Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9149C2D/4D5A7880087311E79C839B09C4F9AE02/G9xHZ6bV6-C--lyhI1MI915IiRo.mft
File:                     G9xHZ6bV6-C--lyhI1MI915IiRo.mft (raw, json)
Hash identifier:          70lCsI8af7AfxP0deimgyB+El1iS7Lr5uRDwaEGMM4Q=
Subject key identifier:   5E:F7:B7:0F:C8:9B:E8:B4:39:D7:35:2F:73:9C:44:C1:21:F3:FB:92
Authority key identifier: 1B:DC:47:67:A6:D5:EB:E0:BE:FA:5C:A1:23:53:08:F7:5E:48:89:1A
Certificate issuer:       /CN=A9149C2D/serialNumber=1BDC4767A6D5EBE0BEFA5CA1235308F75E48891A
Certificate serial:       1BC0
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/G9xHZ6bV6-C--lyhI1MI915IiRo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9149C2D/4D5A7880087311E79C839B09C4F9AE02/G9xHZ6bV6-C--lyhI1MI915IiRo.mft
Manifest number:          1BAE
Signing time:             Tue 22 Jul 2025 16:23:16 +0000
Manifest this update:     Tue 22 Jul 2025 16:23:15 +0000
Manifest next update:     Tue 29 Jul 2025 16:23:15 +0000
Files and hashes:         1: G9xHZ6bV6-C--lyhI1MI915IiRo.crl (hash: /tt6lO3GsoVqEsM3DhefalOppS89B+V5M/hu0gWcICA=)
                          2: A607F8965F4611EE80BD8D2DC4F9AE02.roa (hash: wynmFUF72+WqOIzeId16MY3qAbLuhLthoUyin6hAIaA=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9149C2D/4D5A7880087311E79C839B09C4F9AE02/G9xHZ6bV6-C--lyhI1MI915IiRo.crl
                          rsync://rpki.apnic.net/member_repository/A9149C2D/4D5A7880087311E79C839B09C4F9AE02/G9xHZ6bV6-C--lyhI1MI915IiRo.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/G9xHZ6bV6-C--lyhI1MI915IiRo.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 29 Jul 2025 16:23:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7104 (0x1bc0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9149C2D, serialNumber=1BDC4767A6D5EBE0BEFA5CA1235308F75E48891A
        Validity
            Not Before: Jul 22 16:23:15 2025 GMT
            Not After : Jul 29 16:23:15 2025 GMT
        Subject: CN=687fbaf3-db69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:12:c3:bb:e9:c0:d8:31:ae:d1:25:d1:52:32:
                    83:f4:d4:9e:e9:07:a4:05:d6:11:06:a9:dc:4b:51:
                    65:c7:35:f4:e4:9f:09:d6:3f:91:9f:a5:07:c5:7d:
                    75:ed:3b:31:db:fd:c6:b1:c0:36:61:80:91:fa:65:
                    b7:fa:21:e1:0d:62:a9:fd:e1:e5:1b:d2:c3:d4:05:
                    77:e5:71:88:03:46:d5:c2:0f:25:ed:26:3c:3a:27:
                    d5:98:d9:bb:b8:1f:b8:20:5f:57:c6:06:35:97:f0:
                    f7:9e:93:19:25:bb:d8:e8:fd:06:c8:25:c1:48:1d:
                    60:8f:3c:90:5e:0b:84:5c:45:dd:5e:20:4e:d0:0d:
                    6d:b7:d7:f0:0e:ea:8a:f8:e1:6f:38:8d:87:05:ec:
                    2a:5f:99:30:ee:67:ec:84:4a:b5:f2:f7:31:df:16:
                    70:d6:f1:ca:82:95:5a:3f:4c:47:59:5c:53:03:0d:
                    07:81:82:c0:f5:20:36:b6:7c:1e:55:7a:21:a4:70:
                    13:76:0a:0e:47:b8:b7:e6:f3:2b:4e:74:f4:84:43:
                    91:48:5d:6d:15:49:75:60:8b:9f:4e:d4:d7:04:4d:
                    26:3d:28:fd:85:d6:ae:2f:90:87:b8:ef:8d:85:7b:
                    7a:ec:fa:fe:a7:a5:83:57:9a:86:30:b8:8e:04:5b:
