Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B4873/4E25C8BC38E711EF844B4F65C4F9AE02/5bRMaejecz32GWYFbn5BXsfHDSo.mft
File:                     5bRMaejecz32GWYFbn5BXsfHDSo.mft (raw, json)
Hash identifier:          DDCsVinwXajCiFmVBCav1+Jqz9uB4GRL01KnBp7pCaw=
Subject key identifier:   FB:79:DA:53:96:32:6C:26:C1:9C:62:14:9C:BF:5E:11:0E:5F:57:5C
Authority key identifier: E5:B4:4C:69:E8:DE:73:3D:F6:19:66:05:6E:7E:41:5E:C7:C7:0D:2A
Certificate issuer:       /CN=A91B4873/serialNumber=E5B44C69E8DE733DF61966056E7E415EC7C70D2A
Certificate serial:       C3
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5bRMaejecz32GWYFbn5BXsfHDSo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B4873/4E25C8BC38E711EF844B4F65C4F9AE02/5bRMaejecz32GWYFbn5BXsfHDSo.mft
Manifest number:          C2
Signing time:             Sat 19 Jul 2025 05:59:33 +0000
Manifest this update:     Sat 19 Jul 2025 05:59:32 +0000
Manifest next update:     Sat 26 Jul 2025 05:59:32 +0000
Files and hashes:         1: 5bRMaejecz32GWYFbn5BXsfHDSo.crl (hash: c5iGO3V56/Bf9s6hqnexXgbGn1J3VopZIvhn1t/oFDQ=)
                          2: 01F62A6438F011EF9A82662BC4F9AE02.roa (hash: 6ibBV+FsUpvviGFZhtbUaWu715IOaDD6qWu96emn7VA=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91B4873/4E25C8BC38E711EF844B4F65C4F9AE02/5bRMaejecz32GWYFbn5BXsfHDSo.crl
                          rsync://rpki.apnic.net/member_repository/A91B4873/4E25C8BC38E711EF844B4F65C4F9AE02/5bRMaejecz32GWYFbn5BXsfHDSo.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5bRMaejecz32GWYFbn5BXsfHDSo.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 26 Jul 2025 05:59:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 195 (0xc3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B4873, serialNumber=E5B44C69E8DE733DF61966056E7E415EC7C70D2A
        Validity
            Not Before: Jul 19 05:59:32 2025 GMT
            Not After : Jul 26 05:59:32 2025 GMT
        Subject: CN=687b3445-3f76
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:cf:c4:ad:eb:52:c9:c7:38:10:ce:ff:8b:b0:
                    c5:27:82:ea:39:9a:7c:4c:ec:10:9f:e9:ad:97:30:
                    86:19:99:bc:31:bf:7b:59:7b:ab:10:eb:3c:86:01:
                    54:73:1d:e9:95:72:55:71:7f:34:c4:64:fd:bf:27:
                    eb:bc:82:74:f0:1c:3e:23:75:30:ee:0c:88:d4:e4:
                    7a:5d:96:54:fa:f9:0f:8a:d7:0f:aa:48:1e:3c:43:
                    1f:82:38:3d:83:96:d4:e7:8f:5c:4f:ca:21:04:6a:
                    de:23:0b:28:eb:02:b6:60:37:a4:4c:4e:99:bb:e7:
                    cd:e0:45:fc:8c:b3:e0:07:d6:3b:a8:20:1e:0f:13:
                    28:ef:cf:3c:d3:f1:0f:95:6a:0f:d7:f2:df:89:6b:
                    35:79:10:b5:b0:8e:d4:24:a5:40:f3:d0:ed:63:89:
                    5d:20:45:e6:40:63:7c:25:0c:d4:fd:68:61:be:43:
                    bb:2d:e5:0a:0a:f2:f0:37:1b:53:eb:e8:67:3c:f1:
                    21:a8:40:61:5b:7c:c9:2c:5d:ba:3f:ab:57:24:fa:
                    60:58:e2:2b:02:60:da:79:3f:ba:01:90:c5:0c:f4:
                    b4:a1:a5:45:ef:e5:e9:96:00:de:07:ec:16:9a:6d:
                    ee:3f:9d:8e:4c:fa:58:bf:4c:d2:46:91:f9:50:95:
                    a7:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:79:DA:53:96:32:6C:26:C1:9C:62:14:9C:BF:5E:11:0E:5F:57:5C
            X509v3 Authority Key Identifier:
                keyid:E5:B4:4C:69:E8:DE:73:3D:F6:19:66:05:6E:7E:41:5E:C7:C7:0D:2A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B4873/4E25C8BC38E711EF844B4F65C4F9AE02/5bRMaejecz32GWYFbn5BXsfHDSo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5bRMaejecz32GWYFbn5BXsfHDSo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B4873/4E25C8BC38E711EF844B4F65C4F9AE02/5bRMaejecz32GWYFbn5BXsfHDSo.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:e3:83:7f:92:f2:14:13:fe:ff:63:ac:21:01:10:be:6e:d6:
         24:9d:b6:10:f1:9f:ab:05:65:e1:84:7d:e1:65:f0:18:e0:88:
         ea:0c:5c:2d:62:8c:24:76:f9:d9:f1:71:82:ae:6d:f0:5c:49:
         82:7c:00:8a:12:1b:9c:23:b8:d0:61:3e:d3:fc:43:7a:fa:b6:
         6e:f5:44:2d:b5:31:6c:ea:4f:36:56:8e:39:42:91:58:34:fe:
         47:65:60:89:60:53:4e:1d:7e:73:54:36:f5:26:1e:2e:97:e7:
         c0:79:d2:48:43:18:12:6e:f2:d7:9d:5f:38:cd:f9:4b:15:9e:
         f3:3f:f5:7c:0a:24:09:e4:cd:82:1a:cb:22:d2:cb:13:46:ad:
         8d:85:98:c7:d6:05:e6:4f:4c:29:1e:55:94:7d:4b:ef:b6:d5:
         9a:5f:7f:14:32:9b:61:c4:27:47:8c:5f:1c:b5:7f:bc:b0:29:
         8b:ac:f7:2e:cb:6e:9f:e8:37:94:ae:1c:c9:f8:0b:3b:a9:24:
         cb:78:45:76:2a:4e:6e:dd:f7:b3:2a:4e:75:3f:dd:81:68:0a:
         a5:ec:fa:b2:3b:f6:36:af:51:62:06:d8:e5:73:79:65:ed:ff:
         a7:fb:6d:e6:18:bb:ae:b8:e9:4a:a4:ca:49:2e:30:4f:ed:22:
         2f:4b:a0:28
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAMMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjQ4NzMxMTAvBgNVBAUTKEU1QjQ0QzY5RThERTczM0RGNjE5NjYwNTZFN0U0MTVF
QzdDNzBEMkEwHhcNMjUwNzE5MDU1OTMyWhcNMjUwNzI2MDU1OTMyWjAYMRYwFAYD
VQQDEw02ODdiMzQ0NS0zZjc2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxs/EretSycc4EM7/i7DFJ4LqOZp8TOwQn+mtlzCGGZm8Mb97WXurEOs8hgFU
cx3plXJVcX80xGT9vyfrvIJ08Bw+I3Uw7gyI1OR6XZZU+vkPitcPqkgePEMfgjg9
g5bU549cT8ohBGreIwso6wK2YDekTE6Zu+fN4EX8jLPgB9Y7qCAeDxMo78880/EP
lWoP1/LfiWs1eRC1sI7UJKVA89DtY4ldIEXmQGN8JQzU/WhhvkO7LeUKCvLwNxtT
6+hnPPEhqEBhW3zJLF26P6tXJPpgWOIrAmDaeT+6AZDFDPS0oaVF7+XplgDeB+wW
mm3uP52OTPpYv0zSRpH5UJWnTQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPt52lOW
MmwmwZxiFJy/XhEOX1dcMB8GA1UdIwQYMBaAFOW0TGno3nM99hlmBW5+QV7Hxw0q
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNDg3My80RTI1QzhCQzM4
RTcxMUVGODQ0QjRGNjVDNEY5QUUwMi81YlJNYWVqZWN6MzJHV1lGYm41QlhzZkhE
U28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLzViUk1hZWplY3ozMkdXWUZibjVCWHNmSERTby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
NDg3My80RTI1QzhCQzM4RTcxMUVGODQ0QjRGNjVDNEY5QUUwMi81YlJNYWVqZWN6
MzJHV1lGYm41QlhzZkhEU28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBe44N/kvIUE/7/Y6whARC+btYknbYQ8Z+rBWXhhH3hZfAY4IjqDFwt
YowkdvnZ8XGCrm3wXEmCfACKEhucI7jQYT7T/EN6+rZu9UQttTFs6k82Vo45QpFY
NP5HZWCJYFNOHX5zVDb1Jh4ul+fAedJIQxgSbvLXnV84zflLFZ7zP/V8CiQJ5M2C
Gssi0ssTRq2NhZjH1gXmT0wpHlWUfUvvttWaX38UMpthxCdHjF8ctX+8sCmLrPcu
y26f6DeUrhzJ+As7qSTLeEV2Kk5u3fezKk51P92BaAql7PqyO/Y2r1FiBtjlc3ll
7f+n+23mGLuuuOlKpMpJLjBP7SIvS6Ao
-----END CERTIFICATE-----
Generated at Sun Jul 20 16:38:27 2025 by rpki-client