Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9142DB4/3C09B3FA5CE211EEAF42DE62C4F9AE02/t8l5X_9_ac8zt2Uca5kmpzDZdZw.mft
File:                     t8l5X_9_ac8zt2Uca5kmpzDZdZw.mft (raw, json)
Hash identifier:          J/VWoejGWkyUM8c4T2ItI/iMlScK8cx3Dsw6W//DZwk=
Subject key identifier:   D0:09:B2:B7:90:79:E5:29:5C:A1:43:5F:BA:E0:DE:80:B3:76:6F:70
Authority key identifier: B7:C9:79:5F:FF:7F:69:CF:33:B7:65:1C:6B:99:26:A7:30:D9:75:9C
Certificate issuer:       /CN=A9142DB4/serialNumber=B7C9795FFF7F69CF33B7651C6B9926A730D9759C
Certificate serial:       0159
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t8l5X_9_ac8zt2Uca5kmpzDZdZw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9142DB4/3C09B3FA5CE211EEAF42DE62C4F9AE02/t8l5X_9_ac8zt2Uca5kmpzDZdZw.mft
Manifest number:          0156
Signing time:             Fri 25 Jul 2025 04:19:54 +0000
Manifest this update:     Fri 25 Jul 2025 04:19:53 +0000
Manifest next update:     Fri 01 Aug 2025 04:19:53 +0000
Files and hashes:         1: t8l5X_9_ac8zt2Uca5kmpzDZdZw.crl (hash: 2eh4h1OoRDp/vTlFfCRupLUSXlyFti641o6Zq5WA0o8=)
                          2: 9ADC9C8A5CE211EEBA4DBD15C4F9AE02.roa (hash: icEjBAvtyS7bBSn0NXrfM0VKf/GFl7OVPnJ58XOd/T8=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9142DB4/3C09B3FA5CE211EEAF42DE62C4F9AE02/t8l5X_9_ac8zt2Uca5kmpzDZdZw.crl
                          rsync://rpki.apnic.net/member_repository/A9142DB4/3C09B3FA5CE211EEAF42DE62C4F9AE02/t8l5X_9_ac8zt2Uca5kmpzDZdZw.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t8l5X_9_ac8zt2Uca5kmpzDZdZw.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 01 Aug 2025 04:19:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 345 (0x159)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9142DB4, serialNumber=B7C9795FFF7F69CF33B7651C6B9926A730D9759C
        Validity
            Not Before: Jul 25 04:19:53 2025 GMT
            Not After : Aug  1 04:19:53 2025 GMT
        Subject: CN=688305ea-9681
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:03:3e:07:89:e3:ae:b3:6b:be:c3:0f:92:7c:
                    bb:fb:39:71:17:9f:35:30:95:69:2e:92:ef:64:be:
                    a0:87:51:29:5f:cd:c0:f4:68:cc:83:1a:aa:81:33:
                    cb:98:4e:f5:2c:f6:ed:42:42:7f:72:ad:6b:90:db:
                    5b:b1:22:eb:6f:26:6b:8f:e4:3f:d3:47:1d:fa:c9:
                    44:35:1d:a1:e9:9a:7c:3f:2f:40:1d:c3:46:13:59:
                    6d:5d:41:d3:2b:b9:ae:98:f2:cc:0c:09:a7:90:a9:
                    b2:24:4a:89:f5:c2:a7:cb:b2:91:e1:83:8d:72:b1:
                    40:88:bd:35:30:36:c9:ed:ca:b8:eb:cd:d2:cd:2b:
                    e8:e7:53:ef:27:56:6e:c5:3d:56:ad:ce:4e:4d:c3:
                    b4:f5:77:3e:37:90:9d:a1:49:41:97:a4:f9:08:3a:
                    e7:8d:bb:42:69:cc:48:e4:62:3f:89:23:e4:7e:35:
                    fb:6e:bc:41:a5:81:ec:9c:4e:00:21:63:50:d4:77:
                    7d:d9:4a:f5:99:f4:71:a2:f1:10:04:e5:1e:f8:a0:
                    08:d8:6c:bf:93:c5:49:80:5b:40:d1:46:c5:89:c6:
                    ab:98:bb:b3:43:f7:b0:c6:d7:3a:b5:07:7b:69:31:
                    75:63:37:32:6f:a2:52:5a:61:fa:90:5e:8b:bb:a1:
