Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A916B02F/D7C33AB87FBB11EEA6983925C4F9AE02/h_MbIBvdGHWBVAxbi4ZEOMKZkLk.mft
File:                     h_MbIBvdGHWBVAxbi4ZEOMKZkLk.mft (raw, json)
Hash identifier:          XWkQ6QRyMB/UXZ3GUCYbrMLSkRD+bNPM5Kck7pnSYJI=
Subject key identifier:   75:3B:F1:B1:76:33:26:78:74:E3:11:04:3F:D8:F8:D4:C8:EB:D9:6A
Authority key identifier: 87:F3:1B:20:1B:DD:18:75:81:54:0C:5B:8B:86:44:38:C2:99:90:B9
Certificate issuer:       /CN=A916B02F/serialNumber=87F31B201BDD187581540C5B8B864438C29990B9
Certificate serial:       0146
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h_MbIBvdGHWBVAxbi4ZEOMKZkLk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A916B02F/D7C33AB87FBB11EEA6983925C4F9AE02/h_MbIBvdGHWBVAxbi4ZEOMKZkLk.mft
Manifest number:          0142
Signing time:             Fri 25 Jul 2025 04:35:48 +0000
Manifest this update:     Fri 25 Jul 2025 04:35:48 +0000
Manifest next update:     Fri 01 Aug 2025 04:35:48 +0000
Files and hashes:         1: h_MbIBvdGHWBVAxbi4ZEOMKZkLk.crl (hash: a3fMWRezeLn56Refmg9A+hnY0ph6cT9r7zXBZtpTfsI=)
                          2: 27178D9E7FBC11EEAF80B825C4F9AE02.roa (hash: lQYmsDBc3UpFQI5bvRZLM1pLBA2w7erJcueIAfvmPc0=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A916B02F/D7C33AB87FBB11EEA6983925C4F9AE02/h_MbIBvdGHWBVAxbi4ZEOMKZkLk.crl
                          rsync://rpki.apnic.net/member_repository/A916B02F/D7C33AB87FBB11EEA6983925C4F9AE02/h_MbIBvdGHWBVAxbi4ZEOMKZkLk.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h_MbIBvdGHWBVAxbi4ZEOMKZkLk.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 01 Aug 2025 04:35:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 326 (0x146)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A916B02F, serialNumber=87F31B201BDD187581540C5B8B864438C29990B9
        Validity
            Not Before: Jul 25 04:35:48 2025 GMT
            Not After : Aug  1 04:35:48 2025 GMT
        Subject: CN=688309a4-43f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:29:01:18:1d:dd:20:0e:4d:e5:ba:e6:6a:31:
                    05:63:73:b3:1c:0c:49:16:72:5d:69:a4:a5:66:e0:
                    26:b6:bc:81:63:76:4f:fa:e2:2d:6b:2e:e0:b6:5d:
                    4a:db:67:62:cb:7c:ae:33:a5:99:80:24:cc:3b:82:
                    2b:55:5b:2e:67:11:42:ba:2d:76:95:00:34:9c:60:
                    0b:ec:e2:df:6d:e1:e5:ce:1d:c9:21:69:ba:38:50:
                    03:5b:6c:40:7c:41:7d:43:1a:5f:35:e1:8c:04:26:
                    7a:7d:88:75:32:bb:34:f0:e4:01:b6:20:8a:01:5c:
                    ae:51:72:74:cf:5e:02:c5:40:d1:5e:a0:32:39:23:
                    bc:c2:b0:c3:a9:3a:0d:79:72:73:9d:04:80:84:86:
                    03:d9:59:93:98:b5:6b:57:9c:3a:46:82:18:0a:de:
                    d1:35:22:5e:9c:ae:88:5e:38:21:99:33:7c:38:c4:
                    2a:33:75:84:99:1a:d5:b4:57:5b:a3:66:85:c2:92:
                    4b:c8:ad:e7:6c:b4:02:53:08:31:c8:da:cc:ce:8b:
                    5b:91:44:30:0d:b5:45:aa:a6:d4:6d:7a:23:3b:a8:
                    31:91:97:35:75:bd:bb:80:e6:76:13:6c:de:a5:a7:
                    77:87:a1:e6:37:f7:77:d1:6b:0b:90:fa:24:a4:ef:
