Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.mft
File:                     XAq0JfK0I14cgVaDvWyOi3uAtyc.mft (raw, json)
Hash identifier:          pUNcmGKMjxf6vqD2Fp/HDaWqcIKu2OOj1njw5p1j5y0=
Subject key identifier:   B1:A4:6B:91:3B:85:5E:71:56:23:2C:FF:DA:A1:A4:D7:36:5D:D2:A5
Authority key identifier: 5C:0A:B4:25:F2:B4:23:5E:1C:81:56:83:BD:6C:8E:8B:7B:80:B7:27
Certificate issuer:       /CN=A917F8A9/serialNumber=5C0AB425F2B4235E1C815683BD6C8E8B7B80B727
Certificate serial:       099F
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAq0JfK0I14cgVaDvWyOi3uAtyc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.mft
Manifest number:          0988
Signing time:             Tue 22 Jul 2025 20:22:51 +0000
Manifest this update:     Tue 22 Jul 2025 20:22:50 +0000
Manifest next update:     Tue 29 Jul 2025 20:22:50 +0000
Files and hashes:         1: XAq0JfK0I14cgVaDvWyOi3uAtyc.crl (hash: 2IIgC+slyEc73uYx4zpNg59hILBDhEXYee71TMxLchg=)
                          2: 83DC30E0D0DB11EA9336962FC4F9AE02.roa (hash: 1xpqucRPj2sGGfUlw/hjqGcWw2RAvQEPEvj1/o7DLww=)
                          3: 0774A2C894F211EAB30E7682C4F9AE02.roa (hash: Qe2k4Rmt8cYvrQ25NjhCj6HgTDQ2LTBczeZdX5NMi1Q=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.crl
                          rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAq0JfK0I14cgVaDvWyOi3uAtyc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 29 Jul 2025 20:22:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2463 (0x99f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917F8A9, serialNumber=5C0AB425F2B4235E1C815683BD6C8E8B7B80B727
        Validity
            Not Before: Jul 22 20:22:50 2025 GMT
            Not After : Jul 29 20:22:50 2025 GMT
        Subject: CN=687ff31b-eab9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:cc:e1:33:f0:50:75:10:b0:02:cc:53:1f:dd:
                    fa:17:34:1a:74:d1:f0:19:e8:d6:ff:dc:bd:88:1e:
                    21:cd:cb:85:63:f7:48:b3:d2:db:1f:4f:dd:ae:9d:
                    19:b2:c2:3d:0f:b2:bf:38:00:d6:39:5c:fe:b7:92:
                    b9:95:84:cd:5f:07:3f:8c:6e:58:ba:ef:5e:b6:52:
                    81:ee:bb:77:6d:75:d1:c4:18:bb:0d:f6:4c:1e:1b:
                    dc:21:df:a9:5f:ac:fa:01:78:97:6c:86:e6:ef:e3:
                    c2:d6:45:ea:f7:db:f3:e5:c9:4a:4b:14:21:fa:98:
                    cb:3d:e8:a9:a4:fb:a6:63:4c:ea:cf:66:50:ef:f4:
                    0e:b7:61:18:7e:79:fd:9a:a2:7d:87:30:35:04:2d:
                    33:48:79:6c:8d:43:78:bc:3a:17:d0:82:aa:c6:cf:
                    15:88:0c:28:2b:22:86:bc:45:7a:92:79:e8:cc:f9:
                    bd:29:e3:0d:fe:09:06:78:55:bc:e0:d7:43:f0:4c:
                    87:23:94:9d:6b:5f:a1:82:4f:bd:1f:e0:39:cc:10:
                    5f:ea:96:5c:8d:43:ec:c3:bf:e1:47:3c:e5:b9:6b:
                    10:76:2d:aa:9d:db:9f:47:8a:26:f1:4a:48:79:14:
                    b2:37:a9:71:ae:c3:c9:0d:38:64:ad:9c:f6:37:65:
                    de:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:A4:6B:91:3B:85:5E:71:56:23:2C:FF:DA:A1:A4:D7:36:5D:D2:A5
            X509v3 Authority Key Identifier:
                keyid:5C:0A:B4:25:F2:B4:23:5E:1C:81:56:83:BD:6C:8E:8B:7B:80:B7:27

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAq0JfK0I14cgVaDvWyOi3uAtyc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:9e:f0:c3:57:b8:60:d0:eb:7b:1d:f6:3d:41:ca:27:fa:04:
         23:10:f5:74:c9:14:3f:a2:70:38:00:08:d5:1b:6c:aa:84:5a:
         29:7d:ec:d0:2b:23:01:a9:bc:50:fd:08:13:d2:7c:2e:64:01:
         2b:dd:7a:ad:15:c9:d1:bd:c1:a4:3d:8d:db:3b:98:6d:5b:b7:
         e6:6a:11:af:23:7b:0e:41:64:4b:2f:77:fd:22:95:36:27:67:
         04:35:da:14:09:80:fe:79:6e:d3:c1:33:5e:c7:ee:9e:bb:73:
         51:8b:db:1c:67:0d:9c:87:70:d5:80:c7:ad:cb:39:d3:5b:5e:
         4f:4f:3f:05:ad:fd:08:bf:64:10:e1:53:43:95:78:e4:d6:9f:
         e7:5f:ce:f0:6a:66:10:a6:0e:af:cb:46:ce:53:2c:7b:f3:18:
         85:52:39:dd:fa:67:36:40:73:95:3c:e0:8c:b9:07:75:71:9f:
         26:bc:65:4a:c7:47:9f:50:c0:b2:04:ae:11:1d:c5:aa:9b:8a:
         17:60:29:ff:90:70:6f:a9:58:c7:1e:9c:b9:7a:2c:a8:39:14:
         4a:5b:e1:c5:c9:3c:12:ef:e1:0e:e3:76:20:65:39:79:34:85:
         8f:13:48:04:53:0b:fd:6a:ae:59:18:89:5f:ad:28:44:3b:c5:
         4e:45:2f:96
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCZ8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0Y4QTkxMTAvBgNVBAUTKDVDMEFCNDI1RjJCNDIzNUUxQzgxNTY4M0JENkM4RThC
N0I4MEI3MjcwHhcNMjUwNzIyMjAyMjUwWhcNMjUwNzI5MjAyMjUwWjAYMRYwFAYD
VQQDEw02ODdmZjMxYi1lYWI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1szhM/BQdRCwAsxTH936FzQadNHwGejW/9y9iB4hzcuFY/dIs9LbH0/drp0Z
ssI9D7K/OADWOVz+t5K5lYTNXwc/jG5Yuu9etlKB7rt3bXXRxBi7DfZMHhvcId+p
X6z6AXiXbIbm7+PC1kXq99vz5clKSxQh+pjLPeippPumY0zqz2ZQ7/QOt2EYfnn9
mqJ9hzA1BC0zSHlsjUN4vDoX0IKqxs8ViAwoKyKGvEV6knnozPm9KeMN/gkGeFW8
4NdD8EyHI5Sda1+hgk+9H+A5zBBf6pZcjUPsw7/hRzzluWsQdi2qndufR4om8UpI
eRSyN6lxrsPJDThkrZz2N2XeiQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLGka5E7
hV5xViMs/9qhpNc2XdKlMB8GA1UdIwQYMBaAFFwKtCXytCNeHIFWg71sjot7gLcn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RjhBOS8yQUEwNDMzMDk0
RjAxMUVBODNFRjFFN0RDNEY5QUUwMi9YQXEwSmZLMEkxNGNnVmFEdld5T2kzdUF0
eWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hBcTBKZkswSTE0Y2dWYUR2V3lPaTN1QXR5Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
RjhBOS8yQUEwNDMzMDk0RjAxMUVBODNFRjFFN0RDNEY5QUUwMi9YQXEwSmZLMEkx
NGNnVmFEdld5T2kzdUF0eWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQB8nvDDV7hg0Ot7HfY9Qcon+gQjEPV0yRQ/onA4AAjVG2yqhFopfezQ
KyMBqbxQ/QgT0nwuZAEr3XqtFcnRvcGkPY3bO5htW7fmahGvI3sOQWRLL3f9IpU2
J2cENdoUCYD+eW7TwTNex+6eu3NRi9scZw2ch3DVgMetyznTW15PTz8Frf0Iv2QQ
4VNDlXjk1p/nX87wamYQpg6vy0bOUyx78xiFUjnd+mc2QHOVPOCMuQd1cZ8mvGVK
x0efUMCyBK4RHcWqm4oXYCn/kHBvqVjHHpy5eiyoORRKW+HFyTwS7+EO43YgZTl5
NIWPE0gEUwv9aq5ZGIlfrShEO8VORS+W
-----END CERTIFICATE-----
Generated at Thu Jul 24 05:02:18 2025 by rpki-client