Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91D4ACD/1F53569E756E11EF9CA46E51C4F9AE02/hpBNLQLbigWb7ZOPL46u88Qgb9A.mft
File:                     hpBNLQLbigWb7ZOPL46u88Qgb9A.mft (raw, json)
Hash identifier:          UQDjEFkqT+0fUSzeusiEZjqMSHDZzcXQQNrrZP3IKrY=
Subject key identifier:   0A:6D:39:BA:92:61:7C:AE:39:C1:B3:58:5F:72:EB:FC:CB:61:CB:5F
Authority key identifier: 86:90:4D:2D:02:DB:8A:05:9B:ED:93:8F:2F:8E:AE:F3:C4:20:6F:D0
Certificate issuer:       /CN=A91D4ACD/serialNumber=86904D2D02DB8A059BED938F2F8EAEF3C4206FD0
Certificate serial:       A0
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hpBNLQLbigWb7ZOPL46u88Qgb9A.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91D4ACD/1F53569E756E11EF9CA46E51C4F9AE02/hpBNLQLbigWb7ZOPL46u88Qgb9A.mft
Manifest number:          9F
Signing time:             Sat 19 Jul 2025 06:31:23 +0000
Manifest this update:     Sat 19 Jul 2025 06:31:22 +0000
Manifest next update:     Sat 26 Jul 2025 06:31:22 +0000
Files and hashes:         1: hpBNLQLbigWb7ZOPL46u88Qgb9A.crl (hash: LBu4Qh5SFY7RK8HuOVzJogM6lWIC6VdNxu5OVYhGLK8=)
                          2: 388D7E38797D11EF8CA64711C4F9AE02.roa (hash: psVpSVTIe8+AZiKNpgFs07aLN6Bb1+TjrtoRE57p52A=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91D4ACD/1F53569E756E11EF9CA46E51C4F9AE02/hpBNLQLbigWb7ZOPL46u88Qgb9A.crl
                          rsync://rpki.apnic.net/member_repository/A91D4ACD/1F53569E756E11EF9CA46E51C4F9AE02/hpBNLQLbigWb7ZOPL46u88Qgb9A.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hpBNLQLbigWb7ZOPL46u88Qgb9A.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 26 Jul 2025 06:31:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 160 (0xa0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D4ACD, serialNumber=86904D2D02DB8A059BED938F2F8EAEF3C4206FD0
        Validity
            Not Before: Jul 19 06:31:22 2025 GMT
            Not After : Jul 26 06:31:22 2025 GMT
        Subject: CN=687b3bba-ded3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:c5:56:44:e1:35:79:70:6b:c9:a0:73:40:af:
                    ec:26:9a:d2:a2:f0:d5:dc:27:2f:b8:bb:d3:31:6d:
                    42:54:ef:a4:41:a6:c6:66:cc:6b:49:bc:7d:64:4b:
                    58:cd:b5:d9:cb:ec:b8:63:2a:ba:44:4b:d3:2f:82:
                    ab:0d:3c:e5:12:86:46:f1:e3:4f:72:ea:c5:4d:f6:
                    13:68:d1:bf:eb:e4:e2:5e:79:07:c7:4c:a5:6a:fb:
                    35:a6:6b:90:bf:2f:17:5d:f5:ad:77:e5:d0:10:7a:
                    aa:f4:b2:0e:e0:8f:b9:9f:bc:42:aa:91:40:10:94:
                    b7:cd:a9:6d:7a:34:e6:5b:15:6d:33:76:d3:31:e2:
                    9d:68:a3:2c:c5:b0:ab:35:89:9d:b7:26:64:ec:a4:
                    ad:12:d5:b8:e6:65:94:31:d6:9c:ef:ed:92:f5:50:
                    01:67:c5:ff:cc:1f:21:d5:b1:39:55:a3:38:66:11:
                    6a:b9:bf:ff:d6:d6:80:ba:6b:fb:df:d2:67:bc:68:
                    a2:c1:bc:a6:53:8a:eb:0f:60:ef:c3:de:a9:c1:dc:
                    ac:cb:77:f5:28:e8:2e:8a:be:7f:74:7c:8e:de:b5:
                    00:22:ba:be:60:2f:d1:95:03:8e:1d:5c:59:6d:6e:
                    92:d8:3f:1b:c3:4d:6f:53:34:dd:45:e3:da:28:59:
