Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft
File:                     3FejmXtffOj7ybTZiz1F1jMHcRg.mft (raw, json)
Hash identifier:          oqP/zkmx47t3ds1qeaKVX0pHiL0w0NXyunWkjS89TXI=
Subject key identifier:   B2:9B:06:66:BB:07:9B:3C:30:11:07:44:59:CC:1B:5F:1C:77:B5:C4
Authority key identifier: DC:57:A3:99:7B:5F:7C:E8:FB:C9:B4:D9:8B:3D:45:D6:33:07:71:18
Certificate issuer:       /CN=A917CABB/serialNumber=DC57A3997B5F7CE8FBC9B4D98B3D45D633077118
Certificate serial:       0C33
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FejmXtffOj7ybTZiz1F1jMHcRg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft
Manifest number:          0C2C
Signing time:             Tue 22 Jul 2025 18:51:23 +0000
Manifest this update:     Tue 22 Jul 2025 18:51:23 +0000
Manifest next update:     Tue 29 Jul 2025 18:51:23 +0000
Files and hashes:         1: 3FejmXtffOj7ybTZiz1F1jMHcRg.crl (hash: Rx+tGDTfpTW+juddh4dsqiY5WGE/1MUcT+BZoPmn7ms=)
                          2: 17BA5658D1FA11EDA0A31C2FC4F9AE02.roa (hash: H306zJ6w0u++pxJwnmCEZeb1MJYQzvBqunxs7beIBF4=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.crl
                          rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FejmXtffOj7ybTZiz1F1jMHcRg.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 29 Jul 2025 18:51:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3123 (0xc33)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917CABB, serialNumber=DC57A3997B5F7CE8FBC9B4D98B3D45D633077118
        Validity
            Not Before: Jul 22 18:51:23 2025 GMT
            Not After : Jul 29 18:51:23 2025 GMT
        Subject: CN=687fddab-dfd9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:5b:e3:ea:6e:67:36:93:77:87:f4:05:23:9b:
                    db:fd:2d:c9:cc:cd:a1:b8:65:b9:30:44:d4:0f:28:
                    ab:ef:93:31:14:35:7f:66:3f:a5:1c:37:7b:bd:78:
                    4b:42:4f:f7:e1:5c:e2:8b:02:76:f9:1b:bb:67:0e:
                    b7:67:e7:f7:bb:76:f7:46:1b:d8:92:2f:aa:f5:15:
                    ed:64:75:ac:b8:2a:a1:30:68:64:7f:49:30:0d:c1:
                    30:63:5a:94:69:47:af:c5:19:19:cb:29:14:a3:94:
                    00:86:f3:af:24:26:c8:8b:03:cc:5a:fa:01:5f:85:
                    ea:a0:ab:2a:19:69:38:7c:7f:9d:0d:b0:aa:b5:a0:
                    6c:a8:96:d5:d7:a8:ff:a1:4f:53:fb:0d:9d:90:be:
                    e2:c8:7d:cb:98:64:ad:62:1a:84:c1:2d:f8:d0:31:
                    f0:25:7d:a3:58:4c:b4:8c:b7:33:2f:21:3d:f4:cd:
                    71:16:35:49:94:e7:8b:4c:24:91:a9:49:a6:ec:87:
                    20:a4:53:fe:0d:f6:76:a5:1e:87:78:39:dc:80:30:
                    81:83:5b:0d:1a:b6:32:02:17:26:7e:b0:19:87:30:
                    ad:79:dc:dd:80:b0:c1:97:e4:d0:47:d3:70:8b:bc:
                    06:09:72:43:74:5a:56:04:55:49:01:e5:43:78:70:
                    3d:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:9B:06:66:BB:07:9B:3C:30:11:07:44:59:CC:1B:5F:1C:77:B5:C4
