Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9146CB4/2A84D1D8FDC811ED972EDB1EC4F9AE02/-xaxnfv3ymrECmtqNT94V4kX4P0.mft
File:                     -xaxnfv3ymrECmtqNT94V4kX4P0.mft (raw, json)
Hash identifier:          1Cd/8cEuZSV1BKsm/aYv3K9onefi0n+TmLc6Rm/ezC0=
Subject key identifier:   FC:BA:E0:74:D7:0F:95:11:C5:80:BA:B5:D7:FE:9F:F3:75:B8:8B:BA
Authority key identifier: FB:16:B1:9D:FB:F7:CA:6A:C4:0A:6B:6A:35:3F:78:57:89:17:E0:FD
Certificate issuer:       /CN=A9146CB4/serialNumber=FB16B19DFBF7CA6AC40A6B6A353F78578917E0FD
Certificate serial:       0196
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-xaxnfv3ymrECmtqNT94V4kX4P0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9146CB4/2A84D1D8FDC811ED972EDB1EC4F9AE02/-xaxnfv3ymrECmtqNT94V4kX4P0.mft
Manifest number:          0192
Signing time:             Sat 19 Jul 2025 03:38:50 +0000
Manifest this update:     Sat 19 Jul 2025 03:38:50 +0000
Manifest next update:     Sat 26 Jul 2025 03:38:49 +0000
Files and hashes:         1: -xaxnfv3ymrECmtqNT94V4kX4P0.crl (hash: qTSGuZOfAx0cs4ePctlKk7bt6mxNL6ewWjdRUuEHJfI=)
                          2: DFC662EC415B11EE9E83852AC4F9AE02.roa (hash: JQglPoDIL3Eq1y2JiUK8F3q2nUek/I2P1c153lPMYTA=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9146CB4/2A84D1D8FDC811ED972EDB1EC4F9AE02/-xaxnfv3ymrECmtqNT94V4kX4P0.crl
                          rsync://rpki.apnic.net/member_repository/A9146CB4/2A84D1D8FDC811ED972EDB1EC4F9AE02/-xaxnfv3ymrECmtqNT94V4kX4P0.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-xaxnfv3ymrECmtqNT94V4kX4P0.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 26 Jul 2025 03:38:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 406 (0x196)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9146CB4, serialNumber=FB16B19DFBF7CA6AC40A6B6A353F78578917E0FD
        Validity
            Not Before: Jul 19 03:38:50 2025 GMT
            Not After : Jul 26 03:38:49 2025 GMT
        Subject: CN=687b134a-eea6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:8d:c0:b9:17:ba:11:3f:aa:12:7f:af:6a:7e:
                    f0:66:4d:ef:84:9f:1b:f1:6f:07:8f:9e:db:af:c9:
                    0a:15:1b:a5:09:28:59:ff:81:b1:2d:14:cb:6d:e7:
                    64:f8:c8:23:d0:00:f1:bd:7c:7c:68:03:75:da:62:
                    73:00:54:4d:a8:86:d4:bb:2f:bb:1c:2d:54:44:8c:
                    c5:8c:e9:8f:9a:d7:5f:06:05:c3:4d:b7:10:87:09:
                    aa:3f:f0:1f:3c:ea:4f:37:49:d3:15:03:9d:a2:df:
                    c5:72:77:a5:6a:23:56:ac:63:f4:66:39:70:ef:10:
                    d9:53:3b:cb:7d:b5:49:09:a4:c0:b1:64:37:d4:f6:
                    44:db:f1:22:5c:44:7b:f6:08:23:30:e8:ce:65:db:
                    2e:c6:2c:81:5d:b4:31:df:15:a7:a9:28:13:e7:84:
                    5b:f5:5f:02:02:1b:fe:c0:2b:8c:be:2e:46:2a:5a:
                    7c:cf:1e:c3:f6:51:fd:3b:ed:b7:fb:81:ca:57:1d:
                    63:10:12:1b:93:32:1f:23:47:dd:f2:ab:6c:b9:1b:
                    39:b5:cd:a4:c8:94:bd:a7:93:ab:1b:2f:e4:ac:02:
                    2b:20:f6:be:0c:23:49:6a:5d:1c:8f:61:f6:bf:11:
                    80:6f:7e:cd:29:89:45:7f:b2:f1:d6:b6:4a:e2:05:
                    3d:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:BA:E0:74:D7:0F:95:11:C5:80:BA:B5:D7:FE:9F:F3:75:B8:8B:BA
            X509v3 Authority Key Identifier:
                keyid:FB:16:B1:9D:FB:F7:CA:6A:C4:0A:6B:6A:35:3F:78:57:89:17:E0:FD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9146CB4/2A84D1D8FDC811ED972EDB1EC4F9AE02/-xaxnfv3ymrECmtqNT94V4kX4P0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-xaxnfv3ymrECmtqNT94V4kX4P0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9146CB4/2A84D1D8FDC811ED972EDB1EC4F9AE02/-xaxnfv3ymrECmtqNT94V4kX4P0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:b2:cd:16:2b:15:9b:49:d6:eb:c2:d1:08:fa:28:fb:46:06:
         c2:ba:06:32:be:d5:99:5b:66:23:31:1f:ad:41:d2:ec:22:8f:
         e6:fb:20:68:09:ca:fc:4b:63:a2:cb:fc:5b:87:1e:04:e7:b8:
         bc:61:9f:96:04:0b:aa:00:c4:89:cc:22:ed:bd:18:a6:bd:12:
         f6:a8:35:50:dc:a7:29:03:29:0e:75:08:f3:09:ed:62:61:10:
         a5:2f:a1:a5:b5:9a:74:0b:3d:53:20:99:35:bf:7f:06:da:3d:
         af:19:9c:47:ce:42:de:63:16:03:30:62:bb:8a:c2:c9:b2:9d:
         76:cd:88:e9:49:e8:a8:5e:5b:41:33:5f:64:fc:3f:df:fd:82:
         82:8a:8c:28:54:4a:0d:5b:78:fe:1a:8c:ac:27:69:16:25:ff:
         98:60:58:b2:8a:c7:2c:21:dc:83:d5:f4:88:71:88:40:a7:6e:
         06:29:94:64:aa:7f:f6:4b:0c:3e:39:da:64:c5:35:d8:d3:0a:
         0c:db:20:22:5e:71:4a:7b:3d:86:5b:5b:7e:15:67:0a:2b:18:
         17:4a:38:9a:46:b6:69:1d:c1:f9:a9:23:28:aa:56:d8:71:70:
         22:05:94:31:e0:7c:3b:87:e5:a8:51:46:7b:0e:26:e6:ed:46:
         55:c0:2a:c9
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAZYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDZDQjQxMTAvBgNVBAUTKEZCMTZCMTlERkJGN0NBNkFDNDBBNkI2QTM1M0Y3ODU3
ODkxN0UwRkQwHhcNMjUwNzE5MDMzODUwWhcNMjUwNzI2MDMzODQ5WjAYMRYwFAYD
VQQDEw02ODdiMTM0YS1lZWE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA843AuRe6ET+qEn+van7wZk3vhJ8b8W8Hj57br8kKFRulCShZ/4GxLRTLbedk
+Mgj0ADxvXx8aAN12mJzAFRNqIbUuy+7HC1URIzFjOmPmtdfBgXDTbcQhwmqP/Af
POpPN0nTFQOdot/FcnelaiNWrGP0Zjlw7xDZUzvLfbVJCaTAsWQ31PZE2/EiXER7
9ggjMOjOZdsuxiyBXbQx3xWnqSgT54Rb9V8CAhv+wCuMvi5GKlp8zx7D9lH9O+23
+4HKVx1jEBIbkzIfI0fd8qtsuRs5tc2kyJS9p5OrGy/krAIrIPa+DCNJal0cj2H2
vxGAb37NKYlFf7Lx1rZK4gU96QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPy64HTX
D5URxYC6tdf+n/N1uIu6MB8GA1UdIwQYMBaAFPsWsZ3798pqxAprajU/eFeJF+D9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NkNCNC8yQTg0RDFEOEZE
QzgxMUVEOTcyRURCMUVDNEY5QUUwMi8teGF4bmZ2M3ltckVDbXRxTlQ5NFY0a1g0
UDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLy14YXhuZnYzeW1yRUNtdHFOVDk0VjRrWDRQMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
NkNCNC8yQTg0RDFEOEZEQzgxMUVEOTcyRURCMUVDNEY5QUUwMi8teGF4bmZ2M3lt
ckVDbXRxTlQ5NFY0a1g0UDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQA4ss0WKxWbSdbrwtEI+ij7RgbCugYyvtWZW2YjMR+tQdLsIo/m+yBo
Ccr8S2Oiy/xbhx4E57i8YZ+WBAuqAMSJzCLtvRimvRL2qDVQ3KcpAykOdQjzCe1i
YRClL6GltZp0Cz1TIJk1v38G2j2vGZxHzkLeYxYDMGK7isLJsp12zYjpSeioXltB
M19k/D/f/YKCiowoVEoNW3j+GoysJ2kWJf+YYFiyiscsIdyD1fSIcYhAp24GKZRk
qn/2Sww+OdpkxTXY0woM2yAiXnFKez2GW1t+FWcKKxgXSjiaRrZpHcH5qSMoqlbY
cXAiBZQx4Hw7h+WoUUZ7Dibm7UZVwCrJ
-----END CERTIFICATE-----
Generated at Sun Jul 20 06:33:52 2025 by rpki-client