Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91BA0F9/FCAA2C001DA811E2B0E2CAA308B02CD2/nDt48kQmDsRjG6DfYZRgi3Gof0g.mft
File:                     nDt48kQmDsRjG6DfYZRgi3Gof0g.mft (raw, json)
Hash identifier:          5+c+pGGDQvb01V7plIfr603XklSumC8I2u4F8CeCDh8=
Subject key identifier:   59:2A:C5:0A:B5:0F:BE:97:79:6C:C3:87:F4:B7:35:35:08:00:22:31
Authority key identifier: 9C:3B:78:F2:44:26:0E:C4:63:1B:A0:DF:61:94:60:8B:71:A8:7F:48
Certificate issuer:       /CN=A91BA0F9/serialNumber=9C3B78F244260EC4631BA0DF6194608B71A87F48
Certificate serial:       349A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nDt48kQmDsRjG6DfYZRgi3Gof0g.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91BA0F9/FCAA2C001DA811E2B0E2CAA308B02CD2/nDt48kQmDsRjG6DfYZRgi3Gof0g.mft
Manifest number:          5109
Signing time:             Fri 18 Jul 2025 15:18:26 +0000
Manifest this update:     Fri 18 Jul 2025 15:18:26 +0000
Manifest next update:     Fri 25 Jul 2025 15:18:26 +0000
Files and hashes:         1: nDt48kQmDsRjG6DfYZRgi3Gof0g.crl (hash: ECWvxZJd30RjKO+wN/vpSyJGz4I2Y7T5mapDTGbXpIo=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91BA0F9/FCAA2C001DA811E2B0E2CAA308B02CD2/nDt48kQmDsRjG6DfYZRgi3Gof0g.crl
                          rsync://rpki.apnic.net/member_repository/A91BA0F9/FCAA2C001DA811E2B0E2CAA308B02CD2/nDt48kQmDsRjG6DfYZRgi3Gof0g.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nDt48kQmDsRjG6DfYZRgi3Gof0g.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 25 Jul 2025 15:18:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13466 (0x349a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91BA0F9, serialNumber=9C3B78F244260EC4631BA0DF6194608B71A87F48
        Validity
            Not Before: Jul 18 15:18:26 2025 GMT
            Not After : Jul 25 15:18:26 2025 GMT
        Subject: CN=687a65c2-5a61
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:65:98:51:ca:33:01:2a:66:22:3b:d8:3c:bd:
                    d0:66:44:ad:fb:51:cb:d3:8f:3c:fb:03:a0:2b:5c:
                    02:38:f2:9c:a1:38:79:5c:82:f4:63:4f:f7:f7:4c:
                    38:6d:fb:c4:d9:4a:2c:a1:a8:f1:98:df:9e:bf:14:
                    09:40:71:dd:d9:fc:9a:85:b9:87:3b:ec:cd:9c:8b:
                    13:2f:f4:1e:76:58:a3:c3:d9:f7:47:18:94:45:07:
                    3f:c2:98:54:43:a3:15:bc:68:72:73:ca:c0:bd:34:
                    35:52:f6:96:be:c7:ab:cb:9c:31:c9:9a:c9:36:13:
                    03:4d:a6:c4:a1:cb:b2:b4:25:a4:4e:41:66:7e:ba:
                    91:c8:82:3b:3c:ea:c3:46:41:9a:a1:d2:14:7a:1f:
                    fa:dc:a5:d7:aa:5b:be:9a:c1:c8:fd:1b:9c:fa:e7:
                    19:db:c4:74:de:3a:3c:a7:9f:a4:89:42:f3:d0:60:
                    9c:c6:0c:fc:e3:dd:cc:a2:25:a2:06:b6:11:0f:86:
                    e1:d3:66:be:c5:61:4f:89:83:8b:ce:f4:df:2f:d3:
                    e5:54:78:2b:34:06:98:43:0d:88:6f:dc:13:a9:69:
                    75:6f:f1:82:8f:e6:24:46:c2:6d:14:b3:ad:1b:87:
                    9f:9b:ad:9a:52:fb:3f:ba:eb:d7:68:7c:25:ef:19:
                    11:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:2A:C5:0A:B5:0F:BE:97:79:6C:C3:87:F4:B7:35:35:08:00:22:31
