Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B9011/3888E0C4C73A11EB90075510C4F9AE02/1RZ7lweHQQlX4l2fh1CFYPAFd24.mft
File:                     1RZ7lweHQQlX4l2fh1CFYPAFd24.mft (raw, json)
Hash identifier:          oKU7NVcSwWNSd8PYgsSHDpa3kI9OgKVXcHgbJ5WYUuY=
Subject key identifier:   4A:69:05:31:CF:A6:14:72:DB:96:54:64:76:88:07:5A:60:09:03:7B
Authority key identifier: D5:16:7B:97:07:87:41:09:57:E2:5D:9F:87:50:85:60:F0:05:77:6E
Certificate issuer:       /CN=A91B9011/serialNumber=D5167B970787410957E25D9F87508560F005776E
Certificate serial:       05D5
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1RZ7lweHQQlX4l2fh1CFYPAFd24.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B9011/3888E0C4C73A11EB90075510C4F9AE02/1RZ7lweHQQlX4l2fh1CFYPAFd24.mft
Manifest number:          05D0
Signing time:             Tue 22 Jul 2025 23:24:30 +0000
Manifest this update:     Tue 22 Jul 2025 23:24:30 +0000
Manifest next update:     Tue 29 Jul 2025 23:24:30 +0000
Files and hashes:         1: 1RZ7lweHQQlX4l2fh1CFYPAFd24.crl (hash: l8Bd71TU04mm21mwivFt+/jHqVeHLvnSHyozezuexNQ=)
                          2: 438893AC55BE11EDBDE51983C4F9AE02.roa (hash: Y1Hqc3CucW1MGNfTEVOgwuu3xdmSB7zSj6HU8UBJr7c=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91B9011/3888E0C4C73A11EB90075510C4F9AE02/1RZ7lweHQQlX4l2fh1CFYPAFd24.crl
                          rsync://rpki.apnic.net/member_repository/A91B9011/3888E0C4C73A11EB90075510C4F9AE02/1RZ7lweHQQlX4l2fh1CFYPAFd24.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1RZ7lweHQQlX4l2fh1CFYPAFd24.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 29 Jul 2025 23:24:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1493 (0x5d5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B9011, serialNumber=D5167B970787410957E25D9F87508560F005776E
        Validity
            Not Before: Jul 22 23:24:30 2025 GMT
            Not After : Jul 29 23:24:30 2025 GMT
        Subject: CN=68801dae-8c5b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:9b:21:32:cf:a4:bc:c6:f8:2d:98:c9:1e:6e:
                    58:a0:56:0f:96:86:ec:48:f5:9e:6c:ec:7a:6d:a0:
                    74:0a:4f:04:46:9d:72:a9:5a:79:49:4f:51:e6:91:
                    f7:04:ce:ef:d7:7a:3c:66:bb:3c:64:e7:9b:d8:0f:
                    b8:49:a6:16:09:ed:a8:bf:b1:d8:73:44:4f:ad:96:
                    bc:6b:67:90:e5:3c:f0:37:e2:54:00:b9:87:c8:d2:
                    f9:32:4f:ec:26:69:de:15:29:52:1f:bf:88:03:fe:
                    be:0b:ab:5c:71:7d:11:d6:9c:c9:6b:0c:1b:af:12:
                    dc:59:ec:2a:3e:70:5c:6b:2f:01:13:e8:78:1f:b2:
                    99:c6:a5:e4:57:bd:4a:dc:62:17:15:87:9f:53:f5:
                    ae:90:c7:44:59:30:f8:aa:cf:53:20:f0:ec:7b:eb:
                    73:c4:a4:4f:06:68:e3:97:50:4b:a2:e4:ab:2d:ed:
                    e9:f9:32:5b:6e:0d:56:e8:7e:63:6c:24:18:56:d7:
                    3c:49:4a:fc:1f:cb:0a:d5:e3:45:3c:0e:b6:29:51:
                    04:4d:92:05:2d:e0:3d:0d:e3:29:e0:3a:8c:29:d8:
                    ef:d0:c9:7f:eb:70:ac:8c:03:3f:1f:28:d6:9b:8c:
                    bb:06:0b:0d:d7:0f:38:30:2a:7a:37:73:9e:ea:50:
