Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9140B3F/F8D72CDCD28C11EDBAE9EE6AC4F9AE02/oPv941FZcJK2h-zGQOyF3CnyAXM.mft
File:                     oPv941FZcJK2h-zGQOyF3CnyAXM.mft (raw, json)
Hash identifier:          eFxgn+QmIApaVd9E2yHJsQsZzOQ8/qQL85fr5SIZNUA=
Subject key identifier:   B9:31:AB:60:18:D9:3B:A2:16:E6:AB:E8:EB:45:CD:2B:B7:6D:1E:47
Authority key identifier: A0:FB:FD:E3:51:59:70:92:B6:87:EC:C6:40:EC:85:DC:29:F2:01:73
Certificate issuer:       /CN=A9140B3F/serialNumber=A0FBFDE351597092B687ECC640EC85DC29F20173
Certificate serial:       01B9
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oPv941FZcJK2h-zGQOyF3CnyAXM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9140B3F/F8D72CDCD28C11EDBAE9EE6AC4F9AE02/oPv941FZcJK2h-zGQOyF3CnyAXM.mft
Manifest number:          01B4
Signing time:             Fri 25 Jul 2025 03:20:06 +0000
Manifest this update:     Fri 25 Jul 2025 03:20:05 +0000
Manifest next update:     Fri 01 Aug 2025 03:20:05 +0000
Files and hashes:         1: oPv941FZcJK2h-zGQOyF3CnyAXM.crl (hash: dcYyK8jKkX/3mcGP0wFtxWxn4qQPaltuQNBrDd+fVSc=)
                          2: 1F63D776D29011EDA849876CC4F9AE02.roa (hash: caa9vs5q3NzKdsCc37MTwoPPA4zep6D+Ht0arsk9wtA=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9140B3F/F8D72CDCD28C11EDBAE9EE6AC4F9AE02/oPv941FZcJK2h-zGQOyF3CnyAXM.crl
                          rsync://rpki.apnic.net/member_repository/A9140B3F/F8D72CDCD28C11EDBAE9EE6AC4F9AE02/oPv941FZcJK2h-zGQOyF3CnyAXM.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oPv941FZcJK2h-zGQOyF3CnyAXM.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 01 Aug 2025 03:20:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 441 (0x1b9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9140B3F, serialNumber=A0FBFDE351597092B687ECC640EC85DC29F20173
        Validity
            Not Before: Jul 25 03:20:05 2025 GMT
            Not After : Aug  1 03:20:05 2025 GMT
        Subject: CN=6882f7e6-0e11
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:19:bd:30:b1:3c:0f:1c:6f:a6:ce:d0:a1:28:
                    7d:87:21:bc:5f:31:c6:2b:46:b5:9a:91:49:1e:a1:
                    31:7f:35:7b:82:2f:6d:6d:f9:79:5d:d5:ab:27:b4:
                    9a:40:41:ed:02:64:b5:c1:ad:bc:02:93:be:b0:e8:
                    00:79:28:96:9b:9a:7f:cf:fa:74:71:25:e8:81:1e:
                    7f:b4:82:01:b4:62:bf:f3:dc:ce:5a:39:89:8b:96:
                    36:90:af:f2:5e:d4:f5:b9:b3:3f:03:f9:f5:95:f5:
                    b5:d1:4e:05:ba:0a:0b:32:7f:1e:1e:af:43:a7:d5:
                    8e:d7:80:29:83:9d:2f:26:45:f0:cc:5b:fe:24:be:
                    d0:74:79:ff:33:0c:d5:dc:fd:e0:48:b8:bd:fb:54:
                    3b:0d:78:92:80:34:75:fe:21:ae:ae:81:cd:95:fb:
                    68:3e:5f:aa:9b:14:15:a3:33:c9:11:bc:0e:d0:9c:
                    80:d4:b0:ad:2c:01:91:eb:d0:77:8f:3d:33:f8:dc:
                    4d:6b:f9:6f:09:65:a2:f4:22:78:41:fe:6f:a2:bd:
                    2a:fa:f5:32:90:4c:5a:5d:60:ad:d6:d5:f1:03:77:
                    b3:6d:2b:00:57:eb:fb:5a:d3:ed:86:53:43:ec:96:
                    c2:0a:8d:88:b2:96:c3:07:f5:b0:a0:98:b4:8f:71:
                    5e:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:31:AB:60:18:D9:3B:A2:16:E6:AB:E8:EB:45:CD:2B:B7:6D:1E:47
            X509v3 Authority Key Identifier:
                keyid:A0:FB:FD:E3:51:59:70:92:B6:87:EC:C6:40:EC:85:DC:29:F2:01:73

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9140B3F/F8D72CDCD28C11EDBAE9EE6AC4F9AE02/oPv941FZcJK2h-zGQOyF3CnyAXM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oPv941FZcJK2h-zGQOyF3CnyAXM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9140B3F/F8D72CDCD28C11EDBAE9EE6AC4F9AE02/oPv941FZcJK2h-zGQOyF3CnyAXM.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:a7:15:2b:87:4f:e0:b8:1f:3b:36:05:cb:5a:e2:4d:84:27:
         12:5c:7c:ca:7b:37:8e:1e:5d:c0:03:c1:d5:ea:39:e9:93:00:
         eb:3c:d4:d6:7d:c8:8b:f2:98:14:76:8e:f4:19:52:dc:cf:53:
         56:6a:27:61:96:0a:87:dd:a2:d2:2e:39:ee:6b:10:ce:55:fb:
         7b:f0:73:a0:ae:5e:e1:8a:5a:dc:48:cf:1f:f0:f2:4c:9a:90:
         ea:be:c2:48:ce:dc:f7:98:19:1a:e0:46:61:11:62:37:2e:a1:
         28:aa:15:5c:30:0e:67:97:7c:fd:00:d0:07:64:b7:c7:4f:22:
         cb:48:e8:58:fb:fd:9d:a4:e0:5e:ca:cf:91:ad:0a:88:39:59:
         73:e8:bc:6d:4a:37:af:71:fd:8d:fd:55:01:31:a1:7e:3b:f4:
         f9:c6:7b:21:a6:73:d2:2a:e7:ad:19:00:ce:f5:81:49:6d:34:
         1a:e5:d7:b6:3d:17:58:37:42:d8:2c:7e:eb:aa:4b:5e:0b:f5:
         19:26:00:6e:fc:96:88:e7:ca:4f:11:3b:6d:ca:00:aa:24:9d:
         aa:89:a8:0c:be:5d:b8:ae:8e:9f:7e:0e:58:8e:88:df:e5:10:
         f6:13:06:64:60:0b:f0:c7:34:f7:fe:12:3b:0c:2e:19:44:60:
         c0:73:4c:87
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAbkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDBCM0YxMTAvBgNVBAUTKEEwRkJGREUzNTE1OTcwOTJCNjg3RUNDNjQwRUM4NURD
MjlGMjAxNzMwHhcNMjUwNzI1MDMyMDA1WhcNMjUwODAxMDMyMDA1WjAYMRYwFAYD
VQQDEw02ODgyZjdlNi0wZTExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyRm9MLE8Dxxvps7QoSh9hyG8XzHGK0a1mpFJHqExfzV7gi9tbfl5XdWrJ7Sa
QEHtAmS1wa28ApO+sOgAeSiWm5p/z/p0cSXogR5/tIIBtGK/89zOWjmJi5Y2kK/y
XtT1ubM/A/n1lfW10U4FugoLMn8eHq9Dp9WO14Apg50vJkXwzFv+JL7QdHn/MwzV
3P3gSLi9+1Q7DXiSgDR1/iGuroHNlftoPl+qmxQVozPJEbwO0JyA1LCtLAGR69B3
jz0z+NxNa/lvCWWi9CJ4Qf5vor0q+vUykExaXWCt1tXxA3ezbSsAV+v7WtPthlND
7JbCCo2IspbDB/WwoJi0j3FeNwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLkxq2AY
2TuiFuar6OtFzSu3bR5HMB8GA1UdIwQYMBaAFKD7/eNRWXCStofsxkDshdwp8gFz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MEIzRi9GOEQ3MkNEQ0Qy
OEMxMUVEQkFFOUVFNkFDNEY5QUUwMi9vUHY5NDFGWmNKSzJoLXpHUU95RjNDbnlB
WE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29Qdjk0MUZaY0pLMmgtekdRT3lGM0NueUFYTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
MEIzRi9GOEQ3MkNEQ0QyOEMxMUVEQkFFOUVFNkFDNEY5QUUwMi9vUHY5NDFGWmNK
SzJoLXpHUU95RjNDbnlBWE0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQB5pxUrh0/guB87NgXLWuJNhCcSXHzKezeOHl3AA8HV6jnpkwDrPNTW
fciL8pgUdo70GVLcz1NWaidhlgqH3aLSLjnuaxDOVft78HOgrl7hilrcSM8f8PJM
mpDqvsJIztz3mBka4EZhEWI3LqEoqhVcMA5nl3z9ANAHZLfHTyLLSOhY+/2dpOBe
ys+RrQqIOVlz6LxtSjevcf2N/VUBMaF+O/T5xnshpnPSKuetGQDO9YFJbTQa5de2
PRdYN0LYLH7rqkteC/UZJgBu/JaI58pPETttygCqJJ2qiagMvl24ro6ffg5Yjojf
5RD2EwZkYAvwxzT3/hI7DC4ZRGDAc0yH
-----END CERTIFICATE-----
Generated at Fri Jul 25 05:23:03 2025 by rpki-client