Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.mft
File:                     CeskiT_4OKrchy_8N1hCf2rsIXI.mft (raw, json)
Hash identifier:          5YIAdX4J4sYJ+Mo/f+b+EVrPPmqvIbB/HjwVF9w2Ovg=
Subject key identifier:   13:5C:32:80:B6:33:B3:54:31:32:01:A3:73:43:5E:DA:FD:4E:69:70
Authority key identifier: 09:EB:24:89:3F:F8:38:AA:DC:87:2F:FC:37:58:42:7F:6A:EC:21:72
Certificate issuer:       /CN=A918F7A1/serialNumber=09EB24893FF838AADC872FFC3758427F6AEC2172
Certificate serial:       055B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CeskiT_4OKrchy_8N1hCf2rsIXI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.mft
Manifest number:          072B
Signing time:             Tue 22 Jul 2025 23:44:03 +0000
Manifest this update:     Tue 22 Jul 2025 23:44:02 +0000
Manifest next update:     Tue 29 Jul 2025 23:44:02 +0000
Files and hashes:         1: CeskiT_4OKrchy_8N1hCf2rsIXI.crl (hash: OKnyRKa3w4dAGgHfHbRUb45jcZ/YYcejIbgYvVeY8G4=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.crl
                          rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CeskiT_4OKrchy_8N1hCf2rsIXI.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 29 Jul 2025 23:44:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1371 (0x55b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918F7A1, serialNumber=09EB24893FF838AADC872FFC3758427F6AEC2172
        Validity
            Not Before: Jul 22 23:44:02 2025 GMT
            Not After : Jul 29 23:44:02 2025 GMT
        Subject: CN=68802242-d63b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:7c:23:78:dd:c7:9f:6d:44:79:fc:90:57:f9:
                    00:fe:8c:4b:72:4e:fd:47:51:f0:6b:dd:93:f0:ec:
                    1c:67:bc:6e:0b:88:87:20:f2:d1:39:d5:10:64:f2:
                    6f:45:f5:02:3f:90:27:e8:8b:4f:b7:18:4b:bc:79:
                    2c:4a:f1:45:fd:4b:9c:ed:76:fa:97:93:b5:bc:cf:
                    d6:ac:23:a1:8d:08:b3:d9:a6:58:3b:1a:c5:99:8e:
                    c1:8d:d9:07:95:de:1c:4a:54:27:62:a5:78:72:70:
                    59:94:b9:f1:a4:87:21:ca:75:e4:7c:d5:2f:53:12:
                    83:73:93:c1:8d:3c:69:2a:bc:4b:db:7f:98:ba:74:
                    cc:15:7d:23:69:a0:e7:26:92:c6:9c:dd:fd:13:69:
                    8d:e7:02:68:93:79:0e:37:cb:c1:cc:f0:02:a6:36:
                    72:e2:bd:fa:1b:d0:64:a2:46:06:d2:35:3b:ba:1f:
                    4b:ac:5c:ba:d0:26:74:db:60:b4:4a:73:19:03:75:
                    cb:e5:c6:9b:92:72:3d:58:03:43:4f:10:5d:d4:e7:
                    1b:f0:a7:ce:e9:af:5b:c2:a8:3a:eb:b0:73:2c:93:
                    55:4e:70:fd:a8:57:fe:bd:7d:f4:71:a4:a2:58:2d:
                    a0:1a:c3:af:fb:e3:1b:e8:27:b0:7d:a4:ba:e7:f8:
                    e7:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:5C:32:80:B6:33:B3:54:31:32:01:A3:73:43:5E:DA:FD:4E:69:70
