Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9152EF3/76A7D628B67D11E98E13C486C4F9AE02/Z0R0jWHExsd2QO9YRxTpeEPR6gI.mft
File:                     Z0R0jWHExsd2QO9YRxTpeEPR6gI.mft (raw, json)
Hash identifier:          sxGpaJ5k8V5Wfi+R1ljK/P1eaj0QUu1AvwM3FYN9+OU=
Subject key identifier:   8B:59:1A:E0:17:AB:F4:BF:1E:AA:7B:06:3A:32:D4:B5:28:2B:84:48
Authority key identifier: 67:44:74:8D:61:C4:C6:C7:76:40:EF:58:47:14:E9:78:43:D1:EA:02
Certificate issuer:       /CN=A9152EF3/serialNumber=6744748D61C4C6C77640EF584714E97843D1EA02
Certificate serial:       0DF2
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z0R0jWHExsd2QO9YRxTpeEPR6gI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9152EF3/76A7D628B67D11E98E13C486C4F9AE02/Z0R0jWHExsd2QO9YRxTpeEPR6gI.mft
Manifest number:          0DEC
Signing time:             Thu 24 Jul 2025 18:01:13 +0000
Manifest this update:     Thu 24 Jul 2025 18:01:12 +0000
Manifest next update:     Thu 31 Jul 2025 18:01:12 +0000
Files and hashes:         1: Z0R0jWHExsd2QO9YRxTpeEPR6gI.crl (hash: y4iNrmu8/bJE0BX1gzW67YrqnRd5/NGtc6SOlnc84rE=)
                          2: E4AAD78CEFFE11E991390613C4F9AE02.roa (hash: zpjIrqbuu6FZf6yZ6yRXtcMiYEO9icrMtSLSk/Oo5Eo=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9152EF3/76A7D628B67D11E98E13C486C4F9AE02/Z0R0jWHExsd2QO9YRxTpeEPR6gI.crl
                          rsync://rpki.apnic.net/member_repository/A9152EF3/76A7D628B67D11E98E13C486C4F9AE02/Z0R0jWHExsd2QO9YRxTpeEPR6gI.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z0R0jWHExsd2QO9YRxTpeEPR6gI.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 31 Jul 2025 18:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3570 (0xdf2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9152EF3, serialNumber=6744748D61C4C6C77640EF584714E97843D1EA02
        Validity
            Not Before: Jul 24 18:01:12 2025 GMT
            Not After : Jul 31 18:01:12 2025 GMT
        Subject: CN=688274e8-a24e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:b6:55:f8:95:18:e8:39:0d:87:ee:13:66:f4:
                    c0:9a:62:41:5e:66:21:1c:fa:1a:27:cf:ad:46:78:
                    9c:63:55:11:4b:cc:55:92:df:95:b5:fd:73:1a:02:
                    19:88:d5:c5:cf:13:de:d6:f9:de:1c:3d:10:55:e3:
                    1b:06:b3:7e:17:f2:b8:f9:b8:89:83:72:4d:81:ed:
                    c0:e8:f4:7a:b5:ed:aa:91:9a:00:6a:12:7a:8f:43:
                    ea:25:a9:dc:c4:cd:d2:86:cc:17:5b:ff:ac:e8:3d:
                    35:fb:74:1e:61:47:4b:ad:a0:e8:3f:d4:38:a1:c7:
                    18:40:b2:31:5a:eb:3d:1c:b5:81:e9:31:8b:d4:00:
                    9d:a8:cc:19:3d:22:1b:78:5a:eb:40:00:ea:ca:d2:
                    63:33:fa:b4:12:5c:59:79:5d:3c:87:36:d8:7d:79:
                    29:9f:2b:d9:ca:e0:a7:50:f3:ab:f4:0c:80:84:24:
                    c3:3c:0f:6c:65:f8:2c:af:9b:8d:f0:38:cc:d7:1d:
                    09:47:5c:bb:a5:74:e7:a4:aa:bd:be:93:5b:94:5d:
                    99:a8:39:23:13:39:59:9d:d5:cb:78:25:9c:da:99:
                    e0:2b:a5:b5:99:90:a0:7a:e8:e9:ca:55:c1:ae:a0:
                    f8:3a:b6:44:a3:db:53:9d:e8:9a:3f:63:c7:51:dc:
                    99:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:59:1A:E0:17:AB:F4:BF:1E:AA:7B:06:3A:32:D4:B5:28:2B:84:48
            X509v3 Authority Key Identifier:
                keyid:67:44:74:8D:61:C4:C6:C7:76:40:EF:58:47:14:E9:78:43:D1:EA:02

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9152EF3/76A7D628B67D11E98E13C486C4F9AE02/Z0R0jWHExsd2QO9YRxTpeEPR6gI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z0R0jWHExsd2QO9YRxTpeEPR6gI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9152EF3/76A7D628B67D11E98E13C486C4F9AE02/Z0R0jWHExsd2QO9YRxTpeEPR6gI.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:90:19:d4:7c:69:3f:b5:56:0b:6e:01:49:f2:a3:5d:80:7d:
         96:bf:2c:f0:e4:19:09:89:04:34:fc:41:ba:cb:27:38:67:4f:
         a9:ca:b0:47:97:86:61:5b:92:ce:1d:6c:51:7b:fc:fb:5f:c2:
         d0:63:3f:af:20:01:82:3a:ed:01:3d:c6:9c:0f:76:cb:1d:6b:
         c4:b6:5e:da:cf:81:de:95:aa:ef:b7:b4:2f:a9:47:02:6f:e4:
         4b:c6:b4:cd:54:3f:d4:02:68:55:dc:c0:61:ed:56:d5:75:cb:
         71:05:07:85:74:c0:bb:d3:ac:1c:79:cc:f3:6a:09:ad:6b:16:
         9d:be:a1:7e:57:f2:a2:28:d8:e3:59:6a:43:5e:6b:53:59:21:
         a1:6d:26:67:c3:c5:d2:24:a9:8e:60:48:d8:e5:be:8f:b3:db:
         c4:4b:6a:17:4b:b6:d8:d3:7f:94:36:12:e2:a0:c4:f1:12:a1:
         61:7b:4f:1a:eb:93:23:31:ae:44:4e:4d:36:e6:c5:2f:cd:9e:
         73:ad:b7:cb:61:e9:20:63:c1:74:5c:9c:af:ef:44:c6:f9:c0:
         b4:ea:56:3a:32:74:51:38:a5:4f:98:f2:62:03:0e:8e:c1:06:
         b2:0c:65:47:e2:ac:fe:57:6f:9e:23:3e:1e:b7:b1:5a:3d:f4:
         a8:3a:ab:cb
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICDfIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTJFRjMxMTAvBgNVBAUTKDY3NDQ3NDhENjFDNEM2Qzc3NjQwRUY1ODQ3MTRFOTc4
NDNEMUVBMDIwHhcNMjUwNzI0MTgwMTEyWhcNMjUwNzMxMTgwMTEyWjAYMRYwFAYD
VQQDEw02ODgyNzRlOC1hMjRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu7ZV+JUY6DkNh+4TZvTAmmJBXmYhHPoaJ8+tRnicY1URS8xVkt+Vtf1zGgIZ
iNXFzxPe1vneHD0QVeMbBrN+F/K4+biJg3JNge3A6PR6te2qkZoAahJ6j0PqJanc
xM3ShswXW/+s6D01+3QeYUdLraDoP9Q4occYQLIxWus9HLWB6TGL1ACdqMwZPSIb
eFrrQADqytJjM/q0ElxZeV08hzbYfXkpnyvZyuCnUPOr9AyAhCTDPA9sZfgsr5uN
8DjM1x0JR1y7pXTnpKq9vpNblF2ZqDkjEzlZndXLeCWc2pngK6W1mZCgeujpylXB
rqD4OrZEo9tTneiaP2PHUdyZDQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFItZGuAX
q/S/Hqp7Bjoy1LUoK4RIMB8GA1UdIwQYMBaAFGdEdI1hxMbHdkDvWEcU6XhD0eoC
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MkVGMy83NkE3RDYyOEI2
N0QxMUU5OEUxM0M0ODZDNEY5QUUwMi9aMFIwaldIRXhzZDJRTzlZUnhUcGVFUFI2
Z0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1owUjBqV0hFeHNkMlFPOVlSeFRwZUVQUjZnSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
MkVGMy83NkE3RDYyOEI2N0QxMUU5OEUxM0M0ODZDNEY5QUUwMi9aMFIwaldIRXhz
ZDJRTzlZUnhUcGVFUFI2Z0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCfkBnUfGk/tVYLbgFJ8qNdgH2Wvyzw5BkJiQQ0/EG6yyc4Z0+pyrBH
l4ZhW5LOHWxRe/z7X8LQYz+vIAGCOu0BPcacD3bLHWvEtl7az4Helarvt7QvqUcC
b+RLxrTNVD/UAmhV3MBh7VbVdctxBQeFdMC706wceczzagmtaxadvqF+V/KiKNjj
WWpDXmtTWSGhbSZnw8XSJKmOYEjY5b6Ps9vES2oXS7bY03+UNhLioMTxEqFhe08a
65MjMa5ETk025sUvzZ5zrbfLYekgY8F0XJyv70TG+cC06lY6MnRROKVPmPJiAw6O
wQayDGVH4qz+V2+eIz4et7FaPfSoOqvL
-----END CERTIFICATE-----
Generated at Fri Jul 25 07:10:39 2025 by rpki-client