Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9185B0F/52D0A120854E11EBB75BB009C4F9AE02/kFj-3Oxfh289_hYZQxnBRcnAzLU.mft
File:                     kFj-3Oxfh289_hYZQxnBRcnAzLU.mft (raw, json)
Hash identifier:          VTY670b34FIRLHQSJsSDQZMK4ANX7OjfmkOYLmsv+NA=
Subject key identifier:   79:6D:6A:B3:55:B3:99:B7:ED:C4:6C:C2:99:1A:4B:34:B6:FA:4F:DD
Authority key identifier: 90:58:FE:DC:EC:5F:87:6F:3D:FE:16:19:43:19:C1:45:C9:C0:CC:B5
Certificate issuer:       /CN=A9185B0F/serialNumber=9058FEDCEC5F876F3DFE16194319C145C9C0CCB5
Certificate serial:       0677
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kFj-3Oxfh289_hYZQxnBRcnAzLU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9185B0F/52D0A120854E11EBB75BB009C4F9AE02/kFj-3Oxfh289_hYZQxnBRcnAzLU.mft
Manifest number:          0672
Signing time:             Tue 22 Jul 2025 22:44:22 +0000
Manifest this update:     Tue 22 Jul 2025 22:44:21 +0000
Manifest next update:     Tue 29 Jul 2025 22:44:21 +0000
Files and hashes:         1: kFj-3Oxfh289_hYZQxnBRcnAzLU.crl (hash: qsixkc/KT3x8utbvyi6P3dDQYjM6Ql2wv5VY/JTD060=)
                          2: 25A7FE7E855211EB8DEDD812C4F9AE02.roa (hash: rH99d2UyS2BchbUPUbqFc9GOoYlWGp7hkjxEyr/ZGj0=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9185B0F/52D0A120854E11EBB75BB009C4F9AE02/kFj-3Oxfh289_hYZQxnBRcnAzLU.crl
                          rsync://rpki.apnic.net/member_repository/A9185B0F/52D0A120854E11EBB75BB009C4F9AE02/kFj-3Oxfh289_hYZQxnBRcnAzLU.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kFj-3Oxfh289_hYZQxnBRcnAzLU.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 29 Jul 2025 22:44:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1655 (0x677)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9185B0F, serialNumber=9058FEDCEC5F876F3DFE16194319C145C9C0CCB5
        Validity
            Not Before: Jul 22 22:44:21 2025 GMT
            Not After : Jul 29 22:44:21 2025 GMT
        Subject: CN=68801446-a814
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:ad:20:1d:29:c2:2c:27:7d:69:1a:f4:cb:f9:
                    5b:28:df:47:69:ce:3c:9e:92:90:ae:24:2a:1a:e7:
                    7d:83:7b:76:69:fb:02:9a:03:8b:61:e9:e9:12:9d:
                    4e:84:7e:0b:46:73:cc:ec:b0:f7:f7:1c:03:b4:75:
                    95:ef:a4:1d:9f:aa:fa:d1:57:4c:d2:e0:f1:d8:16:
                    1f:b8:2f:d1:85:f1:f5:c2:1c:fb:5e:9f:1c:76:dc:
                    c8:1f:a3:ea:98:b1:71:9e:96:2c:a2:f0:e2:57:0c:
                    3e:85:10:25:2d:96:7f:4d:28:43:09:3f:b5:00:2f:
                    85:b8:bb:02:1b:77:da:9e:ce:70:85:26:92:0a:54:
                    ed:a2:3d:db:6e:7a:ac:3e:91:0d:64:3a:70:36:9c:
                    4a:f9:a7:f1:18:ee:a7:9d:75:24:ed:70:60:0e:21:
                    61:c6:d5:1c:85:c4:b9:35:d9:4a:06:53:2a:8e:f4:
                    eb:22:a4:1e:4e:53:20:35:d8:0c:ad:62:c3:27:bc:
                    92:fa:7e:57:c0:1f:4a:44:32:2d:98:fd:f5:21:80:
                    ba:21:94:3f:5e:d4:2f:ed:fb:3e:b1:ad:4c:27:07:
                    36:05:8d:0d:e2:ee:b1:b3:25:4c:93:45:f3:b7:29:
                    17:dd:bc:66:ab:96:8c:a1:83:83:51:b7:a2:49:81:
