Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91951DE/904F870A60B411F08ED7AE63C4F9AE02/ZH5crcsfv367iZpyGcOg8D0_ew0.mft
File:                     ZH5crcsfv367iZpyGcOg8D0_ew0.mft (raw, json)
Hash identifier:          ARcKbH0K4nAHrwGIDOwSqaidU5GhsT7mcIlFaCpVu1A=
Subject key identifier:   9D:AC:84:03:9F:81:E5:BB:09:C7:78:1D:9F:4B:72:C6:F7:79:47:3C
Authority key identifier: 64:7E:5C:AD:CB:1F:BF:7E:BB:89:9A:72:19:C3:A0:F0:3D:3F:7B:0D
Certificate issuer:       /CN=A91951DE/serialNumber=647E5CADCB1FBF7EBB899A7219C3A0F03D3F7B0D
Certificate serial:       09
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZH5crcsfv367iZpyGcOg8D0_ew0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91951DE/904F870A60B411F08ED7AE63C4F9AE02/ZH5crcsfv367iZpyGcOg8D0_ew0.mft
Manifest number:          08
Signing time:             Fri 25 Jul 2025 08:33:35 +0000
Manifest this update:     Fri 25 Jul 2025 08:33:34 +0000
Manifest next update:     Fri 01 Aug 2025 08:33:34 +0000
Files and hashes:         1: ZH5crcsfv367iZpyGcOg8D0_ew0.crl (hash: cNR+5xdnVTUc4A2CVL3FDcrDN++ljI2ShZN3nnilFZE=)
                          2: 533DC25E60B511F0AB567568C4F9AE02.roa (hash: 9UZrURL/5cYm+3q79UbhWbJw8l3P1ZGycupb15ORpsw=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91951DE/904F870A60B411F08ED7AE63C4F9AE02/ZH5crcsfv367iZpyGcOg8D0_ew0.crl
                          rsync://rpki.apnic.net/member_repository/A91951DE/904F870A60B411F08ED7AE63C4F9AE02/ZH5crcsfv367iZpyGcOg8D0_ew0.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZH5crcsfv367iZpyGcOg8D0_ew0.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 01 Aug 2025 08:33:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9 (0x9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91951DE, serialNumber=647E5CADCB1FBF7EBB899A7219C3A0F03D3F7B0D
        Validity
            Not Before: Jul 25 08:33:34 2025 GMT
            Not After : Aug  1 08:33:34 2025 GMT
        Subject: CN=6883415f-2ce0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:33:af:b4:f9:ab:45:af:50:66:4b:f0:4a:4d:
                    f4:cb:fc:ff:0b:d2:5a:35:aa:d8:99:d1:31:93:0d:
                    dc:52:e2:4a:83:14:87:3c:b7:14:cf:95:2d:64:0b:
                    cf:38:46:f1:b2:83:6b:b8:65:63:59:ce:c7:07:54:
                    68:28:30:d6:0a:ff:d6:0c:d9:ae:23:16:ab:58:f2:
                    1e:5e:98:7f:37:07:83:b2:41:2c:9d:5e:12:ea:86:
                    14:49:82:0f:06:88:01:08:f9:50:2f:ec:c9:78:cb:
                    23:f3:b1:d7:14:72:08:5e:62:57:43:78:ef:75:3e:
                    e8:f9:ac:d3:03:6c:9d:53:f4:65:97:00:a4:e9:bc:
                    bf:2a:6c:2c:df:e3:1d:3a:c5:45:50:51:b9:49:2d:
                    ab:84:6a:34:6a:8f:12:97:73:c4:32:58:4c:73:ef:
                    dd:43:9b:d7:b7:c9:56:ec:e3:1a:27:2b:5f:b1:f2:
                    e9:50:cf:f1:42:b0:a9:be:ee:9e:ca:0f:8d:da:3c:
                    03:ad:6a:05:4f:eb:6d:c3:06:f6:10:64:cf:50:a5:
                    44:39:de:84:17:59:9d:4b:e4:c6:c9:44:51:a8:9f:
                    3b:aa:35:45:4f:51:59:62:e4:0f:c7:cd:06:44:a9:
                    f2:e1:92:11:64:4e:11:17:78:8f:c0:c0:ea:6f:40:
                    b2:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:AC:84:03:9F:81:E5:BB:09:C7:78:1D:9F:4B:72:C6:F7:79:47:3C
