Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9141620/219816AA293D11EBBFC14771C4F9AE02/A2aKIfDwHwaydP2IzJ4KboPVX4U.mft
File:                     A2aKIfDwHwaydP2IzJ4KboPVX4U.mft (raw, json)
Hash identifier:          QFeZ3Kfc0zstOoksDXZSnUN6C3W2a/5TCXDdg0LJHY0=
Subject key identifier:   BD:88:F3:B4:C3:7D:B7:60:55:2A:97:73:9B:01:00:C4:00:4C:4B:99
Authority key identifier: 03:66:8A:21:F0:F0:1F:06:B2:74:FD:88:CC:9E:0A:6E:83:D5:5F:85
Certificate issuer:       /CN=A9141620/serialNumber=03668A21F0F01F06B274FD88CC9E0A6E83D55F85
Certificate serial:       0770
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A2aKIfDwHwaydP2IzJ4KboPVX4U.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9141620/219816AA293D11EBBFC14771C4F9AE02/A2aKIfDwHwaydP2IzJ4KboPVX4U.mft
Manifest number:          0768
Signing time:             Thu 24 Jul 2025 21:48:28 +0000
Manifest this update:     Thu 24 Jul 2025 21:48:27 +0000
Manifest next update:     Thu 31 Jul 2025 21:48:27 +0000
Files and hashes:         1: A2aKIfDwHwaydP2IzJ4KboPVX4U.crl (hash: 4Hf9JgpkdssOm5CBSavyhZif7BEmbcEYz8y10FuP9vw=)
                          2: 5DDE6BC2293E11EB9DFA3C72C4F9AE02.roa (hash: dyvPcZxPt0csBuZZARHE9y3XiMCjfKdl2w86flcHLuE=)
                          3: CE899F0A66C311F08BE17B42C4F9AE02.roa (hash: XycQAAjR4EYRiIJrbriGrgbwnZEgUHk+CyGzEa7IeHA=)
                          4: 2C0DD994525511F0A544424DC4F9AE02.roa (hash: neek5srr+aWcWmnY+eA9qwIexbf1EgEc62zGldwiimQ=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9141620/219816AA293D11EBBFC14771C4F9AE02/A2aKIfDwHwaydP2IzJ4KboPVX4U.crl
                          rsync://rpki.apnic.net/member_repository/A9141620/219816AA293D11EBBFC14771C4F9AE02/A2aKIfDwHwaydP2IzJ4KboPVX4U.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A2aKIfDwHwaydP2IzJ4KboPVX4U.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 31 Jul 2025 21:48:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1904 (0x770)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9141620, serialNumber=03668A21F0F01F06B274FD88CC9E0A6E83D55F85
        Validity
            Not Before: Jul 24 21:48:27 2025 GMT
            Not After : Jul 31 21:48:27 2025 GMT
        Subject: CN=6882aa2b-b17a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:55:d2:e5:46:a4:d4:9f:1c:9a:0f:9b:57:94:
                    1d:b6:af:3c:e9:e9:79:37:75:01:0e:c6:d1:0f:d2:
                    47:ed:92:8b:36:29:43:43:eb:7a:aa:04:6e:3d:c7:
                    75:3f:f2:83:a1:1c:03:9f:d9:c7:65:64:d1:8a:75:
                    f1:39:14:bb:e1:97:e2:d3:56:96:4e:3a:0e:65:17:
                    2a:f1:c6:cf:ea:38:3e:e3:27:0e:9c:f8:d2:1a:84:
                    5b:50:9f:2d:ff:0c:67:24:44:56:d2:ca:b0:a3:db:
                    6c:b0:7f:5b:65:77:23:b0:ac:9b:33:e9:b5:ce:95:
                    87:6e:5c:55:ed:02:04:e8:c0:41:0c:31:40:bd:f3:
                    d9:fc:3f:9c:11:b8:bf:87:a3:ab:b7:32:31:2c:d9:
                    9a:03:3c:ac:0c:0a:2b:19:a2:c9:fe:92:b6:1c:80:
                    7f:91:eb:cd:63:49:31:7b:39:da:57:d9:b7:eb:69:
                    98:5e:7b:7e:a3:eb:7c:62:75:42:22:cd:f8:35:04:
                    3a:55:91:9a:fc:63:ad:9a:9e:45:58:6a:48:5b:4a:
                    60:85:74:bd:c2:68:4f:6b:5b:53:80:0a:f7:42:26:
                    41:6f:88:cc:82:c4:29:41:1d:e7:a3:97:d8:60:68:
                    be:1e:fb:33:e0:de:4d:98:ee:e5:a0:5e:32:80:f7:
                    3d:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:88:F3:B4:C3:7D:B7:60:55:2A:97:73:9B:01:00:C4:00:4C:4B:99
            X509v3 Authority Key Identifier:
                keyid:03:66:8A:21:F0:F0:1F:06:B2:74:FD:88:CC:9E:0A:6E:83:D5:5F:85

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9141620/219816AA293D11EBBFC14771C4F9AE02/A2aKIfDwHwaydP2IzJ4KboPVX4U.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A2aKIfDwHwaydP2IzJ4KboPVX4U.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9141620/219816AA293D11EBBFC14771C4F9AE02/A2aKIfDwHwaydP2IzJ4KboPVX4U.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:79:89:a8:0b:22:aa:e3:6c:e5:06:c6:6e:a6:80:16:a0:39:
         23:b9:97:34:33:d6:fe:f3:93:02:3b:6b:7a:bc:aa:37:3d:b8:
         65:37:77:27:df:f0:b8:40:df:05:2b:65:e6:d0:71:a9:ef:48:
         11:e4:d1:d5:64:3f:8f:94:41:0d:27:46:6c:e3:dd:4b:7a:0f:
         c8:bd:8d:b8:e7:80:ed:41:02:76:f2:44:4c:c5:80:27:fa:68:
         43:11:c6:88:22:e1:52:de:9f:63:0e:4f:67:3d:9a:71:37:ef:
         3d:33:a3:e0:eb:00:de:0e:36:9c:3a:90:f3:68:35:3a:2a:9d:
         47:ec:3a:35:b2:40:d1:28:7f:7c:f6:07:8c:5a:a7:25:10:b8:
         8d:e5:31:a7:86:be:70:a1:21:33:f7:f8:07:48:b6:47:21:bf:
         2d:8d:69:17:42:60:d9:68:c0:c7:a2:fa:36:63:4c:bd:a6:c0:
         a3:5b:74:a2:0c:f0:4b:e1:e8:dc:72:4e:b4:a9:2b:ef:cf:08:
         b5:1c:b6:d1:29:00:5f:6e:f5:61:8c:bb:ee:b8:23:d2:b9:44:
         5b:f3:f8:7a:ac:57:4e:a2:94:66:47:62:18:69:b3:b9:8c:cf:
         7c:0c:af:8d:17:65:48:ed:41:4e:2c:cb:c2:24:a7:ca:e9:2f:
         f4:fd:56:47
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICB3AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDE2MjAxMTAvBgNVBAUTKDAzNjY4QTIxRjBGMDFGMDZCMjc0RkQ4OENDOUUwQTZF
ODNENTVGODUwHhcNMjUwNzI0MjE0ODI3WhcNMjUwNzMxMjE0ODI3WjAYMRYwFAYD
VQQDEw02ODgyYWEyYi1iMTdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwlXS5Uak1J8cmg+bV5Qdtq886el5N3UBDsbRD9JH7ZKLNilDQ+t6qgRuPcd1
P/KDoRwDn9nHZWTRinXxORS74Zfi01aWTjoOZRcq8cbP6jg+4ycOnPjSGoRbUJ8t
/wxnJERW0sqwo9tssH9bZXcjsKybM+m1zpWHblxV7QIE6MBBDDFAvfPZ/D+cEbi/
h6OrtzIxLNmaAzysDAorGaLJ/pK2HIB/kevNY0kxeznaV9m362mYXnt+o+t8YnVC
Is34NQQ6VZGa/GOtmp5FWGpIW0pghXS9wmhPa1tTgAr3QiZBb4jMgsQpQR3no5fY
YGi+Hvsz4N5NmO7loF4ygPc9qQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL2I87TD
fbdgVSqXc5sBAMQATEuZMB8GA1UdIwQYMBaAFANmiiHw8B8GsnT9iMyeCm6D1V+F
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MTYyMC8yMTk4MTZBQTI5
M0QxMUVCQkZDMTQ3NzFDNEY5QUUwMi9BMmFLSWZEd0h3YXlkUDJJeko0S2JvUFZY
NFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0EyYUtJZkR3SHdheWRQMkl6SjRLYm9QVlg0VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
MTYyMC8yMTk4MTZBQTI5M0QxMUVCQkZDMTQ3NzFDNEY5QUUwMi9BMmFLSWZEd0h3
YXlkUDJJeko0S2JvUFZYNFUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBieYmoCyKq42zlBsZupoAWoDkjuZc0M9b+85MCO2t6vKo3PbhlN3cn
3/C4QN8FK2Xm0HGp70gR5NHVZD+PlEENJ0Zs491Leg/IvY2454DtQQJ28kRMxYAn
+mhDEcaIIuFS3p9jDk9nPZpxN+89M6Pg6wDeDjacOpDzaDU6Kp1H7Do1skDRKH98
9geMWqclELiN5TGnhr5woSEz9/gHSLZHIb8tjWkXQmDZaMDHovo2Y0y9psCjW3Si
DPBL4ejcck60qSvvzwi1HLbRKQBfbvVhjLvuuCPSuURb8/h6rFdOopRmR2IYabO5
jM98DK+NF2VI7UFOLMvCJKfK6S/0/VZH
-----END CERTIFICATE-----
Generated at Fri Jul 25 07:06:59 2025 by rpki-client