            X509v3 Authority Key Identifier:
                keyid:DC:57:A3:99:7B:5F:7C:E8:FB:C9:B4:D9:8B:3D:45:D6:33:07:71:18

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FejmXtffOj7ybTZiz1F1jMHcRg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:d1:e8:9a:37:bc:c7:5a:4f:83:8e:5d:d4:23:da:f1:0d:da:
         e6:27:29:ae:fe:8e:d7:a2:d5:7d:7a:37:c8:10:99:04:a8:8a:
         65:fd:5a:5d:62:56:bc:74:08:00:5c:59:f0:cf:c9:a6:01:ee:
         90:d9:f3:df:e1:8e:e3:f6:4f:c4:07:b0:a5:72:a3:24:0c:78:
         39:8a:69:1c:c8:43:80:61:69:39:30:5c:1d:2a:a0:67:a0:3b:
         38:1b:b9:0e:fd:36:f4:2b:f7:5f:ea:00:f6:d8:06:1e:22:ea:
         68:d4:c1:a8:1c:de:97:3a:c0:66:58:aa:f5:85:8b:c3:ea:e3:
         c7:d8:6b:2f:b2:c6:18:72:37:b2:25:2a:26:e5:75:b2:3c:7b:
         bb:2b:b4:d3:47:70:41:2f:1d:cf:e5:5b:5f:ba:25:1f:eb:d8:
         92:34:c1:5d:21:49:73:52:37:ed:73:0f:8e:9d:7e:fb:87:0d:
         77:f7:4d:ca:35:8e:94:5a:82:de:ab:ec:20:e8:f3:b1:55:a1:
         20:d4:a5:db:da:bb:c6:cb:5b:4c:f6:75:a5:23:ff:87:f4:c8:
         a7:d1:60:23:27:24:62:1a:d7:08:9c:61:26:15:ce:9d:60:05:
         61:93:cb:83:b9:d4:fe:c1:f3:a7:25:76:c5:57:d5:f1:5f:f0:
         56:5c:72:23
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICDDMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0NBQkIxMTAvBgNVBAUTKERDNTdBMzk5N0I1RjdDRThGQkM5QjREOThCM0Q0NUQ2
MzMwNzcxMTgwHhcNMjUwNzIyMTg1MTIzWhcNMjUwNzI5MTg1MTIzWjAYMRYwFAYD
VQQDEw02ODdmZGRhYi1kZmQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtVvj6m5nNpN3h/QFI5vb/S3JzM2huGW5METUDyir75MxFDV/Zj+lHDd7vXhL
Qk/34VziiwJ2+Ru7Zw63Z+f3u3b3RhvYki+q9RXtZHWsuCqhMGhkf0kwDcEwY1qU
aUevxRkZyykUo5QAhvOvJCbIiwPMWvoBX4XqoKsqGWk4fH+dDbCqtaBsqJbV16j/
oU9T+w2dkL7iyH3LmGStYhqEwS340DHwJX2jWEy0jLczLyE99M1xFjVJlOeLTCSR
qUmm7IcgpFP+DfZ2pR6HeDncgDCBg1sNGrYyAhcmfrAZhzCtedzdgLDBl+TQR9Nw
i7wGCXJDdFpWBFVJAeVDeHA90QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLKbBma7
B5s8MBEHRFnMG18cd7XEMB8GA1UdIwQYMBaAFNxXo5l7X3zo+8m02Ys9RdYzB3EY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3Q0FCQi8wNzY3NUYxRTBG
NjkxMUVBQTlENTI2NTBDNEY5QUUwMi8zRmVqbVh0ZmZPajd5YlRaaXoxRjFqTUhj
UmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNGZWptWHRmZk9qN3liVFppejFGMWpNSGNSZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
Q0FCQi8wNzY3NUYxRTBGNjkxMUVBQTlENTI2NTBDNEY5QUUwMi8zRmVqbVh0ZmZP
ajd5YlRaaXoxRjFqTUhjUmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAi0eiaN7zHWk+Djl3UI9rxDdrmJymu/o7XotV9ejfIEJkEqIpl/Vpd
Yla8dAgAXFnwz8mmAe6Q2fPf4Y7j9k/EB7ClcqMkDHg5imkcyEOAYWk5MFwdKqBn
oDs4G7kO/Tb0K/df6gD22AYeIupo1MGoHN6XOsBmWKr1hYvD6uPH2GsvssYYcjey
JSom5XWyPHu7K7TTR3BBLx3P5VtfuiUf69iSNMFdIUlzUjftcw+OnX77hw13903K
NY6UWoLeq+wg6POxVaEg1KXb2rvGy1tM9nWlI/+H9Min0WAjJyRiGtcInGEmFc6d
YAVhk8uDudT+wfOnJXbFV9XxX/BWXHIj
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:30:17 2025 by rpki-client