Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9171AD3/0BC4F840C1B211EA83278767C4F9AE02/3qB5KN5ChJYNLNXo50cChCYLMmY.mft
File:                     3qB5KN5ChJYNLNXo50cChCYLMmY.mft (raw, json)
Hash identifier:          RUtfoU+Gt9wFJsQIjDj2vbipnzwkfNRv9ExRZX/65PY=
Subject key identifier:   E7:40:08:4B:88:E0:81:C7:CB:AB:B1:69:65:1F:EB:BC:2C:49:5B:0A
Authority key identifier: DE:A0:79:28:DE:42:84:96:0D:2C:D5:E8:E7:47:02:84:26:0B:32:66
Certificate issuer:       /CN=A9171AD3/serialNumber=DEA07928DE4284960D2CD5E8E7470284260B3266
Certificate serial:       08A3
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3qB5KN5ChJYNLNXo50cChCYLMmY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9171AD3/0BC4F840C1B211EA83278767C4F9AE02/3qB5KN5ChJYNLNXo50cChCYLMmY.mft
Manifest number:          089A
Signing time:             Tue 22 Jul 2025 20:49:01 +0000
Manifest this update:     Tue 22 Jul 2025 20:49:01 +0000
Manifest next update:     Tue 29 Jul 2025 20:49:01 +0000
Files and hashes:         1: 3qB5KN5ChJYNLNXo50cChCYLMmY.crl (hash: jugYZIttkph2skIY+9rnfEO1L5IldQAzOXDvbJadlZ4=)
                          2: 186A811414CD11F0AB0B2C0CC4F9AE02.roa (hash: 9tc8Ga8JfnoWYOg9jj5aEvP7RbMQoDEn79rxtZ5FqHw=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9171AD3/0BC4F840C1B211EA83278767C4F9AE02/3qB5KN5ChJYNLNXo50cChCYLMmY.crl
                          rsync://rpki.apnic.net/member_repository/A9171AD3/0BC4F840C1B211EA83278767C4F9AE02/3qB5KN5ChJYNLNXo50cChCYLMmY.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3qB5KN5ChJYNLNXo50cChCYLMmY.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 29 Jul 2025 20:49:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2211 (0x8a3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9171AD3, serialNumber=DEA07928DE4284960D2CD5E8E7470284260B3266
        Validity
            Not Before: Jul 22 20:49:01 2025 GMT
            Not After : Jul 29 20:49:01 2025 GMT
        Subject: CN=687ff93d-a0a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:9f:2a:71:ab:20:b5:a2:cb:e7:10:41:8a:fa:
                    66:c4:8e:2d:23:7f:11:12:d8:ca:c6:39:70:18:63:
                    45:1f:bc:ca:b3:15:9c:69:a5:e4:e8:1b:64:2c:95:
                    9f:a4:c0:d8:67:8d:87:9f:6a:b6:d7:e5:4d:17:f1:
                    fb:67:47:67:94:4b:4d:d5:48:8a:b8:32:1c:48:c8:
                    63:fd:a7:12:c8:c1:d2:98:4d:10:82:44:fa:a4:37:
                    74:dc:c0:18:44:07:a6:d7:43:1d:0b:90:af:f7:a8:
                    64:41:55:d1:e3:d0:c4:73:62:85:62:fb:16:46:f9:
                    62:94:18:97:be:ce:01:98:d4:df:32:d1:65:f8:e5:
                    2a:0a:4d:58:a5:dc:32:4d:22:a0:99:5e:2a:ba:15:
                    23:1f:c3:31:ab:e1:e1:81:12:78:72:75:79:0f:d6:
                    5f:57:18:8e:e0:dd:ea:8c:a5:78:5b:bc:92:35:77:
                    8a:63:b9:e3:5e:67:09:fb:62:9e:c1:2f:f6:e8:cf:
                    21:dc:95:9a:9e:87:23:a6:c3:ca:1a:c8:52:5c:af:
                    88:2d:04:81:d6:95:76:1c:23:20:34:ea:30:ab:13:
                    51:05:98:6d:78:c1:a9:99:1c:1e:7d:7e:97:8b:a8:
                    d1:3b:20:47:33:89:66:b8:76:27:fa:6c:a3:02:42:
                    e0:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:40:08:4B:88:E0:81:C7:CB:AB:B1:69:65:1F:EB:BC:2C:49:5B:0A
            X509v3 Authority Key Identifier:
                keyid:DE:A0:79:28:DE:42:84:96:0D:2C:D5:E8:E7:47:02:84:26:0B:32:66

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9171AD3/0BC4F840C1B211EA83278767C4F9AE02/3qB5KN5ChJYNLNXo50cChCYLMmY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3qB5KN5ChJYNLNXo50cChCYLMmY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9171AD3/0BC4F840C1B211EA83278767C4F9AE02/3qB5KN5ChJYNLNXo50cChCYLMmY.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:e8:bb:ae:89:4c:04:64:37:8b:b3:2a:ca:fa:84:f7:ff:71:
         f8:a3:c0:30:94:fa:18:9e:30:90:ef:7e:f6:58:44:ea:20:74:
         4a:7e:36:30:f5:6b:e9:cb:b8:87:79:32:53:d5:c5:e1:21:f6:
         6d:eb:6b:91:aa:c8:df:68:96:a9:5c:fb:00:83:53:07:62:94:
         1e:85:29:a7:29:72:d9:f4:61:5c:7e:7c:9f:43:9a:ce:cf:5f:
         0a:68:d9:b4:db:9a:5e:75:d8:4e:46:32:7d:11:e6:69:58:c2:
         59:67:9b:ca:14:ae:00:85:2a:27:74:13:f7:aa:10:9a:19:c1:
         c4:2b:53:83:f6:dd:5e:17:6a:ec:74:5a:09:eb:84:4d:50:e1:
         2e:cd:fa:fc:21:4e:5c:95:47:b8:fd:d9:c0:c5:ca:c6:55:32:
         fd:7e:b3:3f:a0:95:7e:4e:83:4e:57:d0:fa:87:56:6e:13:ec:
         fb:ba:5c:61:19:b7:22:9e:ca:ed:3d:bd:fb:63:cb:cc:b4:cf:
         fd:6d:d7:a0:64:07:9d:a6:56:76:ec:8f:c2:c1:cd:80:63:02:
         09:1b:bc:4d:c0:3d:e9:67:7f:14:8c:50:bd:d2:dd:e3:4c:0f:
         0f:3f:81:61:d6:92:24:43:90:64:4a:2f:d8:f1:dc:50:b1:20:
         83:53:07:ee
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCKMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzFBRDMxMTAvBgNVBAUTKERFQTA3OTI4REU0Mjg0OTYwRDJDRDVFOEU3NDcwMjg0
MjYwQjMyNjYwHhcNMjUwNzIyMjA0OTAxWhcNMjUwNzI5MjA0OTAxWjAYMRYwFAYD
VQQDEw02ODdmZjkzZC1hMGEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0Z8qcasgtaLL5xBBivpmxI4tI38REtjKxjlwGGNFH7zKsxWcaaXk6BtkLJWf
pMDYZ42Hn2q21+VNF/H7Z0dnlEtN1UiKuDIcSMhj/acSyMHSmE0QgkT6pDd03MAY
RAem10MdC5Cv96hkQVXR49DEc2KFYvsWRvlilBiXvs4BmNTfMtFl+OUqCk1Ypdwy
TSKgmV4quhUjH8Mxq+HhgRJ4cnV5D9ZfVxiO4N3qjKV4W7ySNXeKY7njXmcJ+2Ke
wS/26M8h3JWanocjpsPKGshSXK+ILQSB1pV2HCMgNOowqxNRBZhteMGpmRwefX6X
i6jROyBHM4lmuHYn+myjAkLgPQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOdACEuI
4IHHy6uxaWUf67wsSVsKMB8GA1UdIwQYMBaAFN6geSjeQoSWDSzV6OdHAoQmCzJm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MUFEMy8wQkM0Rjg0MEMx
QjIxMUVBODMyNzg3NjdDNEY5QUUwMi8zcUI1S041Q2hKWU5MTlhvNTBjQ2hDWUxN
bVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNxQjVLTjVDaEpZTkxOWG81MGNDaENZTE1tWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MUFEMy8wQkM0Rjg0MEMxQjIxMUVBODMyNzg3NjdDNEY5QUUwMi8zcUI1S041Q2hK
WU5MTlhvNTBjQ2hDWUxNbVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQA26LuuiUwEZDeLsyrK+oT3/3H4o8AwlPoYnjCQ7372WETqIHRKfjYw
9Wvpy7iHeTJT1cXhIfZt62uRqsjfaJapXPsAg1MHYpQehSmnKXLZ9GFcfnyfQ5rO
z18KaNm025peddhORjJ9EeZpWMJZZ5vKFK4AhSondBP3qhCaGcHEK1OD9t1eF2rs
dFoJ64RNUOEuzfr8IU5clUe4/dnAxcrGVTL9frM/oJV+ToNOV9D6h1ZuE+z7ulxh
GbcinsrtPb37Y8vMtM/9bdegZAedplZ27I/Cwc2AYwIJG7xNwD3pZ38UjFC90t3j
TA8PP4Fh1pIkQ5BkSi/Y8dxQsSCDUwfu
-----END CERTIFICATE-----
Generated at Thu Jul 24 05:02:07 2025 by rpki-client