Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A919A285/DD6289AAC57511EAA5581C40C4F9AE02/ejHVc5eYsGSmAHEzqj5bnNDu1F8.mft
File:                     ejHVc5eYsGSmAHEzqj5bnNDu1F8.mft (raw, json)
Hash identifier:          zIVi9bKeKd52tOCad2UPP/4Bq3MJDVY1tnvEL1nrgH0=
Subject key identifier:   2E:CD:F4:10:C1:31:1B:A2:A5:F4:4D:B6:2A:89:D8:5A:82:93:68:5D
Authority key identifier: 7A:31:D5:73:97:98:B0:64:A6:00:71:33:AA:3E:5B:9C:D0:EE:D4:5F
Certificate issuer:       /CN=A919A285/serialNumber=7A31D5739798B064A6007133AA3E5B9CD0EED45F
Certificate serial:       0887
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ejHVc5eYsGSmAHEzqj5bnNDu1F8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A919A285/DD6289AAC57511EAA5581C40C4F9AE02/ejHVc5eYsGSmAHEzqj5bnNDu1F8.mft
Manifest number:          0880
Signing time:             Sun 20 Jul 2025 20:44:15 +0000
Manifest this update:     Sun 20 Jul 2025 20:44:14 +0000
Manifest next update:     Sun 27 Jul 2025 20:44:14 +0000
Files and hashes:         1: ejHVc5eYsGSmAHEzqj5bnNDu1F8.crl (hash: HExuQi0AlrV55cM6ewdScY0hHizCt0lWN1OTM4a42/g=)
                          2: 1DCABC72C57811EA950A8643C4F9AE02.roa (hash: 3y+P8Wjw2NbNvaqBtjPXBVu0eGWr6eeBTOCTDHgw4uI=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A919A285/DD6289AAC57511EAA5581C40C4F9AE02/ejHVc5eYsGSmAHEzqj5bnNDu1F8.crl
                          rsync://rpki.apnic.net/member_repository/A919A285/DD6289AAC57511EAA5581C40C4F9AE02/ejHVc5eYsGSmAHEzqj5bnNDu1F8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ejHVc5eYsGSmAHEzqj5bnNDu1F8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 27 Jul 2025 20:44:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2183 (0x887)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A919A285, serialNumber=7A31D5739798B064A6007133AA3E5B9CD0EED45F
        Validity
            Not Before: Jul 20 20:44:14 2025 GMT
            Not After : Jul 27 20:44:14 2025 GMT
        Subject: CN=687d551f-7be9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:b5:87:c1:f1:71:9b:5b:ee:0f:32:7b:b6:d4:
                    3b:ae:a3:69:f0:7d:84:5c:66:2b:c8:50:a6:ab:e6:
                    05:7c:7a:fa:9a:9e:39:42:8e:6e:d7:ef:43:25:34:
                    50:74:a5:47:ce:1b:bc:8d:ee:22:7f:d5:f9:68:82:
                    36:3c:1e:00:73:6c:47:24:4b:ab:c8:e1:d4:83:ed:
                    e2:aa:b7:1d:6a:7d:18:a2:cd:35:b3:d4:e9:54:4f:
                    62:f1:22:db:d0:93:b2:15:d5:1c:71:bd:e9:7e:21:
                    a4:29:74:95:71:57:b8:ed:e0:aa:0b:ad:64:4a:7f:
                    5c:55:89:44:d6:b8:e8:c5:31:1c:c2:58:bc:07:66:
                    1e:8a:96:42:c3:e8:f5:a9:87:11:57:28:f4:26:b0:
                    28:96:a2:ea:6e:a6:00:3c:f6:4a:f4:6a:5f:c7:00:
                    be:da:8b:53:0b:58:9c:15:e5:2f:b6:ed:9e:c4:8d:
                    9d:be:17:07:8e:44:75:8a:eb:4a:08:c9:fc:9f:4d:
                    ad:02:9b:3a:40:73:bd:53:ae:11:31:c2:7d:6b:1a:
                    f8:cd:3b:d5:91:ef:3a:f3:a9:cf:c6:31:db:a4:f6:
                    a9:02:f4:59:ee:7e:43:2e:8a:6e:ea:12:75:b0:18:
                    98:fb:ff:b6:78:c9:14:79:a2:a2:01:97:30:2c:ac:
