Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9140B3F/F8D72CDCD28C11EDBAE9EE6AC4F9AE02/oPv941FZcJK2h-zGQOyF3CnyAXM.mft
File:                     oPv941FZcJK2h-zGQOyF3CnyAXM.mft (raw, json)
Hash identifier:          BvvgiTPTydOGdCJoKgMkK+d7xjMxy/90xTIs45p1Fec=
Subject key identifier:   C1:13:5C:FD:F6:6D:CF:9D:5C:34:A9:65:1C:90:9B:EB:64:EC:D8:21
Authority key identifier: A0:FB:FD:E3:51:59:70:92:B6:87:EC:C6:40:EC:85:DC:29:F2:01:73
Certificate issuer:       /CN=A9140B3F/serialNumber=A0FBFDE351597092B687ECC640EC85DC29F20173
Certificate serial:       01B8
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oPv941FZcJK2h-zGQOyF3CnyAXM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9140B3F/F8D72CDCD28C11EDBAE9EE6AC4F9AE02/oPv941FZcJK2h-zGQOyF3CnyAXM.mft
Manifest number:          01B3
Signing time:             Wed 23 Jul 2025 03:24:28 +0000
Manifest this update:     Wed 23 Jul 2025 03:24:27 +0000
Manifest next update:     Wed 30 Jul 2025 03:24:27 +0000
Files and hashes:         1: oPv941FZcJK2h-zGQOyF3CnyAXM.crl (hash: /ULGTFdgDzHe1fXqOYH67JKbBj0ZkMgO3lNhdrlTAv4=)
                          2: 1F63D776D29011EDA849876CC4F9AE02.roa (hash: caa9vs5q3NzKdsCc37MTwoPPA4zep6D+Ht0arsk9wtA=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9140B3F/F8D72CDCD28C11EDBAE9EE6AC4F9AE02/oPv941FZcJK2h-zGQOyF3CnyAXM.crl
                          rsync://rpki.apnic.net/member_repository/A9140B3F/F8D72CDCD28C11EDBAE9EE6AC4F9AE02/oPv941FZcJK2h-zGQOyF3CnyAXM.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oPv941FZcJK2h-zGQOyF3CnyAXM.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 30 Jul 2025 03:24:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 440 (0x1b8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9140B3F, serialNumber=A0FBFDE351597092B687ECC640EC85DC29F20173
        Validity
            Not Before: Jul 23 03:24:27 2025 GMT
            Not After : Jul 30 03:24:27 2025 GMT
        Subject: CN=688055eb-60e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:94:82:7d:b8:a4:97:77:33:9d:62:1e:f1:96:
                    c6:6e:bd:10:89:af:03:a3:7d:19:51:32:cf:a3:90:
                    13:3d:cd:0a:6c:a3:99:36:7b:ca:73:e2:08:76:1d:
                    14:69:89:c8:a1:31:ff:7b:f4:13:69:cc:8c:0b:08:
                    f3:95:22:83:0a:92:63:31:5e:e1:2b:61:b6:84:6f:
                    72:e7:07:09:83:2b:fc:38:80:c4:4b:6a:86:c8:a6:
                    09:81:f5:8e:4a:4e:5c:46:6b:7e:6b:63:cf:b7:3c:
                    ca:0b:0f:ab:cd:08:33:77:03:20:96:b4:3f:d5:53:
                    78:ef:15:40:70:4d:ab:da:29:d7:b8:a5:b8:21:e6:
                    61:ce:c9:b5:fd:7d:a0:7e:cc:e1:a7:c7:a8:f0:0a:
                    bf:61:fa:55:81:8f:7a:50:a9:c1:32:d4:0b:f4:a2:
                    f5:a6:47:e0:c2:b7:81:48:b5:87:13:91:dc:bb:6f:
                    ba:44:52:96:72:9c:48:5e:f4:c9:7a:6d:f4:c7:8e:
                    a3:55:b4:d5:b5:fe:55:b2:50:9a:30:4e:66:52:8a:
                    39:6c:88:6d:a4:b7:3b:46:ca:47:2f:73:ec:59:ac:
                    b1:ff:04:84:15:f0:9f:96:a5:73:62:79:8a:17:7c:
                    d1:c0:cd:49:08:3c:1d:20:22:06:96:aa:3c:0f:25:
                    e8:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:13:5C:FD:F6:6D:CF:9D:5C:34:A9:65:1C:90:9B:EB:64:EC:D8:21
            X509v3 Authority Key Identifier:
                keyid:A0:FB:FD:E3:51:59:70:92:B6:87:EC:C6:40:EC:85:DC:29:F2:01:73

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9140B3F/F8D72CDCD28C11EDBAE9EE6AC4F9AE02/oPv941FZcJK2h-zGQOyF3CnyAXM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oPv941FZcJK2h-zGQOyF3CnyAXM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9140B3F/F8D72CDCD28C11EDBAE9EE6AC4F9AE02/oPv941FZcJK2h-zGQOyF3CnyAXM.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:ee:6c:fd:e0:c1:7c:30:d4:1c:20:b1:d8:c8:71:64:36:76:
         30:a1:26:7f:61:6c:35:88:fa:e4:fb:2b:99:b6:60:f1:8c:55:
         22:c3:96:1b:2b:03:54:90:08:72:b2:5a:62:0c:c2:e4:3c:ad:
         a9:60:73:41:9b:fc:a0:eb:89:f7:43:bf:2b:74:43:96:6b:c8:
         4c:28:78:91:34:bd:7b:1a:bc:fa:f4:23:f7:ac:b5:dd:99:7d:
         b8:e1:85:b8:a6:c0:9b:54:94:58:4f:e3:d3:eb:d5:f8:ec:8f:
         a0:3f:7f:8c:c0:53:9a:c6:a2:41:09:b6:76:ff:86:6d:29:de:
         a4:55:9b:80:bd:01:6b:42:e2:63:d3:5e:e6:97:4b:6c:12:51:
         d8:f7:7f:7f:8f:e6:8a:67:1e:a8:46:28:38:19:0e:06:a7:30:
         85:61:7a:5d:45:4c:1d:11:55:ed:39:4b:46:37:e0:e7:da:e2:
         3b:d8:5e:89:5b:41:63:ed:fa:2a:ba:79:e4:f7:67:9b:bc:b5:
         6f:1b:7f:91:4c:56:46:7d:a0:00:a6:92:84:93:a4:10:56:86:
         88:bf:6d:2a:7e:e3:02:b8:bc:e5:a2:0d:a2:0c:7a:4d:3b:50:
         dd:e9:dc:84:45:14:ad:dd:e5:44:6d:2f:63:f3:1a:01:a0:83:
         bb:a6:3d:f1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAbgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDBCM0YxMTAvBgNVBAUTKEEwRkJGREUzNTE1OTcwOTJCNjg3RUNDNjQwRUM4NURD
MjlGMjAxNzMwHhcNMjUwNzIzMDMyNDI3WhcNMjUwNzMwMDMyNDI3WjAYMRYwFAYD
VQQDEw02ODgwNTVlYi02MGUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxZSCfbikl3cznWIe8ZbGbr0Qia8Do30ZUTLPo5ATPc0KbKOZNnvKc+IIdh0U
aYnIoTH/e/QTacyMCwjzlSKDCpJjMV7hK2G2hG9y5wcJgyv8OIDES2qGyKYJgfWO
Sk5cRmt+a2PPtzzKCw+rzQgzdwMglrQ/1VN47xVAcE2r2inXuKW4IeZhzsm1/X2g
fszhp8eo8Aq/YfpVgY96UKnBMtQL9KL1pkfgwreBSLWHE5Hcu2+6RFKWcpxIXvTJ
em30x46jVbTVtf5VslCaME5mUoo5bIhtpLc7RspHL3PsWayx/wSEFfCflqVzYnmK
F3zRwM1JCDwdICIGlqo8DyXo8QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMETXP32
bc+dXDSpZRyQm+tk7NghMB8GA1UdIwQYMBaAFKD7/eNRWXCStofsxkDshdwp8gFz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MEIzRi9GOEQ3MkNEQ0Qy
OEMxMUVEQkFFOUVFNkFDNEY5QUUwMi9vUHY5NDFGWmNKSzJoLXpHUU95RjNDbnlB
WE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29Qdjk0MUZaY0pLMmgtekdRT3lGM0NueUFYTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
MEIzRi9GOEQ3MkNEQ0QyOEMxMUVEQkFFOUVFNkFDNEY5QUUwMi9vUHY5NDFGWmNK
SzJoLXpHUU95RjNDbnlBWE0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCR7mz94MF8MNQcILHYyHFkNnYwoSZ/YWw1iPrk+yuZtmDxjFUiw5Yb
KwNUkAhyslpiDMLkPK2pYHNBm/yg64n3Q78rdEOWa8hMKHiRNL17Grz69CP3rLXd
mX244YW4psCbVJRYT+PT69X47I+gP3+MwFOaxqJBCbZ2/4ZtKd6kVZuAvQFrQuJj
017ml0tsElHY939/j+aKZx6oRig4GQ4GpzCFYXpdRUwdEVXtOUtGN+Dn2uI72F6J
W0Fj7foqunnk92ebvLVvG3+RTFZGfaAAppKEk6QQVoaIv20qfuMCuLzlog2iDHpN
O1Dd6dyERRSt3eVEbS9j8xoBoIO7pj3x
-----END CERTIFICATE-----
Generated at Thu Jul 24 08:28:45 2025 by rpki-client