Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91D493B/DBAD37A0CAAE11EC8241280DC4F9AE02/zIO7bQqhd53qFp7bpKQCKN4hvXs.mft
File:                     zIO7bQqhd53qFp7bpKQCKN4hvXs.mft (raw, json)
Hash identifier:          6I6JLEBdAdD8uRf76cWY39pV+uas/p6T/ORo1s6jHEw=
Subject key identifier:   9C:C9:83:EF:A2:14:DA:C4:0F:AC:94:5D:4E:5B:C8:71:2B:26:45:34
Authority key identifier: CC:83:BB:6D:0A:A1:77:9D:EA:16:9E:DB:A4:A4:02:28:DE:21:BD:7B
Certificate issuer:       /CN=A91D493B/serialNumber=CC83BB6D0AA1779DEA169EDBA4A40228DE21BD7B
Certificate serial:       02C7
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zIO7bQqhd53qFp7bpKQCKN4hvXs.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91D493B/DBAD37A0CAAE11EC8241280DC4F9AE02/zIO7bQqhd53qFp7bpKQCKN4hvXs.mft
Manifest number:          02C3
Signing time:             Sat 23 Nov 2024 00:59:04 +0000
Manifest this update:     Sat 23 Nov 2024 00:59:03 +0000
Manifest next update:     Sat 30 Nov 2024 00:59:03 +0000
Files and hashes:         1: zIO7bQqhd53qFp7bpKQCKN4hvXs.crl (hash: lFLeMe9ltU7ZPsiG5jZfMeYeaDd63tlw+u9+SzTRnQU=)
                          2: 684DDD32CAB311ECBBCE9843C4F9AE02.roa (hash: qlH2HXjlgr8PBnyTmgV2A1ZCVpY5oeqzGuzCwKUpWe4=)

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91D493B/DBAD37A0CAAE11EC8241280DC4F9AE02/zIO7bQqhd53qFp7bpKQCKN4hvXs.crl
                          rsync://rpki.apnic.net/member_repository/A91D493B/DBAD37A0CAAE11EC8241280DC4F9AE02/zIO7bQqhd53qFp7bpKQCKN4hvXs.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zIO7bQqhd53qFp7bpKQCKN4hvXs.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Nov 2024 00:59:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 711 (0x2c7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D493B/serialNumber=CC83BB6D0AA1779DEA169EDBA4A40228DE21BD7B
        Validity
            Not Before: Nov 23 00:59:03 2024 GMT
            Not After : Nov 30 00:59:03 2024 GMT
        Subject: CN=674128d7-8367
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:77:e8:74:da:bb:57:cf:6d:4d:bb:16:d5:2f:
                    b1:6f:f8:8c:b5:61:a3:4b:69:99:8e:15:ae:dc:41:
                    1c:1a:af:f7:ff:61:7b:d4:18:13:9a:be:2c:99:fd:
                    8e:f1:de:88:14:6b:cb:ab:16:e4:bf:58:e0:63:75:
                    fc:0d:c9:59:0a:11:8c:07:a8:51:67:f5:50:4e:5e:
                    ae:81:4c:bb:b1:83:2d:58:89:de:6e:e6:2c:e5:7b:
                    a8:15:42:82:c0:8c:85:74:4d:98:50:bb:65:32:27:
                    8c:e5:40:e4:8d:5d:ca:a9:1b:30:ff:e5:89:02:25:
                    ce:af:e9:c1:60:5c:ee:1e:4b:54:2b:e0:ed:10:c1:
                    0a:ee:a1:9b:5d:34:ca:2d:12:f5:eb:ff:01:d6:5c:
                    a1:22:95:3d:6c:7e:72:f3:65:87:a9:bf:40:6d:dc:
                    4d:7a:9d:6c:ed:31:55:60:2e:7f:7f:42:09:cb:a8:
                    fd:c5:54:dc:08:65:06:41:1c:6d:ea:00:ad:3a:61:
                    3c:63:5e:77:2e:48:26:ca:a7:20:e6:8c:67:ab:ab:
                    46:1a:35:e8:f2:af:7e:f7:8b:f7:07:53:7e:ee:07:
                    82:c9:d6:97:04:8c:0c:8c:36:d5:5b:68:71:a2:f4:
                    19:70:1f:11:44:b1:24:57:37:72:84:3e:5e:ca:97:
