Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3C9A/A1D61D3ACA8D11EABE5BB656C4F9AE02/Hn4NiUa8SNB1SwPphyrTiAxU5L4.mft
File:                     Hn4NiUa8SNB1SwPphyrTiAxU5L4.mft (raw, json)
Hash identifier:          LXqryHSEZTMWobQV1/36KsyoP1n+IZJaG2p5BKZmq1k=
Subject key identifier:   2E:D7:06:DD:28:AA:0D:AB:81:57:3B:31:FD:E6:32:C1:26:3E:29:97
Authority key identifier: 1E:7E:0D:89:46:BC:48:D0:75:4B:03:E9:87:2A:D3:88:0C:54:E4:BE
Certificate issuer:       /CN=A91E3C9A/serialNumber=1E7E0D8946BC48D0754B03E9872AD3880C54E4BE
Certificate serial:       0870
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hn4NiUa8SNB1SwPphyrTiAxU5L4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E3C9A/A1D61D3ACA8D11EABE5BB656C4F9AE02/Hn4NiUa8SNB1SwPphyrTiAxU5L4.mft
Manifest number:          086B
Signing time:             Sat 02 Aug 2025 20:58:14 +0000
Manifest this update:     Sat 02 Aug 2025 20:58:13 +0000
Manifest next update:     Sat 09 Aug 2025 20:58:13 +0000
Files and hashes:         1: Hn4NiUa8SNB1SwPphyrTiAxU5L4.crl (hash: 9aPGx7y5YnXzWzWCct6z+AXREc1/YhuuFKGaX5+GIK8=)
                          2: 3A5B01A0CA8F11EAA35BF958C4F9AE02.roa (hash: rarNamT8etGmrzl2oBorgmdNrF9oOnpcrAlb12sZ65o=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91E3C9A/A1D61D3ACA8D11EABE5BB656C4F9AE02/Hn4NiUa8SNB1SwPphyrTiAxU5L4.crl
                          rsync://rpki.apnic.net/member_repository/A91E3C9A/A1D61D3ACA8D11EABE5BB656C4F9AE02/Hn4NiUa8SNB1SwPphyrTiAxU5L4.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hn4NiUa8SNB1SwPphyrTiAxU5L4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 09 Aug 2025 20:58:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2160 (0x870)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E3C9A, serialNumber=1E7E0D8946BC48D0754B03E9872AD3880C54E4BE
        Validity
            Not Before: Aug  2 20:58:13 2025 GMT
            Not After : Aug  9 20:58:13 2025 GMT
        Subject: CN=688e7be6-f65f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:34:18:96:04:a2:16:52:52:4e:92:24:71:49:
                    f7:30:fd:e3:68:d8:90:e3:d8:dd:5e:3d:61:33:52:
                    db:45:63:f1:ea:1c:73:42:65:2e:aa:bd:08:a8:08:
                    17:c7:c5:d3:48:a9:44:fd:73:0a:df:22:58:76:ae:
                    3d:bb:a7:1e:f0:3f:69:7d:a1:08:29:2e:04:79:32:
                    35:04:26:67:84:74:97:64:77:fd:02:79:9b:8a:12:
                    3a:ed:c7:e7:f6:e0:94:4e:9b:84:9c:52:d3:02:30:
                    8a:5f:53:e7:44:8c:e2:88:a3:ec:51:c3:10:84:55:
                    8f:ea:d2:79:dd:71:9a:80:48:4a:f9:5f:45:12:86:
                    03:f7:4d:0b:d3:ad:c4:b9:c3:fe:c9:4b:cb:38:fa:
                    c0:70:97:fe:ab:e6:24:62:23:df:a2:4d:35:d4:b7:
                    fb:4e:14:6e:e0:86:a3:36:32:46:8a:d7:50:74:68:
                    a9:47:31:8a:74:18:9c:05:f6:b3:a0:2e:d2:f3:28:
                    90:09:0a:12:d5:24:5e:90:f5:ec:8a:4d:b5:08:f6:
                    23:af:5d:12:4b:91:38:05:71:7f:63:62:93:d2:2d:
                    81:8d:58:11:36:50:85:8e:1a:a4:b2:df:31:a0:d3:
                    4e:00:62:c7:66:23:81:fa:58:62:89:05:df:bf:f3:
