Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91951DE/904F870A60B411F08ED7AE63C4F9AE02/ZH5crcsfv367iZpyGcOg8D0_ew0.mft
File:                     ZH5crcsfv367iZpyGcOg8D0_ew0.mft (raw, json)
Hash identifier:          0Qt1vGYfd3awOI0JomuI0lVAflJjEFrxRxapPy4Gfo4=
Subject key identifier:   A9:0C:8F:20:4A:26:AE:7A:73:17:15:AA:FF:D5:29:98:8A:E3:98:4D
Authority key identifier: 64:7E:5C:AD:CB:1F:BF:7E:BB:89:9A:72:19:C3:A0:F0:3D:3F:7B:0D
Certificate issuer:       /CN=A91951DE/serialNumber=647E5CADCB1FBF7EBB899A7219C3A0F03D3F7B0D
Certificate serial:       07
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZH5crcsfv367iZpyGcOg8D0_ew0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91951DE/904F870A60B411F08ED7AE63C4F9AE02/ZH5crcsfv367iZpyGcOg8D0_ew0.mft
Manifest number:          06
Signing time:             Mon 21 Jul 2025 08:23:03 +0000
Manifest this update:     Mon 21 Jul 2025 08:23:02 +0000
Manifest next update:     Mon 28 Jul 2025 08:23:02 +0000
Files and hashes:         1: ZH5crcsfv367iZpyGcOg8D0_ew0.crl (hash: go13do5utBSSTgwsh8n7HLvjmEOmXWcJ2r77xfCM6BI=)
                          2: 533DC25E60B511F0AB567568C4F9AE02.roa (hash: 9UZrURL/5cYm+3q79UbhWbJw8l3P1ZGycupb15ORpsw=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91951DE/904F870A60B411F08ED7AE63C4F9AE02/ZH5crcsfv367iZpyGcOg8D0_ew0.crl
                          rsync://rpki.apnic.net/member_repository/A91951DE/904F870A60B411F08ED7AE63C4F9AE02/ZH5crcsfv367iZpyGcOg8D0_ew0.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZH5crcsfv367iZpyGcOg8D0_ew0.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 28 Jul 2025 08:23:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7 (0x7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91951DE, serialNumber=647E5CADCB1FBF7EBB899A7219C3A0F03D3F7B0D
        Validity
            Not Before: Jul 21 08:23:02 2025 GMT
            Not After : Jul 28 08:23:02 2025 GMT
        Subject: CN=687df8e6-478f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:5a:36:99:50:2d:55:55:7c:b6:74:37:ba:ce:
                    3c:ec:14:c6:99:ef:7d:64:13:a8:87:29:40:34:7e:
                    0c:96:87:f1:0e:c3:98:a9:4b:8b:85:70:66:bb:3e:
                    12:3e:3d:28:42:8a:85:13:67:fb:67:88:0c:4e:4b:
                    e6:dc:66:98:94:ca:72:d0:44:c7:49:e1:1e:b9:d8:
                    af:ef:6a:16:bc:c0:cd:08:ba:93:38:7a:53:68:fe:
                    a9:90:fd:bd:a7:3a:9d:c1:1b:4b:ac:1d:0f:6a:e6:
                    a6:79:b2:e0:6d:2b:d7:f6:63:26:31:5e:df:61:02:
                    d8:f0:2d:b5:26:be:5b:c4:2b:45:16:86:a7:e9:0f:
                    1c:81:59:9f:cf:32:be:87:b4:93:06:e7:ed:3c:69:
                    a2:70:87:c1:10:b3:49:a4:8c:12:70:11:4b:31:15:
                    87:be:2e:f5:06:dd:f9:63:56:d3:39:72:9a:3c:d3:
                    42:99:9d:a6:a3:af:fb:85:34:0a:01:20:65:6e:c0:
                    0d:ab:81:4d:fd:ad:f2:6e:b7:9b:d8:e5:da:3e:f8:
                    81:38:d9:db:73:a7:d1:69:65:a2:52:b4:38:a9:d3:
                    99:3f:37:2a:3a:ce:0c:94:ef:61:e4:f9:c8:c3:b8:
                    93:d7:d7:87:86:58:56:e7:1c:b2:d8:a4:f9:f8:77:
                    1b:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:0C:8F:20:4A:26:AE:7A:73:17:15:AA:FF:D5:29:98:8A:E3:98:4D
