Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91BF306/1717920E716B11EEB1673277C4F9AE02/tgQSzpgJwQxn3eq7oOM1462k_hA.mft
File:                     tgQSzpgJwQxn3eq7oOM1462k_hA.mft (raw, json)
Hash identifier:          TBDAVYtw2LUGRiqQBaRVgE/E/ZhILg3CPA9OnIAft0Y=
Subject key identifier:   DF:73:FF:E0:AE:40:1C:7D:8D:51:73:93:21:BA:E4:CF:21:7F:38:0D
Authority key identifier: B6:04:12:CE:98:09:C1:0C:67:DD:EA:BB:A0:E3:35:E3:AD:A4:FE:10
Certificate issuer:       /CN=A91BF306/serialNumber=B60412CE9809C10C67DDEABBA0E335E3ADA4FE10
Certificate serial:       0148
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tgQSzpgJwQxn3eq7oOM1462k_hA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91BF306/1717920E716B11EEB1673277C4F9AE02/tgQSzpgJwQxn3eq7oOM1462k_hA.mft
Manifest number:          0146
Signing time:             Mon 21 Jul 2025 04:22:21 +0000
Manifest this update:     Mon 21 Jul 2025 04:22:20 +0000
Manifest next update:     Mon 28 Jul 2025 04:22:20 +0000
Files and hashes:         1: tgQSzpgJwQxn3eq7oOM1462k_hA.crl (hash: xnSklkK5N4aXYgdlq71o4F4rJFuK5q4bOhpziU2gv4g=)
                          2: 3CED465E8E0811EE8450D961C4F9AE02.roa (hash: f/jpE5cHuMY3Uawe+lXgAaJQ4nT2A65yBQRPGfiONwY=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91BF306/1717920E716B11EEB1673277C4F9AE02/tgQSzpgJwQxn3eq7oOM1462k_hA.crl
                          rsync://rpki.apnic.net/member_repository/A91BF306/1717920E716B11EEB1673277C4F9AE02/tgQSzpgJwQxn3eq7oOM1462k_hA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tgQSzpgJwQxn3eq7oOM1462k_hA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 28 Jul 2025 04:22:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 328 (0x148)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91BF306, serialNumber=B60412CE9809C10C67DDEABBA0E335E3ADA4FE10
        Validity
            Not Before: Jul 21 04:22:20 2025 GMT
            Not After : Jul 28 04:22:20 2025 GMT
        Subject: CN=687dc07d-9fab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:8c:75:5b:6b:08:22:bc:41:09:2b:f0:45:70:
                    0a:4c:69:3b:00:7e:eb:42:5c:63:4c:2a:0d:d0:72:
                    a6:bf:58:ec:3c:84:08:b4:20:1d:8e:c8:ec:be:35:
                    ec:8d:58:b6:2a:d3:06:c3:5b:40:fb:be:92:0d:86:
                    a3:55:82:d7:06:e8:41:20:66:dc:85:43:9c:d8:5f:
                    27:49:34:69:ef:1b:53:4f:ba:8f:74:32:3c:21:11:
                    be:6d:12:94:30:f3:3b:6d:8f:89:af:00:54:00:3d:
                    41:b7:5d:92:78:ed:eb:cc:50:6e:c8:82:51:9a:e2:
                    0f:e4:ad:9f:2c:a6:d6:8c:fd:08:b6:7e:0b:99:a1:
                    71:ee:ff:8e:23:dd:1f:77:65:2d:e1:d1:e8:03:71:
                    47:39:ae:42:e1:92:a8:3a:8c:1e:9b:d4:d8:d3:53:
                    b0:b7:92:bb:0b:fa:d1:09:e3:79:3a:97:3a:bc:b6:
                    84:c8:31:54:5a:73:f0:1c:45:97:ee:d0:5a:9a:c2:
                    4c:d6:3f:a8:f3:3a:5c:f9:5a:5a:4e:6e:8d:ec:38:
                    0b:41:0a:be:6d:a8:af:b2:bc:4c:bc:09:77:14:ee:
                    96:89:f5:1b:50:ee:2a:ca:6e:ba:b1:cb:ea:13:99:
                    7c:38:6d:67:3c:05:74:43:08:c9:90:dd:b7:0e:d9:
                    73:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:73:FF:E0:AE:40:1C:7D:8D:51:73:93:21:BA:E4:CF:21:7F:38:0D
            X509v3 Authority Key Identifier:
                keyid:B6:04:12:CE:98:09:C1:0C:67:DD:EA:BB:A0:E3:35:E3:AD:A4:FE:10

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91BF306/1717920E716B11EEB1673277C4F9AE02/tgQSzpgJwQxn3eq7oOM1462k_hA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tgQSzpgJwQxn3eq7oOM1462k_hA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BF306/1717920E716B11EEB1673277C4F9AE02/tgQSzpgJwQxn3eq7oOM1462k_hA.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:34:52:a9:ab:a3:6c:3c:4e:43:e6:62:78:f7:17:92:12:3a:
         64:f5:d5:f1:a2:9b:71:ce:ff:7d:58:32:03:fe:86:31:d5:e5:
         3b:b7:f5:6b:31:9e:18:5c:b1:be:d9:03:19:bb:4d:c5:2f:53:
         68:b3:69:5e:d5:ad:dd:25:f0:e0:4c:e5:93:d9:dc:c5:ef:a8:
         7e:33:e2:d9:84:57:af:bd:d7:3b:18:43:bb:5a:c7:51:90:6e:
         d8:4b:cd:80:70:eb:f6:45:c9:c3:78:66:0c:48:61:ec:50:5e:
         62:c5:fb:cd:07:67:66:2a:0b:42:2d:1d:94:39:2b:a2:03:1a:
         fb:58:96:c6:c5:1c:89:f0:ff:5a:8a:f8:c9:e9:0a:85:23:75:
         69:c2:e8:70:ca:14:36:9f:00:b6:20:74:bd:1e:d5:ef:14:93:
         c7:c7:07:c3:c1:8d:8e:c1:9a:35:de:48:af:b1:f3:b7:e9:fc:
         36:6b:12:2b:52:c7:cc:b3:eb:81:c9:08:a9:99:4e:f3:87:f2:
         50:49:82:e2:fb:92:ce:a7:1f:36:6f:e8:90:5a:ec:fd:2a:ae:
         ab:01:37:ed:25:50:d4:6b:21:e0:b8:e9:fe:5e:6a:46:75:90:
         5a:5e:28:df:c4:5f:2e:ab:6c:58:c0:e4:63:15:3d:f5:b9:0e:
         6b:9d:76:09
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAUgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkYzMDYxMTAvBgNVBAUTKEI2MDQxMkNFOTgwOUMxMEM2N0RERUFCQkEwRTMzNUUz
QURBNEZFMTAwHhcNMjUwNzIxMDQyMjIwWhcNMjUwNzI4MDQyMjIwWjAYMRYwFAYD
VQQDEw02ODdkYzA3ZC05ZmFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4Yx1W2sIIrxBCSvwRXAKTGk7AH7rQlxjTCoN0HKmv1jsPIQItCAdjsjsvjXs
jVi2KtMGw1tA+76SDYajVYLXBuhBIGbchUOc2F8nSTRp7xtTT7qPdDI8IRG+bRKU
MPM7bY+JrwBUAD1Bt12SeO3rzFBuyIJRmuIP5K2fLKbWjP0Itn4LmaFx7v+OI90f
d2Ut4dHoA3FHOa5C4ZKoOowem9TY01Owt5K7C/rRCeN5Opc6vLaEyDFUWnPwHEWX
7tBamsJM1j+o8zpc+VpaTm6N7DgLQQq+baivsrxMvAl3FO6WifUbUO4qym66scvq
E5l8OG1nPAV0QwjJkN23DtlzOwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFN9z/+Cu
QBx9jVFzkyG65M8hfzgNMB8GA1UdIwQYMBaAFLYEEs6YCcEMZ93qu6DjNeOtpP4Q
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRjMwNi8xNzE3OTIwRTcx
NkIxMUVFQjE2NzMyNzdDNEY5QUUwMi90Z1FTenBnSndReG4zZXE3b09NMTQ2Mmtf
aEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RnUVN6cGdKd1F4bjNlcTdvT00xNDYya19oQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
RjMwNi8xNzE3OTIwRTcxNkIxMUVFQjE2NzMyNzdDNEY5QUUwMi90Z1FTenBnSndR
eG4zZXE3b09NMTQ2MmtfaEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQA4NFKpq6NsPE5D5mJ49xeSEjpk9dXxoptxzv99WDID/oYx1eU7t/Vr
MZ4YXLG+2QMZu03FL1Nos2le1a3dJfDgTOWT2dzF76h+M+LZhFevvdc7GEO7WsdR
kG7YS82AcOv2RcnDeGYMSGHsUF5ixfvNB2dmKgtCLR2UOSuiAxr7WJbGxRyJ8P9a
ivjJ6QqFI3VpwuhwyhQ2nwC2IHS9HtXvFJPHxwfDwY2OwZo13kivsfO36fw2axIr
UsfMs+uByQipmU7zh/JQSYLi+5LOpx82b+iQWuz9Kq6rATftJVDUayHguOn+XmpG
dZBaXijfxF8uq2xYwORjFT31uQ5rnXYJ
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:25:13 2025 by rpki-client