                    08:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:09:B2:B7:90:79:E5:29:5C:A1:43:5F:BA:E0:DE:80:B3:76:6F:70
            X509v3 Authority Key Identifier:
                keyid:B7:C9:79:5F:FF:7F:69:CF:33:B7:65:1C:6B:99:26:A7:30:D9:75:9C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9142DB4/3C09B3FA5CE211EEAF42DE62C4F9AE02/t8l5X_9_ac8zt2Uca5kmpzDZdZw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t8l5X_9_ac8zt2Uca5kmpzDZdZw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9142DB4/3C09B3FA5CE211EEAF42DE62C4F9AE02/t8l5X_9_ac8zt2Uca5kmpzDZdZw.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:3b:e7:0f:26:48:4e:f4:68:61:1d:75:66:6b:51:9d:71:4b:
         de:e2:18:f7:f0:97:b1:1d:f0:f4:ab:90:38:50:3c:a9:85:aa:
         ee:87:8d:18:6f:e9:b1:45:4c:33:81:42:5b:c3:c8:11:ab:df:
         54:9b:d3:c6:7e:8a:61:70:87:af:77:27:a6:cd:5f:d5:11:fa:
         e9:b5:09:2b:e0:dc:e4:8a:b0:43:a8:b4:1a:5f:98:65:eb:2b:
         f4:c5:03:8c:5a:92:93:92:0a:3e:f7:8b:07:12:21:ba:e4:82:
         4c:7d:7d:a2:e6:9e:d9:38:09:db:3c:10:c6:30:c9:ae:10:d7:
         aa:e2:a5:e5:e4:c0:27:88:80:45:d4:32:ee:ec:ec:33:9e:a7:
         08:3a:71:02:a2:7f:b4:86:2a:0b:bb:73:9a:e8:6f:f8:a6:fa:
         29:a5:7e:ab:da:87:21:f9:97:09:82:e2:c0:23:bb:55:39:e1:
         27:e7:fc:2f:47:38:91:67:4e:b4:a5:f8:05:d8:b1:07:b5:4f:
         7a:02:9e:a0:32:53:58:2d:fb:dd:9d:30:d4:11:15:50:1a:84:
         6e:a3:5c:27:ca:3f:0d:51:83:c2:1e:c9:50:22:ca:84:98:40:
         29:74:e5:d6:0e:0e:f0:da:8e:f4:a7:25:b2:f7:d7:b3:c8:5c:
         59:f5:06:3f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAVkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDJEQjQxMTAvBgNVBAUTKEI3Qzk3OTVGRkY3RjY5Q0YzM0I3NjUxQzZCOTkyNkE3
MzBEOTc1OUMwHhcNMjUwNzI1MDQxOTUzWhcNMjUwODAxMDQxOTUzWjAYMRYwFAYD
VQQDEw02ODgzMDVlYS05NjgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2QM+B4njrrNrvsMPkny7+zlxF581MJVpLpLvZL6gh1EpX83A9GjMgxqqgTPL
mE71LPbtQkJ/cq1rkNtbsSLrbyZrj+Q/00cd+slENR2h6Zp8Py9AHcNGE1ltXUHT
K7mumPLMDAmnkKmyJEqJ9cKny7KR4YONcrFAiL01MDbJ7cq4683SzSvo51PvJ1Zu
xT1Wrc5OTcO09Xc+N5CdoUlBl6T5CDrnjbtCacxI5GI/iSPkfjX7brxBpYHsnE4A
IWNQ1Hd92Ur1mfRxovEQBOUe+KAI2Gy/k8VJgFtA0UbFicarmLuzQ/ewxtc6tQd7
aTF1Yzcyb6JSWmH6kF6Lu6EINQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNAJsreQ
eeUpXKFDX7rg3oCzdm9wMB8GA1UdIwQYMBaAFLfJeV//f2nPM7dlHGuZJqcw2XWc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MkRCNC8zQzA5QjNGQTVD
RTIxMUVFQUY0MkRFNjJDNEY5QUUwMi90OGw1WF85X2FjOHp0MlVjYTVrbXB6RFpk
WncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3Q4bDVYXzlfYWM4enQyVWNhNWttcHpEWmRady5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
MkRCNC8zQzA5QjNGQTVDRTIxMUVFQUY0MkRFNjJDNEY5QUUwMi90OGw1WF85X2Fj
OHp0MlVjYTVrbXB6RFpkWncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBHO+cPJkhO9GhhHXVma1GdcUve4hj38JexHfD0q5A4UDypharuh40Y
b+mxRUwzgUJbw8gRq99Um9PGfophcIevdyemzV/VEfrptQkr4NzkirBDqLQaX5hl
6yv0xQOMWpKTkgo+94sHEiG65IJMfX2i5p7ZOAnbPBDGMMmuENeq4qXl5MAniIBF
1DLu7OwznqcIOnECon+0hioLu3Oa6G/4pvoppX6r2och+ZcJguLAI7tVOeEn5/wv
RziRZ060pfgF2LEHtU96Ap6gMlNYLfvdnTDUERVQGoRuo1wnyj8NUYPCHslQIsqE
mEApdOXWDg7w2o70pyWy99ezyFxZ9QY/
-----END CERTIFICATE-----
Generated at Fri Jul 25 06:49:45 2025 by rpki-client