Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91DED5A/5DEDA028CF7E11EC932E024AC4F9AE02/DZhBj4TCLONROV4eXE1dka5g_h8.mft
File:                     DZhBj4TCLONROV4eXE1dka5g_h8.mft (raw, json)
Hash identifier:          i131ElFjTmbL3gW0VuPPuTxeMqf+r2kpdZAsvQpAyZs=
Subject key identifier:   BF:7D:EB:F8:A5:13:59:F6:2D:3B:33:28:64:DB:1A:2A:C5:4F:BB:E5
Authority key identifier: 0D:98:41:8F:84:C2:2C:E3:51:39:5E:1E:5C:4D:5D:91:AE:60:FE:1F
Certificate issuer:       /CN=A91DED5A/serialNumber=0D98418F84C22CE351395E1E5C4D5D91AE60FE1F
Certificate serial:       02BD
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DZhBj4TCLONROV4eXE1dka5g_h8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91DED5A/5DEDA028CF7E11EC932E024AC4F9AE02/DZhBj4TCLONROV4eXE1dka5g_h8.mft
Manifest number:          02B8
Signing time:             Sat 23 Nov 2024 01:00:59 +0000
Manifest this update:     Sat 23 Nov 2024 01:00:58 +0000
Manifest next update:     Sat 30 Nov 2024 01:00:58 +0000
Files and hashes:         1: DZhBj4TCLONROV4eXE1dka5g_h8.crl (hash: 9Bvo3Ul77SIuI2UVcQvvnNDkWYoAYJ2jYsXy9SkYevM=)
                          2: 26DB1136FDFC11ECBB977313C4F9AE02.roa (hash: ATHtpOo5iB32fJStBSLmEkpBLzW5yPkGZ3s+RacPoK8=)

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91DED5A/5DEDA028CF7E11EC932E024AC4F9AE02/DZhBj4TCLONROV4eXE1dka5g_h8.crl
                          rsync://rpki.apnic.net/member_repository/A91DED5A/5DEDA028CF7E11EC932E024AC4F9AE02/DZhBj4TCLONROV4eXE1dka5g_h8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DZhBj4TCLONROV4eXE1dka5g_h8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Nov 2024 01:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 701 (0x2bd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91DED5A/serialNumber=0D98418F84C22CE351395E1E5C4D5D91AE60FE1F
        Validity
            Not Before: Nov 23 01:00:58 2024 GMT
            Not After : Nov 30 01:00:58 2024 GMT
        Subject: CN=6741294b-d9b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:2c:cd:b8:16:74:87:24:ec:b0:cd:39:33:5c:
                    81:35:2e:80:e4:e7:ef:58:fb:a3:08:b9:9c:f9:9e:
                    c9:45:94:a4:57:ed:b0:de:d2:11:f2:04:76:31:d8:
                    86:a5:d7:1b:d1:77:db:1e:83:37:bd:ab:0a:d5:d4:
                    5c:0a:46:97:0e:c6:d5:aa:d5:79:46:15:fd:1e:25:
                    8b:92:e1:68:1d:17:3f:3d:a0:43:f6:b2:be:b0:32:
                    64:ff:0e:20:4e:b4:15:7c:31:30:ad:94:8d:45:b2:
                    4c:c0:bb:39:f8:bb:61:cc:d4:23:89:66:79:d1:17:
                    7e:76:ff:49:0c:38:24:c6:70:4b:38:bc:9b:55:d7:
                    19:52:a6:08:c4:8c:3b:ab:1c:e4:f4:d9:b3:cc:cf:
                    a2:3d:c0:93:fb:e2:96:8a:8f:1f:28:22:bf:0d:f3:
                    d9:1e:5b:89:4f:7c:47:a5:37:04:21:a3:b3:d2:b2:
                    70:0c:f9:64:27:31:d6:72:c3:50:d8:33:b6:92:e4:
                    4b:53:22:47:b5:ae:a9:14:37:49:f5:8c:69:d2:62:
                    b1:09:76:e4:eb:78:78:95:af:65:05:14:c0:f6:91:
                    b4:d4:98:31:2d:f7:aa:f7:ff:4b:4f:59:9c:65:b1:
                    c0:ab:e9:0d:0f:16:10:a6:84:7e:62:54:c5:3b:4a:
                    ad:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:7D:EB:F8:A5:13:59:F6:2D:3B:33:28:64:DB:1A:2A:C5:4F:BB:E5
            X509v3 Authority Key Identifier:
                keyid:0D:98:41:8F:84:C2:2C:E3:51:39:5E:1E:5C:4D:5D:91:AE:60:FE:1F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91DED5A/5DEDA028CF7E11EC932E024AC4F9AE02/DZhBj4TCLONROV4eXE1dka5g_h8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DZhBj4TCLONROV4eXE1dka5g_h8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DED5A/5DEDA028CF7E11EC932E024AC4F9AE02/DZhBj4TCLONROV4eXE1dka5g_h8.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:30:5f:48:d1:52:eb:5e:06:b3:7f:91:f5:3e:a2:48:1c:b0:
         44:99:42:08:13:da:29:1e:8e:1e:6e:ff:46:fb:27:bb:93:e4:
         b3:1a:7d:1e:09:c1:f4:f2:8d:f3:f4:c9:70:85:5f:9b:b4:92:
         cd:57:f1:08:8d:91:7e:bc:59:d9:48:2a:de:8b:21:fc:30:62:
         65:6c:bd:a5:d4:20:dd:a0:35:45:2d:fb:7d:63:d2:24:2e:03:
         1a:9e:dc:76:34:71:ae:6a:07:71:a7:68:50:02:78:2d:5a:9e:
         48:3e:44:8a:bf:6e:29:8e:b7:48:6b:9f:c3:da:b0:03:bf:c4:
         22:28:cc:55:5d:8f:55:4c:92:0d:5b:33:6b:ef:38:40:6e:68:
         06:bb:b6:b3:ba:16:bc:99:a3:27:2b:70:4d:11:cd:e6:70:ac:
         68:2b:f8:c4:5b:2c:32:6b:c2:c4:8c:ec:95:49:79:01:43:98:
         b6:b7:df:a7:ec:7a:69:80:80:0c:a5:74:f8:b9:53:f7:2d:de:
         71:3b:7c:bd:e9:fe:e6:70:a3:61:05:57:fb:33:3b:c8:f6:70:
         c5:f3:40:34:4d:33:24:65:19:fa:a5:e2:8b:c7:de:63:83:34:
         93:21:26:78:07:4b:6c:16:50:9e:7f:57:83:7f:3c:87:e2:e6:
         a8:14:d3:17
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAr0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REVENUExMTAvBgNVBAUTKDBEOTg0MThGODRDMjJDRTM1MTM5NUUxRTVDNEQ1RDkx
QUU2MEZFMUYwHhcNMjQxMTIzMDEwMDU4WhcNMjQxMTMwMDEwMDU4WjAYMRYwFAYD
VQQDEw02NzQxMjk0Yi1kOWIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyizNuBZ0hyTssM05M1yBNS6A5OfvWPujCLmc+Z7JRZSkV+2w3tIR8gR2MdiG
pdcb0XfbHoM3vasK1dRcCkaXDsbVqtV5RhX9HiWLkuFoHRc/PaBD9rK+sDJk/w4g
TrQVfDEwrZSNRbJMwLs5+LthzNQjiWZ50Rd+dv9JDDgkxnBLOLybVdcZUqYIxIw7
qxzk9NmzzM+iPcCT++KWio8fKCK/DfPZHluJT3xHpTcEIaOz0rJwDPlkJzHWcsNQ
2DO2kuRLUyJHta6pFDdJ9Yxp0mKxCXbk63h4la9lBRTA9pG01JgxLfeq9/9LT1mc
ZbHAq+kNDxYQpoR+YlTFO0qthwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL996/il
E1n2LTszKGTbGirFT7vlMB8GA1UdIwQYMBaAFA2YQY+EwizjUTleHlxNXZGuYP4f
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERUQ1QS81REVEQTAyOENG
N0UxMUVDOTMyRTAyNEFDNEY5QUUwMi9EWmhCajRUQ0xPTlJPVjRlWEUxZGthNWdf
aDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0RaaEJqNFRDTE9OUk9WNGVYRTFka2E1Z19oOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
RUQ1QS81REVEQTAyOENGN0UxMUVDOTMyRTAyNEFDNEY5QUUwMi9EWmhCajRUQ0xP
TlJPVjRlWEUxZGthNWdfaDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCgMF9I0VLrXgazf5H1PqJIHLBEmUIIE9opHo4ebv9G+ye7k+SzGn0e
CcH08o3z9MlwhV+btJLNV/EIjZF+vFnZSCreiyH8MGJlbL2l1CDdoDVFLft9Y9Ik
LgMantx2NHGuagdxp2hQAngtWp5IPkSKv24pjrdIa5/D2rADv8QiKMxVXY9VTJIN
WzNr7zhAbmgGu7azuha8maMnK3BNEc3mcKxoK/jEWywya8LEjOyVSXkBQ5i2t9+n
7HppgIAMpXT4uVP3Ld5xO3y96f7mcKNhBVf7MzvI9nDF80A0TTMkZRn6peKLx95j
gzSTISZ4B0tsFlCef1eDfzyH4uaoFNMX
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:58:53 2024 by rpki-client on console-ams.rpki-client.org