Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.mft
File:                     IHitW73x1MW5cLvik02aNV2zHOg.mft (raw, json)
Hash identifier:          25M2DwAe3LZ3UcAPyvewBeE2apP/YPacVgAo6UYrJ8I=
Subject key identifier:   D4:97:A2:85:73:7A:DE:C5:2E:B9:4B:8C:94:01:B5:7B:AC:4C:8E:85
Authority key identifier: 20:78:AD:5B:BD:F1:D4:C5:B9:70:BB:E2:93:4D:9A:35:5D:B3:1C:E8
Certificate issuer:       /CN=A91E4DFA/serialNumber=2078AD5BBDF1D4C5B970BBE2934D9A355DB31CE8
Certificate serial:       052E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IHitW73x1MW5cLvik02aNV2zHOg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.mft
Manifest number:          0524
Signing time:             Thu 18 Sep 2025 23:55:15 +0000
Manifest this update:     Thu 18 Sep 2025 23:55:15 +0000
Manifest next update:     Thu 25 Sep 2025 23:55:15 +0000
Files and hashes:         1: IHitW73x1MW5cLvik02aNV2zHOg.crl (hash: 6y0OYjP6+NqnW6AhHzFyr6D/g0MDaOQXb/EN8z28Nro=)
                          2: 5EAA75CC28E511F0BE4DF317C4F9AE02.roa (hash: aZ97R0qET0w8nFTTAAMLi629/SQxZPM4icyK4OVkGiY=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.crl
                          rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IHitW73x1MW5cLvik02aNV2zHOg.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 25 Sep 2025 23:55:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1326 (0x52e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E4DFA, serialNumber=2078AD5BBDF1D4C5B970BBE2934D9A355DB31CE8
        Validity
            Not Before: Sep 18 23:55:15 2025 GMT
            Not After : Sep 25 23:55:15 2025 GMT
        Subject: CN=68cc9be3-b791
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:e1:65:b0:21:62:53:d7:2f:7f:2e:b5:38:a2:
                    d8:77:b2:6b:be:e2:71:c8:1e:7a:58:81:e0:ab:ee:
                    28:10:52:60:c2:93:ef:ec:5f:ae:fd:47:24:a9:26:
                    c7:14:35:6b:1f:b8:7d:39:90:f7:52:3f:80:51:23:
                    06:5a:a8:1d:1c:aa:7e:36:2e:e3:3e:88:84:52:2c:
                    5d:61:1e:69:0c:b4:fd:a8:e5:72:5e:02:a4:d2:35:
                    d4:59:11:99:4e:40:7f:a2:48:1b:89:90:c7:65:49:
                    1b:0e:c4:e7:c4:f4:81:7e:3f:c8:30:fb:01:ce:a5:
                    d1:6d:70:bf:96:2c:cb:5d:7f:e1:29:3a:ca:14:f3:
                    bb:a3:4d:87:97:d6:9c:d1:c9:c6:e7:60:05:ce:be:
                    57:e0:c4:24:e1:ac:f2:01:49:56:c9:26:41:ea:b7:
                    3d:6b:20:54:15:55:b7:d7:a9:94:92:8d:a8:4b:fd:
                    11:32:c8:2f:d6:44:c6:77:ab:b8:ad:b4:30:f9:73:
                    4a:cd:29:9a:aa:fa:56:40:fa:48:14:8a:da:15:51:
                    33:da:6a:d2:ad:06:ac:b5:17:14:4d:d1:e1:85:54:
                    65:84:0f:1b:f9:78:fa:5e:6a:bb:11:b8:e8:bd:ee:
                    c7:28:94:a9:38:12:92:7b:02:73:df:30:00:da:77:
                    a5:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:97:A2:85:73:7A:DE:C5:2E:B9:4B:8C:94:01:B5:7B:AC:4C:8E:85
