Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A912F387/5F3C849683A311EEA0B4281CC4F9AE02/HQDCg8qhqzzENxoqOE1isc1E-6c.mft
File:                     HQDCg8qhqzzENxoqOE1isc1E-6c.mft (raw, json)
Hash identifier:          gaSO872H3C5uLGFo6Mk0Qjpov2oRmUxFaKVKMsy2WAI=
Subject key identifier:   B8:06:E6:77:DA:FA:B4:3E:E4:58:FE:68:08:46:6E:D9:3E:50:14:EE
Authority key identifier: 1D:00:C2:83:CA:A1:AB:3C:C4:37:1A:2A:38:4D:62:B1:CD:44:FB:A7
Certificate issuer:       /CN=A912F387/serialNumber=1D00C283CAA1AB3CC4371A2A384D62B1CD44FBA7
Certificate serial:       0151
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HQDCg8qhqzzENxoqOE1isc1E-6c.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A912F387/5F3C849683A311EEA0B4281CC4F9AE02/HQDCg8qhqzzENxoqOE1isc1E-6c.mft
Manifest number:          0146
Signing time:             Mon 21 Jul 2025 04:30:35 +0000
Manifest this update:     Mon 21 Jul 2025 04:30:35 +0000
Manifest next update:     Mon 28 Jul 2025 04:30:35 +0000
Files and hashes:         1: HQDCg8qhqzzENxoqOE1isc1E-6c.crl (hash: GZPdEzsu4GHks99rB7GpL6Ku8DODjokWY7YB/j/evA8=)
                          2: 9556705A2E6111EF9D743040C4F9AE02.roa (hash: RLnLzyrrcNZhWSbOgsksg70plHnwm/0y4IiOT7XePHI=)
                          3: FC34967C6C8611EFBF35D221C4F9AE02.roa (hash: g3qVGTL6N3Bx7PoU5ChuYFlVdWGCksOpw5qXnk0J/9I=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A912F387/5F3C849683A311EEA0B4281CC4F9AE02/HQDCg8qhqzzENxoqOE1isc1E-6c.crl
                          rsync://rpki.apnic.net/member_repository/A912F387/5F3C849683A311EEA0B4281CC4F9AE02/HQDCg8qhqzzENxoqOE1isc1E-6c.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HQDCg8qhqzzENxoqOE1isc1E-6c.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 28 Jul 2025 04:30:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 337 (0x151)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A912F387, serialNumber=1D00C283CAA1AB3CC4371A2A384D62B1CD44FBA7
        Validity
            Not Before: Jul 21 04:30:35 2025 GMT
            Not After : Jul 28 04:30:35 2025 GMT
        Subject: CN=687dc26b-1f01
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:70:8e:ca:7b:f2:5d:7e:7d:30:ce:18:60:c5:
                    2b:d2:a0:ef:47:e1:ef:6a:c2:37:b0:35:f4:1c:38:
                    e2:05:0c:45:28:3c:e9:3f:4e:85:30:ae:4f:dc:fc:
                    bf:5c:70:c4:94:1c:42:c4:b7:21:27:6d:b8:35:13:
                    c0:d2:d5:8d:bb:85:86:db:98:77:c2:25:7c:db:60:
                    e0:d0:7d:67:7f:c9:de:ad:d7:f4:19:da:db:ad:19:
                    eb:9a:36:6b:30:27:fe:8b:f4:f0:37:b0:bb:65:dc:
                    3e:de:dc:0d:ca:74:e0:44:53:f9:d2:5c:1b:48:b2:
                    a8:eb:f9:62:da:4a:52:ed:82:4b:46:ff:70:39:fb:
                    46:d2:69:fe:d8:06:92:63:a2:31:12:17:95:c6:58:
                    6c:6d:02:5f:c3:23:40:b9:6d:ce:d2:7f:34:36:68:
                    25:6a:c5:e6:7b:98:4b:98:ad:53:db:a2:66:91:68:
                    be:30:b3:2f:b9:9c:2c:50:21:82:e0:16:6e:15:5c:
                    4c:07:ac:a6:a5:b3:6c:d0:da:58:b2:c3:f7:8c:be:
                    6c:9b:76:45:c5:00:80:74:d6:b7:aa:a8:3d:37:9c:
                    ca:2a:75:cc:9f:67:18:a1:fe:d9:ce:f2:43:98:de:
                    4b:2e:c0:33:6f:62:b3:fd:83:52:8f:f3:6e:d4:74:
                    af:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:06:E6:77:DA:FA:B4:3E:E4:58:FE:68:08:46:6E:D9:3E:50:14:EE
            X509v3 Authority Key Identifier:
                keyid:1D:00:C2:83:CA:A1:AB:3C:C4:37:1A:2A:38:4D:62:B1:CD:44:FB:A7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A912F387/5F3C849683A311EEA0B4281CC4F9AE02/HQDCg8qhqzzENxoqOE1isc1E-6c.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HQDCg8qhqzzENxoqOE1isc1E-6c.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912F387/5F3C849683A311EEA0B4281CC4F9AE02/HQDCg8qhqzzENxoqOE1isc1E-6c.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:5f:4f:b2:00:2a:19:d4:fa:4d:05:8d:53:f1:c0:6c:6e:0e:
         03:2b:2d:f2:a9:b6:69:d1:e9:56:9b:9f:ca:a5:4c:65:02:3e:
         2d:13:c5:f1:91:a0:47:be:bf:1f:4c:d9:2e:6f:7b:2d:78:6c:
         f2:32:37:33:0c:98:8d:fc:a8:00:b6:f5:9d:3f:2d:37:d0:45:
         a5:ef:c5:b3:e9:80:16:13:f3:8f:ac:29:a3:03:a1:10:ec:63:
         a5:fa:fb:6e:b0:ee:e1:b8:44:b2:98:80:dc:b9:77:2d:46:2e:
         40:02:7e:e6:fe:5d:1d:12:6d:38:df:6e:ec:64:e1:4b:a5:a5:
         6a:f2:6a:cb:19:62:dc:84:2c:c8:e7:a3:bf:d0:f9:54:82:69:
         d2:36:5b:20:aa:68:50:6b:bd:ae:09:6c:01:fd:5e:c5:1b:f5:
         b6:10:87:e3:43:75:d8:47:29:9d:6f:e5:90:7e:f1:5c:84:e7:
         bc:98:c8:94:06:14:18:b6:a9:df:78:90:33:42:98:bb:39:7f:
         ac:af:eb:10:45:11:97:5a:76:c5:ce:06:13:d6:e8:eb:02:34:
         1c:75:be:81:72:de:b9:eb:39:39:59:8b:f3:71:03:d1:df:52:
         a6:26:c7:a9:bf:af:5e:13:ea:35:e6:e4:1f:2c:6e:e3:68:02:
         f7:76:94:cc
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAVEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkYzODcxMTAvBgNVBAUTKDFEMDBDMjgzQ0FBMUFCM0NDNDM3MUEyQTM4NEQ2MkIx
Q0Q0NEZCQTcwHhcNMjUwNzIxMDQzMDM1WhcNMjUwNzI4MDQzMDM1WjAYMRYwFAYD
VQQDEw02ODdkYzI2Yi0xZjAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx3COynvyXX59MM4YYMUr0qDvR+HvasI3sDX0HDjiBQxFKDzpP06FMK5P3Py/
XHDElBxCxLchJ224NRPA0tWNu4WG25h3wiV822Dg0H1nf8nerdf0GdrbrRnrmjZr
MCf+i/TwN7C7Zdw+3twNynTgRFP50lwbSLKo6/li2kpS7YJLRv9wOftG0mn+2AaS
Y6IxEheVxlhsbQJfwyNAuW3O0n80NmglasXme5hLmK1T26JmkWi+MLMvuZwsUCGC
4BZuFVxMB6ympbNs0NpYssP3jL5sm3ZFxQCAdNa3qqg9N5zKKnXMn2cYof7ZzvJD
mN5LLsAzb2Kz/YNSj/Nu1HSvBQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLgG5nfa
+rQ+5Fj+aAhGbtk+UBTuMB8GA1UdIwQYMBaAFB0AwoPKoas8xDcaKjhNYrHNRPun
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRjM4Ny81RjNDODQ5Njgz
QTMxMUVFQTBCNDI4MUNDNEY5QUUwMi9IUURDZzhxaHF6ekVOeG9xT0UxaXNjMUUt
NmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0hRRENnOHFocXp6RU54b3FPRTFpc2MxRS02Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
RjM4Ny81RjNDODQ5NjgzQTMxMUVFQTBCNDI4MUNDNEY5QUUwMi9IUURDZzhxaHF6
ekVOeG9xT0UxaXNjMUUtNmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQByX0+yACoZ1PpNBY1T8cBsbg4DKy3yqbZp0elWm5/KpUxlAj4tE8Xx
kaBHvr8fTNkub3steGzyMjczDJiN/KgAtvWdPy030EWl78Wz6YAWE/OPrCmjA6EQ
7GOl+vtusO7huESymIDcuXctRi5AAn7m/l0dEm04327sZOFLpaVq8mrLGWLchCzI
56O/0PlUgmnSNlsgqmhQa72uCWwB/V7FG/W2EIfjQ3XYRymdb+WQfvFchOe8mMiU
BhQYtqnfeJAzQpi7OX+sr+sQRRGXWnbFzgYT1ujrAjQcdb6Bct656zk5WYvzcQPR
31KmJsepv69eE+o15uQfLG7jaAL3dpTM
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:34:17 2025 by rpki-client