Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9171AD3/0BC4F840C1B211EA83278767C4F9AE02/3qB5KN5ChJYNLNXo50cChCYLMmY.mft
File:                     3qB5KN5ChJYNLNXo50cChCYLMmY.mft (raw, json)
Hash identifier:          U6b7DLiJ8BCBcWHHdnxfr6nSXgPimg3EKfPFhesuKZA=
Subject key identifier:   84:4D:00:3F:27:51:73:C8:2C:70:CD:4F:ED:4D:90:C0:84:6B:D8:3A
Authority key identifier: DE:A0:79:28:DE:42:84:96:0D:2C:D5:E8:E7:47:02:84:26:0B:32:66
Certificate issuer:       /CN=A9171AD3/serialNumber=DEA07928DE4284960D2CD5E8E7470284260B3266
Certificate serial:       08A4
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3qB5KN5ChJYNLNXo50cChCYLMmY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9171AD3/0BC4F840C1B211EA83278767C4F9AE02/3qB5KN5ChJYNLNXo50cChCYLMmY.mft
Manifest number:          089B
Signing time:             Thu 24 Jul 2025 20:45:19 +0000
Manifest this update:     Thu 24 Jul 2025 20:45:18 +0000
Manifest next update:     Thu 31 Jul 2025 20:45:18 +0000
Files and hashes:         1: 3qB5KN5ChJYNLNXo50cChCYLMmY.crl (hash: kfxper2uds8k7q5iqlWTuCYho9GuCgIf3jT8zbETbNU=)
                          2: 186A811414CD11F0AB0B2C0CC4F9AE02.roa (hash: 9tc8Ga8JfnoWYOg9jj5aEvP7RbMQoDEn79rxtZ5FqHw=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9171AD3/0BC4F840C1B211EA83278767C4F9AE02/3qB5KN5ChJYNLNXo50cChCYLMmY.crl
                          rsync://rpki.apnic.net/member_repository/A9171AD3/0BC4F840C1B211EA83278767C4F9AE02/3qB5KN5ChJYNLNXo50cChCYLMmY.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3qB5KN5ChJYNLNXo50cChCYLMmY.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 31 Jul 2025 20:45:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2212 (0x8a4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9171AD3, serialNumber=DEA07928DE4284960D2CD5E8E7470284260B3266
        Validity
            Not Before: Jul 24 20:45:18 2025 GMT
            Not After : Jul 31 20:45:18 2025 GMT
        Subject: CN=68829b5e-008a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:ad:75:cd:28:ec:67:02:60:4a:bc:4a:9b:34:
                    72:cf:f2:42:d4:cb:15:8f:6b:39:b8:52:da:47:74:
                    d2:89:0b:f0:8a:cf:86:e8:6d:c3:78:9a:10:7b:e1:
                    91:a3:dd:d5:a1:99:c3:b2:3c:51:3b:36:f2:bf:5b:
                    3f:5b:9c:37:3a:c9:cc:4e:8e:72:e9:47:fc:f3:55:
                    51:65:1f:16:e7:9a:ca:19:71:ba:a1:c9:83:19:e2:
                    c4:ec:12:1c:09:3a:a8:47:e1:5f:4a:d3:16:9d:06:
                    88:18:10:ea:c3:81:40:27:43:f6:0a:4e:bc:dc:21:
                    47:ea:75:46:13:14:ce:3a:47:25:60:81:f5:84:ab:
                    d2:63:47:b5:20:dc:b0:ad:fd:23:0a:6a:9a:4e:e6:
                    31:4f:f3:44:8b:4a:3c:a9:30:b5:27:1b:b9:95:61:
                    db:6c:f3:e4:a5:33:ea:6a:02:86:2f:45:c4:da:51:
                    84:49:d4:d9:64:6c:a5:e7:c2:dc:ee:15:3c:d9:e3:
                    da:ce:b7:83:47:4f:2a:bb:57:6b:6c:86:35:42:a1:
                    f5:83:ee:be:eb:63:ee:bd:c8:84:98:5c:b3:26:68:
                    a8:e9:01:3f:fd:25:85:40:05:5e:62:5c:16:7c:37:
                    ad:25:b0:cc:d8:a3:4d:65:9b:f8:41:c8:2f:7a:ff:
