Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6BEF/4EA866C4C44211E99477E21FC4F9AE02/gR3hHn7cHBB2BVnus5v9Ztaa6kY.mft
File:                     gR3hHn7cHBB2BVnus5v9Ztaa6kY.mft (raw, json)
Hash identifier:          f6TYISG58+Wm0Ar0Xbj8bnGyAPTZ9LyfdPdq8aswbI4=
Subject key identifier:   47:94:BB:34:C2:78:85:54:9D:14:14:FB:67:50:EC:32:55:A4:1A:B8
Authority key identifier: 81:1D:E1:1E:7E:DC:1C:10:76:05:59:EE:B3:9B:FD:66:D6:9A:EA:46
Certificate issuer:       /CN=A91E6BEF/serialNumber=811DE11E7EDC1C10760559EEB39BFD66D69AEA46
Certificate serial:       0DB2
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gR3hHn7cHBB2BVnus5v9Ztaa6kY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E6BEF/4EA866C4C44211E99477E21FC4F9AE02/gR3hHn7cHBB2BVnus5v9Ztaa6kY.mft
Manifest number:          0DA9
Signing time:             Thu 24 Jul 2025 18:03:52 +0000
Manifest this update:     Thu 24 Jul 2025 18:03:51 +0000
Manifest next update:     Thu 31 Jul 2025 18:03:51 +0000
Files and hashes:         1: gR3hHn7cHBB2BVnus5v9Ztaa6kY.crl (hash: 4659oOmRmUKgEeyRVst3nIoCfpN3vLCnKvQ8DRRNbIc=)
                          2: FEBD6C62C4B511E9B7D53A7FC4F9AE02.roa (hash: UdehkLAzVXoFe5wUis48zru/UMqEMsZcDt54OS7NI9c=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91E6BEF/4EA866C4C44211E99477E21FC4F9AE02/gR3hHn7cHBB2BVnus5v9Ztaa6kY.crl
                          rsync://rpki.apnic.net/member_repository/A91E6BEF/4EA866C4C44211E99477E21FC4F9AE02/gR3hHn7cHBB2BVnus5v9Ztaa6kY.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gR3hHn7cHBB2BVnus5v9Ztaa6kY.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 31 Jul 2025 18:03:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3506 (0xdb2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E6BEF, serialNumber=811DE11E7EDC1C10760559EEB39BFD66D69AEA46
        Validity
            Not Before: Jul 24 18:03:51 2025 GMT
            Not After : Jul 31 18:03:51 2025 GMT
        Subject: CN=68827587-3d1c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:95:b9:e7:ee:60:cf:75:a4:0d:8b:c3:2a:a4:
                    d6:f7:eb:84:bd:f1:1c:82:aa:ed:96:b5:22:77:a3:
                    60:77:2f:fa:20:fc:a8:2d:7f:9f:56:f8:d1:66:c7:
                    33:ae:77:68:7a:a9:8a:52:4b:39:5a:eb:d7:29:f5:
                    00:09:28:65:3e:01:ac:ea:9a:e1:12:cb:ff:66:f1:
                    93:18:43:37:1a:96:39:8d:25:5c:ca:a8:14:73:ea:
                    77:ad:63:6d:55:7f:94:b0:87:07:89:1d:63:e2:4a:
                    97:ed:b2:88:15:71:b5:cd:a5:67:16:31:2e:ce:65:
                    58:2e:cd:f2:fa:04:f8:5b:3e:92:fb:76:ee:af:cd:
                    44:86:92:cd:e1:97:08:3f:14:2f:27:41:0f:76:6c:
                    b5:f0:35:02:b4:25:7c:7c:46:90:98:47:36:1e:e6:
                    74:a0:52:8d:96:e9:a1:61:60:98:43:de:1b:33:2e:
                    f9:bb:ca:93:91:11:54:db:0a:51:de:a6:65:b5:e3:
                    84:46:7d:91:fb:c7:3e:7c:5d:69:27:3a:a5:a8:7c:
                    b2:89:ff:45:dc:7a:77:b2:fe:26:e4:ae:e6:dc:f2:
                    54:a8:04:92:ea:0d:7d:87:a4:c6:0f:aa:3c:31:ad:
                    ce:5b:97:8f:a8:6b:00:6a:99:43:3b:7f:b0:46:a7:
                    ca:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:94:BB:34:C2:78:85:54:9D:14:14:FB:67:50:EC:32:55:A4:1A:B8
            X509v3 Authority Key Identifier:
                keyid:81:1D:E1:1E:7E:DC:1C:10:76:05:59:EE:B3:9B:FD:66:D6:9A:EA:46

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E6BEF/4EA866C4C44211E99477E21FC4F9AE02/gR3hHn7cHBB2BVnus5v9Ztaa6kY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gR3hHn7cHBB2BVnus5v9Ztaa6kY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6BEF/4EA866C4C44211E99477E21FC4F9AE02/gR3hHn7cHBB2BVnus5v9Ztaa6kY.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:91:d5:92:cd:0d:1d:6d:bb:24:7f:14:16:86:1d:5b:9d:b3:
         62:24:ae:6e:c8:5e:54:d4:95:2e:9b:a1:c5:bd:50:46:b9:18:
         78:a1:67:e8:18:50:73:e9:45:f3:c4:f5:f4:ea:14:aa:29:fc:
         6b:c7:52:48:06:42:a5:a1:77:78:d7:bb:a3:fe:48:86:8b:92:
         2e:fa:97:be:98:cb:af:1a:2e:4f:f8:41:08:31:64:1d:09:91:
         94:bd:a0:60:69:e7:9f:02:3a:7e:97:29:15:21:e4:61:a3:7e:
         4a:32:a0:3f:7c:6e:83:e6:25:ca:a1:15:49:75:ce:aa:e6:62:
         f2:81:99:94:5e:8f:e0:cb:a2:06:ab:36:23:10:87:42:95:ca:
         5c:6b:11:16:c5:25:37:54:c3:04:a9:80:f6:6c:bf:0f:10:54:
         7c:58:f2:9a:1e:97:0c:d5:16:9e:ad:07:28:b4:a4:25:4f:2e:
         54:78:50:65:91:e0:c9:4a:14:1d:db:68:fe:ae:9f:10:f1:fd:
         9e:86:00:03:97:1d:81:99:21:b8:a1:65:6a:1e:9c:f0:48:66:
         ba:19:60:9f:14:12:fa:49:46:86:8f:f5:fd:01:2d:38:8d:ef:
         8b:2b:1e:58:1e:57:e7:9a:54:34:5c:27:67:ae:eb:1f:d1:6f:
         4b:0f:c6:8a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICDbIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTZCRUYxMTAvBgNVBAUTKDgxMURFMTFFN0VEQzFDMTA3NjA1NTlFRUIzOUJGRDY2
RDY5QUVBNDYwHhcNMjUwNzI0MTgwMzUxWhcNMjUwNzMxMTgwMzUxWjAYMRYwFAYD
VQQDEw02ODgyNzU4Ny0zZDFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzpW55+5gz3WkDYvDKqTW9+uEvfEcgqrtlrUid6Ngdy/6IPyoLX+fVvjRZscz
rndoeqmKUks5WuvXKfUACShlPgGs6prhEsv/ZvGTGEM3GpY5jSVcyqgUc+p3rWNt
VX+UsIcHiR1j4kqX7bKIFXG1zaVnFjEuzmVYLs3y+gT4Wz6S+3bur81EhpLN4ZcI
PxQvJ0EPdmy18DUCtCV8fEaQmEc2HuZ0oFKNlumhYWCYQ94bMy75u8qTkRFU2wpR
3qZlteOERn2R+8c+fF1pJzqlqHyyif9F3Hp3sv4m5K7m3PJUqASS6g19h6TGD6o8
Ma3OW5ePqGsAaplDO3+wRqfKaQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEeUuzTC
eIVUnRQU+2dQ7DJVpBq4MB8GA1UdIwQYMBaAFIEd4R5+3BwQdgVZ7rOb/WbWmupG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNkJFRi80RUE4NjZDNEM0
NDIxMUU5OTQ3N0UyMUZDNEY5QUUwMi9nUjNoSG43Y0hCQjJCVm51czV2OVp0YWE2
a1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2dSM2hIbjdjSEJCMkJWbnVzNXY5WnRhYTZrWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
NkJFRi80RUE4NjZDNEM0NDIxMUU5OTQ3N0UyMUZDNEY5QUUwMi9nUjNoSG43Y0hC
QjJCVm51czV2OVp0YWE2a1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBJkdWSzQ0dbbskfxQWhh1bnbNiJK5uyF5U1JUum6HFvVBGuRh4oWfo
GFBz6UXzxPX06hSqKfxrx1JIBkKloXd417uj/kiGi5Iu+pe+mMuvGi5P+EEIMWQd
CZGUvaBgaeefAjp+lykVIeRho35KMqA/fG6D5iXKoRVJdc6q5mLygZmUXo/gy6IG
qzYjEIdClcpcaxEWxSU3VMMEqYD2bL8PEFR8WPKaHpcM1RaerQcotKQlTy5UeFBl
keDJShQd22j+rp8Q8f2ehgADlx2BmSG4oWVqHpzwSGa6GWCfFBL6SUaGj/X9AS04
je+LKx5YHlfnmlQ0XCdnrusf0W9LD8aK
-----END CERTIFICATE-----
Generated at Fri Jul 25 04:44:18 2025 by rpki-client