Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9189261/90B6F72E86AB11EBA9086350C4F9AE02/J5KVmyX7-evckzm6nH01VXJpaas.mft
File:                     J5KVmyX7-evckzm6nH01VXJpaas.mft (raw, json)
Hash identifier:          T6eT57eYpcswIy2X+HSadsWR7PTuIT6m+BXAAmmc0I8=
Subject key identifier:   A2:C2:32:05:94:18:87:F0:45:6E:2B:95:48:8F:B5:83:7F:4F:BA:F6
Authority key identifier: 27:92:95:9B:25:FB:F9:EB:DC:93:39:BA:9C:7D:35:55:72:69:69:AB
Certificate issuer:       /CN=A9189261/serialNumber=2792959B25FBF9EBDC9339BA9C7D3555726969AB
Certificate serial:       0675
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J5KVmyX7-evckzm6nH01VXJpaas.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9189261/90B6F72E86AB11EBA9086350C4F9AE02/J5KVmyX7-evckzm6nH01VXJpaas.mft
Manifest number:          0670
Signing time:             Tue 22 Jul 2025 22:46:01 +0000
Manifest this update:     Tue 22 Jul 2025 22:46:01 +0000
Manifest next update:     Tue 29 Jul 2025 22:46:01 +0000
Files and hashes:         1: J5KVmyX7-evckzm6nH01VXJpaas.crl (hash: giulXlrHXirm37YgG+rLzZ8+VFbG+hQLrhEvCPzZc9Q=)
                          2: CDACEC3686AD11EBBDFD106EC4F9AE02.roa (hash: U3xUizSTWdJYMjLLq4qIbC/HRkla7mf9lgp0wntQ29I=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9189261/90B6F72E86AB11EBA9086350C4F9AE02/J5KVmyX7-evckzm6nH01VXJpaas.crl
                          rsync://rpki.apnic.net/member_repository/A9189261/90B6F72E86AB11EBA9086350C4F9AE02/J5KVmyX7-evckzm6nH01VXJpaas.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J5KVmyX7-evckzm6nH01VXJpaas.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 29 Jul 2025 22:46:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1653 (0x675)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9189261, serialNumber=2792959B25FBF9EBDC9339BA9C7D3555726969AB
        Validity
            Not Before: Jul 22 22:46:01 2025 GMT
            Not After : Jul 29 22:46:01 2025 GMT
        Subject: CN=688014a9-cc6b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:25:06:b7:df:5c:89:ed:c1:59:5c:53:be:19:
                    42:2a:8a:3b:d6:9e:a3:9e:2e:2f:49:a9:45:e5:6f:
                    d7:a1:d9:f3:3d:bb:9f:24:87:aa:4e:a1:56:22:80:
                    9d:65:7d:7a:51:97:a6:85:b8:5f:aa:ab:45:4c:24:
                    7b:77:c0:43:fd:03:4f:da:32:8c:94:68:a7:76:9b:
                    e7:d7:af:fa:5c:61:57:4d:60:66:34:41:bb:48:a8:
                    87:6b:a0:cb:7b:55:f1:a3:0e:ac:e0:b1:25:38:9a:
                    d2:c5:93:bd:44:18:b3:c5:10:0c:4b:4c:5b:57:63:
                    5a:c2:4d:f5:b4:2c:e7:87:b0:fd:63:df:4a:8a:f4:
                    cf:d8:7d:7f:3e:c8:95:6d:b1:f0:54:57:48:f7:a2:
                    e0:21:ce:42:13:55:95:bd:9c:f6:79:5b:64:c9:fc:
                    96:d2:55:cd:1a:1e:55:d2:60:14:7d:07:00:58:71:
                    26:db:2f:5c:6d:04:fe:6b:c3:ff:aa:00:62:9f:dc:
                    eb:11:79:b8:0d:23:47:82:dd:16:40:70:10:7e:45:
                    8f:36:58:b1:89:dd:16:32:38:52:28:98:5e:f1:f0:
                    e9:ca:9b:d9:95:a3:69:66:15:cd:ae:7e:6b:2c:9a:
                    d0:f8:21:dc:c6:d7:12:9b:bb:5e:2e:4d:7a:9c:05:
                    57:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:C2:32:05:94:18:87:F0:45:6E:2B:95:48:8F:B5:83:7F:4F:BA:F6
            X509v3 Authority Key Identifier:
                keyid:27:92:95:9B:25:FB:F9:EB:DC:93:39:BA:9C:7D:35:55:72:69:69:AB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9189261/90B6F72E86AB11EBA9086350C4F9AE02/J5KVmyX7-evckzm6nH01VXJpaas.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J5KVmyX7-evckzm6nH01VXJpaas.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9189261/90B6F72E86AB11EBA9086350C4F9AE02/J5KVmyX7-evckzm6nH01VXJpaas.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:71:2d:1f:2d:af:48:e3:18:a4:94:9d:c9:66:31:d5:ef:14:
         55:12:65:4a:ea:46:3a:69:5b:f6:c4:e5:21:10:bc:ee:29:ef:
         53:3a:60:c9:ed:0b:7a:c4:a5:86:60:2f:68:a3:eb:83:54:d0:
         9b:ca:2d:3f:27:1c:a6:1a:b1:5f:08:b4:3d:de:a0:18:84:fb:
         51:07:10:9a:8e:3c:b6:08:8d:3d:bf:58:1f:22:7c:90:19:04:
         7b:4c:cd:70:13:0c:da:02:58:6e:88:90:b6:3a:2d:d8:c3:2a:
         01:0f:22:f1:a0:ba:8b:61:e4:4a:96:dc:f1:1f:a7:49:54:96:
         28:10:6b:6f:cd:b4:f9:1f:8e:88:e4:71:d9:55:fd:a5:51:ad:
         36:99:73:d4:e7:75:86:28:71:4f:4e:2b:69:96:80:3c:fd:f3:
         c9:4a:53:6a:55:55:64:5e:d0:26:fc:d5:6e:7e:fa:db:b1:f5:
         65:7e:06:34:0b:cc:5a:60:88:80:3c:85:47:3b:70:8c:60:33:
         3f:46:67:3d:ad:5e:67:b6:86:d5:06:f9:1f:e0:b1:af:25:03:
         cb:9e:fe:71:bf:f4:b7:3d:a5:48:f1:df:67:c5:be:fb:6d:34:
         71:da:ce:26:89:dd:47:83:63:ee:8f:43:b3:7c:e4:0c:a2:7d:
         03:dc:a8:12
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICBnUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODkyNjExMTAvBgNVBAUTKDI3OTI5NTlCMjVGQkY5RUJEQzkzMzlCQTlDN0QzNTU1
NzI2OTY5QUIwHhcNMjUwNzIyMjI0NjAxWhcNMjUwNzI5MjI0NjAxWjAYMRYwFAYD
VQQDEw02ODgwMTRhOS1jYzZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApCUGt99cie3BWVxTvhlCKoo71p6jni4vSalF5W/XodnzPbufJIeqTqFWIoCd
ZX16UZemhbhfqqtFTCR7d8BD/QNP2jKMlGindpvn16/6XGFXTWBmNEG7SKiHa6DL
e1Xxow6s4LElOJrSxZO9RBizxRAMS0xbV2Nawk31tCznh7D9Y99KivTP2H1/PsiV
bbHwVFdI96LgIc5CE1WVvZz2eVtkyfyW0lXNGh5V0mAUfQcAWHEm2y9cbQT+a8P/
qgBin9zrEXm4DSNHgt0WQHAQfkWPNlixid0WMjhSKJhe8fDpypvZlaNpZhXNrn5r
LJrQ+CHcxtcSm7teLk16nAVX7wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKLCMgWU
GIfwRW4rlUiPtYN/T7r2MB8GA1UdIwQYMBaAFCeSlZsl+/nr3JM5upx9NVVyaWmr
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4OTI2MS85MEI2RjcyRTg2
QUIxMUVCQTkwODYzNTBDNEY5QUUwMi9KNUtWbXlYNy1ldmNrem02bkgwMVZYSnBh
YXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0o1S1ZteVg3LWV2Y2t6bTZuSDAxVlhKcGFhcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
OTI2MS85MEI2RjcyRTg2QUIxMUVCQTkwODYzNTBDNEY5QUUwMi9KNUtWbXlYNy1l
dmNrem02bkgwMVZYSnBhYXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBjcS0fLa9I4xiklJ3JZjHV7xRVEmVK6kY6aVv2xOUhELzuKe9TOmDJ
7Qt6xKWGYC9oo+uDVNCbyi0/JxymGrFfCLQ93qAYhPtRBxCajjy2CI09v1gfInyQ
GQR7TM1wEwzaAlhuiJC2Oi3YwyoBDyLxoLqLYeRKltzxH6dJVJYoEGtvzbT5H46I
5HHZVf2lUa02mXPU53WGKHFPTitploA8/fPJSlNqVVVkXtAm/NVufvrbsfVlfgY0
C8xaYIiAPIVHO3CMYDM/Rmc9rV5ntobVBvkf4LGvJQPLnv5xv/S3PaVI8d9nxb77
bTRx2s4mid1Hg2Puj0OzfOQMon0D3KgS
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:34:31 2025 by rpki-client