Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A914E488/F88698CA240511EDB987B823C4F9AE02/kDo4Q2eaCxBdykhcPWSPPREnL7c.mft
File:                     kDo4Q2eaCxBdykhcPWSPPREnL7c.mft (raw, json)
Hash identifier:          MSEAfRnglsZhE+sLmhJy+OPFGtptG3foZul8wCnjDTs=
Subject key identifier:   A3:32:7A:41:C8:19:29:9E:85:B7:8A:0B:1A:C0:C0:E9:D4:D1:95:DD
Authority key identifier: 90:3A:38:43:67:9A:0B:10:5D:CA:48:5C:3D:64:8F:3D:11:27:2F:B7
Certificate issuer:       /CN=A914E488/serialNumber=903A3843679A0B105DCA485C3D648F3D11272FB7
Certificate serial:       025E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kDo4Q2eaCxBdykhcPWSPPREnL7c.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A914E488/F88698CA240511EDB987B823C4F9AE02/kDo4Q2eaCxBdykhcPWSPPREnL7c.mft
Manifest number:          025A
Signing time:             Wed 23 Jul 2025 02:16:14 +0000
Manifest this update:     Wed 23 Jul 2025 02:16:13 +0000
Manifest next update:     Wed 30 Jul 2025 02:16:13 +0000
Files and hashes:         1: kDo4Q2eaCxBdykhcPWSPPREnL7c.crl (hash: tkaRzQtFK62ttpLUZhXMQBa9C1ocueF7+wu7BsQbwak=)
                          2: 606EB6AE240911EDBFA59C27C4F9AE02.roa (hash: NNo4SAwO23W3h7iwFhvtQVGgAhn5LQhxSRbEa+xKr7I=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A914E488/F88698CA240511EDB987B823C4F9AE02/kDo4Q2eaCxBdykhcPWSPPREnL7c.crl
                          rsync://rpki.apnic.net/member_repository/A914E488/F88698CA240511EDB987B823C4F9AE02/kDo4Q2eaCxBdykhcPWSPPREnL7c.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kDo4Q2eaCxBdykhcPWSPPREnL7c.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 30 Jul 2025 02:16:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 606 (0x25e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A914E488, serialNumber=903A3843679A0B105DCA485C3D648F3D11272FB7
        Validity
            Not Before: Jul 23 02:16:13 2025 GMT
            Not After : Jul 30 02:16:13 2025 GMT
        Subject: CN=688045ee-8052
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:7e:44:35:fe:3a:9a:a4:72:a2:94:6d:f7:b8:
                    20:b9:88:b6:12:fd:ec:be:e8:87:68:c8:cf:5d:ac:
                    92:3e:e1:e2:90:7f:ac:13:33:a0:c7:bc:d5:05:8a:
                    57:ca:15:49:b3:eb:45:8d:3a:62:c4:67:f5:df:0f:
                    89:02:5a:05:98:e5:27:ad:a9:db:17:94:6b:0c:db:
                    a2:93:ea:77:6a:c4:84:fe:b5:40:1b:51:6e:f8:e0:
                    db:fc:54:f4:a4:3e:1a:66:b1:f3:91:32:c4:a0:63:
                    64:59:7e:8d:03:cd:cd:81:48:8e:9d:6f:14:52:c0:
                    9c:77:33:55:ac:1b:42:00:ab:d7:7e:b9:c3:06:07:
                    5f:fc:33:68:38:bf:a3:72:21:e1:5b:64:b6:ba:9f:
                    bf:96:f5:7a:27:22:cd:fb:9b:16:86:4d:b9:65:3e:
                    9f:ed:da:7a:a9:d6:3a:19:6e:cf:f7:26:1c:46:29:
                    80:1d:5d:6b:1f:d8:73:37:57:e7:64:45:6c:27:e7:
                    f4:ca:ab:ad:f6:be:ad:d2:25:e6:29:b9:13:b5:cd:
                    90:a9:5f:f7:87:17:dd:1b:88:d2:e9:b0:d5:6b:29:
                    76:14:50:26:8c:0e:d6:b1:d9:2a:81:aa:b0:b9:0d:
                    12:99:b9:35:c4:6c:5e:53:75:2e:1b:84:10:49:49:
