Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A917604B/41C0135C6DAE11EEA80D0574C4F9AE02/oUvaoxV2pjZ6C1w6yrkcTp8xGO8.mft
File:                     oUvaoxV2pjZ6C1w6yrkcTp8xGO8.mft (raw, json)
Hash identifier:          tyzy2pM7phCF7FpJAsaYv66e01x+/iJBsJl2N3Dy0l0=
Subject key identifier:   C2:82:BA:C8:4F:5F:89:02:63:5D:A3:C5:8E:A5:6D:F1:C0:E2:D8:BD
Authority key identifier: A1:4B:DA:A3:15:76:A6:36:7A:0B:5C:3A:CA:B9:1C:4E:9F:31:18:EF
Certificate issuer:       /CN=A917604B/serialNumber=A14BDAA31576A6367A0B5C3ACAB91C4E9F3118EF
Certificate serial:       014D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oUvaoxV2pjZ6C1w6yrkcTp8xGO8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917604B/41C0135C6DAE11EEA80D0574C4F9AE02/oUvaoxV2pjZ6C1w6yrkcTp8xGO8.mft
Manifest number:          014A
Signing time:             Mon 21 Jul 2025 04:20:12 +0000
Manifest this update:     Mon 21 Jul 2025 04:20:12 +0000
Manifest next update:     Mon 28 Jul 2025 04:20:12 +0000
Files and hashes:         1: oUvaoxV2pjZ6C1w6yrkcTp8xGO8.crl (hash: 1KEPiFuv4Aol5wWsOxydokTvqQ43MB9QWflTd4HWYhc=)
                          2: 2D7DCF98BA1411EFBD0C393DC4F9AE02.roa (hash: fg42UFyy2LFjnZK3Qasj9lnWcNe6AFnhvIhyePUvpAM=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A917604B/41C0135C6DAE11EEA80D0574C4F9AE02/oUvaoxV2pjZ6C1w6yrkcTp8xGO8.crl
                          rsync://rpki.apnic.net/member_repository/A917604B/41C0135C6DAE11EEA80D0574C4F9AE02/oUvaoxV2pjZ6C1w6yrkcTp8xGO8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oUvaoxV2pjZ6C1w6yrkcTp8xGO8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 28 Jul 2025 04:20:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 333 (0x14d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917604B, serialNumber=A14BDAA31576A6367A0B5C3ACAB91C4E9F3118EF
        Validity
            Not Before: Jul 21 04:20:12 2025 GMT
            Not After : Jul 28 04:20:12 2025 GMT
        Subject: CN=687dbffc-d1ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:05:13:9d:38:b5:b1:04:b0:37:9a:c2:c5:62:
                    36:7c:40:29:44:59:d3:7e:c8:9f:01:d9:e7:b9:aa:
                    b8:27:b4:a2:01:12:4c:e0:0a:37:f9:17:61:ba:10:
                    29:84:60:f9:b9:62:0f:54:c5:b6:3e:fd:e9:51:70:
                    22:db:10:10:17:98:66:6a:c6:b2:09:98:9d:93:bb:
                    6e:5e:3f:a2:ec:16:7a:c2:bd:23:9d:46:ab:84:03:
                    e1:32:47:dd:74:02:3b:06:28:63:17:c6:52:9d:cd:
                    02:d8:49:ae:b8:0d:1c:21:0e:5a:ee:21:9a:f8:ee:
                    91:cb:7a:0f:49:a7:59:46:ed:27:a2:84:15:58:b6:
                    8c:01:57:3b:66:28:3b:95:3f:0c:96:09:3e:bc:ec:
                    c5:40:15:45:34:55:ee:21:f7:27:68:fa:af:4f:ca:
                    52:47:1b:a2:b5:ad:e8:5c:c4:2f:4a:5b:0f:f8:3b:
                    d1:a4:78:6e:04:68:ec:2e:f1:d1:3f:9e:a7:4e:cf:
                    20:b7:5e:02:27:d6:b1:1f:cd:61:9c:78:3b:93:4a:
                    32:fe:dd:38:52:ba:d8:d0:38:5f:0c:64:98:06:c2:
                    82:b1:a6:31:ed:1e:36:2f:a1:bf:d5:cf:b7:74:e1:
                    9f:f5:04:9d:5e:04:cc:cc:d4:9b:90:d5:b7:23:44:
                    79:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:82:BA:C8:4F:5F:89:02:63:5D:A3:C5:8E:A5:6D:F1:C0:E2:D8:BD
            X509v3 Authority Key Identifier:
                keyid:A1:4B:DA:A3:15:76:A6:36:7A:0B:5C:3A:CA:B9:1C:4E:9F:31:18:EF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917604B/41C0135C6DAE11EEA80D0574C4F9AE02/oUvaoxV2pjZ6C1w6yrkcTp8xGO8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oUvaoxV2pjZ6C1w6yrkcTp8xGO8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917604B/41C0135C6DAE11EEA80D0574C4F9AE02/oUvaoxV2pjZ6C1w6yrkcTp8xGO8.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:d4:d0:2f:a5:ca:25:15:28:0f:1a:db:d9:51:53:d1:61:b1:
         30:b9:6c:30:52:9d:fa:6a:5b:aa:39:ed:45:a5:3a:16:7c:da:
         93:d8:6d:21:65:0b:b2:5b:4a:cb:66:ce:97:ed:42:ce:f5:17:
         4d:27:40:ae:d4:31:19:aa:dd:aa:b2:82:78:6a:07:50:97:d9:
         4f:e9:62:b4:3d:d3:b1:05:d1:56:2a:ad:4c:f9:89:8b:23:cc:
         a9:33:89:d4:c7:d0:01:0b:13:10:dc:d5:5d:fb:42:11:fa:38:
         8a:73:39:0f:d4:83:8e:05:99:ff:71:97:38:ff:5b:8b:15:98:
         0c:33:9c:56:0b:43:1c:e9:40:1f:b8:c2:60:2e:35:1e:91:ab:
         35:17:55:cd:70:aa:bb:01:cd:32:da:29:fb:6d:5d:c9:c6:49:
         a6:8c:76:f2:71:07:24:d5:32:40:79:e9:99:21:46:e3:9c:b0:
         68:74:8d:ea:0c:89:b5:83:df:e0:57:02:ff:77:3d:87:f4:6c:
         c6:2e:0f:95:14:f7:4c:e5:f8:d7:4c:b1:69:e7:b7:da:87:c4:
         72:20:10:cd:d4:20:0b:7a:b7:d9:e3:42:67:f2:dd:bb:99:18:
         ab:01:4b:5c:5a:0b:7b:4b:3b:9c:c4:e5:55:83:9b:5e:3d:0b:
         2f:9a:ae:f4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAU0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzYwNEIxMTAvBgNVBAUTKEExNEJEQUEzMTU3NkE2MzY3QTBCNUMzQUNBQjkxQzRF
OUYzMTE4RUYwHhcNMjUwNzIxMDQyMDEyWhcNMjUwNzI4MDQyMDEyWjAYMRYwFAYD
VQQDEw02ODdkYmZmYy1kMWJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvAUTnTi1sQSwN5rCxWI2fEApRFnTfsifAdnnuaq4J7SiARJM4Ao3+RdhuhAp
hGD5uWIPVMW2Pv3pUXAi2xAQF5hmasayCZidk7tuXj+i7BZ6wr0jnUarhAPhMkfd
dAI7BihjF8ZSnc0C2EmuuA0cIQ5a7iGa+O6Ry3oPSadZRu0nooQVWLaMAVc7Zig7
lT8Mlgk+vOzFQBVFNFXuIfcnaPqvT8pSRxuita3oXMQvSlsP+DvRpHhuBGjsLvHR
P56nTs8gt14CJ9axH81hnHg7k0oy/t04UrrY0DhfDGSYBsKCsaYx7R42L6G/1c+3
dOGf9QSdXgTMzNSbkNW3I0R5KwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMKCushP
X4kCY12jxY6lbfHA4ti9MB8GA1UdIwQYMBaAFKFL2qMVdqY2egtcOsq5HE6fMRjv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NjA0Qi80MUMwMTM1QzZE
QUUxMUVFQTgwRDA1NzRDNEY5QUUwMi9vVXZhb3hWMnBqWjZDMXc2eXJrY1RwOHhH
TzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29VdmFveFYycGpaNkMxdzZ5cmtjVHA4eEdPOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
NjA0Qi80MUMwMTM1QzZEQUUxMUVFQTgwRDA1NzRDNEY5QUUwMi9vVXZhb3hWMnBq
WjZDMXc2eXJrY1RwOHhHTzgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBZ1NAvpcolFSgPGtvZUVPRYbEwuWwwUp36aluqOe1FpToWfNqT2G0h
ZQuyW0rLZs6X7ULO9RdNJ0Cu1DEZqt2qsoJ4agdQl9lP6WK0PdOxBdFWKq1M+YmL
I8ypM4nUx9ABCxMQ3NVd+0IR+jiKczkP1IOOBZn/cZc4/1uLFZgMM5xWC0Mc6UAf
uMJgLjUekas1F1XNcKq7Ac0y2in7bV3JxkmmjHbycQck1TJAeemZIUbjnLBodI3q
DIm1g9/gVwL/dz2H9GzGLg+VFPdM5fjXTLFp57fah8RyIBDN1CALerfZ40Jn8t27
mRirAUtcWgt7SzucxOVVg5tePQsvmq70
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:25:20 2025 by rpki-client