                    ff:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:D7:06:DD:28:AA:0D:AB:81:57:3B:31:FD:E6:32:C1:26:3E:29:97
            X509v3 Authority Key Identifier:
                keyid:1E:7E:0D:89:46:BC:48:D0:75:4B:03:E9:87:2A:D3:88:0C:54:E4:BE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E3C9A/A1D61D3ACA8D11EABE5BB656C4F9AE02/Hn4NiUa8SNB1SwPphyrTiAxU5L4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hn4NiUa8SNB1SwPphyrTiAxU5L4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3C9A/A1D61D3ACA8D11EABE5BB656C4F9AE02/Hn4NiUa8SNB1SwPphyrTiAxU5L4.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:eb:22:27:f7:2e:c0:d9:e1:0c:9e:92:bf:74:f0:5b:4c:95:
         55:3a:2d:18:d4:6a:33:c0:7d:34:7e:29:99:69:5c:cf:5e:96:
         c5:b0:9d:95:b7:dc:9c:33:cb:b6:b0:81:f8:69:c4:f4:db:ce:
         2d:ac:6f:6d:c9:22:b7:45:45:35:03:67:b4:5e:3a:8e:bd:21:
         3a:25:dd:e9:dc:d8:2c:ef:15:89:62:8d:29:55:6f:c1:88:20:
         0e:bf:69:12:e5:9d:01:72:86:e2:e8:97:7b:67:a6:14:58:ab:
         15:b1:3e:25:06:86:1e:1f:63:a6:c4:36:bc:e0:60:71:14:32:
         16:14:cb:89:f4:26:8f:d1:b5:1f:68:6b:cf:13:ed:d6:df:ab:
         f9:ab:9a:8c:f5:84:e3:0a:73:6e:4e:68:94:78:50:9b:3b:c8:
         5a:0b:6c:83:bf:a0:d3:1d:4b:c0:0c:77:86:8c:55:eb:5d:00:
         7e:29:64:b9:73:97:76:01:e7:a1:66:f8:4a:04:e9:02:0b:b7:
         32:33:dd:4e:af:d0:de:05:44:cb:b8:1b:35:12:32:92:72:b9:
         4d:2f:c6:a4:09:67:2b:16:be:81:d4:63:84:1d:c9:94:dc:b8:
         af:9d:df:9b:3e:ba:4f:b2:51:9c:9d:3c:06:13:d9:bc:4a:88:
         a9:9a:70:d8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCHAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTNDOUExMTAvBgNVBAUTKDFFN0UwRDg5NDZCQzQ4RDA3NTRCMDNFOTg3MkFEMzg4
MEM1NEU0QkUwHhcNMjUwODAyMjA1ODEzWhcNMjUwODA5MjA1ODEzWjAYMRYwFAYD
VQQDEw02ODhlN2JlNi1mNjVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyDQYlgSiFlJSTpIkcUn3MP3jaNiQ49jdXj1hM1LbRWPx6hxzQmUuqr0IqAgX
x8XTSKlE/XMK3yJYdq49u6ce8D9pfaEIKS4EeTI1BCZnhHSXZHf9AnmbihI67cfn
9uCUTpuEnFLTAjCKX1PnRIziiKPsUcMQhFWP6tJ53XGagEhK+V9FEoYD900L063E
ucP+yUvLOPrAcJf+q+YkYiPfok011Lf7ThRu4IajNjJGitdQdGipRzGKdBicBfaz
oC7S8yiQCQoS1SRekPXsik21CPYjr10SS5E4BXF/Y2KT0i2BjVgRNlCFjhqkst8x
oNNOAGLHZiOB+lhiiQXfv/P/awIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFC7XBt0o
qg2rgVc7Mf3mMsEmPimXMB8GA1UdIwQYMBaAFB5+DYlGvEjQdUsD6Ycq04gMVOS+
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0M5QS9BMUQ2MUQzQUNB
OEQxMUVBQkU1QkI2NTZDNEY5QUUwMi9IbjROaVVhOFNOQjFTd1BwaHlyVGlBeFU1
TDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0huNE5pVWE4U05CMVN3UHBoeXJUaUF4VTVMNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
M0M5QS9BMUQ2MUQzQUNBOEQxMUVBQkU1QkI2NTZDNEY5QUUwMi9IbjROaVVhOFNO
QjFTd1BwaHlyVGlBeFU1TDQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBQ6yIn9y7A2eEMnpK/dPBbTJVVOi0Y1GozwH00fimZaVzPXpbFsJ2V
t9ycM8u2sIH4acT0284trG9tySK3RUU1A2e0XjqOvSE6Jd3p3Ngs7xWJYo0pVW/B
iCAOv2kS5Z0Bcobi6Jd7Z6YUWKsVsT4lBoYeH2OmxDa84GBxFDIWFMuJ9CaP0bUf
aGvPE+3W36v5q5qM9YTjCnNuTmiUeFCbO8haC2yDv6DTHUvADHeGjFXrXQB+KWS5
c5d2AeehZvhKBOkCC7cyM91Or9DeBUTLuBs1EjKScrlNL8akCWcrFr6B1GOEHcmU
3Livnd+bPrpPslGcnTwGE9m8SoipmnDY
-----END CERTIFICATE-----
Generated at Mon Aug 4 19:04:53 2025 by rpki-client