Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft
File:                     kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft (raw, json)
Hash identifier:          xnS8oGMxSO8HTXnExW2RYQ6uzCEkMJVJ5wC5rRgfqcA=
Subject key identifier:   9D:61:F1:26:1F:00:D1:2A:43:04:02:A3:A1:40:DC:8B:57:AD:4D:4F
Authority key identifier: 91:2A:B3:9F:C7:BB:CB:EF:1C:F2:67:E9:D3:F7:19:C9:A4:F0:A1:14
Certificate issuer:       /CN=A91478C3/serialNumber=912AB39FC7BBCBEF1CF267E9D3F719C9A4F0A114
Certificate serial:       0E74
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft
Manifest number:          0E6C
Signing time:             Tue 22 Jul 2025 17:52:28 +0000
Manifest this update:     Tue 22 Jul 2025 17:52:27 +0000
Manifest next update:     Tue 29 Jul 2025 17:52:27 +0000
Files and hashes:         1: kSqzn8e7y-8c8mfp0_cZyaTwoRQ.crl (hash: hKT1bqScRv9NQGu+Gu119bV9JHKQc9p74vjgmsyTzy8=)
                          2: 36477FF69D2E11E99A95DC2AC4F9AE02.roa (hash: ZyYqi6bXWhaxHbfmn8t7NJwcl5ydCuydY4LMtE+EeW4=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.crl
                          rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 29 Jul 2025 17:52:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3700 (0xe74)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91478C3, serialNumber=912AB39FC7BBCBEF1CF267E9D3F719C9A4F0A114
        Validity
            Not Before: Jul 22 17:52:27 2025 GMT
            Not After : Jul 29 17:52:27 2025 GMT
        Subject: CN=687fcfdb-ffa1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:00:77:bc:e2:8a:b3:07:de:32:ca:bd:a3:c3:
                    1d:6c:66:c5:3b:c3:bf:d1:1d:e2:92:05:0e:c5:09:
                    1e:8e:6b:f5:b1:27:1b:92:94:0b:53:be:c0:83:80:
                    01:00:a8:ee:6b:15:c8:ec:0b:be:2c:5f:35:d6:56:
                    72:b5:dc:bf:93:a3:31:3e:d8:eb:14:8c:db:62:dd:
                    fc:d0:29:72:60:2e:5e:22:f9:9a:e5:4a:94:e3:b3:
                    46:93:4a:16:a8:8c:f3:62:96:a7:d5:34:14:a2:cf:
                    39:40:95:12:31:26:fd:9e:88:31:e6:af:68:df:cc:
                    68:2f:35:5d:41:06:43:f6:c5:63:01:3d:88:83:a9:
                    e2:3a:ca:ed:df:fa:01:14:66:8c:b9:a6:dc:16:d2:
                    80:e0:59:91:72:53:25:42:9b:9a:55:28:20:1e:6c:
                    b1:c1:11:a8:61:89:28:61:7c:50:73:b9:ff:95:d2:
                    7f:2e:4b:76:5a:73:03:0f:d9:88:a2:ca:e4:34:1f:
                    1e:bb:c4:10:38:ba:2c:58:f6:09:10:3f:b1:2c:4e:
                    c8:56:0f:98:ea:af:f8:28:b0:11:31:c8:5b:4a:dd:
                    8e:97:46:1d:82:10:e6:4b:d8:f7:28:b2:d4:fe:2f:
                    3d:39:5c:d0:12:df:79:b3:42:e3:29:2b:a4:40:3b:
                    73:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:61:F1:26:1F:00:D1:2A:43:04:02:A3:A1:40:DC:8B:57:AD:4D:4F
