Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A916A071/280B09A483BE11EA8E1DF384C4F9AE02/zPKlJcCQFETKePBbk5LABFeVZ2E.mft
File:                     zPKlJcCQFETKePBbk5LABFeVZ2E.mft (raw, json)
Hash identifier:          KJCkaqpahHsP/gLhhmaUhelDDTUK15PawZtCIUYRHro=
Subject key identifier:   09:1C:2A:F3:7C:7F:71:CB:F5:F1:D8:5E:19:57:E5:45:2E:6F:AC:68
Authority key identifier: CC:F2:A5:25:C0:90:14:44:CA:78:F0:5B:93:92:C0:04:57:95:67:61
Certificate issuer:       /CN=A916A071/serialNumber=CCF2A525C0901444CA78F05B9392C00457956761
Certificate serial:       09DA
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zPKlJcCQFETKePBbk5LABFeVZ2E.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A916A071/280B09A483BE11EA8E1DF384C4F9AE02/zPKlJcCQFETKePBbk5LABFeVZ2E.mft
Manifest number:          09D3
Signing time:             Tue 22 Jul 2025 20:12:03 +0000
Manifest this update:     Tue 22 Jul 2025 20:12:03 +0000
Manifest next update:     Tue 29 Jul 2025 20:12:03 +0000
Files and hashes:         1: zPKlJcCQFETKePBbk5LABFeVZ2E.crl (hash: G3Z7EMYP4G1ir2DOkRdXRO2xIxZmqi/o1x1GqbfJSUs=)
                          2: 9BAC68CC83C211EABCB66612C4F9AE02.roa (hash: W5ePsoGWgomEoWgiTPJkjSegEKVfUxA0uguQndmw+Ac=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A916A071/280B09A483BE11EA8E1DF384C4F9AE02/zPKlJcCQFETKePBbk5LABFeVZ2E.crl
                          rsync://rpki.apnic.net/member_repository/A916A071/280B09A483BE11EA8E1DF384C4F9AE02/zPKlJcCQFETKePBbk5LABFeVZ2E.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zPKlJcCQFETKePBbk5LABFeVZ2E.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 29 Jul 2025 20:12:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2522 (0x9da)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A916A071, serialNumber=CCF2A525C0901444CA78F05B9392C00457956761
        Validity
            Not Before: Jul 22 20:12:03 2025 GMT
            Not After : Jul 29 20:12:03 2025 GMT
        Subject: CN=687ff093-9158
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:0d:38:86:ff:aa:0e:e1:cd:9c:31:79:82:6c:
                    1e:2c:22:d6:c4:59:85:96:39:69:fd:ed:19:97:71:
                    ee:87:fe:f4:77:75:ce:7f:bd:ae:e1:f3:19:1b:f9:
                    42:ea:ff:7b:70:fd:48:0d:f7:f2:73:7c:54:33:28:
                    c9:15:38:8c:da:7c:08:b5:62:bb:59:9f:38:1f:65:
                    25:59:41:d2:7d:ba:33:e1:eb:6d:15:2e:52:8e:6b:
                    d2:30:1f:7d:2a:e6:da:7c:de:eb:b1:77:e2:23:d0:
                    c5:c0:c6:ef:b3:eb:9f:35:e0:d2:41:86:82:e4:83:
                    a1:f4:f9:5b:95:4e:da:1d:ae:bc:5a:dd:3f:eb:8b:
                    3a:14:ed:e3:db:77:ac:01:07:64:e6:a6:fc:d1:57:
                    fb:25:06:36:fe:c7:9e:9e:f9:00:7b:f3:a2:2d:90:
                    0f:95:15:2d:af:07:97:c9:c8:11:7d:49:1c:6c:fe:
                    f3:17:b6:55:bc:b5:b6:e0:43:42:5f:34:08:75:61:
                    f5:ac:4d:68:33:4e:f8:02:96:bd:63:fc:80:8a:6d:
                    40:55:b6:c1:c5:b2:8b:3a:8b:dc:26:d3:3e:f3:59:
                    ed:dc:82:f4:0d:9f:5b:0a:10:f5:7b:db:89:6b:0a:
                    c0:2a:4e:ea:ab:b2:fd:77:2d:16:4d:7b:81:26:af:
                    aa:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:1C:2A:F3:7C:7F:71:CB:F5:F1:D8:5E:19:57:E5:45:2E:6F:AC:68
            X509v3 Authority Key Identifier:
                keyid:CC:F2:A5:25:C0:90:14:44:CA:78:F0:5B:93:92:C0:04:57:95:67:61

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A916A071/280B09A483BE11EA8E1DF384C4F9AE02/zPKlJcCQFETKePBbk5LABFeVZ2E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zPKlJcCQFETKePBbk5LABFeVZ2E.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916A071/280B09A483BE11EA8E1DF384C4F9AE02/zPKlJcCQFETKePBbk5LABFeVZ2E.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:5e:d9:71:f1:3c:4e:30:9e:d1:43:c9:13:08:c7:51:7d:2e:
         88:7c:be:75:0f:d5:11:4f:ab:bc:bc:ae:0c:83:bc:58:be:5d:
         e6:bb:b8:94:af:33:90:fd:d0:5e:1f:0d:e8:f4:06:ab:67:ae:
         62:18:50:cf:22:cc:07:bf:d1:50:5c:db:dd:7d:cf:74:ef:60:
         f2:19:b2:c3:d7:c7:59:07:4a:d3:42:5e:e0:b5:bc:f2:48:84:
         9b:e8:56:9e:78:59:f5:0c:83:1d:a1:c3:a3:40:cf:c6:2b:14:
         8d:ee:8f:cd:b0:9a:50:37:63:81:31:35:8b:f3:da:9b:a3:57:
         89:a7:c2:7d:cd:f7:09:29:6e:ed:6b:1b:41:d8:4f:de:4e:b0:
         6f:ef:df:30:fb:e1:1c:1a:59:3c:ff:39:0c:ad:43:98:8b:b6:
         76:12:9e:1e:24:6c:25:e8:ba:b3:ae:f1:ec:7d:71:84:8f:97:
         00:af:47:2f:3b:00:c0:94:a6:63:4c:b2:36:1c:05:c3:c8:7d:
         9e:ff:d2:25:5d:b6:82:9f:1c:d6:ef:9c:ec:5e:79:42:df:ea:
         1b:99:87:05:42:26:25:90:43:a7:e4:dd:d9:ab:4d:bd:30:f0:
         08:85:aa:a3:74:f2:a5:97:9f:2a:7a:89:b5:3d:99:8f:6e:7c:
         98:4f:64:14
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCdowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkEwNzExMTAvBgNVBAUTKENDRjJBNTI1QzA5MDE0NDRDQTc4RjA1QjkzOTJDMDA0
NTc5NTY3NjEwHhcNMjUwNzIyMjAxMjAzWhcNMjUwNzI5MjAxMjAzWjAYMRYwFAYD
VQQDEw02ODdmZjA5My05MTU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0g04hv+qDuHNnDF5gmweLCLWxFmFljlp/e0Zl3Huh/70d3XOf72u4fMZG/lC
6v97cP1IDffyc3xUMyjJFTiM2nwItWK7WZ84H2UlWUHSfboz4ettFS5SjmvSMB99
KubafN7rsXfiI9DFwMbvs+ufNeDSQYaC5IOh9PlblU7aHa68Wt0/64s6FO3j23es
AQdk5qb80Vf7JQY2/seenvkAe/OiLZAPlRUtrweXycgRfUkcbP7zF7ZVvLW24ENC
XzQIdWH1rE1oM074Apa9Y/yAim1AVbbBxbKLOovcJtM+81nt3IL0DZ9bChD1e9uJ
awrAKk7qq7L9dy0WTXuBJq+q5wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAkcKvN8
f3HL9fHYXhlX5UUub6xoMB8GA1UdIwQYMBaAFMzypSXAkBREynjwW5OSwARXlWdh
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QTA3MS8yODBCMDlBNDgz
QkUxMUVBOEUxREYzODRDNEY5QUUwMi96UEtsSmNDUUZFVEtlUEJiazVMQUJGZVZa
MkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3pQS2xKY0NRRkVUS2VQQmJrNUxBQkZlVloyRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
QTA3MS8yODBCMDlBNDgzQkUxMUVBOEUxREYzODRDNEY5QUUwMi96UEtsSmNDUUZF
VEtlUEJiazVMQUJGZVZaMkUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQB5Xtlx8TxOMJ7RQ8kTCMdRfS6IfL51D9URT6u8vK4Mg7xYvl3mu7iU
rzOQ/dBeHw3o9AarZ65iGFDPIswHv9FQXNvdfc9072DyGbLD18dZB0rTQl7gtbzy
SISb6FaeeFn1DIMdocOjQM/GKxSN7o/NsJpQN2OBMTWL89qbo1eJp8J9zfcJKW7t
axtB2E/eTrBv798w++EcGlk8/zkMrUOYi7Z2Ep4eJGwl6LqzrvHsfXGEj5cAr0cv
OwDAlKZjTLI2HAXDyH2e/9IlXbaCnxzW75zsXnlC3+obmYcFQiYlkEOn5N3Zq029
MPAIhaqjdPKll58qeom1PZmPbnyYT2QU
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:27:08 2025 by rpki-client