Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A919FE97/D218302E7D4711EB93121F58C4F9AE02/-QbZf3qofIbamQOdI27NtR0jH3o.mft
File:                     -QbZf3qofIbamQOdI27NtR0jH3o.mft (raw, json)
Hash identifier:          T8lYN7I3oCA+pV/HQ4Plt0uDQGjAX5LxRl3ESvo2LIQ=
Subject key identifier:   C2:5E:EE:80:FE:37:3B:DE:28:AA:F4:81:65:45:41:73:5F:CB:D3:08
Authority key identifier: F9:06:D9:7F:7A:A8:7C:86:DA:99:03:9D:23:6E:CD:B5:1D:23:1F:7A
Certificate issuer:       /CN=A919FE97/serialNumber=F906D97F7AA87C86DA99039D236ECDB51D231F7A
Certificate serial:       0691
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-QbZf3qofIbamQOdI27NtR0jH3o.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A919FE97/D218302E7D4711EB93121F58C4F9AE02/-QbZf3qofIbamQOdI27NtR0jH3o.mft
Manifest number:          0688
Signing time:             Tue 22 Jul 2025 22:36:43 +0000
Manifest this update:     Tue 22 Jul 2025 22:36:42 +0000
Manifest next update:     Tue 29 Jul 2025 22:36:42 +0000
Files and hashes:         1: -QbZf3qofIbamQOdI27NtR0jH3o.crl (hash: J1sD6jVB/YKfTeavQN0CKrSqT0IvFq5uGxkapwKh8q8=)
                          2: 06EFF1D07D4B11EBA736017DC4F9AE02.roa (hash: ACBayas3sWm8LRkAgsG4BLCCWR0NJPgThMvDEl+trzE=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A919FE97/D218302E7D4711EB93121F58C4F9AE02/-QbZf3qofIbamQOdI27NtR0jH3o.crl
                          rsync://rpki.apnic.net/member_repository/A919FE97/D218302E7D4711EB93121F58C4F9AE02/-QbZf3qofIbamQOdI27NtR0jH3o.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-QbZf3qofIbamQOdI27NtR0jH3o.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 29 Jul 2025 22:36:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1681 (0x691)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A919FE97, serialNumber=F906D97F7AA87C86DA99039D236ECDB51D231F7A
        Validity
            Not Before: Jul 22 22:36:42 2025 GMT
            Not After : Jul 29 22:36:42 2025 GMT
        Subject: CN=6880127a-0e2f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:73:3b:5f:be:10:59:d4:9a:0b:dd:7f:37:9f:
                    79:c5:f9:2d:93:46:34:e6:7f:38:e5:62:85:b5:44:
                    ee:87:d5:f4:8b:b2:e2:5d:34:8e:b7:39:4a:3f:9c:
                    c4:d1:eb:c0:9f:37:99:6f:11:68:e8:c7:51:0c:05:
                    d0:9e:57:9f:aa:dd:98:ca:d3:5b:47:6e:06:14:1f:
                    0c:a7:2f:e6:c0:f6:fb:c3:4d:aa:ea:bc:14:d8:e3:
                    a5:16:2b:26:65:d2:28:f5:50:b3:35:af:35:47:90:
                    59:46:b5:17:2b:8d:f6:58:21:33:b5:4d:f5:86:67:
                    e8:2e:01:f0:36:cf:a5:6e:49:d0:6d:9a:aa:03:85:
                    e1:2c:a3:0b:09:bc:3a:91:b2:d1:21:30:56:06:08:
                    e1:6f:ea:96:f5:3c:19:4b:da:d4:a4:3c:64:95:3e:
                    98:c0:22:bf:2b:bb:0c:d8:b7:da:45:ac:65:dd:6b:
                    0b:29:99:d1:ef:83:35:80:12:a2:9f:08:30:d9:85:
                    20:af:ed:f4:0d:a5:c2:5e:ca:c2:cd:4e:67:a0:cb:
                    43:ff:02:d9:8f:3a:d0:82:9d:8d:38:b9:fc:18:cb:
                    ce:f5:ad:ec:63:95:dc:ab:f5:ef:16:b2:98:cd:ab:
                    cb:63:2b:af:db:0b:5c:ee:2b:73:6c:94:aa:f7:ff:
                    33:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:5E:EE:80:FE:37:3B:DE:28:AA:F4:81:65:45:41:73:5F:CB:D3:08
            X509v3 Authority Key Identifier:
                keyid:F9:06:D9:7F:7A:A8:7C:86:DA:99:03:9D:23:6E:CD:B5:1D:23:1F:7A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A919FE97/D218302E7D4711EB93121F58C4F9AE02/-QbZf3qofIbamQOdI27NtR0jH3o.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-QbZf3qofIbamQOdI27NtR0jH3o.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919FE97/D218302E7D4711EB93121F58C4F9AE02/-QbZf3qofIbamQOdI27NtR0jH3o.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:07:9a:2c:83:34:0f:25:0c:52:63:ce:7b:1c:61:77:cd:e2:
         56:2e:c7:ad:42:c2:ca:8a:3e:f0:41:ff:7b:73:6f:b4:2d:84:
         5d:4a:7d:23:09:41:17:82:3b:f2:8d:8e:48:1e:4d:b3:d2:b6:
         70:dd:05:db:67:a3:4b:1e:38:2d:ba:49:4e:26:f4:f8:57:e7:
         97:dd:2b:de:ac:26:d3:73:08:c8:57:08:39:75:d0:ce:f0:a7:
         36:36:e6:56:b9:c3:d7:48:3a:7b:52:30:5a:d2:50:aa:0b:3a:
         a2:1b:5b:84:b4:5e:29:51:c4:70:22:3e:6d:34:40:eb:7e:3a:
         98:8d:d2:5c:68:0c:fa:6a:c5:6e:5d:10:de:40:4d:60:ef:5b:
         48:62:4a:19:57:22:9f:5b:a5:3f:71:7e:74:76:fd:0d:ca:8a:
         ae:05:21:61:d0:66:ea:48:a1:70:e7:01:c8:81:66:71:12:82:
         72:a8:a0:f6:42:28:9f:89:f3:29:78:9a:2e:c7:be:8c:20:d5:
         e4:13:c9:c6:c6:3f:ad:1f:f0:41:19:3a:e2:b0:43:a2:3e:12:
         64:61:10:7a:65:d8:f8:82:4e:33:19:91:c2:a0:91:2f:20:9f:
         c9:83:ac:3b:de:d7:e3:44:63:8c:c9:db:67:c4:31:dc:db:df:
         9f:92:a2:a4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICBpEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUZFOTcxMTAvBgNVBAUTKEY5MDZEOTdGN0FBODdDODZEQTk5MDM5RDIzNkVDREI1
MUQyMzFGN0EwHhcNMjUwNzIyMjIzNjQyWhcNMjUwNzI5MjIzNjQyWjAYMRYwFAYD
VQQDEw02ODgwMTI3YS0wZTJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA43M7X74QWdSaC91/N595xfktk0Y05n845WKFtUTuh9X0i7LiXTSOtzlKP5zE
0evAnzeZbxFo6MdRDAXQnlefqt2YytNbR24GFB8Mpy/mwPb7w02q6rwU2OOlFism
ZdIo9VCzNa81R5BZRrUXK432WCEztU31hmfoLgHwNs+lbknQbZqqA4XhLKMLCbw6
kbLRITBWBgjhb+qW9TwZS9rUpDxklT6YwCK/K7sM2LfaRaxl3WsLKZnR74M1gBKi
nwgw2YUgr+30DaXCXsrCzU5noMtD/wLZjzrQgp2NOLn8GMvO9a3sY5Xcq/XvFrKY
zavLYyuv2wtc7itzbJSq9/8zfQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMJe7oD+
NzveKKr0gWVFQXNfy9MIMB8GA1UdIwQYMBaAFPkG2X96qHyG2pkDnSNuzbUdIx96
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RkU5Ny9EMjE4MzAyRTdE
NDcxMUVCOTMxMjFGNThDNEY5QUUwMi8tUWJaZjNxb2ZJYmFtUU9kSTI3TnRSMGpI
M28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLy1RYlpmM3FvZkliYW1RT2RJMjdOdFIwakgzby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
RkU5Ny9EMjE4MzAyRTdENDcxMUVCOTMxMjFGNThDNEY5QUUwMi8tUWJaZjNxb2ZJ
YmFtUU9kSTI3TnRSMGpIM28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQB4B5osgzQPJQxSY857HGF3zeJWLsetQsLKij7wQf97c2+0LYRdSn0j
CUEXgjvyjY5IHk2z0rZw3QXbZ6NLHjgtuklOJvT4V+eX3SverCbTcwjIVwg5ddDO
8Kc2NuZWucPXSDp7UjBa0lCqCzqiG1uEtF4pUcRwIj5tNEDrfjqYjdJcaAz6asVu
XRDeQE1g71tIYkoZVyKfW6U/cX50dv0NyoquBSFh0GbqSKFw5wHIgWZxEoJyqKD2
QiififMpeJoux76MINXkE8nGxj+tH/BBGTrisEOiPhJkYRB6Zdj4gk4zGZHCoJEv
IJ/Jg6w73tfjRGOMydtnxDHc29+fkqKk
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:26:26 2025 by rpki-client