Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.mft
File:                     CeskiT_4OKrchy_8N1hCf2rsIXI.mft (raw, json)
Hash identifier:          Eoesuks82mTAf2IJjX1ALhdsVvfuNAWeGEwQ5Un0zvI=
Subject key identifier:   4E:63:36:C5:F9:D7:B2:48:25:2D:E5:A9:19:04:55:BD:0B:4A:53:23
Authority key identifier: 09:EB:24:89:3F:F8:38:AA:DC:87:2F:FC:37:58:42:7F:6A:EC:21:72
Certificate issuer:       /CN=A918F7A1/serialNumber=09EB24893FF838AADC872FFC3758427F6AEC2172
Certificate serial:       055C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CeskiT_4OKrchy_8N1hCf2rsIXI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.mft
Manifest number:          072D
Signing time:             Thu 24 Jul 2025 23:41:38 +0000
Manifest this update:     Thu 24 Jul 2025 23:41:37 +0000
Manifest next update:     Thu 31 Jul 2025 23:41:37 +0000
Files and hashes:         1: CeskiT_4OKrchy_8N1hCf2rsIXI.crl (hash: OY2E41am267rdZEnHDZCv4ekR2fsHqv3qkqSSkvD2MA=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.crl
                          rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CeskiT_4OKrchy_8N1hCf2rsIXI.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 31 Jul 2025 23:41:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1372 (0x55c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918F7A1, serialNumber=09EB24893FF838AADC872FFC3758427F6AEC2172
        Validity
            Not Before: Jul 24 23:41:37 2025 GMT
            Not After : Jul 31 23:41:37 2025 GMT
        Subject: CN=6882c4b1-e582
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:f3:aa:b6:23:a7:ae:5d:cd:10:5a:a3:c4:2c:
                    9e:84:d9:0a:91:8d:a8:cd:69:d5:24:eb:a0:be:13:
                    46:cf:5c:cb:1e:8e:4b:ee:4d:bf:5c:11:54:92:0e:
                    d8:64:59:87:0b:ca:2e:80:1d:36:d7:84:84:ed:a2:
                    aa:f0:53:fe:5b:db:99:ba:cb:51:0b:22:63:d7:3b:
                    4e:ac:2a:bc:ad:15:db:be:30:11:f3:c5:b6:93:6c:
                    56:0d:f0:80:3c:c6:43:da:6d:35:d3:24:5c:f8:1d:
                    af:9d:6f:81:8d:80:18:65:df:dc:91:46:1c:8b:89:
                    c2:1f:f1:17:9e:a5:16:d6:d0:8e:c6:17:7d:26:fc:
                    e6:2f:f1:c4:55:c2:ff:69:65:e5:87:77:35:17:5f:
                    d2:94:1f:f4:a2:ff:fd:3d:ad:fc:94:c3:c5:00:d8:
                    2f:cb:57:e0:27:f3:ed:b3:70:ca:6e:ad:4e:e1:91:
                    a6:7a:64:09:aa:13:68:35:f2:72:9d:78:ab:d2:26:
                    4c:bd:f8:c9:c5:fc:ba:6f:a2:0f:08:d3:2f:54:06:
                    39:b4:87:03:8d:52:4c:69:c3:73:d1:3c:ce:b5:43:
                    d0:58:2e:04:8a:87:43:ae:b9:c7:c6:91:12:65:ce:
                    d0:6d:40:fe:68:77:f4:f1:34:9e:52:b2:9b:72:a9:
                    ab:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:63:36:C5:F9:D7:B2:48:25:2D:E5:A9:19:04:55:BD:0B:4A:53:23
