Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9142DB4/3C09B3FA5CE211EEAF42DE62C4F9AE02/t8l5X_9_ac8zt2Uca5kmpzDZdZw.mft
File:                     t8l5X_9_ac8zt2Uca5kmpzDZdZw.mft (raw, json)
Hash identifier:          15z3+QejgEWn38gUUIOdpdfPbZOikZSuwcVxIDuLgDk=
Subject key identifier:   B9:2D:44:A6:D2:B4:EE:50:64:65:D5:C5:17:28:9F:AB:09:3E:DE:B3
Authority key identifier: B7:C9:79:5F:FF:7F:69:CF:33:B7:65:1C:6B:99:26:A7:30:D9:75:9C
Certificate issuer:       /CN=A9142DB4/serialNumber=B7C9795FFF7F69CF33B7651C6B9926A730D9759C
Certificate serial:       0157
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t8l5X_9_ac8zt2Uca5kmpzDZdZw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9142DB4/3C09B3FA5CE211EEAF42DE62C4F9AE02/t8l5X_9_ac8zt2Uca5kmpzDZdZw.mft
Manifest number:          0154
Signing time:             Mon 21 Jul 2025 04:12:46 +0000
Manifest this update:     Mon 21 Jul 2025 04:12:45 +0000
Manifest next update:     Mon 28 Jul 2025 04:12:45 +0000
Files and hashes:         1: t8l5X_9_ac8zt2Uca5kmpzDZdZw.crl (hash: eyl4A+02euaRyCR6S8v3zZXnx2LkGqe+Kxkzu/d1yGE=)
                          2: 9ADC9C8A5CE211EEBA4DBD15C4F9AE02.roa (hash: icEjBAvtyS7bBSn0NXrfM0VKf/GFl7OVPnJ58XOd/T8=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9142DB4/3C09B3FA5CE211EEAF42DE62C4F9AE02/t8l5X_9_ac8zt2Uca5kmpzDZdZw.crl
                          rsync://rpki.apnic.net/member_repository/A9142DB4/3C09B3FA5CE211EEAF42DE62C4F9AE02/t8l5X_9_ac8zt2Uca5kmpzDZdZw.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t8l5X_9_ac8zt2Uca5kmpzDZdZw.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 28 Jul 2025 04:12:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 343 (0x157)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9142DB4, serialNumber=B7C9795FFF7F69CF33B7651C6B9926A730D9759C
        Validity
            Not Before: Jul 21 04:12:45 2025 GMT
            Not After : Jul 28 04:12:45 2025 GMT
        Subject: CN=687dbe3e-6726
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:51:ec:cc:18:96:49:31:a5:d1:15:f9:2f:92:
                    a1:db:37:08:d4:76:db:e5:db:88:ca:61:5f:fb:d3:
                    6e:f3:34:d0:21:c6:4d:b8:54:87:3a:63:fc:45:40:
                    7b:81:bf:df:ab:37:75:b1:cf:f6:8b:04:ae:df:d9:
                    50:92:b3:b1:90:1c:a8:6e:84:f5:0d:0f:3b:9b:52:
                    7a:6b:0e:46:dd:bb:0c:21:0e:43:93:23:d7:b0:5f:
                    37:3b:d3:ec:71:24:b6:56:38:9e:0d:8d:43:bb:99:
                    f0:65:89:75:09:52:c0:0a:d3:c9:ad:d4:9c:a0:7a:
                    ac:5a:45:aa:d8:98:33:b4:81:dd:31:7e:7c:71:4a:
                    33:01:da:ae:96:62:b6:d6:bd:4d:97:3a:87:e2:41:
                    64:c5:19:a0:b8:f3:96:37:eb:95:ed:89:c9:c5:53:
                    e5:07:b9:8b:b6:61:bd:b0:a8:27:51:c9:f1:2b:6d:
                    ba:43:b5:ba:2f:44:59:f4:01:65:f1:5f:d1:73:66:
                    38:c1:e9:b9:39:ed:0a:6f:89:0d:9d:1e:73:99:46:
                    fb:c9:36:9f:68:67:e7:c0:b0:4c:4e:83:c2:25:ed:
                    46:83:3d:d6:56:c7:4c:85:25:4c:39:18:f1:4d:d3:
                    4b:7c:a3:fd:e6:ba:7f:d3:bf:19:ce:41:a6:aa:de:
                    c6:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:2D:44:A6:D2:B4:EE:50:64:65:D5:C5:17:28:9F:AB:09:3E:DE:B3
            X509v3 Authority Key Identifier:
                keyid:B7:C9:79:5F:FF:7F:69:CF:33:B7:65:1C:6B:99:26:A7:30:D9:75:9C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9142DB4/3C09B3FA5CE211EEAF42DE62C4F9AE02/t8l5X_9_ac8zt2Uca5kmpzDZdZw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t8l5X_9_ac8zt2Uca5kmpzDZdZw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9142DB4/3C09B3FA5CE211EEAF42DE62C4F9AE02/t8l5X_9_ac8zt2Uca5kmpzDZdZw.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         e8:d4:a6:e9:34:ad:d4:fe:c1:ce:1e:ad:19:3a:ed:60:90:af:
         9a:c2:f0:79:7a:d5:f2:a0:15:a9:73:2a:02:6a:cd:f5:6f:3f:
         33:c1:5f:82:ac:bb:63:b2:63:22:b2:61:53:a8:a5:c9:20:d3:
         c9:77:43:1a:9a:1f:c1:ee:aa:e8:43:23:09:4d:3a:ab:3d:d3:
         0b:d9:d2:4a:b8:9a:0c:98:cb:1e:d9:c6:db:0d:dc:a8:38:57:
         3d:0e:ec:11:40:2e:08:6b:4a:fb:22:0c:1f:f5:d3:3d:a8:5e:
         a2:60:89:02:d1:ed:cd:13:75:46:7f:59:b4:db:60:dd:e1:81:
         59:27:6d:7b:62:5c:eb:d2:81:bd:8f:9f:84:b1:84:f1:02:6f:
         d1:b2:61:f3:e5:fd:ee:14:d5:a8:5f:36:37:f7:bf:3c:d3:62:
         56:b0:c3:b0:65:b0:8c:05:b2:35:05:48:dd:42:52:25:76:be:
         9e:c2:de:e0:38:a4:db:5c:34:ae:bb:84:e8:26:b0:8b:e7:32:
         31:df:05:79:76:ab:75:fb:73:69:92:88:be:48:a0:29:6b:69:
         51:45:2c:1f:3c:48:50:f2:66:13:7c:ee:1b:73:6a:96:94:8f:
         7b:fb:e8:85:f6:54:92:8d:f5:c7:8c:88:3c:65:eb:5c:15:22:
         1d:9f:04:93
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAVcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDJEQjQxMTAvBgNVBAUTKEI3Qzk3OTVGRkY3RjY5Q0YzM0I3NjUxQzZCOTkyNkE3
MzBEOTc1OUMwHhcNMjUwNzIxMDQxMjQ1WhcNMjUwNzI4MDQxMjQ1WjAYMRYwFAYD
VQQDEw02ODdkYmUzZS02NzI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv1HszBiWSTGl0RX5L5Kh2zcI1Hbb5duIymFf+9Nu8zTQIcZNuFSHOmP8RUB7
gb/fqzd1sc/2iwSu39lQkrOxkByoboT1DQ87m1J6aw5G3bsMIQ5DkyPXsF83O9Ps
cSS2VjieDY1Du5nwZYl1CVLACtPJrdScoHqsWkWq2JgztIHdMX58cUozAdqulmK2
1r1NlzqH4kFkxRmguPOWN+uV7YnJxVPlB7mLtmG9sKgnUcnxK226Q7W6L0RZ9AFl
8V/Rc2Y4wem5Oe0Kb4kNnR5zmUb7yTafaGfnwLBMToPCJe1Ggz3WVsdMhSVMORjx
TdNLfKP95rp/078ZzkGmqt7GiwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLktRKbS
tO5QZGXVxRcon6sJPt6zMB8GA1UdIwQYMBaAFLfJeV//f2nPM7dlHGuZJqcw2XWc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MkRCNC8zQzA5QjNGQTVD
RTIxMUVFQUY0MkRFNjJDNEY5QUUwMi90OGw1WF85X2FjOHp0MlVjYTVrbXB6RFpk
WncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3Q4bDVYXzlfYWM4enQyVWNhNWttcHpEWmRady5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
MkRCNC8zQzA5QjNGQTVDRTIxMUVFQUY0MkRFNjJDNEY5QUUwMi90OGw1WF85X2Fj
OHp0MlVjYTVrbXB6RFpkWncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQDo1KbpNK3U/sHOHq0ZOu1gkK+awvB5etXyoBWpcyoCas31bz8zwV+C
rLtjsmMismFTqKXJINPJd0Mamh/B7qroQyMJTTqrPdML2dJKuJoMmMse2cbbDdyo
OFc9DuwRQC4Ia0r7Igwf9dM9qF6iYIkC0e3NE3VGf1m022Dd4YFZJ217Ylzr0oG9
j5+EsYTxAm/RsmHz5f3uFNWoXzY3978802JWsMOwZbCMBbI1BUjdQlIldr6ewt7g
OKTbXDSuu4ToJrCL5zIx3wV5dqt1+3Npkoi+SKApa2lRRSwfPEhQ8mYTfO4bc2qW
lI97++iF9lSSjfXHjIg8ZetcFSIdnwST
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:14:06 2025 by rpki-client