Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.mft
File:                     XAq0JfK0I14cgVaDvWyOi3uAtyc.mft (raw, json)
Hash identifier:          fHAnaRpvtIy9CnQ69O93QKoYpiYddbxziwH9Ts2aXFg=
Subject key identifier:   B8:EB:26:B4:BB:63:E4:95:3D:7E:4C:EE:DE:64:59:CD:41:67:F7:2B
Authority key identifier: 5C:0A:B4:25:F2:B4:23:5E:1C:81:56:83:BD:6C:8E:8B:7B:80:B7:27
Certificate issuer:       /CN=A917F8A9/serialNumber=5C0AB425F2B4235E1C815683BD6C8E8B7B80B727
Certificate serial:       09A0
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAq0JfK0I14cgVaDvWyOi3uAtyc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.mft
Manifest number:          0989
Signing time:             Thu 24 Jul 2025 20:17:37 +0000
Manifest this update:     Thu 24 Jul 2025 20:17:37 +0000
Manifest next update:     Thu 31 Jul 2025 20:17:37 +0000
Files and hashes:         1: XAq0JfK0I14cgVaDvWyOi3uAtyc.crl (hash: RroZ28ld5/BUudWQiTGTGxcNJozVCqSIX9wZ52ts9I8=)
                          2: 83DC30E0D0DB11EA9336962FC4F9AE02.roa (hash: 1xpqucRPj2sGGfUlw/hjqGcWw2RAvQEPEvj1/o7DLww=)
                          3: 0774A2C894F211EAB30E7682C4F9AE02.roa (hash: Qe2k4Rmt8cYvrQ25NjhCj6HgTDQ2LTBczeZdX5NMi1Q=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.crl
                          rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAq0JfK0I14cgVaDvWyOi3uAtyc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 31 Jul 2025 20:17:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2464 (0x9a0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917F8A9, serialNumber=5C0AB425F2B4235E1C815683BD6C8E8B7B80B727
        Validity
            Not Before: Jul 24 20:17:37 2025 GMT
            Not After : Jul 31 20:17:37 2025 GMT
        Subject: CN=688294e1-bb2b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:49:74:a2:f1:9d:08:d8:6c:63:1c:c9:f7:97:
                    0e:6c:6e:83:57:65:1f:70:5c:12:9f:02:8f:b5:1b:
                    19:14:71:8e:6c:53:28:0a:5d:65:1c:ae:22:06:d5:
                    a9:11:2e:89:fa:b5:1d:d3:4a:cd:ff:30:31:83:2e:
                    9a:df:ea:28:52:21:80:25:ef:d4:eb:fd:02:7f:3b:
                    8d:5a:fe:8f:69:0f:11:f0:05:01:9a:31:41:a5:e8:
                    d8:5a:7d:a5:cf:8e:96:da:6b:eb:16:93:b2:23:c7:
                    4b:5e:c6:bb:c8:38:9f:c6:f8:0e:5f:42:cc:fa:3e:
                    3b:bc:35:24:98:74:8f:a2:df:74:14:7d:74:0c:9d:
                    a7:54:d5:eb:c7:52:00:38:0f:ad:d1:76:83:91:21:
                    c5:a3:24:c8:25:d1:19:39:49:51:ea:6b:5e:50:c1:
                    d0:c2:d7:6f:1e:eb:de:4b:26:41:7a:6a:28:c7:b0:
                    ba:fe:52:3a:d6:b0:c8:33:22:1f:e9:cb:6e:b3:61:
                    dd:03:01:67:57:af:60:97:d5:77:ac:8f:60:c8:a8:
                    95:2a:ea:e5:f9:85:90:cd:fb:3b:c4:d0:7f:db:8a:
                    d0:ee:6f:a0:ea:b1:f1:1c:e3:88:8a:3b:b9:7b:70:
                    f8:c0:71:8e:02:f5:9e:7a:cd:2c:48:85:e0:95:b4:
                    d5:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:EB:26:B4:BB:63:E4:95:3D:7E:4C:EE:DE:64:59:CD:41:67:F7:2B
            X509v3 Authority Key Identifier:
                keyid:5C:0A:B4:25:F2:B4:23:5E:1C:81:56:83:BD:6C:8E:8B:7B:80:B7:27

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAq0JfK0I14cgVaDvWyOi3uAtyc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:f6:f2:7d:bb:e5:72:10:8d:64:41:8a:dd:87:3d:ec:cc:a4:
         4f:66:52:85:73:a0:2a:61:9d:88:d2:74:68:c5:6c:87:db:7f:
         43:1b:e0:6d:1d:bb:33:34:73:ec:66:f9:6a:b5:22:23:79:c8:
         51:12:32:78:d2:41:3c:cc:96:48:e4:9f:af:3f:1b:e9:42:c8:
         49:fa:d7:92:7b:81:bd:be:f3:87:8a:25:9d:e7:83:88:41:a8:
         8f:51:55:1a:14:0b:34:53:48:85:d6:90:46:2a:8d:37:db:9e:
         79:74:09:84:5d:e9:de:81:d9:17:f6:b0:7b:5c:e6:df:24:bb:
         96:e1:96:ed:dd:52:52:12:f2:03:a4:ae:06:39:bd:66:5f:6f:
         f8:d3:f3:4d:6e:29:81:bb:50:f0:c0:b8:58:c8:57:b4:44:9e:
         27:c3:22:7c:35:c7:e6:bb:a6:f2:b3:e5:21:04:8f:5d:ec:f2:
         35:3c:41:c6:5c:96:2b:8b:3e:8c:7b:6c:10:e5:e5:78:86:e5:
         49:5d:2b:16:bf:04:b8:ca:78:7a:f9:0e:80:01:88:eb:70:52:
         f7:78:a7:6d:bb:9a:63:d8:1d:2d:76:04:2b:a3:13:6d:8a:60:
         09:46:e1:e0:8f:f0:2f:4a:61:22:2a:b5:48:ce:da:09:2d:b5:
         3f:63:bc:1c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCaAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0Y4QTkxMTAvBgNVBAUTKDVDMEFCNDI1RjJCNDIzNUUxQzgxNTY4M0JENkM4RThC
N0I4MEI3MjcwHhcNMjUwNzI0MjAxNzM3WhcNMjUwNzMxMjAxNzM3WjAYMRYwFAYD
VQQDEw02ODgyOTRlMS1iYjJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu0l0ovGdCNhsYxzJ95cObG6DV2UfcFwSnwKPtRsZFHGObFMoCl1lHK4iBtWp
ES6J+rUd00rN/zAxgy6a3+ooUiGAJe/U6/0CfzuNWv6PaQ8R8AUBmjFBpejYWn2l
z46W2mvrFpOyI8dLXsa7yDifxvgOX0LM+j47vDUkmHSPot90FH10DJ2nVNXrx1IA
OA+t0XaDkSHFoyTIJdEZOUlR6mteUMHQwtdvHuveSyZBemoox7C6/lI61rDIMyIf
6ctus2HdAwFnV69gl9V3rI9gyKiVKurl+YWQzfs7xNB/24rQ7m+g6rHxHOOIiju5
e3D4wHGOAvWees0sSIXglbTV3QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLjrJrS7
Y+SVPX5M7t5kWc1BZ/crMB8GA1UdIwQYMBaAFFwKtCXytCNeHIFWg71sjot7gLcn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RjhBOS8yQUEwNDMzMDk0
RjAxMUVBODNFRjFFN0RDNEY5QUUwMi9YQXEwSmZLMEkxNGNnVmFEdld5T2kzdUF0
eWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hBcTBKZkswSTE0Y2dWYUR2V3lPaTN1QXR5Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
RjhBOS8yQUEwNDMzMDk0RjAxMUVBODNFRjFFN0RDNEY5QUUwMi9YQXEwSmZLMEkx
NGNnVmFEdld5T2kzdUF0eWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAO9vJ9u+VyEI1kQYrdhz3szKRPZlKFc6AqYZ2I0nRoxWyH239DG+Bt
HbszNHPsZvlqtSIjechREjJ40kE8zJZI5J+vPxvpQshJ+teSe4G9vvOHiiWd54OI
QaiPUVUaFAs0U0iF1pBGKo032555dAmEXenegdkX9rB7XObfJLuW4Zbt3VJSEvID
pK4GOb1mX2/40/NNbimBu1DwwLhYyFe0RJ4nwyJ8Ncfmu6bys+UhBI9d7PI1PEHG
XJYriz6Me2wQ5eV4huVJXSsWvwS4ynh6+Q6AAYjrcFL3eKdtu5pj2B0tdgQroxNt
imAJRuHgj/AvSmEiKrVIztoJLbU/Y7wc
-----END CERTIFICATE-----
Generated at Sat Jul 26 01:59:00 2025 by rpki-client