            X509v3 Authority Key Identifier:
                keyid:09:EB:24:89:3F:F8:38:AA:DC:87:2F:FC:37:58:42:7F:6A:EC:21:72

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CeskiT_4OKrchy_8N1hCf2rsIXI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:f6:fd:34:49:c6:b2:00:57:c8:63:ee:12:74:62:5a:ff:28:
         fe:06:e4:5c:6a:4d:77:bb:88:c6:d9:79:d4:d5:83:ff:62:3d:
         4f:7b:fa:39:5b:f8:d7:d1:1f:95:f7:43:e6:91:2a:ae:11:d0:
         2f:57:3d:69:8c:93:a4:f4:85:f2:03:f3:4c:53:a9:11:a6:15:
         c8:fc:de:28:ee:63:e7:06:ca:44:ee:73:52:e7:a8:c6:72:d7:
         72:75:cc:a5:3a:de:db:d6:e9:44:da:26:ed:5f:42:dd:92:bd:
         5b:f2:62:22:4e:33:7c:c6:e7:9b:40:68:7e:a2:b4:29:a3:bf:
         56:2c:fc:c4:83:cf:1d:cc:42:31:59:4b:75:c0:cf:1a:d2:11:
         f1:f9:3f:45:7b:ab:fb:c1:94:4b:8b:3f:0a:1f:27:c4:cf:56:
         07:33:ed:f9:6b:4e:bc:78:3d:9c:76:5b:c0:fd:aa:bf:76:10:
         56:1d:3c:ef:44:03:39:12:95:7a:2d:07:b9:fd:07:06:31:bf:
         db:64:c5:ac:e6:3e:1f:cb:04:5f:14:3e:32:75:fb:36:f1:6e:
         99:2f:ad:b6:02:64:f6:96:20:e9:18:89:04:f3:7c:47:8b:da:
         ed:2d:e9:8a:37:c6:d5:3f:ab:f6:65:40:b4:56:f5:d7:54:a7:
         0a:04:bb:07
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICBVwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEY3QTExMTAvBgNVBAUTKDA5RUIyNDg5M0ZGODM4QUFEQzg3MkZGQzM3NTg0MjdG
NkFFQzIxNzIwHhcNMjUwNzI0MjM0MTM3WhcNMjUwNzMxMjM0MTM3WjAYMRYwFAYD
VQQDEw02ODgyYzRiMS1lNTgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr/OqtiOnrl3NEFqjxCyehNkKkY2ozWnVJOugvhNGz1zLHo5L7k2/XBFUkg7Y
ZFmHC8ougB0214SE7aKq8FP+W9uZustRCyJj1ztOrCq8rRXbvjAR88W2k2xWDfCA
PMZD2m010yRc+B2vnW+BjYAYZd/ckUYci4nCH/EXnqUW1tCOxhd9JvzmL/HEVcL/
aWXlh3c1F1/SlB/0ov/9Pa38lMPFANgvy1fgJ/Pts3DKbq1O4ZGmemQJqhNoNfJy
nXir0iZMvfjJxfy6b6IPCNMvVAY5tIcDjVJMacNz0TzOtUPQWC4EiodDrrnHxpES
Zc7QbUD+aHf08TSeUrKbcqmrjQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFE5jNsX5
17JIJS3lqRkEVb0LSlMjMB8GA1UdIwQYMBaAFAnrJIk/+Diq3Icv/DdYQn9q7CFy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RjdBMS85MUU4RTI4NEY0
MzcxMUVCQjVENTY5MUNDNEY5QUUwMi9DZXNraVRfNE9LcmNoeV84TjFoQ2YycnNJ
WEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0Nlc2tpVF80T0tyY2h5XzhOMWhDZjJyc0lYSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
RjdBMS85MUU4RTI4NEY0MzcxMUVCQjVENTY5MUNDNEY5QUUwMi9DZXNraVRfNE9L
cmNoeV84TjFoQ2YycnNJWEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQB/9v00ScayAFfIY+4SdGJa/yj+BuRcak13u4jG2XnU1YP/Yj1Pe/o5
W/jX0R+V90PmkSquEdAvVz1pjJOk9IXyA/NMU6kRphXI/N4o7mPnBspE7nNS56jG
ctdydcylOt7b1ulE2ibtX0Ldkr1b8mIiTjN8xuebQGh+orQpo79WLPzEg88dzEIx
WUt1wM8a0hHx+T9Fe6v7wZRLiz8KHyfEz1YHM+35a068eD2cdlvA/aq/dhBWHTzv
RAM5EpV6LQe5/QcGMb/bZMWs5j4fywRfFD4ydfs28W6ZL622AmT2liDpGIkE83xH
i9rtLemKN8bVP6v2ZUC0VvXXVKcKBLsH
-----END CERTIFICATE-----
Generated at Fri Jul 25 07:05:34 2025 by rpki-client