Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9167CB5/FA37C63E225611EFB7561F46C4F9AE02/-oEfUuUZWkKdcG0ZwAMjfDIJqjc.mft
File:                     -oEfUuUZWkKdcG0ZwAMjfDIJqjc.mft (raw, json)
Hash identifier:          PWLBEY3N7FDIWICpOsWJ5/oPzJWFTPVRGX41aQ1Q4Zs=
Subject key identifier:   17:DB:7C:68:C4:4B:9D:D7:75:43:DF:F6:E0:E7:35:59:C8:7E:86:18
Authority key identifier: FA:81:1F:52:E5:19:5A:42:9D:70:6D:19:C0:03:23:7C:32:09:AA:37
Certificate issuer:       /CN=A9167CB5/serialNumber=FA811F52E5195A429D706D19C003237C3209AA37
Certificate serial:       D6
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-oEfUuUZWkKdcG0ZwAMjfDIJqjc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9167CB5/FA37C63E225611EFB7561F46C4F9AE02/-oEfUuUZWkKdcG0ZwAMjfDIJqjc.mft
Manifest number:          D4
Signing time:             Mon 21 Jul 2025 05:45:10 +0000
Manifest this update:     Mon 21 Jul 2025 05:45:09 +0000
Manifest next update:     Mon 28 Jul 2025 05:45:09 +0000
Files and hashes:         1: -oEfUuUZWkKdcG0ZwAMjfDIJqjc.crl (hash: s/nbtJhR237k5cTDsQbA8TdvP1UN2Tc+Bd+nxHw+G2c=)
                          2: D16A1B5C225711EF975F6747C4F9AE02.roa (hash: Oq3D4ezYunPFGiMcUlxoGy2jtufjcwOjdtjOKgqjtFk=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9167CB5/FA37C63E225611EFB7561F46C4F9AE02/-oEfUuUZWkKdcG0ZwAMjfDIJqjc.crl
                          rsync://rpki.apnic.net/member_repository/A9167CB5/FA37C63E225611EFB7561F46C4F9AE02/-oEfUuUZWkKdcG0ZwAMjfDIJqjc.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-oEfUuUZWkKdcG0ZwAMjfDIJqjc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 28 Jul 2025 05:45:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 214 (0xd6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9167CB5, serialNumber=FA811F52E5195A429D706D19C003237C3209AA37
        Validity
            Not Before: Jul 21 05:45:09 2025 GMT
            Not After : Jul 28 05:45:09 2025 GMT
        Subject: CN=687dd3e5-235d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:43:76:7d:8f:77:bc:a2:a6:b6:ad:77:aa:1b:
                    29:9b:80:8f:be:bd:b5:85:8d:53:de:7b:48:24:2e:
                    33:8e:3d:db:46:6e:4b:b4:61:c4:84:c1:8d:1a:1b:
                    15:71:a4:eb:50:43:8e:86:e2:7b:11:9c:63:b8:47:
                    ea:5d:83:24:6e:35:4e:48:99:50:85:bd:be:96:ca:
                    53:31:cc:60:72:f9:f0:91:8e:72:e9:59:9a:c6:4d:
                    f9:f9:6d:3a:89:53:1a:1a:5c:da:d0:6e:52:50:3d:
                    f1:71:e1:c5:ff:74:63:aa:1e:93:85:e6:fb:00:7d:
                    e7:a5:d9:a9:41:82:86:3d:12:f8:3c:d0:2a:e7:cd:
                    f1:2d:b0:7a:05:db:19:b5:0a:24:c3:d4:ba:97:f7:
                    16:71:c8:21:01:c3:3b:84:85:d5:20:31:54:77:34:
                    f7:83:e3:7b:5e:f5:a0:73:27:84:f1:10:bb:98:7b:
                    84:1f:64:7e:b6:95:53:fa:f0:70:43:8e:0c:be:7d:
                    0b:ed:37:eb:9e:69:a0:55:15:88:80:82:ae:b9:a7:
                    17:34:85:04:6f:b6:8c:5f:1f:ae:e3:d8:20:37:3b:
                    c7:b9:a5:4c:d1:44:ec:5c:40:e6:23:0f:9d:05:46:
                    1e:f5:14:bd:c9:22:d1:7d:86:48:92:b8:98:d1:23:
                    cd:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:DB:7C:68:C4:4B:9D:D7:75:43:DF:F6:E0:E7:35:59:C8:7E:86:18
            X509v3 Authority Key Identifier:
                keyid:FA:81:1F:52:E5:19:5A:42:9D:70:6D:19:C0:03:23:7C:32:09:AA:37

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9167CB5/FA37C63E225611EFB7561F46C4F9AE02/-oEfUuUZWkKdcG0ZwAMjfDIJqjc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-oEfUuUZWkKdcG0ZwAMjfDIJqjc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9167CB5/FA37C63E225611EFB7561F46C4F9AE02/-oEfUuUZWkKdcG0ZwAMjfDIJqjc.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:16:12:16:ea:26:60:29:70:be:84:8f:7f:56:b7:9e:41:91:
         f1:20:cb:59:e5:ac:eb:5a:48:65:7d:b7:61:03:8b:01:04:54:
         14:bb:17:24:b4:15:d1:22:9f:be:32:e5:38:29:97:82:6f:31:
         c2:d0:76:b9:a0:f1:9d:62:53:34:ca:ce:af:33:44:b7:7e:e1:
         80:24:03:e8:86:68:c1:60:e0:55:92:04:90:6e:e8:67:f1:d7:
         2f:d4:74:01:14:5a:18:12:38:25:b3:72:ae:32:88:6c:db:a4:
         8d:2c:7d:19:b3:5e:33:20:ab:0d:84:03:8b:a4:2e:6e:43:a0:
         6f:90:31:95:c3:9a:57:c1:8e:88:22:91:d5:c8:19:8a:3a:ab:
         8e:ba:a2:9b:5c:42:d6:7e:d2:3a:78:01:09:19:d0:6e:b0:73:
         46:fb:b2:42:05:03:96:03:0a:3e:be:d0:fe:c2:f8:90:0a:02:
         5b:b0:0d:9b:7d:79:e3:77:b0:6f:94:35:5e:23:c9:8b:0b:4a:
         d0:be:de:43:31:6d:ba:96:6b:36:66:27:3f:7e:3d:38:96:c1:
         59:79:ba:b5:5f:38:e2:79:b2:31:ae:5d:5e:01:f7:00:6a:02:
         f7:b1:f6:b0:0e:01:03:36:03:d6:27:e6:94:80:07:92:40:86:
         a8:e9:8b:20
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICANYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjdDQjUxMTAvBgNVBAUTKEZBODExRjUyRTUxOTVBNDI5RDcwNkQxOUMwMDMyMzdD
MzIwOUFBMzcwHhcNMjUwNzIxMDU0NTA5WhcNMjUwNzI4MDU0NTA5WjAYMRYwFAYD
VQQDEw02ODdkZDNlNS0yMzVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4kN2fY93vKKmtq13qhspm4CPvr21hY1T3ntIJC4zjj3bRm5LtGHEhMGNGhsV
caTrUEOOhuJ7EZxjuEfqXYMkbjVOSJlQhb2+lspTMcxgcvnwkY5y6Vmaxk35+W06
iVMaGlza0G5SUD3xceHF/3Rjqh6Theb7AH3npdmpQYKGPRL4PNAq583xLbB6BdsZ
tQokw9S6l/cWccghAcM7hIXVIDFUdzT3g+N7XvWgcyeE8RC7mHuEH2R+tpVT+vBw
Q44Mvn0L7TfrnmmgVRWIgIKuuacXNIUEb7aMXx+u49ggNzvHuaVM0UTsXEDmIw+d
BUYe9RS9ySLRfYZIkriY0SPN3QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBfbfGjE
S53XdUPf9uDnNVnIfoYYMB8GA1UdIwQYMBaAFPqBH1LlGVpCnXBtGcADI3wyCao3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2N0NCNS9GQTM3QzYzRTIy
NTYxMUVGQjc1NjFGNDZDNEY5QUUwMi8tb0VmVXVVWldrS2RjRzBad0FNamZESUpx
amMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLy1vRWZVdVVaV2tLZGNHMFp3QU1qZkRJSnFqYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
N0NCNS9GQTM3QzYzRTIyNTYxMUVGQjc1NjFGNDZDNEY5QUUwMi8tb0VmVXVVWldr
S2RjRzBad0FNamZESUpxamMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAWFhIW6iZgKXC+hI9/VreeQZHxIMtZ5azrWkhlfbdhA4sBBFQUuxck
tBXRIp++MuU4KZeCbzHC0Ha5oPGdYlM0ys6vM0S3fuGAJAPohmjBYOBVkgSQbuhn
8dcv1HQBFFoYEjgls3KuMohs26SNLH0Zs14zIKsNhAOLpC5uQ6BvkDGVw5pXwY6I
IpHVyBmKOquOuqKbXELWftI6eAEJGdBusHNG+7JCBQOWAwo+vtD+wviQCgJbsA2b
fXnjd7BvlDVeI8mLC0rQvt5DMW26lms2Zic/fj04lsFZebq1XzjiebIxrl1eAfcA
agL3sfawDgEDNgPWJ+aUgAeSQIao6Ysg
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:34:34 2025 by rpki-client