                    f0:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:69:05:31:CF:A6:14:72:DB:96:54:64:76:88:07:5A:60:09:03:7B
            X509v3 Authority Key Identifier:
                keyid:D5:16:7B:97:07:87:41:09:57:E2:5D:9F:87:50:85:60:F0:05:77:6E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B9011/3888E0C4C73A11EB90075510C4F9AE02/1RZ7lweHQQlX4l2fh1CFYPAFd24.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1RZ7lweHQQlX4l2fh1CFYPAFd24.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B9011/3888E0C4C73A11EB90075510C4F9AE02/1RZ7lweHQQlX4l2fh1CFYPAFd24.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:c1:64:96:88:21:bb:b0:50:a4:d6:a8:8d:3b:64:ab:e1:8e:
         c1:5e:5b:04:8e:e6:9c:f8:9a:fe:ca:2a:69:05:1a:34:98:2c:
         79:59:ee:b5:3d:91:a6:09:97:1c:6f:69:c0:45:c3:44:c4:48:
         80:2c:77:08:7d:a8:b3:c4:56:9b:a6:31:6a:64:47:a5:72:9d:
         b2:8a:23:3d:f1:b7:3f:e6:e7:ad:4f:c6:e0:19:f8:72:3d:6e:
         0f:89:5a:fc:d1:ba:bf:78:0e:6e:78:6d:52:83:b2:c7:7c:80:
         2e:65:f0:a1:15:56:47:d3:bd:7b:ea:3e:b2:18:9d:39:ea:a5:
         61:21:c6:18:bd:d2:54:4c:7a:4d:fa:d9:9c:0b:e4:ee:c5:aa:
         bd:14:6b:91:04:c6:a5:83:d5:98:a5:81:40:f8:b8:84:94:7e:
         01:fd:aa:ec:b9:c4:fb:82:ff:f6:24:73:cc:00:86:2c:b0:b4:
         fc:8e:15:7f:e2:93:68:fc:8c:48:7e:f3:23:87:0e:a5:f2:8e:
         9b:c1:8c:b9:79:d3:f9:ac:64:13:fe:f8:46:ad:a6:2a:75:a8:
         85:98:25:e4:05:ae:4d:1a:1f:56:19:fb:75:a3:97:91:73:91:
         40:7e:8f:d9:44:53:10:f0:90:32:67:c7:01:c1:18:f8:8a:42:
         30:04:69:cd
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICBdUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjkwMTExMTAvBgNVBAUTKEQ1MTY3Qjk3MDc4NzQxMDk1N0UyNUQ5Rjg3NTA4NTYw
RjAwNTc3NkUwHhcNMjUwNzIyMjMyNDMwWhcNMjUwNzI5MjMyNDMwWjAYMRYwFAYD
VQQDEw02ODgwMWRhZS04YzViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmpshMs+kvMb4LZjJHm5YoFYPlobsSPWebOx6baB0Ck8ERp1yqVp5SU9R5pH3
BM7v13o8Zrs8ZOeb2A+4SaYWCe2ov7HYc0RPrZa8a2eQ5TzwN+JUALmHyNL5Mk/s
JmneFSlSH7+IA/6+C6tccX0R1pzJawwbrxLcWewqPnBcay8BE+h4H7KZxqXkV71K
3GIXFYefU/WukMdEWTD4qs9TIPDse+tzxKRPBmjjl1BLouSrLe3p+TJbbg1W6H5j
bCQYVtc8SUr8H8sK1eNFPA62KVEETZIFLeA9DeMp4DqMKdjv0Ml/63CsjAM/HyjW
m4y7BgsN1w84MCp6N3Oe6lDwZwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEppBTHP
phRy25ZUZHaIB1pgCQN7MB8GA1UdIwQYMBaAFNUWe5cHh0EJV+Jdn4dQhWDwBXdu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOTAxMS8zODg4RTBDNEM3
M0ExMUVCOTAwNzU1MTBDNEY5QUUwMi8xUlo3bHdlSFFRbFg0bDJmaDFDRllQQUZk
MjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFSWjdsd2VIUVFsWDRsMmZoMUNGWVBBRmQyNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
OTAxMS8zODg4RTBDNEM3M0ExMUVCOTAwNzU1MTBDNEY5QUUwMi8xUlo3bHdlSFFR
bFg0bDJmaDFDRllQQUZkMjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQA6wWSWiCG7sFCk1qiNO2Sr4Y7BXlsEjuac+Jr+yippBRo0mCx5We61
PZGmCZccb2nARcNExEiALHcIfaizxFabpjFqZEelcp2yiiM98bc/5uetT8bgGfhy
PW4PiVr80bq/eA5ueG1Sg7LHfIAuZfChFVZH07176j6yGJ056qVhIcYYvdJUTHpN
+tmcC+Tuxaq9FGuRBMalg9WYpYFA+LiElH4B/arsucT7gv/2JHPMAIYssLT8jhV/
4pNo/IxIfvMjhw6l8o6bwYy5edP5rGQT/vhGraYqdaiFmCXkBa5NGh9WGft1o5eR
c5FAfo/ZRFMQ8JAyZ8cBwRj4ikIwBGnN
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:46:30 2025 by rpki-client