Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9152EF3/76A7D628B67D11E98E13C486C4F9AE02/Z0R0jWHExsd2QO9YRxTpeEPR6gI.mft
File:                     Z0R0jWHExsd2QO9YRxTpeEPR6gI.mft (raw, json)
Hash identifier:          MNuZMeYbIEclkot4Plj/3ERSSMuSHbYCfyhd4TXqbks=
Subject key identifier:   41:5B:F4:F1:45:A0:0C:35:27:8A:DC:72:D2:B3:76:71:14:EB:2F:F6
Authority key identifier: 67:44:74:8D:61:C4:C6:C7:76:40:EF:58:47:14:E9:78:43:D1:EA:02
Certificate issuer:       /CN=A9152EF3/serialNumber=6744748D61C4C6C77640EF584714E97843D1EA02
Certificate serial:       0DF1
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z0R0jWHExsd2QO9YRxTpeEPR6gI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9152EF3/76A7D628B67D11E98E13C486C4F9AE02/Z0R0jWHExsd2QO9YRxTpeEPR6gI.mft
Manifest number:          0DEB
Signing time:             Tue 22 Jul 2025 18:01:58 +0000
Manifest this update:     Tue 22 Jul 2025 18:01:58 +0000
Manifest next update:     Tue 29 Jul 2025 18:01:57 +0000
Files and hashes:         1: Z0R0jWHExsd2QO9YRxTpeEPR6gI.crl (hash: K0ENAZOjSZ2z3NAsMp8EvjSEtk1XK+RRnYJE6SiFg7Y=)
                          2: E4AAD78CEFFE11E991390613C4F9AE02.roa (hash: zpjIrqbuu6FZf6yZ6yRXtcMiYEO9icrMtSLSk/Oo5Eo=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9152EF3/76A7D628B67D11E98E13C486C4F9AE02/Z0R0jWHExsd2QO9YRxTpeEPR6gI.crl
                          rsync://rpki.apnic.net/member_repository/A9152EF3/76A7D628B67D11E98E13C486C4F9AE02/Z0R0jWHExsd2QO9YRxTpeEPR6gI.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z0R0jWHExsd2QO9YRxTpeEPR6gI.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 29 Jul 2025 18:01:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3569 (0xdf1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9152EF3, serialNumber=6744748D61C4C6C77640EF584714E97843D1EA02
        Validity
            Not Before: Jul 22 18:01:58 2025 GMT
            Not After : Jul 29 18:01:57 2025 GMT
        Subject: CN=687fd216-2416
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:8a:84:77:2f:58:a1:76:29:43:e3:ab:5b:3e:
                    26:3f:e5:48:05:50:9b:af:ea:ab:b6:89:73:01:70:
                    eb:35:4b:31:f2:1f:6b:3b:9b:57:71:f2:44:c3:33:
                    bd:04:fe:cb:81:9f:82:ad:41:65:37:d0:73:89:a3:
                    b5:68:ee:4a:73:da:98:78:f8:83:82:e6:7e:4a:a4:
                    5a:15:9f:dc:50:7b:d0:c7:02:87:d9:57:b9:7d:ea:
                    23:19:ca:1c:19:1d:a2:b2:5a:39:ba:b8:61:e7:14:
                    ee:ab:05:f3:6e:3d:97:f6:8a:8e:1b:59:2c:bc:7a:
                    6b:1d:49:a5:78:b4:b2:9b:85:e4:62:21:a9:f8:fa:
                    2e:55:97:d0:5b:66:2f:c0:56:fe:86:be:e5:ca:88:
                    5c:49:bc:f6:e5:6d:0d:b7:13:3e:a6:ba:c3:89:78:
                    6d:47:68:b6:ff:45:5d:ec:4c:e2:7e:44:d2:dd:02:
                    9d:98:df:6c:8d:9e:ed:8a:ea:d9:8a:54:aa:51:1e:
                    37:3e:d3:23:1b:8f:33:50:25:37:e9:c1:ba:6a:0b:
                    f1:7f:64:50:65:bc:8e:0f:1f:91:f0:c0:f2:83:6f:
                    4a:84:9d:aa:0a:5f:3b:9b:80:79:1b:a0:c9:dd:95:
                    28:b6:3c:57:77:0e:11:52:88:8f:c4:f0:3c:26:dd:
                    0c:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:5B:F4:F1:45:A0:0C:35:27:8A:DC:72:D2:B3:76:71:14:EB:2F:F6
            X509v3 Authority Key Identifier:
                keyid:67:44:74:8D:61:C4:C6:C7:76:40:EF:58:47:14:E9:78:43:D1:EA:02

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9152EF3/76A7D628B67D11E98E13C486C4F9AE02/Z0R0jWHExsd2QO9YRxTpeEPR6gI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z0R0jWHExsd2QO9YRxTpeEPR6gI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9152EF3/76A7D628B67D11E98E13C486C4F9AE02/Z0R0jWHExsd2QO9YRxTpeEPR6gI.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:33:d2:37:aa:d5:fc:2b:6a:0e:20:3c:52:98:85:95:a3:8d:
         67:a8:3a:e8:4c:26:ee:7a:2d:8c:1e:38:ce:2a:77:a5:d7:c2:
         58:74:ab:0e:37:da:6b:72:02:b3:c4:54:5d:69:f7:0b:e5:88:
         00:6e:ad:83:73:55:c4:83:44:36:8c:a2:ea:78:23:ab:8c:90:
         e6:a0:68:10:4d:84:31:33:2b:b0:e0:6f:c6:d3:ba:0a:d3:dc:
         f4:55:44:ef:84:81:e3:30:e9:39:69:05:3d:6d:97:32:02:db:
         5a:09:f7:07:9f:2d:bc:a2:cd:6d:df:a2:52:17:44:f1:0c:d1:
         84:f0:3d:e2:93:1b:cc:bd:60:35:c8:65:3a:6b:57:93:ad:05:
         98:e8:c2:ef:a4:06:f9:32:2f:b1:7a:b2:62:81:cd:a4:b1:10:
         68:fc:8c:0b:6e:8c:54:97:cc:85:46:12:27:05:77:18:6c:4a:
         1d:12:c8:d0:26:b7:0d:78:86:2d:d4:5c:61:78:aa:aa:f3:45:
         bd:6e:56:6e:f4:94:23:7d:f4:ef:b8:bd:5a:52:90:04:cc:79:
         ca:ce:1a:ce:32:61:6d:5a:01:d7:2d:cb:db:55:6a:f7:b0:e6:
         1f:f0:f0:5a:bf:a4:de:c6:4f:b7:80:2a:57:ad:55:34:99:0a:
         17:dd:a4:78
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICDfEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTJFRjMxMTAvBgNVBAUTKDY3NDQ3NDhENjFDNEM2Qzc3NjQwRUY1ODQ3MTRFOTc4
NDNEMUVBMDIwHhcNMjUwNzIyMTgwMTU4WhcNMjUwNzI5MTgwMTU3WjAYMRYwFAYD
VQQDEw02ODdmZDIxNi0yNDE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAroqEdy9YoXYpQ+OrWz4mP+VIBVCbr+qrtolzAXDrNUsx8h9rO5tXcfJEwzO9
BP7LgZ+CrUFlN9BziaO1aO5Kc9qYePiDguZ+SqRaFZ/cUHvQxwKH2Ve5feojGcoc
GR2islo5urhh5xTuqwXzbj2X9oqOG1ksvHprHUmleLSym4XkYiGp+PouVZfQW2Yv
wFb+hr7lyohcSbz25W0NtxM+prrDiXhtR2i2/0Vd7EzifkTS3QKdmN9sjZ7tiurZ
ilSqUR43PtMjG48zUCU36cG6agvxf2RQZbyODx+R8MDyg29KhJ2qCl87m4B5G6DJ
3ZUotjxXdw4RUoiPxPA8Jt0MVwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEFb9PFF
oAw1J4rcctKzdnEU6y/2MB8GA1UdIwQYMBaAFGdEdI1hxMbHdkDvWEcU6XhD0eoC
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MkVGMy83NkE3RDYyOEI2
N0QxMUU5OEUxM0M0ODZDNEY5QUUwMi9aMFIwaldIRXhzZDJRTzlZUnhUcGVFUFI2
Z0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1owUjBqV0hFeHNkMlFPOVlSeFRwZUVQUjZnSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
MkVGMy83NkE3RDYyOEI2N0QxMUU5OEUxM0M0ODZDNEY5QUUwMi9aMFIwaldIRXhz
ZDJRTzlZUnhUcGVFUFI2Z0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCbM9I3qtX8K2oOIDxSmIWVo41nqDroTCbuei2MHjjOKnel18JYdKsO
N9prcgKzxFRdafcL5YgAbq2Dc1XEg0Q2jKLqeCOrjJDmoGgQTYQxMyuw4G/G07oK
09z0VUTvhIHjMOk5aQU9bZcyAttaCfcHny28os1t36JSF0TxDNGE8D3ikxvMvWA1
yGU6a1eTrQWY6MLvpAb5Mi+xerJigc2ksRBo/IwLboxUl8yFRhInBXcYbEodEsjQ
JrcNeIYt1FxheKqq80W9blZu9JQjffTvuL1aUpAEzHnKzhrOMmFtWgHXLcvbVWr3
sOYf8PBav6Texk+3gCpXrVU0mQoX3aR4
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:26:22 2025 by rpki-client