            X509v3 Authority Key Identifier:
                keyid:64:7E:5C:AD:CB:1F:BF:7E:BB:89:9A:72:19:C3:A0:F0:3D:3F:7B:0D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91951DE/904F870A60B411F08ED7AE63C4F9AE02/ZH5crcsfv367iZpyGcOg8D0_ew0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZH5crcsfv367iZpyGcOg8D0_ew0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91951DE/904F870A60B411F08ED7AE63C4F9AE02/ZH5crcsfv367iZpyGcOg8D0_ew0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:ee:22:86:06:fd:81:5c:3b:b7:90:c8:7c:f0:c3:31:35:a5:
         bd:62:a4:13:f9:47:9a:39:9f:1c:69:e3:f0:cd:c5:e8:09:96:
         fb:de:6f:dc:1c:da:db:59:33:b0:93:3f:e1:b5:70:1f:33:eb:
         1f:be:ba:e1:62:31:2d:a4:fb:cd:88:5a:9f:51:63:92:27:72:
         d2:ef:2d:6a:b7:d5:25:8f:b5:cf:fe:60:df:7e:b3:c1:97:56:
         d2:59:9a:0c:b2:41:79:2a:0c:60:4e:c3:b6:c7:3a:bf:6c:c9:
         b6:f5:1d:ef:08:c3:d1:8c:a0:26:74:72:5e:e8:71:26:35:f7:
         b8:0d:58:70:8f:8f:c4:6c:64:0e:e3:3d:ec:e5:97:42:67:e5:
         1e:e5:02:7d:22:3e:b7:36:63:66:2a:7e:79:05:39:2a:6f:34:
         0b:a2:e3:48:7d:40:12:62:da:12:9a:50:e1:f1:f8:cc:94:24:
         b8:2d:43:18:d9:20:1c:5c:95:db:84:62:6d:0f:17:d7:2c:70:
         bf:af:64:35:c2:4c:82:e2:56:63:3f:22:f0:c1:15:c6:39:b8:
         75:01:17:3f:d9:b0:aa:a9:79:9a:a2:18:12:34:f3:38:bb:6f:
         a8:4b:31:60:be:ce:d9:d4:1b:28:ad:3e:f1:50:8d:53:36:3c:
         ef:e2:95:d0
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBBzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
NTFERTExMC8GA1UEBRMoNjQ3RTVDQURDQjFGQkY3RUJCODk5QTcyMTlDM0EwRjAz
RDNGN0IwRDAeFw0yNTA3MjEwODIzMDJaFw0yNTA3MjgwODIzMDJaMBgxFjAUBgNV
BAMTDTY4N2RmOGU2LTQ3OGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDVWjaZUC1VVXy2dDe6zjzsFMaZ731kE6iHKUA0fgyWh/EOw5ipS4uFcGa7PhI+
PShCioUTZ/tniAxOS+bcZpiUynLQRMdJ4R652K/vaha8wM0IupM4elNo/qmQ/b2n
Op3BG0usHQ9q5qZ5suBtK9f2YyYxXt9hAtjwLbUmvlvEK0UWhqfpDxyBWZ/PMr6H
tJMG5+08aaJwh8EQs0mkjBJwEUsxFYe+LvUG3fljVtM5cpo800KZnaajr/uFNAoB
IGVuwA2rgU39rfJut5vY5do++IE42dtzp9FpZaJStDip05k/Nyo6zgyU72Hk+cjD
uJPX14eGWFbnHLLYpPn4dxtTAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUqQyPIEom
rnpzFxWq/9UpmIrjmE0wHwYDVR0jBBgwFoAUZH5crcsfv367iZpyGcOg8D0/ew0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk1MURFLzkwNEY4NzBBNjBC
NDExRjA4RUQ3QUU2M0M0RjlBRTAyL1pINWNyY3NmdjM2N2lacHlHY09nOEQwX2V3
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvWkg1Y3Jjc2Z2MzY3aVpweUdjT2c4RDBfZXcwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL
hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk1
MURFLzkwNEY4NzBBNjBCNDExRjA4RUQ3QUU2M0M0RjlBRTAyL1pINWNyY3NmdjM2
N2lacHlHY09nOEQwX2V3MC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h
cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA
MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL
BQADggEBACruIoYG/YFcO7eQyHzwwzE1pb1ipBP5R5o5nxxp4/DNxegJlvveb9wc
2ttZM7CTP+G1cB8z6x++uuFiMS2k+82IWp9RY5InctLvLWq31SWPtc/+YN9+s8GX
VtJZmgyyQXkqDGBOw7bHOr9sybb1He8Iw9GMoCZ0cl7ocSY197gNWHCPj8RsZA7j
Pezll0Jn5R7lAn0iPrc2Y2YqfnkFOSpvNAui40h9QBJi2hKaUOHx+MyUJLgtQxjZ
IBxclduEYm0PF9cscL+vZDXCTILiVmM/IvDBFcY5uHUBFz/ZsKqpeZqiGBI08zi7
b6hLMWC+ztnUGyitPvFQjVM2PO/ildA=
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:30:12 2025 by rpki-client