                    78:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:CD:F4:10:C1:31:1B:A2:A5:F4:4D:B6:2A:89:D8:5A:82:93:68:5D
            X509v3 Authority Key Identifier:
                keyid:7A:31:D5:73:97:98:B0:64:A6:00:71:33:AA:3E:5B:9C:D0:EE:D4:5F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A919A285/DD6289AAC57511EAA5581C40C4F9AE02/ejHVc5eYsGSmAHEzqj5bnNDu1F8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ejHVc5eYsGSmAHEzqj5bnNDu1F8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919A285/DD6289AAC57511EAA5581C40C4F9AE02/ejHVc5eYsGSmAHEzqj5bnNDu1F8.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:f1:a8:63:1f:3d:ee:5a:59:36:36:03:27:3b:65:8d:69:2d:
         16:40:bd:96:8f:24:90:36:11:72:17:f0:23:ca:25:7f:f2:ed:
         e2:93:8c:62:d0:0b:44:0e:ef:48:b4:d0:0b:bf:b4:ca:dd:1f:
         fc:2a:30:63:5b:df:8a:6a:2e:22:8c:a1:94:3b:b2:68:bf:c0:
         8c:85:10:d4:a5:b9:2a:1e:dd:e6:a5:86:b7:66:e9:6a:ce:e0:
         c2:67:07:b7:77:f0:68:92:48:5e:cb:3e:96:97:15:fc:26:c4:
         56:e3:9d:77:56:70:58:9b:a1:75:cc:fc:f5:dc:87:c8:4b:60:
         86:7b:0e:82:d3:1f:68:eb:eb:99:80:39:48:04:12:45:b8:f8:
         25:20:2d:a9:f6:ff:a9:1a:ca:4a:f0:05:94:ba:77:46:49:eb:
         80:c3:c8:9b:b7:c1:68:1b:87:c5:90:ab:6c:55:c5:4f:e7:a2:
         40:fa:86:18:75:f9:26:fb:8e:9a:14:38:f0:cf:76:00:a5:77:
         97:02:47:37:25:a1:b4:59:0c:59:34:b0:c6:10:35:9e:17:1e:
         62:e8:2c:c0:80:f5:09:3f:51:c9:0b:9e:d6:28:fc:0d:46:7a:
         61:cf:85:d8:7f:c4:10:cd:36:fd:08:ee:ee:9e:69:98:cb:be:
         06:57:56:af
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCIcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUEyODUxMTAvBgNVBAUTKDdBMzFENTczOTc5OEIwNjRBNjAwNzEzM0FBM0U1QjlD
RDBFRUQ0NUYwHhcNMjUwNzIwMjA0NDE0WhcNMjUwNzI3MjA0NDE0WjAYMRYwFAYD
VQQDEw02ODdkNTUxZi03YmU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvrWHwfFxm1vuDzJ7ttQ7rqNp8H2EXGYryFCmq+YFfHr6mp45Qo5u1+9DJTRQ
dKVHzhu8je4if9X5aII2PB4Ac2xHJEuryOHUg+3iqrcdan0Yos01s9TpVE9i8SLb
0JOyFdUccb3pfiGkKXSVcVe47eCqC61kSn9cVYlE1rjoxTEcwli8B2YeipZCw+j1
qYcRVyj0JrAolqLqbqYAPPZK9GpfxwC+2otTC1icFeUvtu2exI2dvhcHjkR1iutK
CMn8n02tAps6QHO9U64RMcJ9axr4zTvVke8686nPxjHbpPapAvRZ7n5DLopu6hJ1
sBiY+/+2eMkUeaKiAZcwLKx43wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFC7N9BDB
MRuipfRNtiqJ2FqCk2hdMB8GA1UdIwQYMBaAFHox1XOXmLBkpgBxM6o+W5zQ7tRf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QTI4NS9ERDYyODlBQUM1
NzUxMUVBQTU1ODFDNDBDNEY5QUUwMi9lakhWYzVlWXNHU21BSEV6cWo1Ym5ORHUx
RjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VqSFZjNWVZc0dTbUFIRXpxajVibk5EdTFGOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
QTI4NS9ERDYyODlBQUM1NzUxMUVBQTU1ODFDNDBDNEY5QUUwMi9lakhWYzVlWXNH
U21BSEV6cWo1Ym5ORHUxRjgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBl8ahjHz3uWlk2NgMnO2WNaS0WQL2WjySQNhFyF/AjyiV/8u3ik4xi
0AtEDu9ItNALv7TK3R/8KjBjW9+Kai4ijKGUO7Jov8CMhRDUpbkqHt3mpYa3Zulq
zuDCZwe3d/Bokkheyz6WlxX8JsRW4513VnBYm6F1zPz13IfIS2CGew6C0x9o6+uZ
gDlIBBJFuPglIC2p9v+pGspK8AWUundGSeuAw8ibt8FoG4fFkKtsVcVP56JA+oYY
dfkm+46aFDjwz3YApXeXAkc3JaG0WQxZNLDGEDWeFx5i6CzAgPUJP1HJC57WKPwN
Rnphz4XYf8QQzTb9CO7unmmYy74GV1av
-----END CERTIFICATE-----
Generated at Tue Jul 22 12:32:04 2025 by rpki-client