                    d2:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:6D:6A:B3:55:B3:99:B7:ED:C4:6C:C2:99:1A:4B:34:B6:FA:4F:DD
            X509v3 Authority Key Identifier:
                keyid:90:58:FE:DC:EC:5F:87:6F:3D:FE:16:19:43:19:C1:45:C9:C0:CC:B5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9185B0F/52D0A120854E11EBB75BB009C4F9AE02/kFj-3Oxfh289_hYZQxnBRcnAzLU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kFj-3Oxfh289_hYZQxnBRcnAzLU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9185B0F/52D0A120854E11EBB75BB009C4F9AE02/kFj-3Oxfh289_hYZQxnBRcnAzLU.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:34:6b:cc:d7:82:a3:dc:b8:93:86:00:ef:04:c3:af:2b:c6:
         03:94:02:37:42:11:92:89:7d:76:83:48:0e:25:84:8a:ce:9c:
         df:71:eb:e5:fa:e9:12:32:e8:be:20:99:7a:82:18:70:7a:89:
         17:36:53:4f:cc:20:ef:d8:d2:cf:fd:58:48:6b:4e:6d:1f:87:
         d1:33:91:ec:e6:98:52:6f:c0:dd:56:55:75:6b:7e:69:e8:63:
         96:1c:1a:83:61:b7:cb:5d:c7:da:f1:85:8b:60:d4:7e:5f:a1:
         59:da:cc:06:70:18:d7:7b:03:56:0c:e2:63:fd:2d:3e:f6:b9:
         3a:20:67:f8:fe:0a:8a:ea:c4:42:61:34:f3:61:28:47:0e:1e:
         e6:7a:f9:4d:4f:9b:de:46:34:58:4c:d9:e6:a5:92:20:a4:ea:
         c2:0c:4b:aa:a7:f9:97:27:58:4b:0f:78:ce:38:55:d3:6d:27:
         d7:f9:f8:5d:98:fb:de:bf:1a:b1:34:e0:84:a5:ec:fe:bd:3f:
         ae:9f:68:da:f2:48:c8:63:2d:b0:4f:62:ab:da:16:95:10:4d:
         20:73:36:37:a8:ac:6c:45:86:2b:25:f4:b3:85:59:4d:5a:00:
         4e:f3:1d:fd:47:3d:74:f5:d0:97:4f:dd:ce:7e:e6:10:84:30:
         bc:93:8b:69
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICBncwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODVCMEYxMTAvBgNVBAUTKDkwNThGRURDRUM1Rjg3NkYzREZFMTYxOTQzMTlDMTQ1
QzlDMENDQjUwHhcNMjUwNzIyMjI0NDIxWhcNMjUwNzI5MjI0NDIxWjAYMRYwFAYD
VQQDEw02ODgwMTQ0Ni1hODE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8q0gHSnCLCd9aRr0y/lbKN9Hac48npKQriQqGud9g3t2afsCmgOLYenpEp1O
hH4LRnPM7LD39xwDtHWV76Qdn6r60VdM0uDx2BYfuC/RhfH1whz7Xp8cdtzIH6Pq
mLFxnpYsovDiVww+hRAlLZZ/TShDCT+1AC+FuLsCG3fans5whSaSClTtoj3bbnqs
PpENZDpwNpxK+afxGO6nnXUk7XBgDiFhxtUchcS5NdlKBlMqjvTrIqQeTlMgNdgM
rWLDJ7yS+n5XwB9KRDItmP31IYC6IZQ/XtQv7fs+sa1MJwc2BY0N4u6xsyVMk0Xz
tykX3bxmq5aMoYODUbeiSYHS6wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHltarNV
s5m37cRswpkaSzS2+k/dMB8GA1UdIwQYMBaAFJBY/tzsX4dvPf4WGUMZwUXJwMy1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NUIwRi81MkQwQTEyMDg1
NEUxMUVCQjc1QkIwMDlDNEY5QUUwMi9rRmotM094ZmgyODlfaFlaUXhuQlJjbkF6
TFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tGai0zT3hmaDI4OV9oWVpReG5CUmNuQXpMVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
NUIwRi81MkQwQTEyMDg1NEUxMUVCQjc1QkIwMDlDNEY5QUUwMi9rRmotM094Zmgy
ODlfaFlaUXhuQlJjbkF6TFUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAgNGvM14Kj3LiThgDvBMOvK8YDlAI3QhGSiX12g0gOJYSKzpzfcevl
+ukSMui+IJl6ghhweokXNlNPzCDv2NLP/VhIa05tH4fRM5Hs5phSb8DdVlV1a35p
6GOWHBqDYbfLXcfa8YWLYNR+X6FZ2swGcBjXewNWDOJj/S0+9rk6IGf4/gqK6sRC
YTTzYShHDh7mevlNT5veRjRYTNnmpZIgpOrCDEuqp/mXJ1hLD3jOOFXTbSfX+fhd
mPvevxqxNOCEpez+vT+un2ja8kjIYy2wT2Kr2haVEE0gczY3qKxsRYYrJfSzhVlN
WgBO8x39Rz109dCXT93OfuYQhDC8k4tp
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:46:39 2025 by rpki-client