Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91975F1/CB66330AEE2C11EC956B2C4FC4F9AE02/Ul6ia2phflqvwFQjzOWI3hnsWEc.mft
File:                     Ul6ia2phflqvwFQjzOWI3hnsWEc.mft (raw, json)
Hash identifier:          4s+OG4q7JxuT5cIBMTEzl7P0zHv/vxxC/9Sgngr2v54=
Subject key identifier:   DF:27:51:B7:C3:CE:AB:E5:FF:A2:FF:41:42:51:07:1A:33:48:1C:2D
Authority key identifier: 52:5E:A2:6B:6A:61:7E:5A:AF:C0:54:23:CC:E5:88:DE:19:EC:58:47
Certificate issuer:       /CN=A91975F1/serialNumber=525EA26B6A617E5AAFC05423CCE588DE19EC5847
Certificate serial:       02E1
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ul6ia2phflqvwFQjzOWI3hnsWEc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91975F1/CB66330AEE2C11EC956B2C4FC4F9AE02/Ul6ia2phflqvwFQjzOWI3hnsWEc.mft
Manifest number:          02DF
Signing time:             Mon 21 Jul 2025 01:37:37 +0000
Manifest this update:     Mon 21 Jul 2025 01:37:37 +0000
Manifest next update:     Mon 28 Jul 2025 01:37:37 +0000
Files and hashes:         1: Ul6ia2phflqvwFQjzOWI3hnsWEc.crl (hash: Mn7iJw0BqIqwoaNLXlFg3JQWdAEqRWaEbCYx9cyZHpM=)
                          2: 412DD396EE3B11EC8EE6DA63C4F9AE02.roa (hash: 90iQ52pzi3F+reOCS+hcjY5A8xSUULeYkZXVo6UNIXg=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91975F1/CB66330AEE2C11EC956B2C4FC4F9AE02/Ul6ia2phflqvwFQjzOWI3hnsWEc.crl
                          rsync://rpki.apnic.net/member_repository/A91975F1/CB66330AEE2C11EC956B2C4FC4F9AE02/Ul6ia2phflqvwFQjzOWI3hnsWEc.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ul6ia2phflqvwFQjzOWI3hnsWEc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 28 Jul 2025 01:37:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 737 (0x2e1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91975F1, serialNumber=525EA26B6A617E5AAFC05423CCE588DE19EC5847
        Validity
            Not Before: Jul 21 01:37:37 2025 GMT
            Not After : Jul 28 01:37:37 2025 GMT
        Subject: CN=687d99e1-5b7c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:58:f1:49:ab:c5:24:d7:eb:e0:d2:b8:0c:d5:
                    1f:e6:f6:c5:35:b6:d2:fe:9d:58:06:e8:fa:c6:19:
                    fe:63:49:dd:e5:ea:2b:7e:68:ba:b2:1f:d9:f7:15:
                    05:0f:2e:d5:b8:69:f9:7f:a6:f1:cb:d1:d5:3c:24:
                    1c:2f:2e:2b:fb:ec:be:31:21:62:64:b8:61:b2:b2:
                    28:e3:98:81:65:1d:cc:34:25:39:5a:92:ec:4d:63:
                    00:66:fc:cd:f9:b4:f0:ed:91:62:8b:a8:c2:11:88:
                    bb:b1:53:41:a8:3a:2b:2b:24:b3:5e:bc:35:68:93:
                    d2:7b:03:c3:a3:01:32:fd:4e:5b:72:66:80:c3:d1:
                    19:1e:3d:93:c5:eb:9e:59:f4:d3:4d:01:66:91:2f:
                    92:48:4a:70:08:cf:e5:e8:fa:d3:75:2f:13:0c:f8:
                    15:e1:c2:e8:55:b2:3b:07:9e:8f:a1:89:7f:f6:57:
                    f1:d4:e0:96:33:d3:42:32:02:34:9d:b4:8c:fd:5e:
                    26:0d:c6:3d:dd:97:05:72:98:a8:29:3a:82:9a:fd:
                    3a:8d:0f:8e:75:10:48:e4:bf:0d:e9:60:c0:3d:0d:
                    be:2b:49:9e:52:c6:7e:ff:48:3b:be:54:3d:64:70:
                    23:45:b9:3d:00:87:17:f3:41:40:d4:a6:da:17:69:
                    2d:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:27:51:B7:C3:CE:AB:E5:FF:A2:FF:41:42:51:07:1A:33:48:1C:2D
            X509v3 Authority Key Identifier:
                keyid:52:5E:A2:6B:6A:61:7E:5A:AF:C0:54:23:CC:E5:88:DE:19:EC:58:47

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91975F1/CB66330AEE2C11EC956B2C4FC4F9AE02/Ul6ia2phflqvwFQjzOWI3hnsWEc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ul6ia2phflqvwFQjzOWI3hnsWEc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91975F1/CB66330AEE2C11EC956B2C4FC4F9AE02/Ul6ia2phflqvwFQjzOWI3hnsWEc.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:1f:20:a9:cf:5b:62:ea:2a:ff:5d:fc:16:16:d2:67:69:50:
         c4:c2:40:8d:ff:81:a6:7a:ad:92:16:92:cd:a5:18:d9:9f:7e:
         dc:81:d1:e3:d0:7e:ce:87:34:8b:57:f5:03:f9:f1:2c:00:95:
         d8:c3:d1:21:16:ba:27:fa:d7:c9:f9:8a:fd:c7:9a:89:34:38:
         a0:c7:28:e2:02:f1:ae:c0:b3:33:0a:44:e6:33:bb:c3:a9:a5:
         ba:a6:0e:ad:8e:21:a9:ca:8d:c0:c1:a4:96:63:9f:47:5c:5c:
         43:40:26:1f:31:04:85:98:a6:51:4a:6d:b6:4f:90:97:17:01:
         be:9a:32:26:6a:53:30:83:97:f0:f3:98:75:32:62:39:96:7c:
         67:9a:57:83:79:78:54:05:c3:ce:7a:c5:67:8a:09:44:22:a3:
         63:ab:5c:1a:e4:55:43:b4:12:9d:6c:eb:07:59:44:08:52:30:
         55:93:1e:73:da:a4:be:c5:dd:51:12:c7:df:91:68:35:fa:04:
         0b:bc:fe:6c:72:7e:b4:0c:59:a0:33:d1:bf:fa:6c:f8:b4:c7:
         73:96:2f:5a:2c:aa:10:4a:a4:06:7a:91:bf:64:f8:97:90:bb:
         9c:31:f5:0c:18:1f:f6:74:8f:4c:94:3b:0c:9f:fb:74:9f:cc:
         1f:1d:ce:4c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAuEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTc1RjExMTAvBgNVBAUTKDUyNUVBMjZCNkE2MTdFNUFBRkMwNTQyM0NDRTU4OERF
MTlFQzU4NDcwHhcNMjUwNzIxMDEzNzM3WhcNMjUwNzI4MDEzNzM3WjAYMRYwFAYD
VQQDEw02ODdkOTllMS01YjdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqFjxSavFJNfr4NK4DNUf5vbFNbbS/p1YBuj6xhn+Y0nd5eorfmi6sh/Z9xUF
Dy7VuGn5f6bxy9HVPCQcLy4r++y+MSFiZLhhsrIo45iBZR3MNCU5WpLsTWMAZvzN
+bTw7ZFii6jCEYi7sVNBqDorKySzXrw1aJPSewPDowEy/U5bcmaAw9EZHj2Txeue
WfTTTQFmkS+SSEpwCM/l6PrTdS8TDPgV4cLoVbI7B56PoYl/9lfx1OCWM9NCMgI0
nbSM/V4mDcY93ZcFcpioKTqCmv06jQ+OdRBI5L8N6WDAPQ2+K0meUsZ+/0g7vlQ9
ZHAjRbk9AIcX80FA1KbaF2kt3QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFN8nUbfD
zqvl/6L/QUJRBxozSBwtMB8GA1UdIwQYMBaAFFJeomtqYX5ar8BUI8zliN4Z7FhH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NzVGMS9DQjY2MzMwQUVF
MkMxMUVDOTU2QjJDNEZDNEY5QUUwMi9VbDZpYTJwaGZscXZ3RlFqek9XSTNobnNX
RWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VsNmlhMnBoZmxxdndGUWp6T1dJM2huc1dFYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
NzVGMS9DQjY2MzMwQUVFMkMxMUVDOTU2QjJDNEZDNEY5QUUwMi9VbDZpYTJwaGZs
cXZ3RlFqek9XSTNobnNXRWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAkHyCpz1ti6ir/XfwWFtJnaVDEwkCN/4Gmeq2SFpLNpRjZn37cgdHj
0H7OhzSLV/UD+fEsAJXYw9EhFron+tfJ+Yr9x5qJNDigxyjiAvGuwLMzCkTmM7vD
qaW6pg6tjiGpyo3AwaSWY59HXFxDQCYfMQSFmKZRSm22T5CXFwG+mjImalMwg5fw
85h1MmI5lnxnmleDeXhUBcPOesVniglEIqNjq1wa5FVDtBKdbOsHWUQIUjBVkx5z
2qS+xd1REsffkWg1+gQLvP5scn60DFmgM9G/+mz4tMdzli9aLKoQSqQGepG/ZPiX
kLucMfUMGB/2dI9MlDsMn/t0n8wfHc5M
-----END CERTIFICATE-----
Generated at Tue Jul 22 05:10:17 2025 by rpki-client