            X509v3 Authority Key Identifier:
                keyid:20:78:AD:5B:BD:F1:D4:C5:B9:70:BB:E2:93:4D:9A:35:5D:B3:1C:E8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IHitW73x1MW5cLvik02aNV2zHOg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:d6:a5:12:78:c5:07:38:e5:be:d1:04:93:de:eb:c5:08:47:
         fe:7f:9f:4b:3c:e5:4c:8d:26:dc:3a:47:06:23:f3:37:aa:40:
         6d:3f:7c:cb:40:22:3a:53:89:25:19:a9:49:89:3c:e3:d0:ee:
         85:e5:ec:6e:fa:fd:df:d8:f7:80:7a:e0:cf:02:61:4a:9d:41:
         96:b7:36:15:17:b7:bd:57:75:fa:6d:d7:fd:c6:e0:9e:5b:83:
         7e:a0:12:ce:0d:e8:ca:bf:ae:89:ce:eb:aa:ca:85:af:f2:ff:
         65:f1:f8:33:2f:b8:47:7f:6c:27:cd:1d:d1:90:c5:70:1b:58:
         5b:5e:43:16:c0:39:5a:6f:2f:98:45:fc:86:1d:f6:07:bb:e5:
         14:ff:39:d5:9d:cd:5f:2e:f1:b1:60:a0:21:0c:25:d5:e1:59:
         82:c7:c8:0d:d0:e5:f7:bb:f7:2f:c4:58:8c:ea:33:53:a1:be:
         c3:35:73:e0:e6:36:4d:c3:b9:27:02:2e:7a:df:4e:61:1a:72:
         06:7c:5a:b8:2a:99:af:d1:0f:c9:00:24:80:25:12:bb:34:c5:
         d6:0d:10:37:fd:df:77:51:2a:3b:51:33:87:02:2a:fb:18:bc:
         60:14:6d:ae:c0:39:6a:67:f1:01:70:56:da:2f:76:66:4e:35:
         6c:be:e0:49
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICBS4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTRERkExMTAvBgNVBAUTKDIwNzhBRDVCQkRGMUQ0QzVCOTcwQkJFMjkzNEQ5QTM1
NURCMzFDRTgwHhcNMjUwOTE4MjM1NTE1WhcNMjUwOTI1MjM1NTE1WjAYMRYwFAYD
VQQDEw02OGNjOWJlMy1iNzkxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4OFlsCFiU9cvfy61OKLYd7JrvuJxyB56WIHgq+4oEFJgwpPv7F+u/UckqSbH
FDVrH7h9OZD3Uj+AUSMGWqgdHKp+Ni7jPoiEUixdYR5pDLT9qOVyXgKk0jXUWRGZ
TkB/okgbiZDHZUkbDsTnxPSBfj/IMPsBzqXRbXC/lizLXX/hKTrKFPO7o02Hl9ac
0cnG52AFzr5X4MQk4azyAUlWySZB6rc9ayBUFVW316mUko2oS/0RMsgv1kTGd6u4
rbQw+XNKzSmaqvpWQPpIFIraFVEz2mrSrQastRcUTdHhhVRlhA8b+Xj6Xmq7Ebjo
ve7HKJSpOBKSewJz3zAA2neljwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNSXooVz
et7FLrlLjJQBtXusTI6FMB8GA1UdIwQYMBaAFCB4rVu98dTFuXC74pNNmjVdsxzo
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNERGQS84NDU5ODRDRTFB
ODUxMUVDQTc2QUVBM0FDNEY5QUUwMi9JSGl0VzczeDFNVzVjTHZpazAyYU5WMnpI
T2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0lIaXRXNzN4MU1XNWNMdmlrMDJhTlYyekhPZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
NERGQS84NDU5ODRDRTFBODUxMUVDQTc2QUVBM0FDNEY5QUUwMi9JSGl0VzczeDFN
VzVjTHZpazAyYU5WMnpIT2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBx1qUSeMUHOOW+0QST3uvFCEf+f59LPOVMjSbcOkcGI/M3qkBtP3zL
QCI6U4klGalJiTzj0O6F5exu+v3f2PeAeuDPAmFKnUGWtzYVF7e9V3X6bdf9xuCe
W4N+oBLODejKv66JzuuqyoWv8v9l8fgzL7hHf2wnzR3RkMVwG1hbXkMWwDlaby+Y
RfyGHfYHu+UU/znVnc1fLvGxYKAhDCXV4VmCx8gN0OX3u/cvxFiM6jNTob7DNXPg
5jZNw7knAi56305hGnIGfFq4Kpmv0Q/JACSAJRK7NMXWDRA3/d93USo7UTOHAir7
GLxgFG2uwDlqZ/EBcFbaL3ZmTjVsvuBJ
-----END CERTIFICATE-----
Generated at Fri Sep 19 07:28:10 2025 by rpki-client