Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A912383B/FBBA9E9CE02311EA9922DE42C4F9AE02/OAHjYU99QEcCrkIssnnlHcnRTKI.mft
File:                     OAHjYU99QEcCrkIssnnlHcnRTKI.mft (raw, json)
Hash identifier:          Sb5cH0f9CpKzpTBz3hWgBKra4OrStDK6etPLIBINTp0=
Subject key identifier:   EC:C2:1D:8D:9D:A4:EC:59:3A:94:E0:0D:33:C8:D3:9A:48:AD:04:67
Authority key identifier: 38:01:E3:61:4F:7D:40:47:02:AE:42:2C:B2:79:E5:1D:C9:D1:4C:A2
Certificate issuer:       /CN=A912383B/serialNumber=3801E3614F7D404702AE422CB279E51DC9D14CA2
Certificate serial:       082B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OAHjYU99QEcCrkIssnnlHcnRTKI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A912383B/FBBA9E9CE02311EA9922DE42C4F9AE02/OAHjYU99QEcCrkIssnnlHcnRTKI.mft
Manifest number:          0824
Signing time:             Thu 24 Jul 2025 21:01:00 +0000
Manifest this update:     Thu 24 Jul 2025 21:00:59 +0000
Manifest next update:     Thu 31 Jul 2025 21:00:59 +0000
Files and hashes:         1: OAHjYU99QEcCrkIssnnlHcnRTKI.crl (hash: Gw96LQYy6FGYYQjnMNQFAdyaGCOp9PPUS9eN8MPzvCM=)
                          2: 4E4AF4A2C2B111EBABFFA212C4F9AE02.roa (hash: OwVRnVKX5TIRRxRa7tYPZCkquxRI/+jnc5rYmXmYkKM=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A912383B/FBBA9E9CE02311EA9922DE42C4F9AE02/OAHjYU99QEcCrkIssnnlHcnRTKI.crl
                          rsync://rpki.apnic.net/member_repository/A912383B/FBBA9E9CE02311EA9922DE42C4F9AE02/OAHjYU99QEcCrkIssnnlHcnRTKI.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OAHjYU99QEcCrkIssnnlHcnRTKI.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 31 Jul 2025 21:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2091 (0x82b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A912383B, serialNumber=3801E3614F7D404702AE422CB279E51DC9D14CA2
        Validity
            Not Before: Jul 24 21:00:59 2025 GMT
            Not After : Jul 31 21:00:59 2025 GMT
        Subject: CN=68829f0b-b7fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:0d:6c:05:f4:f5:c7:84:c4:7d:54:1e:49:ac:
                    99:71:99:f6:f2:c4:92:c7:36:a0:6f:e4:51:5d:03:
                    7d:6f:bd:c1:6b:0a:71:74:24:ba:cb:41:15:ba:c3:
                    ff:95:34:a9:21:3c:99:4a:6f:a6:d6:8b:a8:98:17:
                    14:0f:78:d3:26:4d:ca:5f:bd:ef:d4:f2:22:02:e9:
                    4e:af:46:4b:16:32:fb:15:7b:b2:11:79:30:9a:6d:
                    08:eb:b4:86:bf:1b:1f:ec:76:8e:6d:55:d0:28:60:
                    e6:35:5c:c1:d9:ed:6c:9a:dd:c4:87:42:a3:72:50:
                    01:99:74:e2:fd:a3:be:f2:42:1e:45:05:7a:a4:52:
                    17:29:15:0d:79:6b:d5:29:e8:65:7c:f6:51:f8:81:
                    bb:26:69:21:10:2e:83:a6:54:7a:98:ea:eb:de:ed:
                    31:36:60:5a:c1:17:33:f7:04:6b:2c:c2:f0:98:19:
                    6c:86:01:ee:2a:cd:f0:d9:e3:c1:82:b2:db:9c:86:
                    13:59:df:f6:b7:11:e0:d2:6c:76:b4:30:e1:5c:30:
                    2e:5d:cd:e5:ed:aa:e5:84:17:5d:a3:39:df:c8:8a:
                    9a:36:a0:4c:31:8e:66:f7:95:1e:ec:59:8d:09:40:
                    63:f3:64:ad:f4:87:ac:ae:d6:84:70:40:2e:f3:17:
                    ea:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:C2:1D:8D:9D:A4:EC:59:3A:94:E0:0D:33:C8:D3:9A:48:AD:04:67
            X509v3 Authority Key Identifier:
                keyid:38:01:E3:61:4F:7D:40:47:02:AE:42:2C:B2:79:E5:1D:C9:D1:4C:A2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A912383B/FBBA9E9CE02311EA9922DE42C4F9AE02/OAHjYU99QEcCrkIssnnlHcnRTKI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OAHjYU99QEcCrkIssnnlHcnRTKI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912383B/FBBA9E9CE02311EA9922DE42C4F9AE02/OAHjYU99QEcCrkIssnnlHcnRTKI.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:52:0e:6d:22:b5:10:b9:e2:e0:10:3e:00:74:c9:8d:4d:85:
         71:52:35:94:c6:2c:f1:28:6d:75:be:c8:6c:5f:75:be:fa:18:
         9d:06:d4:e6:42:1c:03:92:64:fa:73:e0:d0:f2:c0:4a:d3:33:
         f8:41:2d:f0:5d:7a:70:8e:3f:ba:49:fa:1a:d3:79:a6:99:8e:
         3d:d4:42:c8:92:40:4a:2c:6e:7e:bf:3a:ab:5f:40:5c:28:cc:
         bc:6b:f0:42:d5:1e:79:6d:6b:33:a1:b3:89:d1:0d:49:bd:26:
         93:96:ac:d2:cb:71:c7:91:ce:b8:a4:d2:da:8f:1a:c0:0c:e6:
         40:9e:3a:a2:8b:fc:34:3e:7c:04:a1:de:c3:c9:ff:bb:9a:65:
         b4:9f:66:84:33:a4:da:ba:ed:38:47:b5:25:48:43:3a:48:7d:
         08:5f:fd:e7:61:d6:a0:72:7c:76:ba:85:e8:b4:15:c5:56:a2:
         43:33:b0:fd:b5:83:f7:c0:a8:2c:41:0e:d6:b3:56:3f:4c:93:
         34:db:98:0c:5e:7c:7e:8c:59:4c:8c:96:b8:75:bb:ad:0a:ad:
         d0:7f:c2:5c:fd:2e:8a:41:0a:d9:ce:e4:1f:8c:b6:54:21:3f:
         f2:92:58:f5:ce:35:ae:a4:04:72:29:03:ca:fc:f7:c1:b4:a0:
         31:e3:8e:aa
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCCswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjM4M0IxMTAvBgNVBAUTKDM4MDFFMzYxNEY3RDQwNDcwMkFFNDIyQ0IyNzlFNTFE
QzlEMTRDQTIwHhcNMjUwNzI0MjEwMDU5WhcNMjUwNzMxMjEwMDU5WjAYMRYwFAYD
VQQDEw02ODgyOWYwYi1iN2ZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnA1sBfT1x4TEfVQeSayZcZn28sSSxzagb+RRXQN9b73BawpxdCS6y0EVusP/
lTSpITyZSm+m1ouomBcUD3jTJk3KX73v1PIiAulOr0ZLFjL7FXuyEXkwmm0I67SG
vxsf7HaObVXQKGDmNVzB2e1smt3Eh0KjclABmXTi/aO+8kIeRQV6pFIXKRUNeWvV
KehlfPZR+IG7JmkhEC6DplR6mOrr3u0xNmBawRcz9wRrLMLwmBlshgHuKs3w2ePB
grLbnIYTWd/2txHg0mx2tDDhXDAuXc3l7arlhBddoznfyIqaNqBMMY5m95Ue7FmN
CUBj82St9IesrtaEcEAu8xfqlQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOzCHY2d
pOxZOpTgDTPI05pIrQRnMB8GA1UdIwQYMBaAFDgB42FPfUBHAq5CLLJ55R3J0Uyi
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMzgzQi9GQkJBOUU5Q0Uw
MjMxMUVBOTkyMkRFNDJDNEY5QUUwMi9PQUhqWVU5OVFFY0Nya0lzc25ubEhjblJU
S0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09BSGpZVTk5UUVjQ3JrSXNzbm5sSGNuUlRLSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
MzgzQi9GQkJBOUU5Q0UwMjMxMUVBOTkyMkRFNDJDNEY5QUUwMi9PQUhqWVU5OVFF
Y0Nya0lzc25ubEhjblJUS0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQB5Ug5tIrUQueLgED4AdMmNTYVxUjWUxizxKG11vshsX3W++hidBtTm
QhwDkmT6c+DQ8sBK0zP4QS3wXXpwjj+6Sfoa03mmmY491ELIkkBKLG5+vzqrX0Bc
KMy8a/BC1R55bWszobOJ0Q1JvSaTlqzSy3HHkc64pNLajxrADOZAnjqii/w0PnwE
od7Dyf+7mmW0n2aEM6Tauu04R7UlSEM6SH0IX/3nYdagcnx2uoXotBXFVqJDM7D9
tYP3wKgsQQ7Ws1Y/TJM025gMXnx+jFlMjJa4dbutCq3Qf8Jc/S6KQQrZzuQfjLZU
IT/yklj1zjWupARyKQPK/PfBtKAx446q
-----END CERTIFICATE-----
Generated at Fri Jul 25 04:03:21 2025 by rpki-client