Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91998BE/150E57C6CF4911EA9CC9353EC4F9AE02/0NDWzWh3DDh4O764QbES0FYBdKI.mft
File:                     0NDWzWh3DDh4O764QbES0FYBdKI.mft (raw, json)
Hash identifier:          9hHTrVsMNLAjMCxTUnw59YQhGexwEvgS6LmcmnZYnKs=
Subject key identifier:   21:20:9B:20:AB:D2:19:71:A7:25:EB:2C:63:72:52:71:91:AF:53:3E
Authority key identifier: D0:D0:D6:CD:68:77:0C:38:78:3B:BE:B8:41:B1:12:D0:56:01:74:A2
Certificate issuer:       /CN=A91998BE/serialNumber=D0D0D6CD68770C38783BBEB841B112D0560174A2
Certificate serial:       08A4
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0NDWzWh3DDh4O764QbES0FYBdKI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91998BE/150E57C6CF4911EA9CC9353EC4F9AE02/0NDWzWh3DDh4O764QbES0FYBdKI.mft
Manifest number:          0872
Signing time:             Tue 22 Jul 2025 20:56:49 +0000
Manifest this update:     Tue 22 Jul 2025 20:56:49 +0000
Manifest next update:     Tue 29 Jul 2025 20:56:49 +0000
Files and hashes:         1: 0NDWzWh3DDh4O764QbES0FYBdKI.crl (hash: zrTqmQPy2e9Jzb21X22vW/naQoSoWVFBlulz9uBNvCQ=)
                          2: 577FD5BE067C11ED882FC127C4F9AE02.roa (hash: FZgwTWzQksQtmk/Nfe/JqxwRHSDF1+BlazvC8MqkPtA=)
                          3: 4EF79184489411ED86987260C4F9AE02.roa (hash: a8Efs0GAW5Tg39h9an5o87GfSDA70jqZExOy2QFYQOc=)
                          4: 12FD08CAC88411ECAAB5BD09C4F9AE02.roa (hash: Rk9fezvR7MLf0U22xpSZ4jUyV+Jwv2bIeNDcvnRfGXA=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91998BE/150E57C6CF4911EA9CC9353EC4F9AE02/0NDWzWh3DDh4O764QbES0FYBdKI.crl
                          rsync://rpki.apnic.net/member_repository/A91998BE/150E57C6CF4911EA9CC9353EC4F9AE02/0NDWzWh3DDh4O764QbES0FYBdKI.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0NDWzWh3DDh4O764QbES0FYBdKI.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 29 Jul 2025 20:56:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2212 (0x8a4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91998BE, serialNumber=D0D0D6CD68770C38783BBEB841B112D0560174A2
        Validity
            Not Before: Jul 22 20:56:49 2025 GMT
            Not After : Jul 29 20:56:49 2025 GMT
        Subject: CN=687ffb11-be37
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:cb:b7:19:d5:9c:fe:a1:ac:8c:b8:7b:9e:da:
                    b9:2e:a5:3f:5e:fc:59:cd:f3:70:3c:cc:ce:a7:7e:
                    1a:5c:91:5c:8d:4a:79:62:ee:b7:90:a2:d2:96:2c:
                    97:c1:d8:0c:cb:6f:16:97:8e:a2:b5:a9:39:fa:11:
                    bf:1d:a8:5e:f3:54:97:52:60:9e:63:6d:79:df:51:
                    92:4e:8a:6c:5a:33:a0:3a:67:26:78:39:fb:11:1c:
                    8f:8f:4c:45:e8:c9:12:bb:0e:57:5b:f7:41:97:ef:
                    b5:9d:ed:82:38:26:d9:71:a6:a3:1a:25:38:1b:0f:
                    40:42:a8:a0:fa:7e:d1:bc:15:e3:ad:7f:11:65:6c:
                    3a:59:58:e5:3e:b7:5f:df:99:9e:29:dd:cd:61:6d:
                    11:8d:44:ed:dd:e7:64:6d:10:ec:3c:0d:0f:7f:1f:
                    2e:c1:f7:99:35:9f:23:59:af:f0:ac:0b:47:bc:22:
                    54:f8:02:df:f0:b5:55:aa:3a:e6:83:19:79:18:f6:
                    18:4b:9c:2f:de:c3:9c:9c:d7:64:2b:c3:b1:db:46:
                    80:80:41:1d:52:78:7c:7c:68:70:f6:8a:be:0a:72:
                    c5:f6:b2:d7:74:9b:d6:27:4a:e4:39:98:a0:c2:81:
                    14:13:66:c7:37:88:4d:d3:1d:79:ba:7e:dd:94:88:
                    2c:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:20:9B:20:AB:D2:19:71:A7:25:EB:2C:63:72:52:71:91:AF:53:3E
            X509v3 Authority Key Identifier:
                keyid:D0:D0:D6:CD:68:77:0C:38:78:3B:BE:B8:41:B1:12:D0:56:01:74:A2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91998BE/150E57C6CF4911EA9CC9353EC4F9AE02/0NDWzWh3DDh4O764QbES0FYBdKI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0NDWzWh3DDh4O764QbES0FYBdKI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91998BE/150E57C6CF4911EA9CC9353EC4F9AE02/0NDWzWh3DDh4O764QbES0FYBdKI.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         c4:96:25:20:a9:ae:65:da:c9:c0:03:0a:c9:7e:e5:9a:06:a8:
         84:0a:ee:28:00:ab:01:7a:50:12:27:5e:d2:b3:ab:8b:d2:63:
         c5:b9:a1:3c:f3:c6:72:aa:b6:04:21:44:ec:51:8a:c1:00:27:
         ac:22:e0:70:b5:ff:45:42:7e:e4:09:d1:cb:f1:41:55:11:c5:
         9f:0f:92:b8:61:24:d4:3f:e0:12:09:86:1c:1e:42:2d:d4:4c:
         21:55:94:45:4f:ee:50:c1:6e:85:27:ca:ed:28:88:c9:11:d2:
         c9:da:3f:28:57:9a:84:ad:c4:6a:9f:29:03:2a:29:1d:b6:89:
         c2:55:d0:41:1c:59:b5:3c:ac:73:61:82:c7:e8:37:e7:37:0d:
         7a:5f:63:07:5a:f4:9b:c7:9a:81:f9:28:be:9c:9b:af:49:ac:
         b1:78:3a:26:45:9b:4c:5b:78:08:5a:3d:bc:80:12:f2:9e:82:
         b1:ab:78:70:6a:db:37:30:c7:f5:48:5d:93:b6:55:af:75:d2:
         a8:2c:27:88:28:91:49:19:53:25:f6:2f:2e:63:20:41:79:4f:
         63:6d:e1:db:3e:f0:7c:58:4a:f2:b0:ca:39:e2:0e:bd:ae:df:
         4d:62:76:a0:67:14:50:ce:99:4a:26:46:d1:54:5f:4a:d0:d1:
         7f:69:dd:98
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCKQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTk4QkUxMTAvBgNVBAUTKEQwRDBENkNENjg3NzBDMzg3ODNCQkVCODQxQjExMkQw
NTYwMTc0QTIwHhcNMjUwNzIyMjA1NjQ5WhcNMjUwNzI5MjA1NjQ5WjAYMRYwFAYD
VQQDEw02ODdmZmIxMS1iZTM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxcu3GdWc/qGsjLh7ntq5LqU/XvxZzfNwPMzOp34aXJFcjUp5Yu63kKLSliyX
wdgMy28Wl46itak5+hG/Hahe81SXUmCeY21531GSTopsWjOgOmcmeDn7ERyPj0xF
6MkSuw5XW/dBl++1ne2COCbZcaajGiU4Gw9AQqig+n7RvBXjrX8RZWw6WVjlPrdf
35meKd3NYW0RjUTt3edkbRDsPA0Pfx8uwfeZNZ8jWa/wrAtHvCJU+ALf8LVVqjrm
gxl5GPYYS5wv3sOcnNdkK8Ox20aAgEEdUnh8fGhw9oq+CnLF9rLXdJvWJ0rkOZig
woEUE2bHN4hN0x15un7dlIgsZQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCEgmyCr
0hlxpyXrLGNyUnGRr1M+MB8GA1UdIwQYMBaAFNDQ1s1odww4eDu+uEGxEtBWAXSi
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5OThCRS8xNTBFNTdDNkNG
NDkxMUVBOUNDOTM1M0VDNEY5QUUwMi8wTkRXeldoM0REaDRPNzY0UWJFUzBGWUJk
S0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzBORFd6V2gzRERoNE83NjRRYkVTMEZZQmRLSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
OThCRS8xNTBFNTdDNkNGNDkxMUVBOUNDOTM1M0VDNEY5QUUwMi8wTkRXeldoM0RE
aDRPNzY0UWJFUzBGWUJkS0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQDEliUgqa5l2snAAwrJfuWaBqiECu4oAKsBelASJ17Ss6uL0mPFuaE8
88ZyqrYEIUTsUYrBACesIuBwtf9FQn7kCdHL8UFVEcWfD5K4YSTUP+ASCYYcHkIt
1EwhVZRFT+5QwW6FJ8rtKIjJEdLJ2j8oV5qErcRqnykDKikdtonCVdBBHFm1PKxz
YYLH6DfnNw16X2MHWvSbx5qB+Si+nJuvSayxeDomRZtMW3gIWj28gBLynoKxq3hw
ats3MMf1SF2TtlWvddKoLCeIKJFJGVMl9i8uYyBBeU9jbeHbPvB8WErysMo54g69
rt9NYnagZxRQzplKJkbRVF9K0NF/ad2Y
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:19:20 2025 by rpki-client