Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91BB100/38256B34630211ECBA4E0767C4F9AE02/P0hkkIxFs6cVjoMsBvkyPSNBmQ8.mft
File:                     P0hkkIxFs6cVjoMsBvkyPSNBmQ8.mft (raw, json)
Hash identifier:          tzyYVZZs5X8CQkU6pVZQwkdlTXB+e/NfWcmJY2IaR0s=
Subject key identifier:   B1:25:AC:59:58:E8:C1:B0:73:4C:64:AA:A5:6C:11:BA:C1:CB:E3:34
Authority key identifier: 3F:48:64:90:8C:45:B3:A7:15:8E:83:2C:06:F9:32:3D:23:41:99:0F
Certificate issuer:       /CN=A91BB100/serialNumber=3F4864908C45B3A7158E832C06F9323D2341990F
Certificate serial:       03CC
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P0hkkIxFs6cVjoMsBvkyPSNBmQ8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91BB100/38256B34630211ECBA4E0767C4F9AE02/P0hkkIxFs6cVjoMsBvkyPSNBmQ8.mft
Manifest number:          03C9
Signing time:             Sat 23 Nov 2024 00:13:45 +0000
Manifest this update:     Sat 23 Nov 2024 00:13:44 +0000
Manifest next update:     Sat 30 Nov 2024 00:13:44 +0000
Files and hashes:         1: P0hkkIxFs6cVjoMsBvkyPSNBmQ8.crl (hash: J47mK85YCpQPI3pV2H/Ef/KsRbjMScBSgvRPSP5TNJE=)
                          2: FE761E84630511EC86F9726BC4F9AE02.roa (hash: gPe2FsGLQAHhCtVhAH6HrqEEwPI9E9ufV2EbiUu1Wps=)

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91BB100/38256B34630211ECBA4E0767C4F9AE02/P0hkkIxFs6cVjoMsBvkyPSNBmQ8.crl
                          rsync://rpki.apnic.net/member_repository/A91BB100/38256B34630211ECBA4E0767C4F9AE02/P0hkkIxFs6cVjoMsBvkyPSNBmQ8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P0hkkIxFs6cVjoMsBvkyPSNBmQ8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 20:43:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 972 (0x3cc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91BB100/serialNumber=3F4864908C45B3A7158E832C06F9323D2341990F
        Validity
            Not Before: Nov 23 00:13:44 2024 GMT
            Not After : Nov 30 00:13:44 2024 GMT
        Subject: CN=67411e38-7b85
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:d4:91:a2:78:a3:29:b0:6a:4e:95:10:89:ee:
                    a6:8d:d0:3e:c5:e0:95:d7:ec:43:57:63:8c:bd:0d:
                    c1:a9:ec:f3:65:df:ff:71:bf:59:4f:37:dd:07:aa:
                    20:fa:b3:73:64:18:77:93:8c:4d:b9:79:54:b8:88:
                    66:cd:a2:7b:7e:cd:e7:94:13:87:3a:2d:e5:89:e6:
                    73:9d:6b:ce:f8:88:16:0c:73:24:2d:c9:10:45:65:
                    d6:84:34:d8:f8:30:6e:a1:e6:32:a0:c6:e9:a2:d1:
                    50:fb:9c:bf:1c:de:39:39:6e:ba:bf:63:cb:35:bb:
                    cc:22:0d:51:3a:a9:c9:c9:b0:ab:94:3b:32:a4:a0:
                    11:aa:ff:86:f0:c8:6e:3e:66:a1:a8:c5:de:4d:ff:
                    ec:98:c3:1c:04:fa:42:ef:ab:20:e2:06:51:3f:30:
                    59:dd:ac:cd:cf:ea:a7:27:3a:a1:57:fa:4a:4c:94:
                    aa:5c:b7:a7:fb:c1:aa:fd:3c:66:65:cd:18:ad:56:
                    56:5f:ba:49:cf:9b:84:31:d3:47:3f:15:0f:3d:c5:
                    09:73:76:6f:47:ad:b1:3e:01:5a:ba:10:99:63:0b:
                    7e:9b:03:73:be:02:88:df:52:33:86:6d:8d:24:9c:
                    e0:b5:09:1e:f6:0f:b8:dc:f0:66:23:c9:c4:86:26:
                    c9:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:25:AC:59:58:E8:C1:B0:73:4C:64:AA:A5:6C:11:BA:C1:CB:E3:34
