Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9198F53/CD06217640F411EAAE778261C4F9AE02/_wsVRthMDZNVkFtsopPiW0QJSMU.mft
File:                     _wsVRthMDZNVkFtsopPiW0QJSMU.mft (raw, json)
Hash identifier:          HfBrh6WwYc1Ab4Q/lHfzfn3nUse5uGDWLVzi1pBzMWo=
Subject key identifier:   44:A6:42:05:9D:AB:C4:AB:53:E8:D3:AC:DC:C6:C9:2A:98:9D:84:6B
Authority key identifier: FF:0B:15:46:D8:4C:0D:93:55:90:5B:6C:A2:93:E2:5B:44:09:48:C5
Certificate issuer:       /CN=A9198F53/serialNumber=FF0B1546D84C0D9355905B6CA293E25B440948C5
Certificate serial:       0B31
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_wsVRthMDZNVkFtsopPiW0QJSMU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9198F53/CD06217640F411EAAE778261C4F9AE02/_wsVRthMDZNVkFtsopPiW0QJSMU.mft
Manifest number:          0B2A
Signing time:             Tue 22 Jul 2025 19:27:20 +0000
Manifest this update:     Tue 22 Jul 2025 19:27:19 +0000
Manifest next update:     Tue 29 Jul 2025 19:27:19 +0000
Files and hashes:         1: _wsVRthMDZNVkFtsopPiW0QJSMU.crl (hash: U6qCyQVYzZ+eG+3AejjgaAS4Y9RRgwGvH7JyptrX/+g=)
                          2: 0B1FBD4A40F611EAACD44866C4F9AE02.roa (hash: O+1TVwNVO9fy4asd+g6mFvUYSSGMZxyCsanhKoUd1UE=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9198F53/CD06217640F411EAAE778261C4F9AE02/_wsVRthMDZNVkFtsopPiW0QJSMU.crl
                          rsync://rpki.apnic.net/member_repository/A9198F53/CD06217640F411EAAE778261C4F9AE02/_wsVRthMDZNVkFtsopPiW0QJSMU.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_wsVRthMDZNVkFtsopPiW0QJSMU.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 29 Jul 2025 19:27:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2865 (0xb31)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9198F53, serialNumber=FF0B1546D84C0D9355905B6CA293E25B440948C5
        Validity
            Not Before: Jul 22 19:27:19 2025 GMT
            Not After : Jul 29 19:27:19 2025 GMT
        Subject: CN=687fe618-c41b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:45:e3:3e:c5:ab:2e:20:4d:e4:c8:fb:0d:16:
                    b5:cb:67:85:0b:32:6d:8c:91:11:cb:46:78:d8:81:
                    0f:d2:f0:84:11:7b:49:53:85:ac:cd:b7:b1:19:b3:
                    07:28:e8:e5:4d:ac:44:27:1c:52:1f:c1:87:cc:9c:
                    f3:ac:6b:ea:1c:b4:da:f3:1e:a6:39:dc:f5:fa:84:
                    28:98:c7:db:0a:78:ba:f9:b2:fc:e1:58:80:9c:3c:
                    8f:71:3f:71:d5:11:fd:ae:71:2a:d7:89:dd:e9:3d:
                    44:b7:4b:ba:f1:c1:86:86:77:b7:df:eb:f1:7c:a2:
                    d3:cf:b7:5d:e8:42:ff:69:27:76:f1:05:df:28:8a:
                    21:44:27:19:c7:a3:64:4b:b3:66:41:c8:e3:26:02:
                    64:67:52:c8:e9:ff:f9:01:f5:2f:82:33:1f:0a:d8:
                    c4:f2:9d:69:a3:9c:38:b2:5e:54:f1:18:5c:f1:3f:
                    84:8a:59:0b:33:a6:90:b9:4b:30:36:c5:ff:e3:ca:
                    0e:0a:ba:44:74:a5:ae:37:84:cd:41:35:ea:f3:37:
                    94:9d:9d:43:a7:61:98:a1:2f:b7:9b:f2:fb:de:9a:
                    9a:ac:95:d3:1f:6b:70:22:ca:f1:04:12:4c:9d:33:
                    8e:b8:a5:4e:65:59:05:58:a2:e1:e3:eb:ba:d2:f0:
                    86:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:A6:42:05:9D:AB:C4:AB:53:E8:D3:AC:DC:C6:C9:2A:98:9D:84:6B
            X509v3 Authority Key Identifier:
                keyid:FF:0B:15:46:D8:4C:0D:93:55:90:5B:6C:A2:93:E2:5B:44:09:48:C5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9198F53/CD06217640F411EAAE778261C4F9AE02/_wsVRthMDZNVkFtsopPiW0QJSMU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_wsVRthMDZNVkFtsopPiW0QJSMU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9198F53/CD06217640F411EAAE778261C4F9AE02/_wsVRthMDZNVkFtsopPiW0QJSMU.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:54:28:4c:70:de:66:64:c2:1a:01:18:bf:8d:96:e4:ca:aa:
         90:78:cc:27:38:be:a4:a8:a3:11:2e:f3:8b:c2:d9:57:55:f7:
         5e:14:84:59:9b:f9:d8:ee:43:cf:3c:4c:cd:2a:15:bd:d4:a2:
         0c:a6:f2:97:83:8c:2a:d5:d9:ec:fd:97:db:6a:0b:3c:d8:19:
         69:b6:cf:c1:b6:e9:bd:d2:d6:8d:b7:e9:81:4d:66:07:ce:92:
         bc:37:b6:50:19:c8:7c:b8:a2:76:a1:b6:d1:ce:5c:ce:ee:b2:
         94:05:c4:c6:da:5b:9f:2e:fb:76:f7:0d:6c:e0:7b:ad:a4:82:
         84:4f:05:d9:8f:43:03:5b:62:14:3b:f6:96:8a:11:45:8a:6f:
         2a:b0:63:80:37:eb:10:9b:50:04:d9:a3:60:bd:2c:09:7e:cf:
         69:84:2a:63:a2:9a:8b:3d:3a:a4:9b:4d:6a:88:e0:c5:50:1f:
         a3:0b:90:93:02:d1:2b:c9:fe:bf:ce:0c:a7:da:57:52:bb:f4:
         a8:9a:86:d1:77:51:d4:8c:78:c8:c0:1a:87:c5:0f:30:d8:26:
         f4:2a:81:f8:e2:fa:a9:81:5f:73:08:db:e5:54:c8:56:c5:d7:
         ba:93:6c:16:1f:39:63:14:87:d7:05:f6:fe:75:2f:b8:b6:d3:
         eb:15:62:a9
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCzEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OThGNTMxMTAvBgNVBAUTKEZGMEIxNTQ2RDg0QzBEOTM1NTkwNUI2Q0EyOTNFMjVC
NDQwOTQ4QzUwHhcNMjUwNzIyMTkyNzE5WhcNMjUwNzI5MTkyNzE5WjAYMRYwFAYD
VQQDEw02ODdmZTYxOC1jNDFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw0XjPsWrLiBN5Mj7DRa1y2eFCzJtjJERy0Z42IEP0vCEEXtJU4WszbexGbMH
KOjlTaxEJxxSH8GHzJzzrGvqHLTa8x6mOdz1+oQomMfbCni6+bL84ViAnDyPcT9x
1RH9rnEq14nd6T1Et0u68cGGhne33+vxfKLTz7dd6EL/aSd28QXfKIohRCcZx6Nk
S7NmQcjjJgJkZ1LI6f/5AfUvgjMfCtjE8p1po5w4sl5U8Rhc8T+EilkLM6aQuUsw
NsX/48oOCrpEdKWuN4TNQTXq8zeUnZ1Dp2GYoS+3m/L73pqarJXTH2twIsrxBBJM
nTOOuKVOZVkFWKLh4+u60vCGQQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFESmQgWd
q8SrU+jTrNzGySqYnYRrMB8GA1UdIwQYMBaAFP8LFUbYTA2TVZBbbKKT4ltECUjF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5OEY1My9DRDA2MjE3NjQw
RjQxMUVBQUU3NzgyNjFDNEY5QUUwMi9fd3NWUnRoTURaTlZrRnRzb3BQaVcwUUpT
TVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL193c1ZSdGhNRFpOVmtGdHNvcFBpVzBRSlNNVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
OEY1My9DRDA2MjE3NjQwRjQxMUVBQUU3NzgyNjFDNEY5QUUwMi9fd3NWUnRoTURa
TlZrRnRzb3BQaVcwUUpTTVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQByVChMcN5mZMIaARi/jZbkyqqQeMwnOL6kqKMRLvOLwtlXVfdeFIRZ
m/nY7kPPPEzNKhW91KIMpvKXg4wq1dns/Zfbags82Blpts/Btum90taNt+mBTWYH
zpK8N7ZQGch8uKJ2obbRzlzO7rKUBcTG2lufLvt29w1s4HutpIKETwXZj0MDW2IU
O/aWihFFim8qsGOAN+sQm1AE2aNgvSwJfs9phCpjopqLPTqkm01qiODFUB+jC5CT
AtEryf6/zgyn2ldSu/SomobRd1HUjHjIwBqHxQ8w2Cb0KoH44vqpgV9zCNvlVMhW
xde6k2wWHzljFIfXBfb+dS+4ttPrFWKp
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:25:11 2025 by rpki-client