Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9148AC4/206BC86CAE6A11E39379D5505911EA32/3jE8s1zQdq_lw3ePBeXKFc8zevk.mft
File:                     3jE8s1zQdq_lw3ePBeXKFc8zevk.mft (raw, json)
Hash identifier:          JrknGLbIJmiNsIGPmUBZIH0CKypI9ebQzPTXmg+WaOo=
Subject key identifier:   D4:C3:38:D4:92:CF:17:AB:B8:1C:17:CF:3C:F5:DC:0D:F5:27:E2:4E
Authority key identifier: DE:31:3C:B3:5C:D0:76:AF:E5:C3:77:8F:05:E5:CA:15:CF:33:7A:F9
Certificate issuer:       /CN=A9148AC4/serialNumber=DE313CB35CD076AFE5C3778F05E5CA15CF337AF9
Certificate serial:       2CCF
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3jE8s1zQdq_lw3ePBeXKFc8zevk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9148AC4/206BC86CAE6A11E39379D5505911EA32/3jE8s1zQdq_lw3ePBeXKFc8zevk.mft
Manifest number:          2CB9
Signing time:             Thu 24 Jul 2025 15:34:44 +0000
Manifest this update:     Thu 24 Jul 2025 15:34:43 +0000
Manifest next update:     Thu 31 Jul 2025 15:34:43 +0000
Files and hashes:         1: 3jE8s1zQdq_lw3ePBeXKFc8zevk.crl (hash: uw+tOlGDjdPlumRgiE3nL3W0iDOnHcI8kMvLufQh6A4=)
                          2: E33945D6B0ED11E5B7779F44C4F9AE02.roa (hash: R9f6Z3Uevp4d36wvfS3ESJSWBBwm4wuAIByOXNTGRgE=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9148AC4/206BC86CAE6A11E39379D5505911EA32/3jE8s1zQdq_lw3ePBeXKFc8zevk.crl
                          rsync://rpki.apnic.net/member_repository/A9148AC4/206BC86CAE6A11E39379D5505911EA32/3jE8s1zQdq_lw3ePBeXKFc8zevk.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3jE8s1zQdq_lw3ePBeXKFc8zevk.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 31 Jul 2025 15:34:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 11471 (0x2ccf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9148AC4, serialNumber=DE313CB35CD076AFE5C3778F05E5CA15CF337AF9
        Validity
            Not Before: Jul 24 15:34:43 2025 GMT
            Not After : Jul 31 15:34:43 2025 GMT
        Subject: CN=68825293-ec15
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:a9:d5:03:76:fc:09:cb:f2:7a:d3:3a:99:42:
                    47:76:51:72:3a:f2:6c:25:42:ad:7b:f0:0b:92:57:
                    75:f3:84:4c:8e:4c:bf:2a:01:5f:b9:47:e3:d5:ef:
                    85:89:7b:9f:7f:9c:fe:51:68:db:23:e9:d8:28:90:
                    99:22:a3:0b:dc:cc:68:49:75:4d:84:1c:ec:93:37:
                    0f:d6:13:52:90:06:99:27:ad:1d:5a:32:09:2f:08:
                    d5:eb:c6:1b:97:58:88:1f:e6:d9:ef:2d:36:2a:ae:
                    d9:66:d0:10:aa:53:d2:0d:1c:22:2a:3a:59:39:1f:
                    4a:3c:89:45:b7:b5:58:e5:4b:c4:69:fc:d3:82:82:
                    85:2e:14:e2:24:7e:4f:a0:9f:c8:42:bc:a4:e5:a4:
                    20:d9:d5:26:e9:8e:f8:0c:42:68:a0:ca:34:ee:57:
                    05:f2:5f:65:a7:5f:43:39:0c:64:34:28:9e:0a:d9:
                    4b:2e:f5:56:d8:d1:0e:86:57:f4:22:9d:1e:4a:1b:
                    a9:b9:93:03:2d:8c:b1:97:95:d0:5c:c0:4e:f7:6a:
                    b9:bc:1e:c9:42:b3:48:55:e3:bf:e3:77:de:72:51:
                    68:73:90:da:4b:08:c3:3b:b8:a3:65:e3:66:44:75:
                    74:c0:69:83:9f:61:b1:1f:7e:32:10:1f:90:15:34:
                    e2:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:C3:38:D4:92:CF:17:AB:B8:1C:17:CF:3C:F5:DC:0D:F5:27:E2:4E
            X509v3 Authority Key Identifier:
                keyid:DE:31:3C:B3:5C:D0:76:AF:E5:C3:77:8F:05:E5:CA:15:CF:33:7A:F9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9148AC4/206BC86CAE6A11E39379D5505911EA32/3jE8s1zQdq_lw3ePBeXKFc8zevk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3jE8s1zQdq_lw3ePBeXKFc8zevk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148AC4/206BC86CAE6A11E39379D5505911EA32/3jE8s1zQdq_lw3ePBeXKFc8zevk.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:94:c9:15:de:eb:47:59:87:3e:20:5f:59:98:ee:54:14:b8:
         b6:4e:52:fb:cb:88:b7:db:0b:d2:0e:cb:95:3f:3c:85:2d:7e:
         a5:30:b7:1b:8a:09:8a:d8:9c:e2:43:1a:b5:8a:21:03:e0:e0:
         b6:e3:66:d4:89:fa:2c:fd:50:d9:a5:4a:c8:0d:98:e1:64:22:
         7e:b1:26:c8:dc:63:b1:d8:1f:ba:5e:7d:bc:3e:90:4f:73:89:
         48:26:39:59:ed:fa:fe:74:68:e4:bb:5d:6b:85:fc:7f:9b:ae:
         fa:01:cc:b2:85:2f:08:c6:4d:21:29:10:37:2c:ef:a7:0c:f5:
         32:27:fc:bb:24:2e:15:84:a5:8e:f6:57:69:34:81:51:54:eb:
         36:02:0d:71:3b:95:ec:a0:d9:4a:eb:a7:2c:ec:54:b5:ed:cd:
         c0:97:7b:5c:86:2e:81:f2:f4:37:b4:b3:b7:f3:a8:88:a7:13:
         47:e4:a4:2d:ad:2f:6a:5d:07:b5:8b:c0:d3:1c:e6:44:36:34:
         6e:2b:11:fd:73:43:56:92:3b:03:45:7d:0b:b9:3c:57:46:61:
         0c:c0:a0:a4:f8:ee:d2:39:bc:50:13:ac:18:40:b8:eb:b2:6b:
         17:0b:24:4a:88:0a:09:f8:12:92:6e:99:ed:0a:51:b7:ea:19:
         01:91:0c:15
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICLM8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDhBQzQxMTAvBgNVBAUTKERFMzEzQ0IzNUNEMDc2QUZFNUMzNzc4RjA1RTVDQTE1
Q0YzMzdBRjkwHhcNMjUwNzI0MTUzNDQzWhcNMjUwNzMxMTUzNDQzWjAYMRYwFAYD
VQQDEw02ODgyNTI5My1lYzE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxanVA3b8CcvyetM6mUJHdlFyOvJsJUKte/ALkld184RMjky/KgFfuUfj1e+F
iXuff5z+UWjbI+nYKJCZIqML3MxoSXVNhBzskzcP1hNSkAaZJ60dWjIJLwjV68Yb
l1iIH+bZ7y02Kq7ZZtAQqlPSDRwiKjpZOR9KPIlFt7VY5UvEafzTgoKFLhTiJH5P
oJ/IQryk5aQg2dUm6Y74DEJooMo07lcF8l9lp19DOQxkNCieCtlLLvVW2NEOhlf0
Ip0eShupuZMDLYyxl5XQXMBO92q5vB7JQrNIVeO/43feclFoc5DaSwjDO7ijZeNm
RHV0wGmDn2GxH34yEB+QFTTiaQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNTDONSS
zxeruBwXzzz13A31J+JOMB8GA1UdIwQYMBaAFN4xPLNc0Hav5cN3jwXlyhXPM3r5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEFDNC8yMDZCQzg2Q0FF
NkExMUUzOTM3OUQ1NTA1OTExRUEzMi8zakU4czF6UWRxX2x3M2VQQmVYS0ZjOHpl
dmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNqRThzMXpRZHFfbHczZVBCZVhLRmM4emV2ay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
OEFDNC8yMDZCQzg2Q0FFNkExMUUzOTM3OUQ1NTA1OTExRUEzMi8zakU4czF6UWRx
X2x3M2VQQmVYS0ZjOHpldmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCYlMkV3utHWYc+IF9ZmO5UFLi2TlL7y4i32wvSDsuVPzyFLX6lMLcb
igmK2JziQxq1iiED4OC242bUifos/VDZpUrIDZjhZCJ+sSbI3GOx2B+6Xn28PpBP
c4lIJjlZ7fr+dGjku11rhfx/m676AcyyhS8Ixk0hKRA3LO+nDPUyJ/y7JC4VhKWO
9ldpNIFRVOs2Ag1xO5XsoNlK66cs7FS17c3Al3tchi6B8vQ3tLO386iIpxNH5KQt
rS9qXQe1i8DTHOZENjRuKxH9c0NWkjsDRX0LuTxXRmEMwKCk+O7SObxQE6wYQLjr
smsXCyRKiAoJ+BKSbpntClG36hkBkQwV
-----END CERTIFICATE-----
Generated at Fri Jul 25 06:30:24 2025 by rpki-client