Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91AFB4B/8E162430C76011EC8E7D9629C4F9AE02/o1Vh2kWpVfAtEioNiOjHYjnt-SA.mft
File:                     o1Vh2kWpVfAtEioNiOjHYjnt-SA.mft (raw, json)
Hash identifier:          nDp5E6arcLb03UvBX68xnY3H7dRtMttLIk+9NWgp0F4=
Subject key identifier:   36:0C:52:4A:3D:54:53:0D:59:63:DA:C2:B6:E3:99:56:17:09:A6:8B
Authority key identifier: A3:55:61:DA:45:A9:55:F0:2D:12:2A:0D:88:E8:C7:62:39:ED:F9:20
Certificate issuer:       /CN=A91AFB4B/serialNumber=A35561DA45A955F02D122A0D88E8C76239EDF920
Certificate serial:       0349
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o1Vh2kWpVfAtEioNiOjHYjnt-SA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91AFB4B/8E162430C76011EC8E7D9629C4F9AE02/o1Vh2kWpVfAtEioNiOjHYjnt-SA.mft
Manifest number:          0345
Signing time:             Wed 23 Jul 2025 01:29:59 +0000
Manifest this update:     Wed 23 Jul 2025 01:29:58 +0000
Manifest next update:     Wed 30 Jul 2025 01:29:58 +0000
Files and hashes:         1: o1Vh2kWpVfAtEioNiOjHYjnt-SA.crl (hash: /xRLtY7JJ79lFX0c8rq6YB3T/PoVTJCVjd1/J2inDsY=)
                          2: E2F2A470C76411EC85896F5EC4F9AE02.roa (hash: hSEOk4wSvcqkKWJUmunbhE8NC6T2P49jnE2eWh8/b4M=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91AFB4B/8E162430C76011EC8E7D9629C4F9AE02/o1Vh2kWpVfAtEioNiOjHYjnt-SA.crl
                          rsync://rpki.apnic.net/member_repository/A91AFB4B/8E162430C76011EC8E7D9629C4F9AE02/o1Vh2kWpVfAtEioNiOjHYjnt-SA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o1Vh2kWpVfAtEioNiOjHYjnt-SA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 30 Jul 2025 01:29:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 841 (0x349)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91AFB4B, serialNumber=A35561DA45A955F02D122A0D88E8C76239EDF920
        Validity
            Not Before: Jul 23 01:29:58 2025 GMT
            Not After : Jul 30 01:29:58 2025 GMT
        Subject: CN=68803b17-8c17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:a6:30:e7:23:dc:3b:f1:10:51:49:90:67:61:
                    a1:fe:9c:cc:42:94:de:20:bb:06:b6:c3:cb:8a:46:
                    28:f1:fc:5b:a1:e2:40:a3:ff:a2:c3:61:20:cb:20:
                    3b:b9:35:33:65:4d:e6:a6:9a:26:5d:f8:0f:7f:d6:
                    da:ac:48:da:b0:65:05:66:69:64:28:fd:17:47:48:
                    3f:00:6b:1e:46:e7:90:bc:fb:14:8b:82:59:ce:1e:
                    c3:05:c1:be:bd:03:a0:42:7d:de:24:9e:b7:ad:df:
                    95:bc:7e:ad:b5:a9:de:c5:bb:81:ad:97:7c:40:2e:
                    fe:f3:13:75:2a:44:34:80:d7:e5:4a:c5:9b:23:5f:
                    46:67:68:85:b6:3e:45:e1:1e:60:95:59:bb:15:4a:
                    d1:77:db:20:81:32:4f:c5:27:5f:93:76:e5:88:bb:
                    1f:7c:6b:11:80:00:f0:5d:e3:37:d4:3e:14:23:ea:
                    be:84:63:0d:c2:54:65:44:fc:53:a8:38:cf:66:39:
                    21:18:49:d2:19:16:01:94:f2:c7:f0:c4:68:15:01:
                    bc:91:0e:7a:79:4a:5b:f5:fa:50:93:ef:b5:ac:4c:
                    7b:f0:a8:2c:80:43:26:de:97:28:dc:77:8d:e3:14:
                    89:cf:8b:a2:3f:a7:98:d7:b7:7b:e7:67:5a:35:4f:
                    18:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:0C:52:4A:3D:54:53:0D:59:63:DA:C2:B6:E3:99:56:17:09:A6:8B
            X509v3 Authority Key Identifier:
                keyid:A3:55:61:DA:45:A9:55:F0:2D:12:2A:0D:88:E8:C7:62:39:ED:F9:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91AFB4B/8E162430C76011EC8E7D9629C4F9AE02/o1Vh2kWpVfAtEioNiOjHYjnt-SA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o1Vh2kWpVfAtEioNiOjHYjnt-SA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AFB4B/8E162430C76011EC8E7D9629C4F9AE02/o1Vh2kWpVfAtEioNiOjHYjnt-SA.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:7f:25:54:65:1f:2c:5f:80:79:9b:fe:96:91:01:c2:a5:9c:
         0e:39:94:b9:26:c2:41:24:95:48:03:30:a2:5a:dc:1c:d3:80:
         12:18:c1:ef:de:d9:47:b2:3b:ba:aa:e9:7a:4c:35:42:7d:a3:
         56:24:84:86:64:4b:4c:3c:e7:f9:5d:1b:db:02:70:37:c7:ab:
         9f:6e:c7:b0:25:fa:38:af:1f:62:b5:6c:0a:ba:50:40:c3:40:
         59:96:36:3e:66:45:d8:1d:ff:bd:31:2f:4b:2a:93:e6:5c:76:
         f1:06:4a:13:99:dd:62:f1:d4:54:de:45:a4:79:e2:41:24:cf:
         68:4e:f6:89:75:00:29:09:e9:ee:1c:68:5f:09:86:b3:05:90:
         dc:4a:67:ac:ce:52:95:d8:a2:69:87:65:2e:a5:55:f5:6a:8a:
         a1:c5:fa:7e:1f:c3:39:c6:1f:52:b5:30:2b:ee:f9:48:14:f4:
         cc:24:d4:00:2b:b0:67:29:ec:49:83:e1:d3:bf:2d:dd:46:d5:
         83:3d:a0:bf:04:32:04:58:e5:d6:2d:44:07:f1:7c:fc:d1:7f:
         d1:94:2e:ae:f4:53:8c:55:24:41:51:1a:92:10:5a:5f:66:4f:
         b7:74:c6:12:7b:5e:1c:f1:f9:e5:d1:17:56:e1:26:19:a9:af:
         f4:93:58:f1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICA0kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUZCNEIxMTAvBgNVBAUTKEEzNTU2MURBNDVBOTU1RjAyRDEyMkEwRDg4RThDNzYy
MzlFREY5MjAwHhcNMjUwNzIzMDEyOTU4WhcNMjUwNzMwMDEyOTU4WjAYMRYwFAYD
VQQDEw02ODgwM2IxNy04YzE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw6Yw5yPcO/EQUUmQZ2Gh/pzMQpTeILsGtsPLikYo8fxboeJAo/+iw2EgyyA7
uTUzZU3mppomXfgPf9barEjasGUFZmlkKP0XR0g/AGseRueQvPsUi4JZzh7DBcG+
vQOgQn3eJJ63rd+VvH6ttanexbuBrZd8QC7+8xN1KkQ0gNflSsWbI19GZ2iFtj5F
4R5glVm7FUrRd9sggTJPxSdfk3bliLsffGsRgADwXeM31D4UI+q+hGMNwlRlRPxT
qDjPZjkhGEnSGRYBlPLH8MRoFQG8kQ56eUpb9fpQk++1rEx78KgsgEMm3pco3HeN
4xSJz4uiP6eY17d752daNU8YSwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDYMUko9
VFMNWWPawrbjmVYXCaaLMB8GA1UdIwQYMBaAFKNVYdpFqVXwLRIqDYjox2I57fkg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRkI0Qi84RTE2MjQzMEM3
NjAxMUVDOEU3RDk2MjlDNEY5QUUwMi9vMVZoMmtXcFZmQXRFaW9OaU9qSFlqbnQt
U0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL28xVmgya1dwVmZBdEVpb05pT2pIWWpudC1TQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
RkI0Qi84RTE2MjQzMEM3NjAxMUVDOEU3RDk2MjlDNEY5QUUwMi9vMVZoMmtXcFZm
QXRFaW9OaU9qSFlqbnQtU0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCHfyVUZR8sX4B5m/6WkQHCpZwOOZS5JsJBJJVIAzCiWtwc04ASGMHv
3tlHsju6qul6TDVCfaNWJISGZEtMPOf5XRvbAnA3x6ufbsewJfo4rx9itWwKulBA
w0BZljY+ZkXYHf+9MS9LKpPmXHbxBkoTmd1i8dRU3kWkeeJBJM9oTvaJdQApCenu
HGhfCYazBZDcSmeszlKV2KJph2UupVX1aoqhxfp+H8M5xh9StTAr7vlIFPTMJNQA
K7BnKexJg+HTvy3dRtWDPaC/BDIEWOXWLUQH8Xz80X/RlC6u9FOMVSRBURqSEFpf
Zk+3dMYSe14c8fnl0RdW4SYZqa/0k1jx
-----END CERTIFICATE-----
Generated at Thu Jul 24 05:02:21 2025 by rpki-client