                    3b:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:32:7A:41:C8:19:29:9E:85:B7:8A:0B:1A:C0:C0:E9:D4:D1:95:DD
            X509v3 Authority Key Identifier:
                keyid:90:3A:38:43:67:9A:0B:10:5D:CA:48:5C:3D:64:8F:3D:11:27:2F:B7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A914E488/F88698CA240511EDB987B823C4F9AE02/kDo4Q2eaCxBdykhcPWSPPREnL7c.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kDo4Q2eaCxBdykhcPWSPPREnL7c.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914E488/F88698CA240511EDB987B823C4F9AE02/kDo4Q2eaCxBdykhcPWSPPREnL7c.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:b6:ba:0a:f5:62:cc:2a:0c:89:ee:37:ba:55:2b:ea:70:b8:
         66:99:96:af:61:77:31:cf:96:b7:e6:d3:38:5a:d9:56:6a:a9:
         d6:56:02:df:4c:2b:94:39:8b:27:c4:94:3f:6c:11:0a:db:e7:
         a1:1d:ca:5a:45:db:6f:96:ff:9b:d0:8d:10:c4:15:70:81:93:
         80:f0:19:02:0c:e2:59:a0:09:79:e9:c2:b5:d5:cf:1b:42:29:
         07:e9:ea:ec:f8:90:fb:99:94:22:92:ee:6a:ab:cb:7e:6a:65:
         a7:ff:61:9f:d0:a9:09:11:fa:cd:9b:39:f9:31:4a:af:78:ab:
         fa:d2:fd:98:e4:31:e6:9d:ec:92:0d:60:e9:4d:ad:72:f7:e2:
         f3:52:21:0d:62:84:3a:32:c7:15:7f:23:16:18:20:55:88:a7:
         5c:28:86:9d:69:4b:7b:be:82:6d:c7:22:45:5a:02:a4:7a:2e:
         56:bc:35:a0:28:b8:69:19:a0:55:de:29:8d:63:37:47:c5:c3:
         f6:cf:2d:49:c9:15:9f:10:96:86:e4:50:f5:5a:e3:81:b4:0d:
         2e:ff:b4:c3:7a:1e:93:dc:a4:a7:46:a7:07:63:eb:86:9b:b6:
         e6:41:43:ad:f3:3e:16:f5:51:2f:9c:87:a6:52:ab:b5:4d:89:
         9d:91:63:64
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAl4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEU0ODgxMTAvBgNVBAUTKDkwM0EzODQzNjc5QTBCMTA1RENBNDg1QzNENjQ4RjNE
MTEyNzJGQjcwHhcNMjUwNzIzMDIxNjEzWhcNMjUwNzMwMDIxNjEzWjAYMRYwFAYD
VQQDEw02ODgwNDVlZS04MDUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtH5ENf46mqRyopRt97gguYi2Ev3svuiHaMjPXaySPuHikH+sEzOgx7zVBYpX
yhVJs+tFjTpixGf13w+JAloFmOUnranbF5RrDNuik+p3asSE/rVAG1Fu+ODb/FT0
pD4aZrHzkTLEoGNkWX6NA83NgUiOnW8UUsCcdzNVrBtCAKvXfrnDBgdf/DNoOL+j
ciHhW2S2up+/lvV6JyLN+5sWhk25ZT6f7dp6qdY6GW7P9yYcRimAHV1rH9hzN1fn
ZEVsJ+f0yqut9r6t0iXmKbkTtc2QqV/3hxfdG4jS6bDVayl2FFAmjA7Wsdkqgaqw
uQ0Smbk1xGxeU3UuG4QQSUk7vwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKMyekHI
GSmehbeKCxrAwOnU0ZXdMB8GA1UdIwQYMBaAFJA6OENnmgsQXcpIXD1kjz0RJy+3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RTQ4OC9GODg2OThDQTI0
MDUxMUVEQjk4N0I4MjNDNEY5QUUwMi9rRG80UTJlYUN4QmR5a2hjUFdTUFBSRW5M
N2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tEbzRRMmVhQ3hCZHlraGNQV1NQUFJFbkw3Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
RTQ4OC9GODg2OThDQTI0MDUxMUVEQjk4N0I4MjNDNEY5QUUwMi9rRG80UTJlYUN4
QmR5a2hjUFdTUFBSRW5MN2MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBytroK9WLMKgyJ7je6VSvqcLhmmZavYXcxz5a35tM4WtlWaqnWVgLf
TCuUOYsnxJQ/bBEK2+ehHcpaRdtvlv+b0I0QxBVwgZOA8BkCDOJZoAl56cK11c8b
QikH6ers+JD7mZQiku5qq8t+amWn/2Gf0KkJEfrNmzn5MUqveKv60v2Y5DHmneyS
DWDpTa1y9+LzUiENYoQ6MscVfyMWGCBViKdcKIadaUt7voJtxyJFWgKkei5WvDWg
KLhpGaBV3imNYzdHxcP2zy1JyRWfEJaG5FD1WuOBtA0u/7TDeh6T3KSnRqcHY+uG
m7bmQUOt8z4W9VEvnIemUqu1TYmdkWNk
-----END CERTIFICATE-----
Generated at Thu Jul 24 05:02:10 2025 by rpki-client