Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A914E070/89C5597CBC1011EE8BEB137AC4F9AE02/U5u3bIpDeaTeOZwFLTjBtFOmbxs.mft
File:                     U5u3bIpDeaTeOZwFLTjBtFOmbxs.mft (raw, json)
Hash identifier:          C+1WXBNdgqOXDQE5mllnhmp/NY/m6askCm5vZWYh88Y=
Subject key identifier:   8F:DE:43:4C:72:FA:4E:33:7D:24:2F:EE:17:99:FF:52:E4:FC:7D:0F
Authority key identifier: 53:9B:B7:6C:8A:43:79:A4:DE:39:9C:05:2D:38:C1:B4:53:A6:6F:1B
Certificate issuer:       /CN=A914E070/serialNumber=539BB76C8A4379A4DE399C052D38C1B453A66F1B
Certificate serial:       011C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U5u3bIpDeaTeOZwFLTjBtFOmbxs.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A914E070/89C5597CBC1011EE8BEB137AC4F9AE02/U5u3bIpDeaTeOZwFLTjBtFOmbxs.mft
Manifest number:          0119
Signing time:             Sat 19 Jul 2025 05:05:15 +0000
Manifest this update:     Sat 19 Jul 2025 05:05:15 +0000
Manifest next update:     Sat 26 Jul 2025 05:05:15 +0000
Files and hashes:         1: U5u3bIpDeaTeOZwFLTjBtFOmbxs.crl (hash: DgnvtZ5xYKP9WRuEOyZDgtcnEhbq4EGNM0p7qKUY2xw=)
                          2: 3772F678BC1211EE8C54FD2EC4F9AE02.roa (hash: PzMfqv/JTphrRExc8y93sSocbbq7cPC2A1xhsVGan2A=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A914E070/89C5597CBC1011EE8BEB137AC4F9AE02/U5u3bIpDeaTeOZwFLTjBtFOmbxs.crl
                          rsync://rpki.apnic.net/member_repository/A914E070/89C5597CBC1011EE8BEB137AC4F9AE02/U5u3bIpDeaTeOZwFLTjBtFOmbxs.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U5u3bIpDeaTeOZwFLTjBtFOmbxs.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 26 Jul 2025 05:05:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 284 (0x11c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A914E070, serialNumber=539BB76C8A4379A4DE399C052D38C1B453A66F1B
        Validity
            Not Before: Jul 19 05:05:15 2025 GMT
            Not After : Jul 26 05:05:15 2025 GMT
        Subject: CN=687b278b-91d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:8b:14:67:dc:a2:ca:2f:1f:60:f9:c2:56:29:
                    c1:81:11:96:c3:55:2f:40:7f:5a:e5:cd:b7:40:6e:
                    56:b9:f5:7f:79:5b:ef:14:56:eb:e5:ea:fe:65:45:
                    c6:39:88:dc:af:21:be:6f:eb:dd:d3:62:f7:6c:52:
                    5e:c9:ea:57:54:46:e1:a0:de:a3:53:8c:a5:22:d6:
                    e9:22:c7:a1:ea:12:52:d1:16:f5:84:e7:7d:a6:19:
                    8d:b3:16:8f:f2:c1:58:6b:4a:7d:ec:d0:0a:ac:1d:
                    7e:c5:20:e8:d7:6e:45:6f:ae:93:3a:cd:5c:10:ce:
                    05:b8:81:a0:33:3f:30:15:42:8b:0e:b2:5d:c5:69:
                    fc:25:e0:2e:1b:bf:5d:9c:67:6c:53:38:3f:0b:25:
                    65:ae:8f:ac:b9:70:92:0a:4e:3e:9a:01:f8:bb:b3:
                    f2:5c:b7:3b:89:0d:5a:43:35:7a:e4:ad:b6:6d:bd:
                    de:d3:13:47:f7:2f:73:b7:95:d4:7a:5d:55:50:d5:
                    a8:ef:fa:68:6a:b4:f6:b3:be:82:b7:5b:3e:e0:47:
                    dd:2c:e9:df:a7:18:b0:30:4a:cc:b5:d9:f4:f0:de:
                    9b:5b:b7:d7:1f:a5:bf:d0:fc:ce:a1:b6:16:80:07:
                    97:ce:b5:cd:cb:db:7a:75:e1:56:72:42:26:14:1e:
                    db:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:DE:43:4C:72:FA:4E:33:7D:24:2F:EE:17:99:FF:52:E4:FC:7D:0F
            X509v3 Authority Key Identifier:
                keyid:53:9B:B7:6C:8A:43:79:A4:DE:39:9C:05:2D:38:C1:B4:53:A6:6F:1B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A914E070/89C5597CBC1011EE8BEB137AC4F9AE02/U5u3bIpDeaTeOZwFLTjBtFOmbxs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U5u3bIpDeaTeOZwFLTjBtFOmbxs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914E070/89C5597CBC1011EE8BEB137AC4F9AE02/U5u3bIpDeaTeOZwFLTjBtFOmbxs.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:ee:2f:36:f9:e9:34:32:15:77:be:1e:9f:fb:2f:31:dc:e9:
         4d:dd:d8:3b:71:e3:66:8d:44:50:68:55:f1:d6:af:85:b8:23:
         7d:c7:99:61:ba:54:63:d0:9e:24:74:16:5a:e2:73:3d:bf:b9:
         9a:01:e3:59:4b:2b:ec:2a:29:7a:a7:6e:94:dc:bf:15:97:98:
         56:24:fb:3c:05:e1:26:cb:9b:50:fa:73:29:d7:93:9d:09:86:
         51:ab:81:a2:29:06:ee:26:e7:91:c8:58:a9:ce:99:c1:5b:99:
         7f:2f:14:51:2c:2b:79:07:fd:b6:2d:35:a4:03:3e:42:a8:34:
         9c:eb:d7:de:bc:af:d0:7e:f0:44:48:19:99:9f:34:09:2f:46:
         9b:d4:e4:e4:c8:9b:2b:fb:79:0a:fb:50:c8:80:18:b3:9f:3e:
         12:40:33:ff:ae:ab:5d:2e:f2:7f:31:92:eb:bd:b0:db:b1:29:
         0f:c1:26:30:73:cc:a6:72:2d:aa:a8:28:73:c8:91:e4:4b:fc:
         bf:3f:cb:72:cc:2d:85:46:51:4b:10:4b:dd:af:99:80:6e:8c:
         9f:8a:89:8a:a3:88:8c:64:5f:98:08:8a:ee:a9:d7:24:e1:9b:
         0e:19:ae:20:a3:7d:55:9c:da:f7:0c:a1:d7:3a:34:b6:43:bd:
         91:90:cf:2e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICARwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEUwNzAxMTAvBgNVBAUTKDUzOUJCNzZDOEE0Mzc5QTRERTM5OUMwNTJEMzhDMUI0
NTNBNjZGMUIwHhcNMjUwNzE5MDUwNTE1WhcNMjUwNzI2MDUwNTE1WjAYMRYwFAYD
VQQDEw02ODdiMjc4Yi05MWQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuosUZ9yiyi8fYPnCVinBgRGWw1UvQH9a5c23QG5WufV/eVvvFFbr5er+ZUXG
OYjcryG+b+vd02L3bFJeyepXVEbhoN6jU4ylItbpIseh6hJS0Rb1hOd9phmNsxaP
8sFYa0p97NAKrB1+xSDo125Fb66TOs1cEM4FuIGgMz8wFUKLDrJdxWn8JeAuG79d
nGdsUzg/CyVlro+suXCSCk4+mgH4u7PyXLc7iQ1aQzV65K22bb3e0xNH9y9zt5XU
el1VUNWo7/poarT2s76Ct1s+4EfdLOnfpxiwMErMtdn08N6bW7fXH6W/0PzOobYW
gAeXzrXNy9t6deFWckImFB7bswIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFI/eQ0xy
+k4zfSQv7heZ/1Lk/H0PMB8GA1UdIwQYMBaAFFObt2yKQ3mk3jmcBS04wbRTpm8b
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RTA3MC84OUM1NTk3Q0JD
MTAxMUVFOEJFQjEzN0FDNEY5QUUwMi9VNXUzYklwRGVhVGVPWndGTFRqQnRGT21i
eHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1U1dTNiSXBEZWFUZU9ad0ZMVGpCdEZPbWJ4cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
RTA3MC84OUM1NTk3Q0JDMTAxMUVFOEJFQjEzN0FDNEY5QUUwMi9VNXUzYklwRGVh
VGVPWndGTFRqQnRGT21ieHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBh7i82+ek0MhV3vh6f+y8x3OlN3dg7ceNmjURQaFXx1q+FuCN9x5lh
ulRj0J4kdBZa4nM9v7maAeNZSyvsKil6p26U3L8Vl5hWJPs8BeEmy5tQ+nMp15Od
CYZRq4GiKQbuJueRyFipzpnBW5l/LxRRLCt5B/22LTWkAz5CqDSc69fevK/QfvBE
SBmZnzQJL0ab1OTkyJsr+3kK+1DIgBiznz4SQDP/rqtdLvJ/MZLrvbDbsSkPwSYw
c8ymci2qqChzyJHkS/y/P8tyzC2FRlFLEEvdr5mAboyfiomKo4iMZF+YCIruqdck
4ZsOGa4go31VnNr3DKHXOjS2Q72RkM8u
-----END CERTIFICATE-----
Generated at Sun Jul 20 11:40:20 2025 by rpki-client