            X509v3 Authority Key Identifier:
                keyid:64:7E:5C:AD:CB:1F:BF:7E:BB:89:9A:72:19:C3:A0:F0:3D:3F:7B:0D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91951DE/904F870A60B411F08ED7AE63C4F9AE02/ZH5crcsfv367iZpyGcOg8D0_ew0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZH5crcsfv367iZpyGcOg8D0_ew0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91951DE/904F870A60B411F08ED7AE63C4F9AE02/ZH5crcsfv367iZpyGcOg8D0_ew0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:9b:63:9f:b0:14:12:bf:b1:5c:d5:40:da:f7:0d:7e:f4:58:
         b2:65:dd:87:a3:33:59:61:34:ff:a5:3e:6a:b5:e9:94:a8:db:
         66:da:58:4b:ef:30:aa:14:2b:e3:94:27:e9:d7:45:b6:f3:69:
         e0:a7:a2:bd:7d:d6:12:1a:84:8b:1c:83:b5:11:2d:8a:1a:6e:
         b8:da:10:2c:3c:4a:34:61:c4:32:f5:16:54:63:78:82:9a:48:
         41:c3:32:be:4d:33:ec:e5:f9:08:f4:e4:e8:7f:3f:cc:d7:7d:
         8c:bf:cd:7a:8f:17:7f:34:5a:9b:2d:5c:37:64:09:9d:b9:65:
         f2:99:5f:08:ae:40:c2:24:4f:24:8e:bf:0b:40:63:23:47:54:
         aa:aa:7c:43:b2:64:25:eb:c2:36:91:31:05:d0:be:a5:7f:df:
         44:46:73:12:80:f7:80:cb:7e:af:bd:74:87:df:8a:f2:03:be:
         30:b2:26:81:38:ab:d8:3a:61:ee:25:1f:47:4b:f3:0b:47:e4:
         c1:81:48:8f:60:fb:6d:d5:22:16:2f:77:87:f5:37:99:40:5d:
         cc:7d:00:a8:0d:be:51:0c:e1:27:e0:f4:a5:fe:62:dd:cc:9c:
         27:e9:7e:94:19:b7:5d:9e:09:6b:ca:1e:da:fa:45:e9:e4:a2:
         5a:63:d0:52
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBCTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
NTFERTExMC8GA1UEBRMoNjQ3RTVDQURDQjFGQkY3RUJCODk5QTcyMTlDM0EwRjAz
RDNGN0IwRDAeFw0yNTA3MjUwODMzMzRaFw0yNTA4MDEwODMzMzRaMBgxFjAUBgNV
BAMTDTY4ODM0MTVmLTJjZTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCvM6+0+atFr1BmS/BKTfTL/P8L0lo1qtiZ0TGTDdxS4kqDFIc8txTPlS1kC884
RvGyg2u4ZWNZzscHVGgoMNYK/9YM2a4jFqtY8h5emH83B4OyQSydXhLqhhRJgg8G
iAEI+VAv7Ml4yyPzsdcUcgheYldDeO91Puj5rNMDbJ1T9GWXAKTpvL8qbCzf4x06
xUVQUblJLauEajRqjxKXc8QyWExz791Dm9e3yVbs4xonK1+x8ulQz/FCsKm+7p7K
D43aPAOtagVP623DBvYQZM9QpUQ53oQXWZ1L5MbJRFGonzuqNUVPUVli5A/HzQZE
qfLhkhFkThEXeI/AwOpvQLJLAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUnayEA5+B
5bsJx3gdn0tyxvd5RzwwHwYDVR0jBBgwFoAUZH5crcsfv367iZpyGcOg8D0/ew0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk1MURFLzkwNEY4NzBBNjBC
NDExRjA4RUQ3QUU2M0M0RjlBRTAyL1pINWNyY3NmdjM2N2lacHlHY09nOEQwX2V3
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvWkg1Y3Jjc2Z2MzY3aVpweUdjT2c4RDBfZXcwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL
hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk1
MURFLzkwNEY4NzBBNjBCNDExRjA4RUQ3QUU2M0M0RjlBRTAyL1pINWNyY3NmdjM2
N2lacHlHY09nOEQwX2V3MC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h
cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA
MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL
BQADggEBAJqbY5+wFBK/sVzVQNr3DX70WLJl3YejM1lhNP+lPmq16ZSo22baWEvv
MKoUK+OUJ+nXRbbzaeCnor191hIahIscg7URLYoabrjaECw8SjRhxDL1FlRjeIKa
SEHDMr5NM+zl+Qj05Oh/P8zXfYy/zXqPF380WpstXDdkCZ25ZfKZXwiuQMIkTySO
vwtAYyNHVKqqfEOyZCXrwjaRMQXQvqV/30RGcxKA94DLfq+9dIffivIDvjCyJoE4
q9g6Ye4lH0dL8wtH5MGBSI9g+23VIhYvd4f1N5lAXcx9AKgNvlEM4Sfg9KX+Yt3M
nCfpfpQZt12eCWvKHtr6Renkolpj0FI=
-----END CERTIFICATE-----
Generated at Sat Jul 26 01:58:15 2025 by rpki-client