Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91BF306/1717920E716B11EEB1673277C4F9AE02/tgQSzpgJwQxn3eq7oOM1462k_hA.mft
File:                     tgQSzpgJwQxn3eq7oOM1462k_hA.mft (raw, json)
Hash identifier:          lYAbFjXGxix80ems5fQMastlERecb3Y47QCP/HI2wX8=
Subject key identifier:   3B:BD:06:6D:6D:A1:3A:5E:E7:D2:3E:82:FC:21:DB:F2:6E:E8:4A:20
Authority key identifier: B6:04:12:CE:98:09:C1:0C:67:DD:EA:BB:A0:E3:35:E3:AD:A4:FE:10
Certificate issuer:       /CN=A91BF306/serialNumber=B60412CE9809C10C67DDEABBA0E335E3ADA4FE10
Certificate serial:       014D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tgQSzpgJwQxn3eq7oOM1462k_hA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91BF306/1717920E716B11EEB1673277C4F9AE02/tgQSzpgJwQxn3eq7oOM1462k_hA.mft
Manifest number:          014A
Signing time:             Fri 25 Jul 2025 04:29:31 +0000
Manifest this update:     Fri 25 Jul 2025 04:29:30 +0000
Manifest next update:     Fri 01 Aug 2025 04:29:30 +0000
Files and hashes:         1: tgQSzpgJwQxn3eq7oOM1462k_hA.crl (hash: 4X/Dqk6moQLGtSyEQcRQk9GU9WOE+RIdvBFwIhWyD2o=)
                          2: 3CED465E8E0811EE8450D961C4F9AE02.roa (hash: cZSiy4bCwDyhfeb/EZhFsCoqJYnevtXYXbg2+tmKMXk=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91BF306/1717920E716B11EEB1673277C4F9AE02/tgQSzpgJwQxn3eq7oOM1462k_hA.crl
                          rsync://rpki.apnic.net/member_repository/A91BF306/1717920E716B11EEB1673277C4F9AE02/tgQSzpgJwQxn3eq7oOM1462k_hA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tgQSzpgJwQxn3eq7oOM1462k_hA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 01 Aug 2025 04:29:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 333 (0x14d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91BF306, serialNumber=B60412CE9809C10C67DDEABBA0E335E3ADA4FE10
        Validity
            Not Before: Jul 25 04:29:30 2025 GMT
            Not After : Aug  1 04:29:30 2025 GMT
        Subject: CN=6883082b-d418
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:a7:80:35:e3:75:78:7c:4f:78:70:35:d9:c0:
                    81:73:98:4f:1c:65:6d:77:25:0e:a1:64:e3:1d:28:
                    42:96:ed:99:28:cc:c2:c3:d6:75:d1:78:8c:af:f7:
                    82:aa:26:d2:d0:2b:ea:a1:9f:46:92:d5:21:1c:fd:
                    7f:a3:20:66:1e:09:8e:05:a5:59:fb:57:83:c2:7f:
                    ed:f7:e8:2b:02:bf:f2:74:da:4f:f3:81:f0:20:d2:
                    49:2e:1a:2e:91:e1:62:06:29:ee:7a:83:84:4a:31:
                    55:d4:45:b7:64:c3:a8:ba:69:f3:e6:ef:b2:57:3b:
                    03:d1:c7:80:8f:23:cf:56:4f:61:71:55:86:bd:05:
                    5e:5c:cf:60:bd:fe:98:89:3c:50:83:24:8a:ee:67:
                    af:50:62:70:b1:b5:6c:b4:63:ea:e1:2b:92:10:b0:
                    70:2a:cc:47:bd:ed:2c:a5:58:2b:73:88:3a:4c:47:
                    79:cd:41:fe:b6:95:83:90:ce:e0:30:70:ea:85:db:
                    9b:ba:07:df:83:35:9a:a9:0d:87:d7:6c:ba:10:b9:
                    5b:09:f2:08:73:87:cc:44:f0:3e:50:dd:c8:2a:ad:
                    f4:50:7c:2d:03:19:a4:2f:b0:e0:96:7d:b1:f0:65:
                    fd:2f:25:1e:00:5a:b1:01:5f:96:ed:e2:bc:77:20:
                    e8:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:BD:06:6D:6D:A1:3A:5E:E7:D2:3E:82:FC:21:DB:F2:6E:E8:4A:20
            X509v3 Authority Key Identifier:
                keyid:B6:04:12:CE:98:09:C1:0C:67:DD:EA:BB:A0:E3:35:E3:AD:A4:FE:10

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91BF306/1717920E716B11EEB1673277C4F9AE02/tgQSzpgJwQxn3eq7oOM1462k_hA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tgQSzpgJwQxn3eq7oOM1462k_hA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BF306/1717920E716B11EEB1673277C4F9AE02/tgQSzpgJwQxn3eq7oOM1462k_hA.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:bc:4b:7e:fb:c3:ca:78:8b:e4:53:77:f8:82:c2:b8:e8:3b:
         f8:58:3b:6a:7e:0c:fe:1d:22:3c:fd:07:16:5a:21:ea:0c:2c:
         b6:1c:36:c1:a8:58:93:cd:ff:87:e4:ec:87:64:4a:73:d4:73:
         95:6e:90:1c:c8:7c:26:a3:82:cb:90:ea:35:f1:11:09:64:f7:
         b4:9f:c9:d1:17:d7:65:e3:3d:e6:db:12:f7:c4:c8:0b:75:bb:
         92:6c:d2:c5:9f:4c:dc:b6:f0:02:99:7b:82:37:98:dc:8c:73:
         b1:c3:23:55:dc:91:3b:13:72:97:8c:ea:13:ac:ae:ed:bb:9b:
         60:02:aa:d2:40:94:ea:af:2e:70:cd:07:e5:20:05:58:2f:f5:
         5b:85:e7:af:72:19:4a:ce:c8:89:f3:92:63:7f:e2:74:d1:4e:
         e5:e0:38:92:08:07:ed:9e:ba:b3:85:63:d8:1e:08:43:18:31:
         ff:dd:77:a6:ff:84:32:7d:69:13:a5:5b:49:5d:76:0b:6f:07:
         0a:5c:77:1b:34:97:d0:70:c3:46:87:62:39:c4:e6:31:10:9c:
         78:c0:a9:3f:aa:f7:fa:2f:fc:1f:ee:45:7f:e6:78:7b:ce:f2:
         ea:49:35:c4:7a:c9:84:9f:f3:0a:0a:64:7d:30:5b:cf:82:5b:
         1a:40:9c:11
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAU0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkYzMDYxMTAvBgNVBAUTKEI2MDQxMkNFOTgwOUMxMEM2N0RERUFCQkEwRTMzNUUz
QURBNEZFMTAwHhcNMjUwNzI1MDQyOTMwWhcNMjUwODAxMDQyOTMwWjAYMRYwFAYD
VQQDEw02ODgzMDgyYi1kNDE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3aeANeN1eHxPeHA12cCBc5hPHGVtdyUOoWTjHShClu2ZKMzCw9Z10XiMr/eC
qibS0CvqoZ9GktUhHP1/oyBmHgmOBaVZ+1eDwn/t9+grAr/ydNpP84HwINJJLhou
keFiBinueoOESjFV1EW3ZMOoumnz5u+yVzsD0ceAjyPPVk9hcVWGvQVeXM9gvf6Y
iTxQgySK7mevUGJwsbVstGPq4SuSELBwKsxHve0spVgrc4g6TEd5zUH+tpWDkM7g
MHDqhdubugffgzWaqQ2H12y6ELlbCfIIc4fMRPA+UN3IKq30UHwtAxmkL7Dgln2x
8GX9LyUeAFqxAV+W7eK8dyDoqQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDu9Bm1t
oTpe59I+gvwh2/Ju6EogMB8GA1UdIwQYMBaAFLYEEs6YCcEMZ93qu6DjNeOtpP4Q
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRjMwNi8xNzE3OTIwRTcx
NkIxMUVFQjE2NzMyNzdDNEY5QUUwMi90Z1FTenBnSndReG4zZXE3b09NMTQ2Mmtf
aEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RnUVN6cGdKd1F4bjNlcTdvT00xNDYya19oQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
RjMwNi8xNzE3OTIwRTcxNkIxMUVFQjE2NzMyNzdDNEY5QUUwMi90Z1FTenBnSndR
eG4zZXE3b09NMTQ2MmtfaEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCZvEt++8PKeIvkU3f4gsK46Dv4WDtqfgz+HSI8/QcWWiHqDCy2HDbB
qFiTzf+H5OyHZEpz1HOVbpAcyHwmo4LLkOo18REJZPe0n8nRF9dl4z3m2xL3xMgL
dbuSbNLFn0zctvACmXuCN5jcjHOxwyNV3JE7E3KXjOoTrK7tu5tgAqrSQJTqry5w
zQflIAVYL/VbheevchlKzsiJ85Jjf+J00U7l4DiSCAftnrqzhWPYHghDGDH/3Xem
/4QyfWkTpVtJXXYLbwcKXHcbNJfQcMNGh2I5xOYxEJx4wKk/qvf6L/wf7kV/5nh7
zvLqSTXEesmEn/MKCmR9MFvPglsaQJwR
-----END CERTIFICATE-----
Generated at Fri Jul 25 07:09:23 2025 by rpki-client