                    5b:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:F7:B7:0F:C8:9B:E8:B4:39:D7:35:2F:73:9C:44:C1:21:F3:FB:92
            X509v3 Authority Key Identifier:
                keyid:1B:DC:47:67:A6:D5:EB:E0:BE:FA:5C:A1:23:53:08:F7:5E:48:89:1A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9149C2D/4D5A7880087311E79C839B09C4F9AE02/G9xHZ6bV6-C--lyhI1MI915IiRo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/G9xHZ6bV6-C--lyhI1MI915IiRo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9149C2D/4D5A7880087311E79C839B09C4F9AE02/G9xHZ6bV6-C--lyhI1MI915IiRo.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:4f:76:1d:0d:c9:05:12:6b:02:ce:e9:e0:ac:d9:30:ab:7d:
         25:f6:3c:6f:d1:28:3c:64:b5:0a:93:a6:e9:b9:ba:36:dc:08:
         0a:cc:e3:f7:3d:51:f0:91:7e:c1:2a:11:76:ff:10:db:06:24:
         3d:70:42:6a:40:e8:bc:07:b2:50:3c:18:27:1f:bd:3c:c3:65:
         1d:f2:d4:dc:83:3d:ce:b3:d4:02:d5:82:ea:b9:06:af:fd:fb:
         f0:be:9d:6c:5d:54:20:c2:6e:d2:ce:3b:b1:ed:ef:50:15:f5:
         10:4e:74:b4:5d:15:7e:30:6d:e8:88:49:e5:73:e6:cf:fd:76:
         e9:71:a6:25:b2:74:c8:6e:b6:b2:83:d3:23:9e:c6:93:17:99:
         2f:03:60:37:8a:38:39:7c:f1:64:3a:44:f4:b6:af:bd:3e:9f:
         76:05:20:af:72:fd:b4:c0:7a:a0:b9:2f:f0:96:63:78:6f:55:
         ef:fb:b2:04:55:2d:7c:e8:5e:37:ea:a1:cf:78:75:ee:fb:90:
         13:b4:b6:41:6d:48:99:3e:b4:21:95:7c:84:4b:c0:85:7e:fa:
         ae:15:e1:19:31:f8:81:9b:55:2e:13:02:76:e8:7b:2e:9f:2c:
         39:f8:92:85:01:4d:c6:1a:73:ef:9d:a7:99:33:26:08:e0:4f:
         ce:94:fa:db
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICG8AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDlDMkQxMTAvBgNVBAUTKDFCREM0NzY3QTZENUVCRTBCRUZBNUNBMTIzNTMwOEY3
NUU0ODg5MUEwHhcNMjUwNzIyMTYyMzE1WhcNMjUwNzI5MTYyMzE1WjAYMRYwFAYD
VQQDEw02ODdmYmFmMy1kYjY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9xLDu+nA2DGu0SXRUjKD9NSe6QekBdYRBqncS1FlxzX05J8J1j+Rn6UHxX11
7Tsx2/3GscA2YYCR+mW3+iHhDWKp/eHlG9LD1AV35XGIA0bVwg8l7SY8OifVmNm7
uB+4IF9XxgY1l/D3npMZJbvY6P0GyCXBSB1gjzyQXguEXEXdXiBO0A1tt9fwDuqK
+OFvOI2HBewqX5kw7mfshEq18vcx3xZw1vHKgpVaP0xHWVxTAw0HgYLA9SA2tnwe
VXohpHATdgoOR7i35vMrTnT0hEORSF1tFUl1YIufTtTXBE0mPSj9hdauL5CHuO+N
hXt67Pr+p6WDV5qGMLiOBFtbGQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFF73tw/I
m+i0Odc1L3OcRMEh8/uSMB8GA1UdIwQYMBaAFBvcR2em1evgvvpcoSNTCPdeSIka
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OUMyRC80RDVBNzg4MDA4
NzMxMUU3OUM4MzlCMDlDNEY5QUUwMi9HOXhIWjZiVjYtQy0tbHloSTFNSTkxNUlp
Um8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0c5eEhaNmJWNi1DLS1seWhJMU1JOTE1SWlSby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
OUMyRC80RDVBNzg4MDA4NzMxMUU3OUM4MzlCMDlDNEY5QUUwMi9HOXhIWjZiVjYt
Qy0tbHloSTFNSTkxNUlpUm8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQByT3YdDckFEmsCzungrNkwq30l9jxv0Sg8ZLUKk6bpubo23AgKzOP3
PVHwkX7BKhF2/xDbBiQ9cEJqQOi8B7JQPBgnH708w2Ud8tTcgz3Os9QC1YLquQav
/fvwvp1sXVQgwm7Szjux7e9QFfUQTnS0XRV+MG3oiEnlc+bP/XbpcaYlsnTIbray
g9MjnsaTF5kvA2A3ijg5fPFkOkT0tq+9Pp92BSCvcv20wHqguS/wlmN4b1Xv+7IE
VS186F436qHPeHXu+5ATtLZBbUiZPrQhlXyES8CFfvquFeEZMfiBm1UuEwJ26Hsu
nyw5+JKFAU3GGnPvnaeZMyYI4E/OlPrb
-----END CERTIFICATE-----
Generated at Wed Jul 23 08:13:20 2025 by rpki-client