                    4f:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:3B:F1:B1:76:33:26:78:74:E3:11:04:3F:D8:F8:D4:C8:EB:D9:6A
            X509v3 Authority Key Identifier:
                keyid:87:F3:1B:20:1B:DD:18:75:81:54:0C:5B:8B:86:44:38:C2:99:90:B9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A916B02F/D7C33AB87FBB11EEA6983925C4F9AE02/h_MbIBvdGHWBVAxbi4ZEOMKZkLk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h_MbIBvdGHWBVAxbi4ZEOMKZkLk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916B02F/D7C33AB87FBB11EEA6983925C4F9AE02/h_MbIBvdGHWBVAxbi4ZEOMKZkLk.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:3a:b7:97:b1:9b:52:28:40:ac:cc:f2:dc:1c:db:cc:a9:9f:
         61:dc:cf:09:01:6e:87:c0:00:5b:e1:e6:42:34:57:11:d7:71:
         2f:c2:ac:89:29:b8:e7:c2:87:eb:d2:42:14:29:30:ee:ca:8b:
         02:b7:81:3d:20:8b:35:e2:a1:51:8a:88:41:ed:5d:fb:cf:c3:
         70:c8:7d:d5:41:4b:03:9d:b4:59:2a:5f:01:3c:77:e5:f6:df:
         c6:f0:a6:ea:73:ae:82:13:cb:2b:72:18:e1:d1:8d:e7:8c:56:
         52:2b:e4:e8:fe:dd:7d:dd:8f:cd:af:ee:2c:b0:30:a3:17:66:
         9d:62:a1:fe:a3:07:ff:1c:ec:77:b7:55:85:60:0c:08:b1:c8:
         42:e0:66:77:55:ba:7e:e1:26:a2:f4:50:13:16:e0:9a:4f:d4:
         f9:14:0b:9d:4f:b1:65:3a:72:4b:fd:f7:ee:02:b3:06:61:59:
         0a:c8:d9:43:b5:c8:39:cd:0c:13:58:51:f2:06:59:2a:00:b1:
         1f:92:5f:12:c7:65:51:b0:ef:d7:7c:98:9e:4b:fc:42:9f:85:
         f9:22:7a:42:cb:47:4b:9f:48:e4:be:92:2f:99:79:65:64:05:
         06:c6:e8:41:26:28:76:8c:b9:55:81:aa:ec:0d:76:d7:f4:9e:
         78:5b:ba:ef
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAUYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkIwMkYxMTAvBgNVBAUTKDg3RjMxQjIwMUJERDE4NzU4MTU0MEM1QjhCODY0NDM4
QzI5OTkwQjkwHhcNMjUwNzI1MDQzNTQ4WhcNMjUwODAxMDQzNTQ4WjAYMRYwFAYD
VQQDEw02ODgzMDlhNC00M2Y5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsSkBGB3dIA5N5brmajEFY3OzHAxJFnJdaaSlZuAmtryBY3ZP+uItay7gtl1K
22diy3yuM6WZgCTMO4IrVVsuZxFCui12lQA0nGAL7OLfbeHlzh3JIWm6OFADW2xA
fEF9QxpfNeGMBCZ6fYh1Mrs08OQBtiCKAVyuUXJ0z14CxUDRXqAyOSO8wrDDqToN
eXJznQSAhIYD2VmTmLVrV5w6RoIYCt7RNSJenK6IXjghmTN8OMQqM3WEmRrVtFdb
o2aFwpJLyK3nbLQCUwgxyNrMzotbkUQwDbVFqqbUbXojO6gxkZc1db27gOZ2E2ze
pad3h6HmN/d30WsLkPokpO9PCwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHU78bF2
MyZ4dOMRBD/Y+NTI69lqMB8GA1UdIwQYMBaAFIfzGyAb3Rh1gVQMW4uGRDjCmZC5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QjAyRi9EN0MzM0FCODdG
QkIxMUVFQTY5ODM5MjVDNEY5QUUwMi9oX01iSUJ2ZEdIV0JWQXhiaTRaRU9NS1pr
TGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2hfTWJJQnZkR0hXQlZBeGJpNFpFT01LWmtMay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
QjAyRi9EN0MzM0FCODdGQkIxMUVFQTY5ODM5MjVDNEY5QUUwMi9oX01iSUJ2ZEdI
V0JWQXhiaTRaRU9NS1prTGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQA8OreXsZtSKECszPLcHNvMqZ9h3M8JAW6HwABb4eZCNFcR13EvwqyJ
Kbjnwofr0kIUKTDuyosCt4E9IIs14qFRiohB7V37z8NwyH3VQUsDnbRZKl8BPHfl
9t/G8Kbqc66CE8srchjh0Y3njFZSK+To/t193Y/Nr+4ssDCjF2adYqH+owf/HOx3
t1WFYAwIschC4GZ3Vbp+4Sai9FATFuCaT9T5FAudT7FlOnJL/ffuArMGYVkKyNlD
tcg5zQwTWFHyBlkqALEfkl8Sx2VRsO/XfJieS/xCn4X5InpCy0dLn0jkvpIvmXll
ZAUGxuhBJih2jLlVgarsDXbX9J54W7rv
-----END CERTIFICATE-----
Generated at Sat Jul 26 02:01:24 2025 by rpki-client