Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9149C2D/4D5A7880087311E79C839B09C4F9AE02/G9xHZ6bV6-C--lyhI1MI915IiRo.mft
File:                     G9xHZ6bV6-C--lyhI1MI915IiRo.mft (raw, json)
Hash identifier:          WMiX2rERL1vt/wPE+6Ry3Mf2qc6DAicf4mU9QsB9sVk=
Subject key identifier:   58:1D:72:CB:09:6E:0C:18:84:0E:F7:CE:EC:95:7D:AD:EB:1F:96:4E
Authority key identifier: 1B:DC:47:67:A6:D5:EB:E0:BE:FA:5C:A1:23:53:08:F7:5E:48:89:1A
Certificate issuer:       /CN=A9149C2D/serialNumber=1BDC4767A6D5EBE0BEFA5CA1235308F75E48891A
Certificate serial:       1BC1
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/G9xHZ6bV6-C--lyhI1MI915IiRo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9149C2D/4D5A7880087311E79C839B09C4F9AE02/G9xHZ6bV6-C--lyhI1MI915IiRo.mft
Manifest number:          1BAF
Signing time:             Thu 24 Jul 2025 16:21:46 +0000
Manifest this update:     Thu 24 Jul 2025 16:21:46 +0000
Manifest next update:     Thu 31 Jul 2025 16:21:46 +0000
Files and hashes:         1: G9xHZ6bV6-C--lyhI1MI915IiRo.crl (hash: pR3BEkFcFH8yM6P/yASoDeTxtQkYXcxhRsIvh7XGN+k=)
                          2: A607F8965F4611EE80BD8D2DC4F9AE02.roa (hash: wynmFUF72+WqOIzeId16MY3qAbLuhLthoUyin6hAIaA=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9149C2D/4D5A7880087311E79C839B09C4F9AE02/G9xHZ6bV6-C--lyhI1MI915IiRo.crl
                          rsync://rpki.apnic.net/member_repository/A9149C2D/4D5A7880087311E79C839B09C4F9AE02/G9xHZ6bV6-C--lyhI1MI915IiRo.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/G9xHZ6bV6-C--lyhI1MI915IiRo.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 31 Jul 2025 16:21:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7105 (0x1bc1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9149C2D, serialNumber=1BDC4767A6D5EBE0BEFA5CA1235308F75E48891A
        Validity
            Not Before: Jul 24 16:21:46 2025 GMT
            Not After : Jul 31 16:21:46 2025 GMT
        Subject: CN=68825d9a-1774
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:85:1f:0b:6b:9d:e1:f7:5a:58:60:6a:55:4b:
                    87:0d:b0:4b:5e:b6:f9:c6:31:4b:a7:4b:6f:e2:db:
                    a5:5a:a3:b9:ef:56:6a:5c:d2:70:71:8e:ae:47:30:
                    56:86:f2:ec:91:28:b4:7e:41:e7:34:d2:5f:9e:0b:
                    3e:71:c8:c6:cb:66:5f:0f:9b:d7:01:6a:08:53:52:
                    64:7a:87:51:4a:d9:ab:a9:fa:3f:a8:0e:0b:ec:a1:
                    53:4a:49:a2:12:cd:9d:d3:d0:c3:d8:55:44:5b:74:
                    13:06:c9:fa:3f:3e:34:a5:95:b1:b1:32:fd:1a:da:
                    0c:af:23:9e:05:ab:f0:bd:2e:7c:78:bb:00:57:90:
                    84:d7:8c:22:b3:25:64:3a:78:af:d1:2e:bf:89:ba:
                    0c:35:a3:af:22:d4:e7:d1:3d:5b:ee:46:dc:e9:b5:
                    ff:c7:63:ac:d9:c5:01:37:be:a3:ed:e7:ca:dd:7b:
                    28:a7:97:28:51:8c:bf:33:8e:62:7d:b9:fd:69:47:
                    17:a0:86:a1:f7:da:5f:af:35:4b:b4:6e:aa:ee:4b:
                    f9:7e:32:c3:67:13:9f:45:1a:5d:57:c3:1d:df:ec:
                    de:64:c5:24:5b:e3:4c:63:ca:30:25:e3:12:c9:f9:
                    9b:eb:1d:08:3b:da:1b:4d:2a:45:1b:88:7f:21:84:
                    66:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:1D:72:CB:09:6E:0C:18:84:0E:F7:CE:EC:95:7D:AD:EB:1F:96:4E
            X509v3 Authority Key Identifier:
                keyid:1B:DC:47:67:A6:D5:EB:E0:BE:FA:5C:A1:23:53:08:F7:5E:48:89:1A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9149C2D/4D5A7880087311E79C839B09C4F9AE02/G9xHZ6bV6-C--lyhI1MI915IiRo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/G9xHZ6bV6-C--lyhI1MI915IiRo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9149C2D/4D5A7880087311E79C839B09C4F9AE02/G9xHZ6bV6-C--lyhI1MI915IiRo.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:00:07:ff:4d:55:bd:e1:c8:51:7a:c7:e9:6d:a9:ad:ca:7c:
         fd:37:23:b2:c7:4e:05:b2:ce:42:e4:95:3e:20:2d:cb:71:f7:
         ed:a0:66:11:d6:52:14:63:32:75:df:a7:7a:47:79:0e:56:0a:
         c3:42:2c:92:03:f7:97:f5:e9:1d:3b:58:46:87:69:2e:47:2d:
         a1:41:3e:8f:5e:1c:a7:37:cb:23:2a:cd:74:60:6e:0e:27:55:
         c8:95:16:85:73:59:f1:e5:f2:80:35:5c:20:e3:42:b5:c5:0e:
         9d:00:e7:e9:67:0f:c2:83:4c:ed:84:d3:36:bb:59:14:43:57:
         9f:96:5e:ee:8f:a6:07:7e:d4:3f:33:05:f4:76:1f:ea:8f:3d:
         df:05:9a:96:a4:4e:66:83:b9:e5:09:94:6c:42:d2:ad:24:b5:
         6c:a1:ea:f1:d8:84:2d:fb:2e:d9:a6:f7:11:0e:c3:55:3f:59:
         f6:42:0f:c2:7f:b7:07:bd:c6:88:fe:27:53:56:ee:f6:f8:15:
         97:90:5d:d9:f0:43:3d:cd:80:9c:1e:48:65:49:88:6d:8a:12:
         68:66:0a:e6:da:4a:5b:94:0a:c6:5f:34:c7:83:14:42:16:5e:
         2b:fc:fc:53:a0:de:47:39:1d:9a:f2:99:aa:07:f2:9f:c5:93:
         ad:28:90:bb
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICG8EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDlDMkQxMTAvBgNVBAUTKDFCREM0NzY3QTZENUVCRTBCRUZBNUNBMTIzNTMwOEY3
NUU0ODg5MUEwHhcNMjUwNzI0MTYyMTQ2WhcNMjUwNzMxMTYyMTQ2WjAYMRYwFAYD
VQQDEw02ODgyNWQ5YS0xNzc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvYUfC2ud4fdaWGBqVUuHDbBLXrb5xjFLp0tv4tulWqO571ZqXNJwcY6uRzBW
hvLskSi0fkHnNNJfngs+ccjGy2ZfD5vXAWoIU1JkeodRStmrqfo/qA4L7KFTSkmi
Es2d09DD2FVEW3QTBsn6Pz40pZWxsTL9GtoMryOeBavwvS58eLsAV5CE14wisyVk
Oniv0S6/iboMNaOvItTn0T1b7kbc6bX/x2Os2cUBN76j7efK3Xsop5coUYy/M45i
fbn9aUcXoIah99pfrzVLtG6q7kv5fjLDZxOfRRpdV8Md3+zeZMUkW+NMY8owJeMS
yfmb6x0IO9obTSpFG4h/IYRmzQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFgdcssJ
bgwYhA73zuyVfa3rH5ZOMB8GA1UdIwQYMBaAFBvcR2em1evgvvpcoSNTCPdeSIka
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OUMyRC80RDVBNzg4MDA4
NzMxMUU3OUM4MzlCMDlDNEY5QUUwMi9HOXhIWjZiVjYtQy0tbHloSTFNSTkxNUlp
Um8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0c5eEhaNmJWNi1DLS1seWhJMU1JOTE1SWlSby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
OUMyRC80RDVBNzg4MDA4NzMxMUU3OUM4MzlCMDlDNEY5QUUwMi9HOXhIWjZiVjYt
Qy0tbHloSTFNSTkxNUlpUm8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCcAAf/TVW94chResfpbamtynz9NyOyx04Fss5C5JU+IC3LcfftoGYR
1lIUYzJ136d6R3kOVgrDQiySA/eX9ekdO1hGh2kuRy2hQT6PXhynN8sjKs10YG4O
J1XIlRaFc1nx5fKANVwg40K1xQ6dAOfpZw/Cg0zthNM2u1kUQ1efll7uj6YHftQ/
MwX0dh/qjz3fBZqWpE5mg7nlCZRsQtKtJLVsoerx2IQt+y7ZpvcRDsNVP1n2Qg/C
f7cHvcaI/idTVu72+BWXkF3Z8EM9zYCcHkhlSYhtihJoZgrm2kpblArGXzTHgxRC
Fl4r/PxToN5HOR2a8pmqB/KfxZOtKJC7
-----END CERTIFICATE-----
Generated at Fri Jul 25 18:21:53 2025 by rpki-client