Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9140B3F/F8D72CDCD28C11EDBAE9EE6AC4F9AE02/oPv941FZcJK2h-zGQOyF3CnyAXM.mft
File:                     oPv941FZcJK2h-zGQOyF3CnyAXM.mft (raw, json)
Hash identifier:          hp5iOhgNo/XxMAE3mc+QWkeueGQk2FW1t3fLHN843dU=
Subject key identifier:   48:D0:E4:B4:CE:97:D2:EC:53:2F:11:02:D4:F9:2B:14:E0:68:FD:01
Authority key identifier: A0:FB:FD:E3:51:59:70:92:B6:87:EC:C6:40:EC:85:DC:29:F2:01:73
Certificate issuer:       /CN=A9140B3F/serialNumber=A0FBFDE351597092B687ECC640EC85DC29F20173
Certificate serial:       01B7
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oPv941FZcJK2h-zGQOyF3CnyAXM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9140B3F/F8D72CDCD28C11EDBAE9EE6AC4F9AE02/oPv941FZcJK2h-zGQOyF3CnyAXM.mft
Manifest number:          01B2
Signing time:             Mon 21 Jul 2025 03:14:55 +0000
Manifest this update:     Mon 21 Jul 2025 03:14:55 +0000
Manifest next update:     Mon 28 Jul 2025 03:14:55 +0000
Files and hashes:         1: oPv941FZcJK2h-zGQOyF3CnyAXM.crl (hash: bFmnHfUyDl/Icc3RJiFp+PQvoM4khNbYeZfkqjuUc2U=)
                          2: 1F63D776D29011EDA849876CC4F9AE02.roa (hash: caa9vs5q3NzKdsCc37MTwoPPA4zep6D+Ht0arsk9wtA=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9140B3F/F8D72CDCD28C11EDBAE9EE6AC4F9AE02/oPv941FZcJK2h-zGQOyF3CnyAXM.crl
                          rsync://rpki.apnic.net/member_repository/A9140B3F/F8D72CDCD28C11EDBAE9EE6AC4F9AE02/oPv941FZcJK2h-zGQOyF3CnyAXM.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oPv941FZcJK2h-zGQOyF3CnyAXM.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 28 Jul 2025 03:14:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 439 (0x1b7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9140B3F, serialNumber=A0FBFDE351597092B687ECC640EC85DC29F20173
        Validity
            Not Before: Jul 21 03:14:55 2025 GMT
            Not After : Jul 28 03:14:55 2025 GMT
        Subject: CN=687db0af-ad85
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:9d:79:06:49:1a:10:31:02:ef:5d:8d:c7:98:
                    3f:8b:82:03:9f:d7:7e:5f:09:e7:30:a0:36:8b:26:
                    11:10:88:14:6b:6e:08:17:c8:0f:0f:a2:ad:81:a5:
                    fa:a0:0a:96:44:76:73:fb:eb:0e:a9:32:b1:5b:28:
                    03:3c:e3:04:93:08:bd:41:23:32:e2:49:06:9f:d8:
                    69:59:51:60:d5:7c:17:24:87:0a:86:41:30:e4:f8:
                    24:f4:0c:a7:13:fb:20:a5:12:f8:ef:1b:df:c4:03:
                    41:58:90:43:38:f0:f1:d2:1e:c0:f5:a2:47:89:97:
                    c7:d2:d4:77:e8:87:59:03:03:58:f3:3f:ab:76:90:
                    e4:b3:de:fc:f6:94:af:b9:e5:0e:c9:13:18:43:75:
                    93:b5:d3:f1:d6:22:6c:3e:af:95:ac:da:cd:dc:31:
                    fa:3c:51:a0:b5:08:5b:7c:45:b7:b6:e1:4b:a0:a6:
                    a8:f0:62:02:bf:c7:fe:2e:da:4c:ae:d9:30:75:b1:
                    f8:e0:d9:37:88:20:84:c0:73:a8:4f:5d:de:66:3e:
                    80:af:84:e6:c2:07:de:76:f4:50:d4:3c:7b:ae:c1:
                    76:21:07:1e:71:71:81:33:5a:8a:71:30:58:35:36:
                    d9:35:13:2f:e9:95:f5:11:23:1a:ba:51:0d:6c:bf:
                    2e:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:D0:E4:B4:CE:97:D2:EC:53:2F:11:02:D4:F9:2B:14:E0:68:FD:01
            X509v3 Authority Key Identifier:
                keyid:A0:FB:FD:E3:51:59:70:92:B6:87:EC:C6:40:EC:85:DC:29:F2:01:73

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9140B3F/F8D72CDCD28C11EDBAE9EE6AC4F9AE02/oPv941FZcJK2h-zGQOyF3CnyAXM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oPv941FZcJK2h-zGQOyF3CnyAXM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9140B3F/F8D72CDCD28C11EDBAE9EE6AC4F9AE02/oPv941FZcJK2h-zGQOyF3CnyAXM.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:bf:9c:50:92:80:18:43:0b:2a:f0:f2:05:bb:ff:d0:d1:18:
         b2:87:9f:5b:02:7c:a1:20:01:16:04:a7:de:fe:f6:38:d3:8a:
         40:c4:14:54:29:8a:16:3b:f3:0f:35:4b:de:dc:5d:74:87:84:
         b3:d0:35:78:d2:22:22:f4:be:47:91:17:6f:80:a8:8d:7c:9a:
         2e:f2:50:fe:0e:28:de:2f:79:4b:a3:75:85:50:60:7c:17:e2:
         62:02:88:26:eb:57:70:9a:60:22:db:89:c2:0c:99:4b:46:a6:
         5c:79:33:fa:13:49:6e:c4:70:e0:2a:de:c7:47:c4:d3:8a:39:
         bb:86:34:af:25:d5:4b:42:4c:1e:bb:66:c7:9f:9f:a7:40:df:
         22:1d:66:6a:76:cd:57:1b:54:64:ab:70:92:63:a6:9b:6e:a5:
         cb:02:ee:3a:4a:c2:d7:92:fc:6f:de:b0:73:fd:ed:de:c4:a0:
         8a:68:5b:32:9b:44:71:fd:27:fc:04:ac:fa:15:df:50:0c:cd:
         b8:8f:45:23:8f:a6:c4:0c:dd:1e:07:78:e8:08:2b:69:bc:c5:
         c4:16:3d:33:fc:d0:18:01:c4:27:55:ca:b7:fd:08:80:28:92:
         7f:c9:7e:6f:9d:0d:b9:91:05:f4:ac:d4:2e:82:d7:36:e5:4c:
         7c:27:38:02
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAbcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDBCM0YxMTAvBgNVBAUTKEEwRkJGREUzNTE1OTcwOTJCNjg3RUNDNjQwRUM4NURD
MjlGMjAxNzMwHhcNMjUwNzIxMDMxNDU1WhcNMjUwNzI4MDMxNDU1WjAYMRYwFAYD
VQQDEw02ODdkYjBhZi1hZDg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvp15BkkaEDEC712Nx5g/i4IDn9d+XwnnMKA2iyYREIgUa24IF8gPD6KtgaX6
oAqWRHZz++sOqTKxWygDPOMEkwi9QSMy4kkGn9hpWVFg1XwXJIcKhkEw5Pgk9Ayn
E/sgpRL47xvfxANBWJBDOPDx0h7A9aJHiZfH0tR36IdZAwNY8z+rdpDks9789pSv
ueUOyRMYQ3WTtdPx1iJsPq+VrNrN3DH6PFGgtQhbfEW3tuFLoKao8GICv8f+LtpM
rtkwdbH44Nk3iCCEwHOoT13eZj6Ar4TmwgfedvRQ1Dx7rsF2IQcecXGBM1qKcTBY
NTbZNRMv6ZX1ESMaulENbL8uNQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEjQ5LTO
l9LsUy8RAtT5KxTgaP0BMB8GA1UdIwQYMBaAFKD7/eNRWXCStofsxkDshdwp8gFz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MEIzRi9GOEQ3MkNEQ0Qy
OEMxMUVEQkFFOUVFNkFDNEY5QUUwMi9vUHY5NDFGWmNKSzJoLXpHUU95RjNDbnlB
WE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29Qdjk0MUZaY0pLMmgtekdRT3lGM0NueUFYTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
MEIzRi9GOEQ3MkNEQ0QyOEMxMUVEQkFFOUVFNkFDNEY5QUUwMi9vUHY5NDFGWmNK
SzJoLXpHUU95RjNDbnlBWE0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAav5xQkoAYQwsq8PIFu//Q0Riyh59bAnyhIAEWBKfe/vY404pAxBRU
KYoWO/MPNUve3F10h4Sz0DV40iIi9L5HkRdvgKiNfJou8lD+DijeL3lLo3WFUGB8
F+JiAogm61dwmmAi24nCDJlLRqZceTP6E0luxHDgKt7HR8TTijm7hjSvJdVLQkwe
u2bHn5+nQN8iHWZqds1XG1Rkq3CSY6abbqXLAu46SsLXkvxv3rBz/e3exKCKaFsy
m0Rx/Sf8BKz6Fd9QDM24j0Ujj6bEDN0eB3joCCtpvMXEFj0z/NAYAcQnVcq3/QiA
KJJ/yX5vnQ25kQX0rNQugtc25Ux8JzgC
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:12:41 2025 by rpki-client