            X509v3 Authority Key Identifier:
                keyid:3F:48:64:90:8C:45:B3:A7:15:8E:83:2C:06:F9:32:3D:23:41:99:0F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91BB100/38256B34630211ECBA4E0767C4F9AE02/P0hkkIxFs6cVjoMsBvkyPSNBmQ8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P0hkkIxFs6cVjoMsBvkyPSNBmQ8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BB100/38256B34630211ECBA4E0767C4F9AE02/P0hkkIxFs6cVjoMsBvkyPSNBmQ8.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         c1:48:bf:c5:f7:1b:7c:5c:04:3a:9d:e3:96:65:f4:8b:0f:94:
         c7:87:93:32:ad:af:9c:d2:8e:fd:d8:20:ed:93:2d:3e:8c:93:
         1d:c6:9d:31:6a:a4:cc:48:8a:0d:d6:3d:86:92:8d:58:8f:5e:
         c5:d8:23:72:6d:97:e5:8f:ce:9f:cf:1a:f7:1f:fa:63:00:b2:
         5a:88:fd:20:79:1d:ab:c4:9d:b3:88:f1:a8:b8:d6:50:7b:c1:
         4a:a3:53:52:05:23:a4:a0:2a:11:e5:56:20:cd:07:89:47:c4:
         55:da:44:56:b5:ee:a6:de:ce:86:80:d1:fe:1a:07:e6:9c:3f:
         4f:fe:ff:ad:15:8c:3e:58:74:07:73:06:61:0a:e1:c1:a7:78:
         d4:e7:9f:35:56:ec:9b:23:a2:51:a8:90:d2:41:6e:d1:65:d4:
         aa:11:65:bb:70:9d:b5:90:74:88:43:cf:c8:dc:b4:e9:08:06:
         4c:a4:42:59:d7:f7:6d:97:39:47:c5:e4:3b:33:94:e2:c5:9d:
         b8:12:3d:1b:59:de:a8:a9:b2:ee:da:1a:a0:39:02:d3:9a:dc:
         22:0c:78:d0:d2:5c:c0:1c:87:a0:ad:7c:16:9a:f9:44:9a:f2:
         e2:5e:f3:6d:99:dc:a2:a8:1f:ed:74:60:fa:55:26:24:e1:c0:
         b8:ae:d7:1d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICA8wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkIxMDAxMTAvBgNVBAUTKDNGNDg2NDkwOEM0NUIzQTcxNThFODMyQzA2RjkzMjNE
MjM0MTk5MEYwHhcNMjQxMTIzMDAxMzQ0WhcNMjQxMTMwMDAxMzQ0WjAYMRYwFAYD
VQQDEw02NzQxMWUzOC03Yjg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0dSRonijKbBqTpUQie6mjdA+xeCV1+xDV2OMvQ3BqezzZd//cb9ZTzfdB6og
+rNzZBh3k4xNuXlUuIhmzaJ7fs3nlBOHOi3lieZznWvO+IgWDHMkLckQRWXWhDTY
+DBuoeYyoMbpotFQ+5y/HN45OW66v2PLNbvMIg1ROqnJybCrlDsypKARqv+G8Mhu
PmahqMXeTf/smMMcBPpC76sg4gZRPzBZ3azNz+qnJzqhV/pKTJSqXLen+8Gq/Txm
Zc0YrVZWX7pJz5uEMdNHPxUPPcUJc3ZvR62xPgFauhCZYwt+mwNzvgKI31Izhm2N
JJzgtQke9g+43PBmI8nEhibJ8wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLElrFlY
6MGwc0xkqqVsEbrBy+M0MB8GA1UdIwQYMBaAFD9IZJCMRbOnFY6DLAb5Mj0jQZkP
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQjEwMC8zODI1NkIzNDYz
MDIxMUVDQkE0RTA3NjdDNEY5QUUwMi9QMGhra0l4RnM2Y1Zqb01zQnZreVBTTkJt
UTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1AwaGtrSXhGczZjVmpvTXNCdmt5UFNOQm1ROC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
QjEwMC8zODI1NkIzNDYzMDIxMUVDQkE0RTA3NjdDNEY5QUUwMi9QMGhra0l4RnM2
Y1Zqb01zQnZreVBTTkJtUTgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQDBSL/F9xt8XAQ6neOWZfSLD5THh5Myra+c0o792CDtky0+jJMdxp0x
aqTMSIoN1j2Gko1Yj17F2CNybZflj86fzxr3H/pjALJaiP0geR2rxJ2ziPGouNZQ
e8FKo1NSBSOkoCoR5VYgzQeJR8RV2kRWte6m3s6GgNH+GgfmnD9P/v+tFYw+WHQH
cwZhCuHBp3jU5581VuybI6JRqJDSQW7RZdSqEWW7cJ21kHSIQ8/I3LTpCAZMpEJZ
1/dtlzlHxeQ7M5TixZ24Ej0bWd6oqbLu2hqgOQLTmtwiDHjQ0lzAHIegrXwWmvlE
mvLiXvNtmdyiqB/tdGD6VSYk4cC4rtcd
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:33:44 2024 by rpki-client on console-fra.rpki-client.org