                    d9:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:6D:39:BA:92:61:7C:AE:39:C1:B3:58:5F:72:EB:FC:CB:61:CB:5F
            X509v3 Authority Key Identifier:
                keyid:86:90:4D:2D:02:DB:8A:05:9B:ED:93:8F:2F:8E:AE:F3:C4:20:6F:D0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91D4ACD/1F53569E756E11EF9CA46E51C4F9AE02/hpBNLQLbigWb7ZOPL46u88Qgb9A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hpBNLQLbigWb7ZOPL46u88Qgb9A.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D4ACD/1F53569E756E11EF9CA46E51C4F9AE02/hpBNLQLbigWb7ZOPL46u88Qgb9A.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         b9:11:ee:db:b0:f9:71:5a:a7:81:33:f1:aa:af:2d:14:82:17:
         de:05:33:0d:a9:ab:12:7d:b1:33:97:5d:0d:f5:a7:47:5b:26:
         e2:dd:8b:9c:55:b6:bd:91:41:6c:1e:07:6a:bd:2d:17:9c:8c:
         01:8d:f9:7f:19:b2:88:45:af:f8:ae:56:1e:15:80:ba:da:9b:
         c3:ab:b1:7f:bf:da:8b:17:bf:59:3c:72:c7:2f:7f:32:a2:f9:
         01:27:26:ce:5b:01:ce:31:74:d3:2c:2c:3b:fd:15:c4:4c:6c:
         ee:b4:9d:a4:b9:c6:25:a5:d6:e4:89:01:94:8d:e8:47:89:15:
         b4:a3:60:34:b3:dc:c8:49:94:d4:b8:96:8a:36:4b:c8:9e:d6:
         34:6f:c4:30:ac:f5:be:45:ca:c7:fb:ee:05:3f:3e:33:02:37:
         81:91:14:b0:07:1f:50:6b:54:0b:30:84:e8:f9:40:17:64:c8:
         5d:64:f6:13:fb:30:44:4b:df:75:82:b8:04:6a:f7:45:a0:34:
         4c:3f:a3:3c:f1:c0:1e:d4:51:5e:6f:0d:16:2c:a7:73:0f:f7:
         6d:07:be:ff:32:5e:7f:11:dd:b8:93:c0:af:33:c8:05:1a:5a:
         56:49:8c:47:9d:cd:f5:a3:70:f3:bf:c3:d2:8f:80:7a:57:05:
         c5:f2:e6:38
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAKAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDRBQ0QxMTAvBgNVBAUTKDg2OTA0RDJEMDJEQjhBMDU5QkVEOTM4RjJGOEVBRUYz
QzQyMDZGRDAwHhcNMjUwNzE5MDYzMTIyWhcNMjUwNzI2MDYzMTIyWjAYMRYwFAYD
VQQDEw02ODdiM2JiYS1kZWQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3cVWROE1eXBryaBzQK/sJprSovDV3CcvuLvTMW1CVO+kQabGZsxrSbx9ZEtY
zbXZy+y4Yyq6REvTL4KrDTzlEoZG8eNPcurFTfYTaNG/6+TiXnkHx0ylavs1pmuQ
vy8XXfWtd+XQEHqq9LIO4I+5n7xCqpFAEJS3zaltejTmWxVtM3bTMeKdaKMsxbCr
NYmdtyZk7KStEtW45mWUMdac7+2S9VABZ8X/zB8h1bE5VaM4ZhFqub//1taAumv7
39JnvGiiwbymU4rrD2Dvw96pwdysy3f1KOguir5/dHyO3rUAIrq+YC/RlQOOHVxZ
bW6S2D8bw01vUzTdRePaKFnZCwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAptObqS
YXyuOcGzWF9y6/zLYctfMB8GA1UdIwQYMBaAFIaQTS0C24oFm+2Tjy+OrvPEIG/Q
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENEFDRC8xRjUzNTY5RTc1
NkUxMUVGOUNBNDZFNTFDNEY5QUUwMi9ocEJOTFFMYmlnV2I3Wk9QTDQ2dTg4UWdi
OUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2hwQk5MUUxiaWdXYjdaT1BMNDZ1ODhRZ2I5QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
NEFDRC8xRjUzNTY5RTc1NkUxMUVGOUNBNDZFNTFDNEY5QUUwMi9ocEJOTFFMYmln
V2I3Wk9QTDQ2dTg4UWdiOUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQC5Ee7bsPlxWqeBM/Gqry0UghfeBTMNqasSfbEzl10N9adHWybi3Yuc
Vba9kUFsHgdqvS0XnIwBjfl/GbKIRa/4rlYeFYC62pvDq7F/v9qLF79ZPHLHL38y
ovkBJybOWwHOMXTTLCw7/RXETGzutJ2kucYlpdbkiQGUjehHiRW0o2A0s9zISZTU
uJaKNkvIntY0b8QwrPW+RcrH++4FPz4zAjeBkRSwBx9Qa1QLMITo+UAXZMhdZPYT
+zBES991grgEavdFoDRMP6M88cAe1FFebw0WLKdzD/dtB77/Ml5/Ed24k8CvM8gF
GlpWSYxHnc31o3Dzv8PSj4B6VwXF8uY4
-----END CERTIFICATE-----
Generated at Sun Jul 20 18:44:08 2025 by rpki-client