Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9131B38/2DF544547D0B11ECBA239433C4F9AE02/-lmybsZZeADDV53XBz-ktoWnwtI.mft
File:                     -lmybsZZeADDV53XBz-ktoWnwtI.mft (raw, json)
Hash identifier:          fMUarjCuNFEde0/TbqLzX2eqFUv2s08AvvwatLKAzFk=
Subject key identifier:   2C:AA:DC:89:16:1B:F3:29:96:56:68:C6:24:FD:70:24:CA:75:64:C5
Authority key identifier: FA:59:B2:6E:C6:59:78:00:C3:57:9D:D7:07:3F:A4:B6:85:A7:C2:D2
Certificate issuer:       /CN=A9131B38/serialNumber=FA59B26EC6597800C3579DD7073FA4B685A7C2D2
Certificate serial:       0409
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-lmybsZZeADDV53XBz-ktoWnwtI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9131B38/2DF544547D0B11ECBA239433C4F9AE02/-lmybsZZeADDV53XBz-ktoWnwtI.mft
Manifest number:          0403
Signing time:             Mon 21 Jul 2025 00:40:07 +0000
Manifest this update:     Mon 21 Jul 2025 00:40:07 +0000
Manifest next update:     Mon 28 Jul 2025 00:40:07 +0000
Files and hashes:         1: -lmybsZZeADDV53XBz-ktoWnwtI.crl (hash: WOi4oY+yZbEjZdKAtAWF8nmpNmdWLS8RmlQepqiqqJQ=)
                          2: 445C8236B69311EC9650A57CC4F9AE02.roa (hash: /iDRAphVdSgU2e36vGmGSufKHFaLvSp39p6b7uKMJro=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9131B38/2DF544547D0B11ECBA239433C4F9AE02/-lmybsZZeADDV53XBz-ktoWnwtI.crl
                          rsync://rpki.apnic.net/member_repository/A9131B38/2DF544547D0B11ECBA239433C4F9AE02/-lmybsZZeADDV53XBz-ktoWnwtI.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-lmybsZZeADDV53XBz-ktoWnwtI.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 28 Jul 2025 00:40:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1033 (0x409)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9131B38, serialNumber=FA59B26EC6597800C3579DD7073FA4B685A7C2D2
        Validity
            Not Before: Jul 21 00:40:07 2025 GMT
            Not After : Jul 28 00:40:07 2025 GMT
        Subject: CN=687d8c67-9bdf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:7a:d3:bd:5c:d8:1f:7f:e1:5b:49:f1:7a:2b:
                    f1:a2:24:39:b3:e7:8f:f4:0b:7a:76:53:09:56:b7:
                    77:9f:31:a7:a2:cc:e4:41:1a:f5:b9:79:11:54:c1:
                    1d:65:97:5b:7c:74:1b:65:89:6c:39:dd:6a:ba:87:
                    c4:45:03:2f:d4:55:8f:6a:26:8a:92:7a:52:3d:72:
                    78:6f:96:c9:34:c4:38:3b:3e:76:e0:2c:37:8f:f3:
                    46:50:fd:56:08:e5:f7:18:08:db:64:86:23:79:81:
                    72:58:d0:e6:3e:a3:bb:4c:d8:ec:f3:d2:af:ec:a0:
                    6f:af:43:cb:37:16:78:59:b9:8c:40:ae:8f:67:06:
                    7e:f5:63:7b:d9:3a:82:8a:c0:55:3e:55:40:4d:fe:
                    4c:fd:cb:d8:89:1f:ba:d5:d0:08:88:52:6d:20:7c:
                    c0:65:f6:9f:8a:6f:c4:68:1b:02:95:cd:26:dc:52:
                    b9:b8:5d:17:02:f5:3c:4f:61:14:83:a8:73:96:de:
                    46:99:01:d9:bc:28:3b:d0:5e:5d:07:5a:7b:95:e1:
                    0d:9c:53:91:2c:14:c3:b1:4c:a7:25:a0:f1:af:d9:
                    47:7c:02:d0:a1:ef:f9:ff:23:5f:90:8d:d7:f5:d8:
                    63:5d:c8:f5:8a:c4:28:c8:d9:4f:9f:45:ff:33:64:
                    66:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:AA:DC:89:16:1B:F3:29:96:56:68:C6:24:FD:70:24:CA:75:64:C5
            X509v3 Authority Key Identifier:
                keyid:FA:59:B2:6E:C6:59:78:00:C3:57:9D:D7:07:3F:A4:B6:85:A7:C2:D2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9131B38/2DF544547D0B11ECBA239433C4F9AE02/-lmybsZZeADDV53XBz-ktoWnwtI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-lmybsZZeADDV53XBz-ktoWnwtI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9131B38/2DF544547D0B11ECBA239433C4F9AE02/-lmybsZZeADDV53XBz-ktoWnwtI.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:0b:b4:05:b4:aa:ae:bc:46:2b:43:4a:70:c3:2d:b2:69:df:
         33:64:06:7e:4a:22:73:cd:57:ed:cb:13:04:aa:ee:0d:ae:9d:
         24:39:66:60:3f:55:e0:ec:98:d7:91:7f:48:4f:bb:63:c7:fe:
         42:53:77:ca:da:f9:74:5c:7c:4b:0a:87:33:c9:d0:30:1a:d0:
         18:7e:d6:6e:6a:82:f9:60:a8:a5:93:7d:b5:7f:c1:65:16:b4:
         3a:fd:8d:e0:14:eb:f1:8e:51:4a:43:35:12:15:4a:64:71:bb:
         02:88:7d:10:dc:fb:54:c2:ba:05:e6:dc:86:f0:7d:4a:6a:7c:
         a2:32:cc:b0:73:58:cb:3e:84:c8:f3:43:ff:97:9f:b8:81:37:
         6a:a4:8a:a3:94:33:a5:26:82:59:c4:20:ab:0b:17:e1:00:4e:
         9e:9e:b2:f7:48:ef:ab:23:97:3e:81:16:f2:7a:37:d3:f3:e1:
         6f:c1:d5:b3:d1:eb:76:ae:8e:e6:97:3d:3d:48:1d:a8:71:37:
         00:12:03:5b:29:42:67:ec:04:a9:3a:29:16:75:11:4a:b0:1d:
         01:66:f9:4a:5d:de:0e:d2:a0:18:04:44:c8:3f:d6:54:dd:9d:
         57:d6:45:bb:aa:d7:91:8e:63:78:50:9f:f8:d8:68:58:70:c3:
         c7:38:a3:12
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICBAkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzFCMzgxMTAvBgNVBAUTKEZBNTlCMjZFQzY1OTc4MDBDMzU3OURENzA3M0ZBNEI2
ODVBN0MyRDIwHhcNMjUwNzIxMDA0MDA3WhcNMjUwNzI4MDA0MDA3WjAYMRYwFAYD
VQQDEw02ODdkOGM2Ny05YmRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA33rTvVzYH3/hW0nxeivxoiQ5s+eP9At6dlMJVrd3nzGnoszkQRr1uXkRVMEd
ZZdbfHQbZYlsOd1quofERQMv1FWPaiaKknpSPXJ4b5bJNMQ4Oz524Cw3j/NGUP1W
COX3GAjbZIYjeYFyWNDmPqO7TNjs89Kv7KBvr0PLNxZ4WbmMQK6PZwZ+9WN72TqC
isBVPlVATf5M/cvYiR+61dAIiFJtIHzAZfafim/EaBsClc0m3FK5uF0XAvU8T2EU
g6hzlt5GmQHZvCg70F5dB1p7leENnFORLBTDsUynJaDxr9lHfALQoe/5/yNfkI3X
9dhjXcj1isQoyNlPn0X/M2RmwwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCyq3IkW
G/MpllZoxiT9cCTKdWTFMB8GA1UdIwQYMBaAFPpZsm7GWXgAw1ed1wc/pLaFp8LS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMUIzOC8yREY1NDQ1NDdE
MEIxMUVDQkEyMzk0MzNDNEY5QUUwMi8tbG15YnNaWmVBRERWNTNYQnota3RvV253
dEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLy1sbXlic1paZUFERFY1M1hCei1rdG9Xbnd0SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
MUIzOC8yREY1NDQ1NDdEMEIxMUVDQkEyMzk0MzNDNEY5QUUwMi8tbG15YnNaWmVB
RERWNTNYQnota3RvV253dEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCFC7QFtKquvEYrQ0pwwy2yad8zZAZ+SiJzzVftyxMEqu4Nrp0kOWZg
P1Xg7JjXkX9IT7tjx/5CU3fK2vl0XHxLCoczydAwGtAYftZuaoL5YKilk321f8Fl
FrQ6/Y3gFOvxjlFKQzUSFUpkcbsCiH0Q3PtUwroF5tyG8H1KanyiMsywc1jLPoTI
80P/l5+4gTdqpIqjlDOlJoJZxCCrCxfhAE6enrL3SO+rI5c+gRbyejfT8+FvwdWz
0et2ro7mlz09SB2ocTcAEgNbKUJn7ASpOikWdRFKsB0BZvlKXd4O0qAYBETIP9ZU
3Z1X1kW7qteRjmN4UJ/42GhYcMPHOKMS
-----END CERTIFICATE-----
Generated at Tue Jul 22 05:10:19 2025 by rpki-client