Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9167CB5/FA37C63E225611EFB7561F46C4F9AE02/-oEfUuUZWkKdcG0ZwAMjfDIJqjc.mft
File:                     -oEfUuUZWkKdcG0ZwAMjfDIJqjc.mft (raw, json)
Hash identifier:          5zc9TBicnbRiqcISr22RS298/zu4EhoGqEKFV9566hc=
Subject key identifier:   59:B9:2C:74:89:F7:E3:1B:58:F9:E6:A8:3A:EF:35:D8:CB:5A:11:B8
Authority key identifier: FA:81:1F:52:E5:19:5A:42:9D:70:6D:19:C0:03:23:7C:32:09:AA:37
Certificate issuer:       /CN=A9167CB5/serialNumber=FA811F52E5195A429D706D19C003237C3209AA37
Certificate serial:       D7
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-oEfUuUZWkKdcG0ZwAMjfDIJqjc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9167CB5/FA37C63E225611EFB7561F46C4F9AE02/-oEfUuUZWkKdcG0ZwAMjfDIJqjc.mft
Manifest number:          D5
Signing time:             Wed 23 Jul 2025 05:53:53 +0000
Manifest this update:     Wed 23 Jul 2025 05:53:53 +0000
Manifest next update:     Wed 30 Jul 2025 05:53:53 +0000
Files and hashes:         1: -oEfUuUZWkKdcG0ZwAMjfDIJqjc.crl (hash: MI3fpklogxfoUUVVupwoUCyr0H+wytqhiAGyVFjfaBA=)
                          2: D16A1B5C225711EF975F6747C4F9AE02.roa (hash: Oq3D4ezYunPFGiMcUlxoGy2jtufjcwOjdtjOKgqjtFk=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9167CB5/FA37C63E225611EFB7561F46C4F9AE02/-oEfUuUZWkKdcG0ZwAMjfDIJqjc.crl
                          rsync://rpki.apnic.net/member_repository/A9167CB5/FA37C63E225611EFB7561F46C4F9AE02/-oEfUuUZWkKdcG0ZwAMjfDIJqjc.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-oEfUuUZWkKdcG0ZwAMjfDIJqjc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 30 Jul 2025 05:53:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 215 (0xd7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9167CB5, serialNumber=FA811F52E5195A429D706D19C003237C3209AA37
        Validity
            Not Before: Jul 23 05:53:53 2025 GMT
            Not After : Jul 30 05:53:53 2025 GMT
        Subject: CN=688078f1-4095
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:c8:9b:7e:0b:98:fb:30:c3:5c:a5:e3:14:f9:
                    aa:a7:f4:b0:d0:bc:50:37:ed:26:60:ab:b7:fe:7c:
                    ad:29:16:a0:b1:82:89:17:b1:34:f0:1e:04:8c:21:
                    f2:c1:63:73:c7:55:aa:3d:cc:3c:2b:04:d4:f3:4f:
                    b5:f2:12:d5:3f:4e:b2:87:97:f3:5c:50:67:71:ab:
                    62:bb:f2:41:0e:98:93:7f:8b:f3:24:4f:f8:24:5c:
                    db:98:c6:69:66:aa:15:ab:44:6d:2a:e8:f1:2b:bc:
                    ad:61:c8:6e:eb:85:31:41:f3:68:13:c5:b4:39:9b:
                    6d:1f:87:44:5b:df:4d:bd:8f:ac:22:da:0c:c9:ba:
                    c7:be:f0:ae:12:5b:8b:11:e4:3c:3a:96:a1:eb:ac:
                    54:96:71:62:23:18:8b:4a:f8:f6:0b:3f:11:71:78:
                    5b:a6:7a:1a:35:09:3b:f1:e3:7f:6e:33:38:f4:e3:
                    ab:fe:0f:23:45:ba:52:72:81:8d:e2:2a:4b:78:03:
                    35:95:5f:21:c4:fb:78:42:5f:20:11:a5:39:55:76:
                    0d:13:18:7e:66:10:11:49:6c:6f:94:82:2f:cf:1d:
                    11:a6:96:d6:12:e0:d5:66:71:33:83:d7:e1:5b:bd:
                    67:68:76:55:e8:9d:04:dd:e1:a0:54:a0:66:90:28:
                    62:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:B9:2C:74:89:F7:E3:1B:58:F9:E6:A8:3A:EF:35:D8:CB:5A:11:B8
            X509v3 Authority Key Identifier:
                keyid:FA:81:1F:52:E5:19:5A:42:9D:70:6D:19:C0:03:23:7C:32:09:AA:37

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9167CB5/FA37C63E225611EFB7561F46C4F9AE02/-oEfUuUZWkKdcG0ZwAMjfDIJqjc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-oEfUuUZWkKdcG0ZwAMjfDIJqjc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9167CB5/FA37C63E225611EFB7561F46C4F9AE02/-oEfUuUZWkKdcG0ZwAMjfDIJqjc.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:47:fc:00:a9:69:e0:7f:33:23:74:ca:b4:ff:1a:27:b0:2a:
         80:22:72:e8:88:1c:0f:19:ba:fb:3b:d3:27:3b:4e:5c:e0:ce:
         36:80:4c:87:11:eb:ec:fc:1f:2c:0d:ae:8b:40:18:ef:69:47:
         12:94:c1:0d:da:c4:a6:e9:9f:f5:dc:fc:2f:47:3f:3c:1f:fd:
         3e:d4:28:83:d7:7f:07:fd:35:53:a8:c8:e1:e3:29:26:87:31:
         8c:03:75:f2:a4:03:f5:d2:d8:6c:63:f7:4a:ac:41:85:8d:43:
         d4:77:39:dd:f4:ca:f4:93:36:d5:d7:45:c3:60:e4:36:6a:7c:
         d7:f4:ba:f4:03:8a:f7:cc:f4:96:c9:62:4a:3f:9a:33:22:9d:
         c2:83:b3:6c:af:a4:49:58:52:da:4c:c2:b6:9d:0a:aa:cd:25:
         d8:56:69:9f:fd:c5:56:10:0a:40:54:10:28:a7:3c:2b:9e:14:
         93:63:39:80:6b:8b:79:66:0f:47:fc:2e:ad:82:ea:3c:70:0b:
         69:3f:7f:e3:a0:dd:db:69:a0:35:12:70:ae:bf:53:7e:5a:e2:
         d4:09:cf:9c:40:45:09:6a:e2:ec:d3:15:c4:92:94:9a:3d:59:
         7e:45:39:35:83:78:40:02:d8:96:f5:11:88:59:1a:78:3a:e7:
         f1:e8:b5:ce
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICANcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjdDQjUxMTAvBgNVBAUTKEZBODExRjUyRTUxOTVBNDI5RDcwNkQxOUMwMDMyMzdD
MzIwOUFBMzcwHhcNMjUwNzIzMDU1MzUzWhcNMjUwNzMwMDU1MzUzWjAYMRYwFAYD
VQQDEw02ODgwNzhmMS00MDk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr8ibfguY+zDDXKXjFPmqp/Sw0LxQN+0mYKu3/nytKRagsYKJF7E08B4EjCHy
wWNzx1WqPcw8KwTU80+18hLVP06yh5fzXFBncatiu/JBDpiTf4vzJE/4JFzbmMZp
ZqoVq0RtKujxK7ytYchu64UxQfNoE8W0OZttH4dEW99NvY+sItoMybrHvvCuEluL
EeQ8Opah66xUlnFiIxiLSvj2Cz8RcXhbpnoaNQk78eN/bjM49OOr/g8jRbpScoGN
4ipLeAM1lV8hxPt4Ql8gEaU5VXYNExh+ZhARSWxvlIIvzx0RppbWEuDVZnEzg9fh
W71naHZV6J0E3eGgVKBmkChiuQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFm5LHSJ
9+MbWPnmqDrvNdjLWhG4MB8GA1UdIwQYMBaAFPqBH1LlGVpCnXBtGcADI3wyCao3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2N0NCNS9GQTM3QzYzRTIy
NTYxMUVGQjc1NjFGNDZDNEY5QUUwMi8tb0VmVXVVWldrS2RjRzBad0FNamZESUpx
amMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLy1vRWZVdVVaV2tLZGNHMFp3QU1qZkRJSnFqYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
N0NCNS9GQTM3QzYzRTIyNTYxMUVGQjc1NjFGNDZDNEY5QUUwMi8tb0VmVXVVWldr
S2RjRzBad0FNamZESUpxamMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCSR/wAqWngfzMjdMq0/xonsCqAInLoiBwPGbr7O9MnO05c4M42gEyH
Eevs/B8sDa6LQBjvaUcSlMEN2sSm6Z/13PwvRz88H/0+1CiD138H/TVTqMjh4ykm
hzGMA3XypAP10thsY/dKrEGFjUPUdznd9Mr0kzbV10XDYOQ2anzX9Lr0A4r3zPSW
yWJKP5ozIp3Cg7Nsr6RJWFLaTMK2nQqqzSXYVmmf/cVWEApAVBAopzwrnhSTYzmA
a4t5Zg9H/C6tguo8cAtpP3/joN3baaA1EnCuv1N+WuLUCc+cQEUJauLs0xXEkpSa
PVl+RTk1g3hAAtiW9RGIWRp4Oufx6LXO
-----END CERTIFICATE-----
Generated at Thu Jul 24 05:04:54 2025 by rpki-client