                    f3:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:C9:83:EF:A2:14:DA:C4:0F:AC:94:5D:4E:5B:C8:71:2B:26:45:34
            X509v3 Authority Key Identifier:
                keyid:CC:83:BB:6D:0A:A1:77:9D:EA:16:9E:DB:A4:A4:02:28:DE:21:BD:7B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91D493B/DBAD37A0CAAE11EC8241280DC4F9AE02/zIO7bQqhd53qFp7bpKQCKN4hvXs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zIO7bQqhd53qFp7bpKQCKN4hvXs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D493B/DBAD37A0CAAE11EC8241280DC4F9AE02/zIO7bQqhd53qFp7bpKQCKN4hvXs.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:90:ea:c9:b7:7a:98:b9:4a:eb:83:34:38:ca:59:56:b2:2b:
         ea:1a:6f:cd:0e:20:44:95:1b:e1:ce:78:15:cf:f3:ad:db:34:
         6e:81:d6:f6:00:59:e1:13:32:84:fe:0d:97:0f:1b:d5:9e:55:
         39:0c:ae:62:e5:b3:78:3a:da:64:5d:76:60:b2:dc:f1:91:05:
         19:bc:94:6b:9b:00:c4:d8:cf:69:89:b8:f9:22:6d:55:fe:8e:
         0b:ff:f2:6a:45:d0:8a:ec:a4:32:f5:cd:67:36:ed:74:a1:86:
         13:93:02:af:5c:ab:f9:7f:01:f2:d3:52:a7:23:5e:13:9f:ef:
         38:f2:6a:3d:5e:b5:b7:f0:1b:71:81:d0:f6:91:00:19:08:4f:
         b3:0c:8f:f9:7a:b3:21:f6:36:fd:df:f2:78:83:74:18:b6:79:
         80:e2:89:31:d6:5f:69:b1:2a:c7:f7:1f:26:94:50:1c:fc:f6:
         91:cc:b7:36:54:2b:68:55:0d:8a:f8:9e:f6:8b:a7:c7:33:a9:
         dc:dd:c2:7c:d4:5c:ed:21:13:08:e5:9e:49:95:2f:d1:e1:4d:
         ea:0c:14:1e:7b:1b:42:ec:13:7f:6f:71:e6:5b:7e:44:c3:fa:
         1b:27:54:02:71:c1:97:04:94:fb:e3:a3:68:04:f9:8b:bf:9d:
         c5:a1:99:92
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAscwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDQ5M0IxMTAvBgNVBAUTKENDODNCQjZEMEFBMTc3OURFQTE2OUVEQkE0QTQwMjI4
REUyMUJEN0IwHhcNMjQxMTIzMDA1OTAzWhcNMjQxMTMwMDA1OTAzWjAYMRYwFAYD
VQQDEw02NzQxMjhkNy04MzY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu3fodNq7V89tTbsW1S+xb/iMtWGjS2mZjhWu3EEcGq/3/2F71BgTmr4smf2O
8d6IFGvLqxbkv1jgY3X8DclZChGMB6hRZ/VQTl6ugUy7sYMtWInebuYs5XuoFUKC
wIyFdE2YULtlMieM5UDkjV3KqRsw/+WJAiXOr+nBYFzuHktUK+DtEMEK7qGbXTTK
LRL16/8B1lyhIpU9bH5y82WHqb9AbdxNep1s7TFVYC5/f0IJy6j9xVTcCGUGQRxt
6gCtOmE8Y153Lkgmyqcg5oxnq6tGGjXo8q9+94v3B1N+7geCydaXBIwMjDbVW2hx
ovQZcB8RRLEkVzdyhD5eypfzgwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJzJg++i
FNrED6yUXU5byHErJkU0MB8GA1UdIwQYMBaAFMyDu20KoXed6hae26SkAijeIb17
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENDkzQi9EQkFEMzdBMENB
QUUxMUVDODI0MTI4MERDNEY5QUUwMi96SU83YlFxaGQ1M3FGcDdicEtRQ0tONGh2
WHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3pJTzdiUXFoZDUzcUZwN2JwS1FDS040aHZYcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
NDkzQi9EQkFEMzdBMENBQUUxMUVDODI0MTI4MERDNEY5QUUwMi96SU83YlFxaGQ1
M3FGcDdicEtRQ0tONGh2WHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBwkOrJt3qYuUrrgzQ4yllWsivqGm/NDiBElRvhzngVz/Ot2zRugdb2
AFnhEzKE/g2XDxvVnlU5DK5i5bN4OtpkXXZgstzxkQUZvJRrmwDE2M9pibj5Im1V
/o4L//JqRdCK7KQy9c1nNu10oYYTkwKvXKv5fwHy01KnI14Tn+848mo9XrW38Btx
gdD2kQAZCE+zDI/5erMh9jb93/J4g3QYtnmA4okx1l9psSrH9x8mlFAc/PaRzLc2
VCtoVQ2K+J72i6fHM6nc3cJ81FztIRMI5Z5JlS/R4U3qDBQeextC7BN/b3HmW35E
w/obJ1QCccGXBJT746NoBPmLv53FoZmS
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:58:52 2024 by rpki-client on console-ams.rpki-client.org