Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6BEF/4EA866C4C44211E99477E21FC4F9AE02/gR3hHn7cHBB2BVnus5v9Ztaa6kY.mft
File:                     gR3hHn7cHBB2BVnus5v9Ztaa6kY.mft (raw, json)
Hash identifier:          cXdv4OlHIDoR8RxMc2kbW7lgTcp5EH7HOFMcFGZ2NGE=
Subject key identifier:   53:D4:7E:7D:4B:28:A6:C6:62:A1:CF:C0:98:3A:FD:3B:8F:55:8A:00
Authority key identifier: 81:1D:E1:1E:7E:DC:1C:10:76:05:59:EE:B3:9B:FD:66:D6:9A:EA:46
Certificate issuer:       /CN=A91E6BEF/serialNumber=811DE11E7EDC1C10760559EEB39BFD66D69AEA46
Certificate serial:       0DB0
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gR3hHn7cHBB2BVnus5v9Ztaa6kY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E6BEF/4EA866C4C44211E99477E21FC4F9AE02/gR3hHn7cHBB2BVnus5v9Ztaa6kY.mft
Manifest number:          0DA7
Signing time:             Sun 20 Jul 2025 17:56:46 +0000
Manifest this update:     Sun 20 Jul 2025 17:56:46 +0000
Manifest next update:     Sun 27 Jul 2025 17:56:46 +0000
Files and hashes:         1: gR3hHn7cHBB2BVnus5v9Ztaa6kY.crl (hash: dpPhUqssMXx1iNbBiDET0lNLYWnBp5MxRkP77dC8VSM=)
                          2: FEBD6C62C4B511E9B7D53A7FC4F9AE02.roa (hash: UdehkLAzVXoFe5wUis48zru/UMqEMsZcDt54OS7NI9c=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91E6BEF/4EA866C4C44211E99477E21FC4F9AE02/gR3hHn7cHBB2BVnus5v9Ztaa6kY.crl
                          rsync://rpki.apnic.net/member_repository/A91E6BEF/4EA866C4C44211E99477E21FC4F9AE02/gR3hHn7cHBB2BVnus5v9Ztaa6kY.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gR3hHn7cHBB2BVnus5v9Ztaa6kY.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 27 Jul 2025 17:56:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3504 (0xdb0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E6BEF, serialNumber=811DE11E7EDC1C10760559EEB39BFD66D69AEA46
        Validity
            Not Before: Jul 20 17:56:46 2025 GMT
            Not After : Jul 27 17:56:46 2025 GMT
        Subject: CN=687d2dde-18a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:41:50:c0:5d:f4:01:08:7a:2f:f3:b8:80:ac:
                    7a:eb:06:fd:12:77:9a:7f:47:56:a6:fc:76:05:b1:
                    34:4d:f8:6d:c4:9e:07:32:fb:3d:74:a9:0f:63:72:
                    11:a4:cc:fc:af:db:ec:f7:ec:66:16:b5:17:87:13:
                    c7:73:d0:e6:de:a6:a7:d4:4e:2b:90:3e:74:73:64:
                    24:7f:ee:26:54:a7:32:6e:06:83:7f:4c:df:19:18:
                    e9:c4:8e:43:52:cd:2b:7d:4f:de:73:22:3f:27:9b:
                    55:a7:5d:db:02:cf:2c:5b:f4:1a:ca:bc:40:a1:b2:
                    8f:d8:7c:cb:07:6f:d9:44:07:0c:0c:fd:5a:60:f1:
                    29:a9:84:ef:4d:52:84:f3:d3:a1:59:d8:36:35:c5:
                    bb:22:71:35:6e:8a:ac:8c:29:77:17:9c:80:cc:19:
                    75:1e:b6:10:b8:3c:ce:58:50:4a:56:e0:7b:1a:67:
                    d4:3b:0d:b5:c9:37:d1:c0:31:27:43:43:58:10:9a:
                    a7:b6:e1:23:68:05:5f:8c:7e:4e:9c:ba:40:28:6d:
                    6e:72:c5:d9:94:61:24:2f:46:28:b2:d0:03:7e:64:
                    0c:95:cc:a2:ea:0f:24:85:09:2f:a0:50:71:53:18:
                    77:85:b0:63:3b:ad:88:c4:b1:73:0e:2a:24:1e:ec:
                    ea:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:D4:7E:7D:4B:28:A6:C6:62:A1:CF:C0:98:3A:FD:3B:8F:55:8A:00
            X509v3 Authority Key Identifier:
                keyid:81:1D:E1:1E:7E:DC:1C:10:76:05:59:EE:B3:9B:FD:66:D6:9A:EA:46

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E6BEF/4EA866C4C44211E99477E21FC4F9AE02/gR3hHn7cHBB2BVnus5v9Ztaa6kY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gR3hHn7cHBB2BVnus5v9Ztaa6kY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6BEF/4EA866C4C44211E99477E21FC4F9AE02/gR3hHn7cHBB2BVnus5v9Ztaa6kY.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:b0:44:f4:7c:0e:f1:d0:4a:8b:b8:f8:0d:c1:39:c3:fd:fe:
         1f:09:dc:38:48:1e:31:0d:89:88:34:d9:a4:0c:6b:76:66:d6:
         51:6d:bc:58:96:ca:fc:19:26:93:c3:74:ad:80:40:82:c8:f0:
         a7:f1:66:47:a6:79:0a:5c:09:37:4f:3b:9c:1c:5a:8b:cd:8b:
         2d:6a:b4:32:a0:11:a7:a8:b6:14:d2:64:1e:15:e0:50:5a:0b:
         4e:ee:a4:2e:c0:15:e5:cb:7c:57:e4:25:ea:87:32:ea:04:61:
         cc:e7:27:dd:c6:94:fc:23:c8:32:40:ce:ba:bd:0f:43:64:9f:
         ba:da:17:57:0d:b0:70:5a:ff:2d:7b:0f:76:6c:85:86:4f:16:
         05:9a:56:fa:8b:56:47:5a:e7:5c:61:5c:67:a0:4e:ac:a4:fc:
         94:80:ba:53:fd:d2:f6:10:97:f5:34:1e:26:72:2b:35:72:5a:
         84:da:ed:9e:29:cf:a3:c1:1f:5a:29:c3:ac:08:0f:34:5b:6c:
         77:8d:1e:67:1a:b8:e3:8b:81:74:e2:99:5d:cd:4c:41:e2:74:
         c9:04:75:d7:8f:d5:e8:c7:bd:66:81:d5:76:fc:2d:d9:40:65:
         b6:f9:b3:19:c8:17:3a:c7:c8:8e:1b:3b:fc:45:22:81:eb:55:
         f5:13:03:c2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICDbAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTZCRUYxMTAvBgNVBAUTKDgxMURFMTFFN0VEQzFDMTA3NjA1NTlFRUIzOUJGRDY2
RDY5QUVBNDYwHhcNMjUwNzIwMTc1NjQ2WhcNMjUwNzI3MTc1NjQ2WjAYMRYwFAYD
VQQDEw02ODdkMmRkZS0xOGE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0UFQwF30AQh6L/O4gKx66wb9Eneaf0dWpvx2BbE0TfhtxJ4HMvs9dKkPY3IR
pMz8r9vs9+xmFrUXhxPHc9Dm3qan1E4rkD50c2Qkf+4mVKcybgaDf0zfGRjpxI5D
Us0rfU/ecyI/J5tVp13bAs8sW/QayrxAobKP2HzLB2/ZRAcMDP1aYPEpqYTvTVKE
89OhWdg2NcW7InE1boqsjCl3F5yAzBl1HrYQuDzOWFBKVuB7GmfUOw21yTfRwDEn
Q0NYEJqntuEjaAVfjH5OnLpAKG1ucsXZlGEkL0YostADfmQMlcyi6g8khQkvoFBx
Uxh3hbBjO62IxLFzDiokHuzq5wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFPUfn1L
KKbGYqHPwJg6/TuPVYoAMB8GA1UdIwQYMBaAFIEd4R5+3BwQdgVZ7rOb/WbWmupG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNkJFRi80RUE4NjZDNEM0
NDIxMUU5OTQ3N0UyMUZDNEY5QUUwMi9nUjNoSG43Y0hCQjJCVm51czV2OVp0YWE2
a1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2dSM2hIbjdjSEJCMkJWbnVzNXY5WnRhYTZrWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
NkJFRi80RUE4NjZDNEM0NDIxMUU5OTQ3N0UyMUZDNEY5QUUwMi9nUjNoSG43Y0hC
QjJCVm51czV2OVp0YWE2a1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBCsET0fA7x0EqLuPgNwTnD/f4fCdw4SB4xDYmINNmkDGt2ZtZRbbxY
lsr8GSaTw3StgECCyPCn8WZHpnkKXAk3TzucHFqLzYstarQyoBGnqLYU0mQeFeBQ
WgtO7qQuwBXly3xX5CXqhzLqBGHM5yfdxpT8I8gyQM66vQ9DZJ+62hdXDbBwWv8t
ew92bIWGTxYFmlb6i1ZHWudcYVxnoE6spPyUgLpT/dL2EJf1NB4mcis1clqE2u2e
Kc+jwR9aKcOsCA80W2x3jR5nGrjji4F04pldzUxB4nTJBHXXj9Xox71mgdV2/C3Z
QGW2+bMZyBc6x8iOGzv8RSKB61X1EwPC
-----END CERTIFICATE-----
Generated at Tue Jul 22 12:36:28 2025 by rpki-client