                    32:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:4D:00:3F:27:51:73:C8:2C:70:CD:4F:ED:4D:90:C0:84:6B:D8:3A
            X509v3 Authority Key Identifier:
                keyid:DE:A0:79:28:DE:42:84:96:0D:2C:D5:E8:E7:47:02:84:26:0B:32:66

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9171AD3/0BC4F840C1B211EA83278767C4F9AE02/3qB5KN5ChJYNLNXo50cChCYLMmY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3qB5KN5ChJYNLNXo50cChCYLMmY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9171AD3/0BC4F840C1B211EA83278767C4F9AE02/3qB5KN5ChJYNLNXo50cChCYLMmY.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:6a:3c:ce:c3:8a:2a:a8:d5:f8:cc:2c:fb:c2:8d:62:a9:fe:
         dd:45:85:32:1f:7a:a6:f5:58:cc:56:6e:34:55:d7:9a:a4:20:
         6a:30:2d:b2:d5:cf:ec:00:a5:95:16:be:9d:1c:e6:b0:51:3b:
         5b:e7:d3:55:b5:38:2c:72:f7:66:c1:ac:65:8f:b9:d4:93:45:
         90:9c:b4:f5:51:cc:ef:a5:69:07:06:69:f3:94:a9:90:a5:4c:
         be:18:de:0f:91:96:29:b0:0a:d8:c5:97:79:68:64:e5:97:95:
         6b:c1:bb:76:b4:f4:c6:2b:7b:a8:25:ba:26:4d:bf:f1:7b:04:
         eb:27:2c:59:fd:07:16:d8:d4:3d:c2:ce:b0:c1:df:16:de:c6:
         d7:bb:83:bb:3f:d9:00:96:0e:97:87:b3:e1:6b:82:76:33:30:
         c9:5c:8f:f9:cd:4a:d6:2e:a7:41:35:05:1e:61:b1:1b:e5:62:
         47:84:e9:95:86:ab:63:61:02:7a:b2:ca:fe:34:f5:83:a7:8b:
         51:7c:73:9f:eb:2b:b9:6e:96:32:5a:11:06:d2:cd:71:1b:ac:
         8e:9f:12:aa:56:89:4e:2c:db:d7:b1:ca:9d:57:b5:96:ae:e8:
         99:57:e1:57:f4:c6:ee:90:94:3a:89:e7:7d:5f:30:83:9a:f3:
         42:fc:6e:d2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCKQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzFBRDMxMTAvBgNVBAUTKERFQTA3OTI4REU0Mjg0OTYwRDJDRDVFOEU3NDcwMjg0
MjYwQjMyNjYwHhcNMjUwNzI0MjA0NTE4WhcNMjUwNzMxMjA0NTE4WjAYMRYwFAYD
VQQDEw02ODgyOWI1ZS0wMDhhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzq11zSjsZwJgSrxKmzRyz/JC1MsVj2s5uFLaR3TSiQvwis+G6G3DeJoQe+GR
o93VoZnDsjxROzbyv1s/W5w3OsnMTo5y6Uf881VRZR8W55rKGXG6ocmDGeLE7BIc
CTqoR+FfStMWnQaIGBDqw4FAJ0P2Ck683CFH6nVGExTOOkclYIH1hKvSY0e1INyw
rf0jCmqaTuYxT/NEi0o8qTC1Jxu5lWHbbPPkpTPqagKGL0XE2lGESdTZZGyl58Lc
7hU82ePazreDR08qu1drbIY1QqH1g+6+62PuvciEmFyzJmio6QE//SWFQAVeYlwW
fDetJbDM2KNNZZv4Qcgvev8yZwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIRNAD8n
UXPILHDNT+1NkMCEa9g6MB8GA1UdIwQYMBaAFN6geSjeQoSWDSzV6OdHAoQmCzJm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MUFEMy8wQkM0Rjg0MEMx
QjIxMUVBODMyNzg3NjdDNEY5QUUwMi8zcUI1S041Q2hKWU5MTlhvNTBjQ2hDWUxN
bVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNxQjVLTjVDaEpZTkxOWG81MGNDaENZTE1tWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MUFEMy8wQkM0Rjg0MEMxQjIxMUVBODMyNzg3NjdDNEY5QUUwMi8zcUI1S041Q2hK
WU5MTlhvNTBjQ2hDWUxNbVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCGajzOw4oqqNX4zCz7wo1iqf7dRYUyH3qm9VjMVm40VdeapCBqMC2y
1c/sAKWVFr6dHOawUTtb59NVtTgscvdmwaxlj7nUk0WQnLT1UczvpWkHBmnzlKmQ
pUy+GN4PkZYpsArYxZd5aGTll5Vrwbt2tPTGK3uoJbomTb/xewTrJyxZ/QcW2NQ9
ws6wwd8W3sbXu4O7P9kAlg6Xh7Pha4J2MzDJXI/5zUrWLqdBNQUeYbEb5WJHhOmV
hqtjYQJ6ssr+NPWDp4tRfHOf6yu5bpYyWhEG0s1xG6yOnxKqVolOLNvXscqdV7WW
ruiZV+FX9MbukJQ6ied9XzCDmvNC/G7S
-----END CERTIFICATE-----
Generated at Sat Jul 26 02:00:14 2025 by rpki-client