            X509v3 Authority Key Identifier:
                keyid:9C:3B:78:F2:44:26:0E:C4:63:1B:A0:DF:61:94:60:8B:71:A8:7F:48

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91BA0F9/FCAA2C001DA811E2B0E2CAA308B02CD2/nDt48kQmDsRjG6DfYZRgi3Gof0g.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nDt48kQmDsRjG6DfYZRgi3Gof0g.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BA0F9/FCAA2C001DA811E2B0E2CAA308B02CD2/nDt48kQmDsRjG6DfYZRgi3Gof0g.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:ca:32:90:64:79:87:6d:f5:65:a3:eb:e0:70:55:bb:f0:d4:
         fe:b8:47:f6:94:14:61:52:87:2d:77:ce:9a:d5:3b:9c:5a:a0:
         6d:b5:2d:88:c3:42:8e:6d:32:79:57:d1:73:3a:06:81:ae:54:
         d6:c9:93:e1:16:ff:6b:a6:b0:6e:e2:d9:fa:88:df:9f:11:53:
         ee:69:a2:b7:db:30:20:d9:0c:30:84:bf:cc:76:cd:6c:2f:6e:
         1b:b2:ec:12:b9:64:32:8b:91:16:d6:9a:05:ed:07:79:f0:22:
         8d:22:c5:87:c5:24:ed:34:8f:23:f9:31:af:80:c4:95:1b:09:
         99:18:f5:7b:2f:0a:44:9a:b7:3f:2a:bf:56:21:03:14:42:d3:
         7b:5a:c6:87:5a:be:19:72:9f:bd:c6:00:9a:5c:0a:71:a4:90:
         8e:f4:92:2e:42:ad:8c:86:dc:15:80:23:08:1d:0e:7d:86:a9:
         08:23:81:8f:12:6a:7f:95:a5:a2:de:09:1e:82:71:4b:2b:5a:
         83:70:40:fd:e7:af:94:ec:78:83:9f:59:75:d6:4a:fe:53:f9:
         d2:ef:82:9a:1f:e8:e6:0a:bd:1b:12:d3:84:4d:e3:13:2c:22:
         e5:ac:c3:4c:80:41:79:05:7a:24:5b:bc:65:83:e5:b8:34:48:
         69:99:1f:41
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICNJowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkEwRjkxMTAvBgNVBAUTKDlDM0I3OEYyNDQyNjBFQzQ2MzFCQTBERjYxOTQ2MDhC
NzFBODdGNDgwHhcNMjUwNzE4MTUxODI2WhcNMjUwNzI1MTUxODI2WjAYMRYwFAYD
VQQDEw02ODdhNjVjMi01YTYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtWWYUcozASpmIjvYPL3QZkSt+1HL0488+wOgK1wCOPKcoTh5XIL0Y0/390w4
bfvE2UosoajxmN+evxQJQHHd2fyahbmHO+zNnIsTL/Qedlijw9n3RxiURQc/wphU
Q6MVvGhyc8rAvTQ1UvaWvsery5wxyZrJNhMDTabEocuytCWkTkFmfrqRyII7POrD
RkGaodIUeh/63KXXqlu+msHI/Ruc+ucZ28R03jo8p5+kiULz0GCcxgz8493MoiWi
BrYRD4bh02a+xWFPiYOLzvTfL9PlVHgrNAaYQw2Ib9wTqWl1b/GCj+YkRsJtFLOt
G4efm62aUvs/uuvXaHwl7xkR0wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFkqxQq1
D76XeWzDh/S3NTUIACIxMB8GA1UdIwQYMBaAFJw7ePJEJg7EYxug32GUYItxqH9I
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQTBGOS9GQ0FBMkMwMDFE
QTgxMUUyQjBFMkNBQTMwOEIwMkNEMi9uRHQ0OGtRbURzUmpHNkRmWVpSZ2kzR29m
MGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25EdDQ4a1FtRHNSakc2RGZZWlJnaTNHb2YwZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
QTBGOS9GQ0FBMkMwMDFEQTgxMUUyQjBFMkNBQTMwOEIwMkNEMi9uRHQ0OGtRbURz
UmpHNkRmWVpSZ2kzR29mMGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCAyjKQZHmHbfVlo+vgcFW78NT+uEf2lBRhUoctd86a1TucWqBttS2I
w0KObTJ5V9FzOgaBrlTWyZPhFv9rprBu4tn6iN+fEVPuaaK32zAg2QwwhL/Mds1s
L24bsuwSuWQyi5EW1poF7Qd58CKNIsWHxSTtNI8j+TGvgMSVGwmZGPV7LwpEmrc/
Kr9WIQMUQtN7WsaHWr4Zcp+9xgCaXApxpJCO9JIuQq2MhtwVgCMIHQ59hqkII4GP
Emp/laWi3gkegnFLK1qDcED956+U7HiDn1l11kr+U/nS74KaH+jmCr0bEtOETeMT
LCLlrMNMgEF5BXokW7xlg+W4NEhpmR9B
-----END CERTIFICATE-----
Generated at Sun Jul 20 06:20:53 2025 by rpki-client