Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9148AC4/206BC86CAE6A11E39379D5505911EA32/3jE8s1zQdq_lw3ePBeXKFc8zevk.mft
File:                     3jE8s1zQdq_lw3ePBeXKFc8zevk.mft (raw, json)
Hash identifier:          DIIzrNRLNF9FX54A02CbV6bKSTKSl4SsLjZ+rYnXciE=
Subject key identifier:   DA:3F:0C:D5:EE:BF:9C:40:49:95:56:90:C1:5C:D8:7B:46:79:61:B1
Authority key identifier: DE:31:3C:B3:5C:D0:76:AF:E5:C3:77:8F:05:E5:CA:15:CF:33:7A:F9
Certificate issuer:       /CN=A9148AC4/serialNumber=DE313CB35CD076AFE5C3778F05E5CA15CF337AF9
Certificate serial:       2CCE
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3jE8s1zQdq_lw3ePBeXKFc8zevk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9148AC4/206BC86CAE6A11E39379D5505911EA32/3jE8s1zQdq_lw3ePBeXKFc8zevk.mft
Manifest number:          2CB8
Signing time:             Tue 22 Jul 2025 15:35:01 +0000
Manifest this update:     Tue 22 Jul 2025 15:35:01 +0000
Manifest next update:     Tue 29 Jul 2025 15:35:01 +0000
Files and hashes:         1: 3jE8s1zQdq_lw3ePBeXKFc8zevk.crl (hash: 3R9EWPVH+bH3/gybLb8TfLc29eQye4T+11YdstadBuk=)
                          2: E33945D6B0ED11E5B7779F44C4F9AE02.roa (hash: R9f6Z3Uevp4d36wvfS3ESJSWBBwm4wuAIByOXNTGRgE=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9148AC4/206BC86CAE6A11E39379D5505911EA32/3jE8s1zQdq_lw3ePBeXKFc8zevk.crl
                          rsync://rpki.apnic.net/member_repository/A9148AC4/206BC86CAE6A11E39379D5505911EA32/3jE8s1zQdq_lw3ePBeXKFc8zevk.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3jE8s1zQdq_lw3ePBeXKFc8zevk.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 29 Jul 2025 15:35:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 11470 (0x2cce)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9148AC4, serialNumber=DE313CB35CD076AFE5C3778F05E5CA15CF337AF9
        Validity
            Not Before: Jul 22 15:35:01 2025 GMT
            Not After : Jul 29 15:35:01 2025 GMT
        Subject: CN=687fafa5-2923
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:1c:d7:4c:13:24:00:a9:aa:89:73:37:a2:0d:
                    07:e9:ba:61:63:60:36:96:be:fd:86:e9:ef:f6:b5:
                    b2:ef:7f:f9:bd:31:f3:e4:94:ab:28:12:9f:d8:66:
                    e6:e8:09:b9:fb:51:6f:98:7f:40:56:48:cb:64:37:
                    4b:ae:86:6d:25:6e:d9:36:2b:d9:33:0f:22:ac:3f:
                    43:d5:f8:f0:96:d2:52:a5:11:89:ef:c2:71:9f:42:
                    57:55:5e:14:4d:fa:47:83:e7:87:54:96:b6:91:41:
                    3d:96:6d:5b:93:4c:9d:ec:84:ae:8c:e7:09:97:8e:
                    dd:d1:41:62:38:51:77:9d:05:3c:a3:3f:cb:fc:9a:
                    a5:61:f7:08:14:58:fe:c2:21:82:27:66:43:94:47:
                    85:7f:72:02:53:b5:e2:81:50:20:d1:b2:4b:06:b4:
                    43:3f:ce:b2:5d:1c:cb:ca:ab:e9:3d:d8:44:56:6e:
                    e6:fe:08:22:03:a9:fc:87:c0:59:8a:65:81:d7:bb:
                    b5:8c:fb:e5:fb:d5:05:c5:d8:01:be:ce:9f:bd:84:
                    7c:0d:bd:ad:e0:a5:99:ea:bd:91:6a:40:f0:9a:f0:
                    5f:ef:67:b3:bb:7f:ea:bd:4f:f1:81:15:fe:ed:8d:
                    53:07:c4:aa:08:c2:99:d7:d3:38:34:24:f7:ca:78:
                    28:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:3F:0C:D5:EE:BF:9C:40:49:95:56:90:C1:5C:D8:7B:46:79:61:B1
            X509v3 Authority Key Identifier:
                keyid:DE:31:3C:B3:5C:D0:76:AF:E5:C3:77:8F:05:E5:CA:15:CF:33:7A:F9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9148AC4/206BC86CAE6A11E39379D5505911EA32/3jE8s1zQdq_lw3ePBeXKFc8zevk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3jE8s1zQdq_lw3ePBeXKFc8zevk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148AC4/206BC86CAE6A11E39379D5505911EA32/3jE8s1zQdq_lw3ePBeXKFc8zevk.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:5e:da:5e:f0:a8:81:89:63:df:0a:c7:83:6c:8c:6b:47:cf:
         1d:80:83:1b:bd:20:2c:6a:a6:12:58:d3:9b:5d:4f:54:e1:0a:
         35:36:fe:dd:3c:3c:b7:5f:dc:81:9c:c1:dd:b2:16:02:68:ed:
         84:33:22:c0:f7:ac:5e:ed:f8:cb:94:4b:04:d4:2d:d3:f6:54:
         24:36:3c:fc:42:31:56:eb:3d:c0:5d:3f:7c:2a:5c:cf:75:7b:
         ac:0d:51:4f:97:ac:41:a8:8d:e5:93:c5:9b:e0:54:38:d8:1d:
         dd:87:ff:c3:82:da:d0:10:25:aa:dc:35:e3:ab:5b:64:de:fb:
         c3:27:34:b3:37:74:d2:d8:ef:1f:dc:b6:0b:4b:c7:d9:47:44:
         7a:39:ba:72:41:4c:b3:32:b2:69:bf:6f:31:cd:bd:79:78:b5:
         21:22:6b:9e:42:1d:82:11:e4:ee:f2:d3:48:d5:ab:12:8c:31:
         69:7f:06:4c:2c:44:e0:8d:76:30:2f:68:a5:34:8c:a3:f4:02:
         b5:0b:cb:98:ce:aa:15:b3:87:3c:d5:b8:05:63:83:d8:35:41:
         52:f5:e0:a3:6a:b3:a4:fa:f4:45:d3:9f:4b:0e:bb:52:6a:e1:
         69:9d:d6:8f:bd:5d:6a:60:3e:e1:2f:c9:fc:f0:c3:d5:b2:c8:
         e1:e1:cc:a3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICLM4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDhBQzQxMTAvBgNVBAUTKERFMzEzQ0IzNUNEMDc2QUZFNUMzNzc4RjA1RTVDQTE1
Q0YzMzdBRjkwHhcNMjUwNzIyMTUzNTAxWhcNMjUwNzI5MTUzNTAxWjAYMRYwFAYD
VQQDEw02ODdmYWZhNS0yOTIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxxzXTBMkAKmqiXM3og0H6bphY2A2lr79hunv9rWy73/5vTHz5JSrKBKf2Gbm
6Am5+1FvmH9AVkjLZDdLroZtJW7ZNivZMw8irD9D1fjwltJSpRGJ78Jxn0JXVV4U
TfpHg+eHVJa2kUE9lm1bk0yd7ISujOcJl47d0UFiOFF3nQU8oz/L/JqlYfcIFFj+
wiGCJ2ZDlEeFf3ICU7XigVAg0bJLBrRDP86yXRzLyqvpPdhEVm7m/ggiA6n8h8BZ
imWB17u1jPvl+9UFxdgBvs6fvYR8Db2t4KWZ6r2RakDwmvBf72ezu3/qvU/xgRX+
7Y1TB8SqCMKZ19M4NCT3yngo9wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNo/DNXu
v5xASZVWkMFc2HtGeWGxMB8GA1UdIwQYMBaAFN4xPLNc0Hav5cN3jwXlyhXPM3r5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEFDNC8yMDZCQzg2Q0FF
NkExMUUzOTM3OUQ1NTA1OTExRUEzMi8zakU4czF6UWRxX2x3M2VQQmVYS0ZjOHpl
dmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNqRThzMXpRZHFfbHczZVBCZVhLRmM4emV2ay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
OEFDNC8yMDZCQzg2Q0FFNkExMUUzOTM3OUQ1NTA1OTExRUEzMi8zakU4czF6UWRx
X2x3M2VQQmVYS0ZjOHpldmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAUXtpe8KiBiWPfCseDbIxrR88dgIMbvSAsaqYSWNObXU9U4Qo1Nv7d
PDy3X9yBnMHdshYCaO2EMyLA96xe7fjLlEsE1C3T9lQkNjz8QjFW6z3AXT98KlzP
dXusDVFPl6xBqI3lk8Wb4FQ42B3dh//DgtrQECWq3DXjq1tk3vvDJzSzN3TS2O8f
3LYLS8fZR0R6ObpyQUyzMrJpv28xzb15eLUhImueQh2CEeTu8tNI1asSjDFpfwZM
LETgjXYwL2ilNIyj9AK1C8uYzqoVs4c81bgFY4PYNUFS9eCjarOk+vRF059LDrtS
auFpndaPvV1qYD7hL8n88MPVssjh4cyj
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:07:53 2025 by rpki-client