Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6BEF/4EA866C4C44211E99477E21FC4F9AE02/gR3hHn7cHBB2BVnus5v9Ztaa6kY.mft
File:                     gR3hHn7cHBB2BVnus5v9Ztaa6kY.mft (raw, json)
Hash identifier:          +pSPgDL3pdPtBTfVYZSUziKVkqYs+ldtQVe5wV6XlVE=
Subject key identifier:   AA:FA:AA:6D:9F:7B:59:6D:AE:E3:95:9A:8A:4B:57:3D:2B:11:5D:F0
Authority key identifier: 81:1D:E1:1E:7E:DC:1C:10:76:05:59:EE:B3:9B:FD:66:D6:9A:EA:46
Certificate issuer:       /CN=A91E6BEF/serialNumber=811DE11E7EDC1C10760559EEB39BFD66D69AEA46
Certificate serial:       0DB1
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gR3hHn7cHBB2BVnus5v9Ztaa6kY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E6BEF/4EA866C4C44211E99477E21FC4F9AE02/gR3hHn7cHBB2BVnus5v9Ztaa6kY.mft
Manifest number:          0DA8
Signing time:             Tue 22 Jul 2025 18:04:39 +0000
Manifest this update:     Tue 22 Jul 2025 18:04:39 +0000
Manifest next update:     Tue 29 Jul 2025 18:04:39 +0000
Files and hashes:         1: gR3hHn7cHBB2BVnus5v9Ztaa6kY.crl (hash: vYX9fw5nWcH3ozX+D0c9CbEXOSV6QKZYp+CJ6Ezpr1w=)
                          2: FEBD6C62C4B511E9B7D53A7FC4F9AE02.roa (hash: UdehkLAzVXoFe5wUis48zru/UMqEMsZcDt54OS7NI9c=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91E6BEF/4EA866C4C44211E99477E21FC4F9AE02/gR3hHn7cHBB2BVnus5v9Ztaa6kY.crl
                          rsync://rpki.apnic.net/member_repository/A91E6BEF/4EA866C4C44211E99477E21FC4F9AE02/gR3hHn7cHBB2BVnus5v9Ztaa6kY.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gR3hHn7cHBB2BVnus5v9Ztaa6kY.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 29 Jul 2025 18:04:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3505 (0xdb1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E6BEF, serialNumber=811DE11E7EDC1C10760559EEB39BFD66D69AEA46
        Validity
            Not Before: Jul 22 18:04:39 2025 GMT
            Not After : Jul 29 18:04:39 2025 GMT
        Subject: CN=687fd2b7-1c80
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:17:4a:f1:34:6d:00:4b:d8:f7:de:4c:58:b9:
                    67:43:3f:b8:f2:9c:f7:89:5d:df:8d:df:c4:06:06:
                    45:f9:53:6e:30:7d:13:40:b0:f2:f4:3d:47:60:53:
                    c7:40:d0:6f:23:5d:c6:fb:cf:b3:ab:40:f0:bf:3d:
                    20:c2:f4:e2:23:a9:5a:a4:5f:78:be:1b:7e:1b:07:
                    68:59:7f:f5:0c:05:d7:7f:a0:92:f2:07:65:dc:49:
                    2a:f9:5a:9a:34:45:a8:8d:f5:46:b3:c3:2c:64:e0:
                    40:ba:39:4d:a6:25:a0:e3:42:49:38:90:6e:28:98:
                    72:19:91:23:5b:11:47:5f:b4:47:5f:cf:3c:32:e8:
                    58:16:e0:c3:f1:fc:44:a5:83:e9:2c:f4:c3:f0:ce:
                    9a:ef:24:70:1a:10:dd:fd:21:84:67:9f:0a:f0:91:
                    05:73:56:2f:3e:09:f4:dd:da:12:d2:9b:e7:d1:a3:
                    ba:d8:9b:57:75:56:ec:1c:6f:e9:3b:b2:e1:6f:8c:
                    30:c6:0a:cc:d9:65:74:3a:ba:ad:83:f6:16:9f:7c:
                    0c:df:74:06:ce:3b:da:de:e7:aa:4c:fd:14:34:5f:
                    36:21:77:10:82:75:f3:be:af:af:1a:f9:90:55:e3:
                    4a:af:b6:9d:c2:1b:e9:a9:4f:03:0e:32:b6:b7:74:
                    ac:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:FA:AA:6D:9F:7B:59:6D:AE:E3:95:9A:8A:4B:57:3D:2B:11:5D:F0
            X509v3 Authority Key Identifier:
                keyid:81:1D:E1:1E:7E:DC:1C:10:76:05:59:EE:B3:9B:FD:66:D6:9A:EA:46

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E6BEF/4EA866C4C44211E99477E21FC4F9AE02/gR3hHn7cHBB2BVnus5v9Ztaa6kY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gR3hHn7cHBB2BVnus5v9Ztaa6kY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6BEF/4EA866C4C44211E99477E21FC4F9AE02/gR3hHn7cHBB2BVnus5v9Ztaa6kY.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:c2:c9:38:b8:27:f7:cb:08:40:ad:06:e6:a5:67:b8:ff:7c:
         27:4a:a6:b5:eb:8d:cb:19:9c:b9:66:20:1c:b3:54:0d:9f:e0:
         f2:b2:4d:71:47:20:41:f1:71:02:25:9d:ce:e9:57:13:88:1e:
         c3:18:5d:f0:b6:8f:f0:ab:fa:d5:33:00:a4:c3:c4:33:1f:e6:
         57:26:39:43:73:6a:65:e0:1b:ac:aa:71:df:dc:09:4c:ec:55:
         e0:da:ce:da:b8:e5:8b:95:ee:6a:3a:4f:4d:ff:cc:90:fa:63:
         35:e7:e9:9b:e6:68:d3:a6:ce:36:fe:72:55:7b:ef:91:b1:91:
         09:a1:2c:75:22:fe:83:f9:e5:16:3d:ec:78:f1:53:02:a6:83:
         7c:21:ec:52:89:d0:1f:5a:b6:8e:a4:33:77:d0:16:1a:67:d0:
         13:71:59:e2:8b:d6:60:83:33:49:5e:3e:4f:37:0d:b7:1f:ee:
         be:cb:3c:84:e8:1b:c9:d6:30:39:80:3e:cc:cb:3f:e5:a5:00:
         35:2b:c9:ae:98:a7:29:11:22:a7:13:99:64:c8:43:e5:1a:ae:
         31:05:23:85:32:3e:54:d6:89:10:a8:82:b7:b3:2a:7a:c5:15:
         6b:f9:03:f9:3b:31:20:5b:b1:77:54:af:6e:c3:2c:2d:c2:c3:
         1d:8d:a5:15
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICDbEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTZCRUYxMTAvBgNVBAUTKDgxMURFMTFFN0VEQzFDMTA3NjA1NTlFRUIzOUJGRDY2
RDY5QUVBNDYwHhcNMjUwNzIyMTgwNDM5WhcNMjUwNzI5MTgwNDM5WjAYMRYwFAYD
VQQDEw02ODdmZDJiNy0xYzgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAshdK8TRtAEvY995MWLlnQz+48pz3iV3fjd/EBgZF+VNuMH0TQLDy9D1HYFPH
QNBvI13G+8+zq0Dwvz0gwvTiI6lapF94vht+GwdoWX/1DAXXf6CS8gdl3Ekq+Vqa
NEWojfVGs8MsZOBAujlNpiWg40JJOJBuKJhyGZEjWxFHX7RHX888MuhYFuDD8fxE
pYPpLPTD8M6a7yRwGhDd/SGEZ58K8JEFc1YvPgn03doS0pvn0aO62JtXdVbsHG/p
O7Lhb4wwxgrM2WV0Orqtg/YWn3wM33QGzjva3ueqTP0UNF82IXcQgnXzvq+vGvmQ
VeNKr7adwhvpqU8DDjK2t3SsbQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKr6qm2f
e1ltruOVmopLVz0rEV3wMB8GA1UdIwQYMBaAFIEd4R5+3BwQdgVZ7rOb/WbWmupG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNkJFRi80RUE4NjZDNEM0
NDIxMUU5OTQ3N0UyMUZDNEY5QUUwMi9nUjNoSG43Y0hCQjJCVm51czV2OVp0YWE2
a1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2dSM2hIbjdjSEJCMkJWbnVzNXY5WnRhYTZrWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
NkJFRi80RUE4NjZDNEM0NDIxMUU5OTQ3N0UyMUZDNEY5QUUwMi9nUjNoSG43Y0hC
QjJCVm51czV2OVp0YWE2a1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCBwsk4uCf3ywhArQbmpWe4/3wnSqa1643LGZy5ZiAcs1QNn+Dysk1x
RyBB8XECJZ3O6VcTiB7DGF3wto/wq/rVMwCkw8QzH+ZXJjlDc2pl4BusqnHf3AlM
7FXg2s7auOWLle5qOk9N/8yQ+mM15+mb5mjTps42/nJVe++RsZEJoSx1Iv6D+eUW
Pex48VMCpoN8IexSidAfWraOpDN30BYaZ9ATcVnii9ZggzNJXj5PNw23H+6+yzyE
6BvJ1jA5gD7Myz/lpQA1K8mumKcpESKnE5lkyEPlGq4xBSOFMj5U1okQqIK3syp6
xRVr+QP5OzEgW7F3VK9uwywtwsMdjaUV
-----END CERTIFICATE-----
Generated at Thu Jul 24 05:10:07 2025 by rpki-client