            X509v3 Authority Key Identifier:
                keyid:09:EB:24:89:3F:F8:38:AA:DC:87:2F:FC:37:58:42:7F:6A:EC:21:72

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CeskiT_4OKrchy_8N1hCf2rsIXI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:4b:88:35:0d:5a:01:e0:46:b4:35:34:f0:fc:96:f0:1e:44:
         7f:95:24:0a:c9:ab:3f:4b:d5:4f:e2:14:f0:88:dd:ac:dc:ec:
         17:e4:3a:65:96:c5:75:40:48:e8:46:dd:d9:a2:f7:92:6a:f8:
         1b:69:8e:da:93:41:59:71:38:7a:c4:73:88:2b:c8:0c:b3:cd:
         10:c8:63:e5:89:1e:89:c2:bc:0b:43:56:6a:a4:4e:da:18:7d:
         7e:c9:dc:fa:2c:1c:13:fc:04:1e:08:78:b9:58:22:ee:85:3c:
         6f:4a:7a:2f:3a:07:f9:6c:42:6f:c9:d8:7e:13:63:34:74:4f:
         7c:34:62:a1:3e:5b:0d:a2:46:6c:b0:42:4f:72:88:84:6d:fe:
         cf:3f:12:8a:cd:cb:b6:bf:d4:2b:5d:d3:e5:25:8b:f1:bf:21:
         e3:f6:6b:59:6b:a2:bf:91:d3:a7:80:f5:8a:68:09:76:eb:75:
         4f:ab:c3:59:0f:0b:57:37:d6:8c:68:e6:b0:db:8f:c7:1f:8c:
         54:85:86:cd:37:4d:4c:1a:ea:eb:ac:36:b4:4d:bf:cc:28:01:
         59:0b:8f:82:8a:20:2e:a3:3d:36:ab:c9:e9:e6:6d:69:06:08:
         60:db:2f:dc:56:76:f2:48:c1:b8:82:50:b6:9c:b2:6b:88:5d:
         6c:99:ab:06
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICBVswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEY3QTExMTAvBgNVBAUTKDA5RUIyNDg5M0ZGODM4QUFEQzg3MkZGQzM3NTg0MjdG
NkFFQzIxNzIwHhcNMjUwNzIyMjM0NDAyWhcNMjUwNzI5MjM0NDAyWjAYMRYwFAYD
VQQDEw02ODgwMjI0Mi1kNjNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9XwjeN3Hn21EefyQV/kA/oxLck79R1Hwa92T8OwcZ7xuC4iHIPLROdUQZPJv
RfUCP5An6ItPtxhLvHksSvFF/Uuc7Xb6l5O1vM/WrCOhjQiz2aZYOxrFmY7BjdkH
ld4cSlQnYqV4cnBZlLnxpIchynXkfNUvUxKDc5PBjTxpKrxL23+YunTMFX0jaaDn
JpLGnN39E2mN5wJok3kON8vBzPACpjZy4r36G9BkokYG0jU7uh9LrFy60CZ022C0
SnMZA3XL5cabknI9WANDTxBd1Ocb8KfO6a9bwqg667BzLJNVTnD9qFf+vX30caSi
WC2gGsOv++Mb6CewfaS65/jnsQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBNcMoC2
M7NUMTIBo3NDXtr9TmlwMB8GA1UdIwQYMBaAFAnrJIk/+Diq3Icv/DdYQn9q7CFy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RjdBMS85MUU4RTI4NEY0
MzcxMUVCQjVENTY5MUNDNEY5QUUwMi9DZXNraVRfNE9LcmNoeV84TjFoQ2YycnNJ
WEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0Nlc2tpVF80T0tyY2h5XzhOMWhDZjJyc0lYSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
RjdBMS85MUU4RTI4NEY0MzcxMUVCQjVENTY5MUNDNEY5QUUwMi9DZXNraVRfNE9L
cmNoeV84TjFoQ2YycnNJWEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBeS4g1DVoB4Ea0NTTw/JbwHkR/lSQKyas/S9VP4hTwiN2s3OwX5Dpl
lsV1QEjoRt3ZoveSavgbaY7ak0FZcTh6xHOIK8gMs80QyGPliR6JwrwLQ1ZqpE7a
GH1+ydz6LBwT/AQeCHi5WCLuhTxvSnovOgf5bEJvydh+E2M0dE98NGKhPlsNokZs
sEJPcoiEbf7PPxKKzcu2v9QrXdPlJYvxvyHj9mtZa6K/kdOngPWKaAl263VPq8NZ
DwtXN9aMaOaw24/HH4xUhYbNN01MGurrrDa0Tb/MKAFZC4+CiiAuoz02q8np5m1p
Bghg2y/cVnbySMG4glC2nLJriF1smasG
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:17:51 2025 by rpki-client