIFICATE-----
Generated at Thu Oct 23 09:57:51 2025 by rpki-client