Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9159309/A27B8BFC613D11F0B036B836C4F9AE02/b0XbXSi7uaZT-C0c94J6WYN2RfM.mft
File:                     b0XbXSi7uaZT-C0c94J6WYN2RfM.mft (raw, json)
Hash identifier:          jUTf8aD98C6nxoU4/nz1QJ+cYLv7ZSBhqKZN72UHLqQ=
Subject key identifier:   22:B8:8C:A8:FD:BB:CC:E3:E7:35:D0:84:AB:2F:1C:81:89:45:88:17
Authority key identifier: 6F:45:DB:5D:28:BB:B9:A6:53:F8:2D:1C:F7:82:7A:59:83:76:45:F3
Certificate issuer:       /CN=A9159309/serialNumber=6F45DB5D28BBB9A653F82D1CF7827A59837645F3
Certificate serial:       05
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b0XbXSi7uaZT-C0c94J6WYN2RfM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9159309/A27B8BFC613D11F0B036B836C4F9AE02/b0XbXSi7uaZT-C0c94J6WYN2RfM.mft
Manifest number:          05
Signing time:             Mon 21 Jul 2025 08:23:40 +0000
Manifest this update:     Mon 21 Jul 2025 08:23:39 +0000
Manifest next update:     Mon 28 Jul 2025 08:23:39 +0000
Files and hashes:         1: b0XbXSi7uaZT-C0c94J6WYN2RfM.crl (hash: cXg3cDDzjIHIvFUiR3APSKLq6S7dbcVEKTyZD1ajD8o=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9159309/A27B8BFC613D11F0B036B836C4F9AE02/b0XbXSi7uaZT-C0c94J6WYN2RfM.crl
                          rsync://rpki.apnic.net/member_repository/A9159309/A27B8BFC613D11F0B036B836C4F9AE02/b0XbXSi7uaZT-C0c94J6WYN2RfM.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b0XbXSi7uaZT-C0c94J6WYN2RfM.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 28 Jul 2025 08:23:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5 (0x5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9159309, serialNumber=6F45DB5D28BBB9A653F82D1CF7827A59837645F3
        Validity
            Not Before: Jul 21 08:23:39 2025 GMT
            Not After : Jul 28 08:23:39 2025 GMT
        Subject: CN=687df90b-9e9d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:8d:85:bc:62:47:62:db:67:d3:ad:f2:5e:e2:
                    7c:3b:d4:93:0d:f2:78:76:bd:56:0e:fc:6d:cf:27:
                    34:59:7d:ba:2a:41:f0:6b:d4:31:3c:e2:2a:36:bf:
                    e2:48:11:8b:3a:13:34:8f:89:1c:8d:67:73:0e:2e:
                    f8:37:d4:3b:8f:c5:5d:b2:14:bd:7e:f3:a5:c3:e8:
                    bd:6e:34:f0:a6:42:c3:d1:ca:5a:4f:a8:d1:ce:04:
                    aa:63:d1:f4:09:ed:30:6a:18:65:a3:fb:19:16:de:
                    1d:45:04:a9:b7:cb:65:01:7e:a2:ec:26:ab:89:d7:
                    e4:b2:e8:2c:f5:66:c2:4b:ea:6d:08:d4:ef:95:33:
                    dd:9f:96:54:a0:d1:1d:83:19:0e:f2:67:1f:9c:f0:
                    19:dc:fa:96:94:e2:a3:a1:81:3e:54:c1:5d:37:53:
                    8a:a7:4b:e1:e5:5a:77:b2:f9:30:e5:91:7f:89:47:
                    ac:ca:02:72:2e:74:87:42:be:9b:7e:41:74:ff:4e:
                    ff:05:57:62:dc:a1:54:91:a2:43:df:23:81:01:a8:
                    e3:28:5a:f4:ce:25:c2:19:bd:35:ea:76:d2:eb:9a:
                    68:94:2e:fb:6e:08:0c:04:9c:21:86:68:e5:96:5d:
                    d0:96:dc:20:38:7a:8f:c9:dc:6c:1b:e8:47:64:70:
                    0f:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:B8:8C:A8:FD:BB:CC:E3:E7:35:D0:84:AB:2F:1C:81:89:45:88:17
            X509v3 Authority Key Identifier:
                keyid:6F:45:DB:5D:28:BB:B9:A6:53:F8:2D:1C:F7:82:7A:59:83:76:45:F3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9159309/A27B8BFC613D11F0B036B836C4F9AE02/b0XbXSi7uaZT-C0c94J6WYN2RfM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b0XbXSi7uaZT-C0c94J6WYN2RfM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9159309/A27B8BFC613D11F0B036B836C4F9AE02/b0XbXSi7uaZT-C0c94J6WYN2RfM.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:f5:9f:29:61:d3:02:bf:f1:e9:bb:16:9c:08:3d:99:c9:15:
         ba:db:80:a7:4f:f8:f7:49:b0:77:0b:f3:d0:3c:c1:3a:43:12:
         a1:98:b3:93:26:95:1b:6c:ae:7e:95:76:31:57:46:eb:a6:4d:
         e2:85:01:32:c8:23:56:1e:d5:81:9b:30:a3:b1:e7:c9:2c:83:
         43:89:01:a7:5a:77:42:db:1d:cd:44:c5:07:ef:62:37:88:27:
         7f:24:84:95:cb:2e:33:87:91:9c:78:a2:aa:f6:36:5e:26:51:
         65:e6:e9:f0:57:e2:33:0d:cf:2e:a8:fe:2c:94:9d:79:3d:5b:
         86:8a:c2:cc:b8:ab:60:f4:78:e8:44:49:31:a0:88:20:5a:23:
         9d:29:2b:c0:60:52:5a:f3:8f:7a:ac:74:0a:74:8c:5d:e8:cc:
         57:80:1b:5b:71:af:02:e3:4e:50:25:f6:3a:5f:41:27:1f:3c:
         d9:bc:4f:1e:f1:af:be:42:ee:39:c6:7f:2c:19:9b:a3:22:37:
         46:5f:c2:a9:e1:16:95:21:54:80:b2:6f:46:be:dd:80:88:ff:
         f9:d4:54:1f:8d:29:06:7d:32:94:be:f2:56:06:14:bf:4e:75:
         9e:cd:c2:35:7f:f7:fe:48:11:82:c8:3b:98:16:b9:16:f2:47:
         4a:26:c3:c0
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBBTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
OTMwOTExMC8GA1UEBRMoNkY0NURCNUQyOEJCQjlBNjUzRjgyRDFDRjc4MjdBNTk4
Mzc2NDVGMzAeFw0yNTA3MjEwODIzMzlaFw0yNTA3MjgwODIzMzlaMBgxFjAUBgNV
BAMTDTY4N2RmOTBiLTllOWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDfjYW8Ykdi22fTrfJe4nw71JMN8nh2vVYO/G3PJzRZfboqQfBr1DE84io2v+JI
EYs6EzSPiRyNZ3MOLvg31DuPxV2yFL1+86XD6L1uNPCmQsPRylpPqNHOBKpj0fQJ
7TBqGGWj+xkW3h1FBKm3y2UBfqLsJquJ1+Sy6Cz1ZsJL6m0I1O+VM92fllSg0R2D
GQ7yZx+c8Bnc+paU4qOhgT5UwV03U4qnS+HlWney+TDlkX+JR6zKAnIudIdCvpt+
QXT/Tv8FV2LcoVSRokPfI4EBqOMoWvTOJcIZvTXqdtLrmmiULvtuCAwEnCGGaOWW
XdCW3CA4eo/J3Gwb6EdkcA+rAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUIriMqP27
zOPnNdCEqy8cgYlFiBcwHwYDVR0jBBgwFoAUb0XbXSi7uaZT+C0c94J6WYN2RfMw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU5MzA5L0EyN0I4QkZDNjEz
RDExRjBCMDM2QjgzNkM0RjlBRTAyL2IwWGJYU2k3dWFaVC1DMGM5NEo2V1lOMlJm
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvYjBYYlhTaTd1YVpULUMwYzk0SjZXWU4yUmZNLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL
hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU5
MzA5L0EyN0I4QkZDNjEzRDExRjBCMDM2QjgzNkM0RjlBRTAyL2IwWGJYU2k3dWFa
VC1DMGM5NEo2V1lOMlJmTS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h
cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA
MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL
BQADggEBAAz1nylh0wK/8em7FpwIPZnJFbrbgKdP+PdJsHcL89A8wTpDEqGYs5Mm
lRtsrn6VdjFXRuumTeKFATLII1Ye1YGbMKOx58ksg0OJAadad0LbHc1ExQfvYjeI
J38khJXLLjOHkZx4oqr2Nl4mUWXm6fBX4jMNzy6o/iyUnXk9W4aKwsy4q2D0eOhE
STGgiCBaI50pK8BgUlrzj3qsdAp0jF3ozFeAG1txrwLjTlAl9jpfQScfPNm8Tx7x
r75C7jnGfywZm6MiN0ZfwqnhFpUhVICyb0a+3YCI//nUVB+NKQZ9MpS+8lYGFL9O
dZ7NwjV/9/5IEYLIO5gWuRbyR0omw8A=
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:32:19 2025 by rpki-client