Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A912383B/FBBA9E9CE02311EA9922DE42C4F9AE02/OAHjYU99QEcCrkIssnnlHcnRTKI.mft
File:                     OAHjYU99QEcCrkIssnnlHcnRTKI.mft (raw, json)
Hash identifier:          DhfpjkFCAbBg8CGNd7yNCf3ozAtJcDCRR4J1T+DZg8w=
Subject key identifier:   B4:BB:FC:56:43:F4:42:A8:79:63:EE:36:72:A5:CB:5F:D1:AC:35:F6
Authority key identifier: 38:01:E3:61:4F:7D:40:47:02:AE:42:2C:B2:79:E5:1D:C9:D1:4C:A2
Certificate issuer:       /CN=A912383B/serialNumber=3801E3614F7D404702AE422CB279E51DC9D14CA2
Certificate serial:       082A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OAHjYU99QEcCrkIssnnlHcnRTKI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A912383B/FBBA9E9CE02311EA9922DE42C4F9AE02/OAHjYU99QEcCrkIssnnlHcnRTKI.mft
Manifest number:          0823
Signing time:             Tue 22 Jul 2025 21:04:39 +0000
Manifest this update:     Tue 22 Jul 2025 21:04:38 +0000
Manifest next update:     Tue 29 Jul 2025 21:04:38 +0000
Files and hashes:         1: OAHjYU99QEcCrkIssnnlHcnRTKI.crl (hash: 3ymTlDFCdVHo0z60XBu7sVtXbz5oRPmU7waI0vOXkaU=)
                          2: 4E4AF4A2C2B111EBABFFA212C4F9AE02.roa (hash: OwVRnVKX5TIRRxRa7tYPZCkquxRI/+jnc5rYmXmYkKM=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A912383B/FBBA9E9CE02311EA9922DE42C4F9AE02/OAHjYU99QEcCrkIssnnlHcnRTKI.crl
                          rsync://rpki.apnic.net/member_repository/A912383B/FBBA9E9CE02311EA9922DE42C4F9AE02/OAHjYU99QEcCrkIssnnlHcnRTKI.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OAHjYU99QEcCrkIssnnlHcnRTKI.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 29 Jul 2025 21:04:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2090 (0x82a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A912383B, serialNumber=3801E3614F7D404702AE422CB279E51DC9D14CA2
        Validity
            Not Before: Jul 22 21:04:38 2025 GMT
            Not After : Jul 29 21:04:38 2025 GMT
        Subject: CN=687ffce6-d210
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:49:d6:f2:6f:c4:e7:16:55:89:46:0e:11:50:
                    99:6e:c0:c5:c4:b3:09:e0:fc:8c:b2:88:f6:4f:5d:
                    91:8d:71:a7:dc:20:30:e7:81:16:85:03:a3:52:b8:
                    9f:0a:81:29:36:0a:b2:16:72:3b:f4:db:ad:79:85:
                    a3:48:7d:b4:f2:47:40:fa:61:ae:9c:d2:0f:b7:94:
                    27:b0:ec:dd:0f:f8:d6:1d:8d:23:8a:ca:cc:c5:a7:
                    5a:80:61:30:e1:4f:6d:92:4b:d4:1e:9a:7e:6f:db:
                    bc:af:02:7a:e8:8e:71:a7:5e:d6:b3:06:bb:40:0c:
                    24:8d:2c:96:63:fa:fd:75:95:f5:99:80:3d:c5:1e:
                    d7:15:fa:db:66:60:76:67:89:ab:9b:09:55:a7:d4:
                    b2:26:77:5e:1e:93:b5:e4:2c:8d:bc:3c:1a:fa:70:
                    8d:27:b1:bc:dc:bb:01:22:5d:26:50:32:1c:cf:a7:
                    06:f0:e2:b1:0d:cc:c4:41:6a:27:f1:da:97:e7:1e:
                    98:a9:53:d7:94:c1:c9:1e:88:2a:98:0c:f9:d7:fd:
                    fc:6f:d9:c2:fe:26:c2:de:d6:0f:cf:8f:1f:47:bd:
                    2e:ff:72:56:86:55:10:4c:c7:24:9d:33:68:3c:fa:
                    e3:74:13:84:f0:6d:c2:61:28:31:40:6e:15:dd:f3:
                    af:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:BB:FC:56:43:F4:42:A8:79:63:EE:36:72:A5:CB:5F:D1:AC:35:F6
            X509v3 Authority Key Identifier:
                keyid:38:01:E3:61:4F:7D:40:47:02:AE:42:2C:B2:79:E5:1D:C9:D1:4C:A2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A912383B/FBBA9E9CE02311EA9922DE42C4F9AE02/OAHjYU99QEcCrkIssnnlHcnRTKI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OAHjYU99QEcCrkIssnnlHcnRTKI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912383B/FBBA9E9CE02311EA9922DE42C4F9AE02/OAHjYU99QEcCrkIssnnlHcnRTKI.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:d9:cb:eb:9c:9c:c2:a9:bc:b6:0b:cf:3c:92:99:07:48:30:
         80:74:27:d8:58:e3:a6:37:cf:b2:91:31:44:02:83:91:96:6c:
         d0:24:ee:aa:84:32:6f:69:dd:1a:f4:10:49:e9:57:78:f2:ff:
         fe:e4:4e:ad:5c:49:87:3f:41:0f:7f:4e:d3:d2:f1:56:d2:00:
         cb:a3:82:7b:13:90:ca:f7:62:e0:ca:8e:f1:00:8c:8a:e2:46:
         19:14:9f:93:bd:a5:ce:88:6a:7b:3e:5f:dc:88:66:4c:4f:5d:
         a8:cf:80:b7:7b:ac:93:f9:70:b8:35:0c:d2:e5:69:b9:41:6b:
         a2:6e:10:0d:a3:fa:34:bc:40:3e:4c:c8:73:20:a9:af:d9:79:
         14:2b:7b:ee:b9:41:a3:59:db:02:7d:22:36:94:c1:b8:91:88:
         c4:5d:31:ab:a4:6b:a0:fc:99:e9:40:07:c2:db:91:d9:5d:4d:
         fe:ac:04:dd:bd:ae:33:ca:cd:da:7a:e0:9f:7f:c3:55:d8:5d:
         90:e7:6b:cc:c6:f9:46:ae:23:f6:2a:83:8d:4e:d7:4f:39:60:
         98:8a:07:c2:95:6e:aa:d1:c4:6c:3d:65:60:3b:ab:2e:f6:07:
         36:d1:39:e7:6e:ab:84:00:90:9a:58:7d:fa:a1:df:12:21:5f:
         f6:9e:36:44
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCCowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjM4M0IxMTAvBgNVBAUTKDM4MDFFMzYxNEY3RDQwNDcwMkFFNDIyQ0IyNzlFNTFE
QzlEMTRDQTIwHhcNMjUwNzIyMjEwNDM4WhcNMjUwNzI5MjEwNDM4WjAYMRYwFAYD
VQQDEw02ODdmZmNlNi1kMjEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxEnW8m/E5xZViUYOEVCZbsDFxLMJ4PyMsoj2T12RjXGn3CAw54EWhQOjUrif
CoEpNgqyFnI79NuteYWjSH208kdA+mGunNIPt5QnsOzdD/jWHY0jisrMxadagGEw
4U9tkkvUHpp+b9u8rwJ66I5xp17Wswa7QAwkjSyWY/r9dZX1mYA9xR7XFfrbZmB2
Z4mrmwlVp9SyJndeHpO15CyNvDwa+nCNJ7G83LsBIl0mUDIcz6cG8OKxDczEQWon
8dqX5x6YqVPXlMHJHogqmAz51/38b9nC/ibC3tYPz48fR70u/3JWhlUQTMcknTNo
PPrjdBOE8G3CYSgxQG4V3fOvNQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLS7/FZD
9EKoeWPuNnKly1/RrDX2MB8GA1UdIwQYMBaAFDgB42FPfUBHAq5CLLJ55R3J0Uyi
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMzgzQi9GQkJBOUU5Q0Uw
MjMxMUVBOTkyMkRFNDJDNEY5QUUwMi9PQUhqWVU5OVFFY0Nya0lzc25ubEhjblJU
S0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09BSGpZVTk5UUVjQ3JrSXNzbm5sSGNuUlRLSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
MzgzQi9GQkJBOUU5Q0UwMjMxMUVBOTkyMkRFNDJDNEY5QUUwMi9PQUhqWVU5OVFF
Y0Nya0lzc25ubEhjblJUS0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBR2cvrnJzCqby2C888kpkHSDCAdCfYWOOmN8+ykTFEAoORlmzQJO6q
hDJvad0a9BBJ6Vd48v/+5E6tXEmHP0EPf07T0vFW0gDLo4J7E5DK92Lgyo7xAIyK
4kYZFJ+TvaXOiGp7Pl/ciGZMT12oz4C3e6yT+XC4NQzS5Wm5QWuibhANo/o0vEA+
TMhzIKmv2XkUK3vuuUGjWdsCfSI2lMG4kYjEXTGrpGug/JnpQAfC25HZXU3+rATd
va4zys3aeuCff8NV2F2Q52vMxvlGriP2KoONTtdPOWCYigfClW6q0cRsPWVgO6su
9gc20TnnbquEAJCaWH36od8SIV/2njZE
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:34:24 2025 by rpki-client