            X509v3 Authority Key Identifier:
                keyid:91:2A:B3:9F:C7:BB:CB:EF:1C:F2:67:E9:D3:F7:19:C9:A4:F0:A1:14

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:52:79:d9:78:73:c3:d3:62:da:e0:fc:83:d3:d7:cc:54:f4:
         ec:a9:1e:6f:da:13:18:0d:c2:c5:63:0f:68:6d:87:f6:7a:29:
         7c:d6:b7:c2:12:dc:ff:8b:a1:77:38:b6:83:e0:4f:a6:90:2d:
         47:6e:21:45:97:94:2a:a7:16:f9:b0:07:eb:38:63:d9:a1:35:
         7c:41:34:bd:80:2e:41:3f:01:18:11:c1:99:dd:23:80:f7:d3:
         84:83:0e:9f:e6:94:64:13:31:f3:f3:f5:ea:be:e2:f2:f5:d9:
         b2:0b:34:ae:dc:3d:22:af:84:e5:fd:4b:10:28:e1:8e:fb:7b:
         30:28:84:a5:e1:33:69:75:53:5f:7a:6f:20:28:d8:74:59:4e:
         a8:d4:74:17:a0:89:5b:ed:e8:88:04:82:d2:fe:3f:a5:a0:b6:
         9d:6f:df:84:4f:35:b3:cf:f0:3b:29:af:af:eb:dc:31:9b:b1:
         a7:4b:fe:db:77:9a:bd:b4:da:5a:4b:d7:a7:67:15:80:41:29:
         b9:3a:bb:f3:1c:5c:26:78:41:e6:16:70:53:cb:88:b6:45:f0:
         a2:63:16:6e:88:93:9e:3e:2b:c8:21:76:eb:bd:03:da:ea:37:
         61:0c:4c:02:09:21:e2:0d:55:9f:14:04:2c:50:ca:d8:99:cf:
         58:d6:eb:c6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICDnQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDc4QzMxMTAvBgNVBAUTKDkxMkFCMzlGQzdCQkNCRUYxQ0YyNjdFOUQzRjcxOUM5
QTRGMEExMTQwHhcNMjUwNzIyMTc1MjI3WhcNMjUwNzI5MTc1MjI3WjAYMRYwFAYD
VQQDEw02ODdmY2ZkYi1mZmExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzwB3vOKKswfeMsq9o8MdbGbFO8O/0R3ikgUOxQkejmv1sScbkpQLU77Ag4AB
AKjuaxXI7Au+LF811lZytdy/k6MxPtjrFIzbYt380ClyYC5eIvma5UqU47NGk0oW
qIzzYpan1TQUos85QJUSMSb9nogx5q9o38xoLzVdQQZD9sVjAT2Ig6niOsrt3/oB
FGaMuabcFtKA4FmRclMlQpuaVSggHmyxwRGoYYkoYXxQc7n/ldJ/Lkt2WnMDD9mI
osrkNB8eu8QQOLosWPYJED+xLE7IVg+Y6q/4KLARMchbSt2Ol0YdghDmS9j3KLLU
/i89OVzQEt95s0LjKSukQDtzYQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJ1h8SYf
ANEqQwQCo6FA3ItXrU1PMB8GA1UdIwQYMBaAFJEqs5/Hu8vvHPJn6dP3Gcmk8KEU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NzhDMy9FM0Q5MTk0QzlE
MkMxMUU5ODAyMjE4MjlDNEY5QUUwMi9rU3F6bjhlN3ktOGM4bWZwMF9jWnlhVHdv
UlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tTcXpuOGU3eS04YzhtZnAwX2NaeWFUd29SUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
NzhDMy9FM0Q5MTk0QzlEMkMxMUU5ODAyMjE4MjlDNEY5QUUwMi9rU3F6bjhlN3kt
OGM4bWZwMF9jWnlhVHdvUlEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQADUnnZeHPD02La4PyD09fMVPTsqR5v2hMYDcLFYw9obYf2eil81rfC
Etz/i6F3OLaD4E+mkC1HbiFFl5Qqpxb5sAfrOGPZoTV8QTS9gC5BPwEYEcGZ3SOA
99OEgw6f5pRkEzHz8/XqvuLy9dmyCzSu3D0ir4Tl/UsQKOGO+3swKISl4TNpdVNf
em8gKNh0WU6o1HQXoIlb7eiIBILS/j+loLadb9+ETzWzz/A7Ka+v69wxm7GnS/7b
d5q9tNpaS9enZxWAQSm5OrvzHFwmeEHmFnBTy4i2RfCiYxZuiJOePivIIXbrvQPa
6jdhDEwCCSHiDVWfFAQsUMrYmc9Y1uvG
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:34:19 2025 by rpki-client