Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9135450/843DC69618B111EDBEC5FE63C4F9AE02/-o32EYRRvVM4cqyjdiK_c77RlEE.mft
File:                     -o32EYRRvVM4cqyjdiK_c77RlEE.mft (raw, json)
Hash identifier:          VE4p9ckU76AL0004G2HDXqHe1PEOvzVAzTgFYd8MpvI=
Subject key identifier:   9A:68:B7:1F:2A:BD:F4:75:BB:61:C4:7D:C7:55:87:1A:52:B3:23:C3
Authority key identifier: FA:8D:F6:11:84:51:BD:53:38:72:AC:A3:76:22:BF:73:BE:D1:94:41
Certificate issuer:       /CN=A9135450/serialNumber=FA8DF6118451BD533872ACA37622BF73BED19441
Certificate serial:       027D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-o32EYRRvVM4cqyjdiK_c77RlEE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9135450/843DC69618B111EDBEC5FE63C4F9AE02/-o32EYRRvVM4cqyjdiK_c77RlEE.mft
Manifest number:          0279
Signing time:             Fri 25 Jul 2025 02:07:51 +0000
Manifest this update:     Fri 25 Jul 2025 02:07:51 +0000
Manifest next update:     Fri 01 Aug 2025 02:07:51 +0000
Files and hashes:         1: -o32EYRRvVM4cqyjdiK_c77RlEE.crl (hash: iHVA9RSZ4auuX4mjZIcVORw5DhjQp33PTJ1w/Ow6RxU=)
                          2: CA57150418B311EDB72D3165C4F9AE02.roa (hash: sMLXclSpaatsjiefCG2CYL97q01e5mLSlbQCKpyYzHg=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9135450/843DC69618B111EDBEC5FE63C4F9AE02/-o32EYRRvVM4cqyjdiK_c77RlEE.crl
                          rsync://rpki.apnic.net/member_repository/A9135450/843DC69618B111EDBEC5FE63C4F9AE02/-o32EYRRvVM4cqyjdiK_c77RlEE.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-o32EYRRvVM4cqyjdiK_c77RlEE.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 01 Aug 2025 02:07:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 637 (0x27d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9135450, serialNumber=FA8DF6118451BD533872ACA37622BF73BED19441
        Validity
            Not Before: Jul 25 02:07:51 2025 GMT
            Not After : Aug  1 02:07:51 2025 GMT
        Subject: CN=6882e6f7-935b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:78:c9:75:9d:e9:ca:e5:61:63:f9:cc:f7:ad:
                    67:25:69:06:ae:2a:09:47:a4:0a:04:2d:28:b4:0f:
                    70:44:68:cb:23:ba:d3:9b:df:62:a0:6c:71:2e:00:
                    bd:6d:6d:8d:9d:52:d7:47:24:3d:18:7e:65:2a:7f:
                    a2:7e:db:01:01:b9:9b:62:77:40:7a:49:07:9a:aa:
                    19:7e:b8:61:72:57:71:83:4a:19:ae:1e:31:e9:7c:
                    3c:ed:56:1e:84:68:bc:7f:ee:7f:dc:68:9f:58:bd:
                    a3:4e:fe:d2:18:3b:db:df:69:19:7a:75:04:19:c0:
                    ff:40:fa:73:20:d7:fc:69:de:72:74:5c:32:1b:f8:
                    7f:64:e9:c6:a1:6c:53:79:56:18:27:21:b1:b7:90:
                    99:60:7b:1e:3f:5f:50:a0:fb:a3:2b:f7:db:88:b9:
                    be:ba:f2:7c:fb:eb:a1:1d:ef:93:75:08:d1:3b:9a:
                    73:b0:e8:4f:a3:e9:8d:95:73:b5:e3:d2:61:51:c9:
                    50:55:48:b4:90:02:ef:85:7f:7f:96:52:13:9c:e1:
                    e0:25:0d:b9:4b:ec:fb:79:dd:3d:59:28:17:6e:ca:
                    62:49:00:c8:d3:82:10:12:93:79:d2:5d:7f:95:d3:
                    4f:9b:22:b8:f0:af:fe:80:1c:d4:89:9d:27:49:74:
                    1c:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:68:B7:1F:2A:BD:F4:75:BB:61:C4:7D:C7:55:87:1A:52:B3:23:C3
            X509v3 Authority Key Identifier:
                keyid:FA:8D:F6:11:84:51:BD:53:38:72:AC:A3:76:22:BF:73:BE:D1:94:41

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9135450/843DC69618B111EDBEC5FE63C4F9AE02/-o32EYRRvVM4cqyjdiK_c77RlEE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-o32EYRRvVM4cqyjdiK_c77RlEE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9135450/843DC69618B111EDBEC5FE63C4F9AE02/-o32EYRRvVM4cqyjdiK_c77RlEE.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         d3:7f:5f:08:31:50:cd:da:99:62:8d:45:d0:b1:a4:c3:0e:2f:
         84:a5:69:3c:7a:38:21:45:6a:34:99:2d:f0:ea:0d:17:cc:a7:
         77:85:3a:f1:d8:3c:d4:aa:1d:c0:d1:3b:6c:92:5d:20:1d:3e:
         4e:ec:de:5e:44:2c:5a:48:83:ab:e1:ea:0f:0c:f4:5d:16:b0:
         75:d3:70:97:92:c2:5f:f0:dd:64:a2:06:75:9c:f0:f2:71:aa:
         17:9d:65:9a:a1:f3:54:31:95:60:93:b9:6c:f2:4d:1f:05:96:
         42:86:31:28:f9:a7:c6:5b:61:ca:f1:de:1a:aa:7d:d3:c6:9a:
         9b:51:8c:91:77:c9:39:8c:29:2b:e8:ab:48:33:1a:7a:86:df:
         08:df:0e:1d:b6:e9:93:1b:92:cb:50:bd:4d:cd:1b:53:29:ea:
         69:ac:17:36:04:56:f7:5e:d9:f6:9a:fd:44:cb:5a:36:07:5a:
         9c:93:da:6e:c1:6e:25:97:64:44:b6:db:70:0c:2f:e3:2e:f1:
         70:dd:50:58:3d:3c:96:8f:cb:f1:c4:94:cb:23:f9:7e:e8:b1:
         99:12:1e:bf:c8:3d:cf:99:38:34:aa:84:14:78:a3:be:eb:8c:
         bd:34:e8:1f:ef:91:a3:38:de:b3:0a:c7:a7:c7:5c:d1:ea:62:
         cc:f1:e3:e7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAn0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzU0NTAxMTAvBgNVBAUTKEZBOERGNjExODQ1MUJENTMzODcyQUNBMzc2MjJCRjcz
QkVEMTk0NDEwHhcNMjUwNzI1MDIwNzUxWhcNMjUwODAxMDIwNzUxWjAYMRYwFAYD
VQQDEw02ODgyZTZmNy05MzViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1njJdZ3pyuVhY/nM961nJWkGrioJR6QKBC0otA9wRGjLI7rTm99ioGxxLgC9
bW2NnVLXRyQ9GH5lKn+iftsBAbmbYndAekkHmqoZfrhhcldxg0oZrh4x6Xw87VYe
hGi8f+5/3GifWL2jTv7SGDvb32kZenUEGcD/QPpzINf8ad5ydFwyG/h/ZOnGoWxT
eVYYJyGxt5CZYHseP19QoPujK/fbiLm+uvJ8++uhHe+TdQjRO5pzsOhPo+mNlXO1
49JhUclQVUi0kALvhX9/llITnOHgJQ25S+z7ed09WSgXbspiSQDI04IQEpN50l1/
ldNPmyK48K/+gBzUiZ0nSXQcSwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJpotx8q
vfR1u2HEfcdVhxpSsyPDMB8GA1UdIwQYMBaAFPqN9hGEUb1TOHKso3Yiv3O+0ZRB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNTQ1MC84NDNEQzY5NjE4
QjExMUVEQkVDNUZFNjNDNEY5QUUwMi8tbzMyRVlSUnZWTTRjcXlqZGlLX2M3N1Js
RUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLy1vMzJFWVJSdlZNNGNxeWpkaUtfYzc3UmxFRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
NTQ1MC84NDNEQzY5NjE4QjExMUVEQkVDNUZFNjNDNEY5QUUwMi8tbzMyRVlSUnZW
TTRjcXlqZGlLX2M3N1JsRUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQDTf18IMVDN2plijUXQsaTDDi+EpWk8ejghRWo0mS3w6g0XzKd3hTrx
2DzUqh3A0Ttskl0gHT5O7N5eRCxaSIOr4eoPDPRdFrB103CXksJf8N1kogZ1nPDy
caoXnWWaofNUMZVgk7ls8k0fBZZChjEo+afGW2HK8d4aqn3TxpqbUYyRd8k5jCkr
6KtIMxp6ht8I3w4dtumTG5LLUL1NzRtTKepprBc2BFb3Xtn2mv1Ey1o2B1qck9pu
wW4ll2REtttwDC/jLvFw3VBYPTyWj8vxxJTLI/l+6LGZEh6/yD3PmTg0qoQUeKO+
64y9NOgf75GjON6zCsenx1zR6mLM8ePn
-----END CERTIFICATE-----
Generated at Sat Jul 26 01:57:35 2025 by rpki-client