Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8AF2/5732C838844C11EEB1F2CA29C4F9AE02/fNlYoAf08OVuSo0kV2aIYiurciE.mft
File:                     fNlYoAf08OVuSo0kV2aIYiurciE.mft (raw, json)
Hash identifier:          sTvMZEsXS3AzCWEeOyYevz7XOyNnQCCvf8EmYTj/c8g=
Subject key identifier:   C6:A5:69:F2:44:DE:6A:13:74:E2:EF:0D:18:A2:A1:6D:C0:D1:29:80
Authority key identifier: 7C:D9:58:A0:07:F4:F0:E5:6E:4A:8D:24:57:66:88:62:2B:AB:72:21
Certificate issuer:       /CN=A91E8AF2/serialNumber=7CD958A007F4F0E56E4A8D24576688622BAB7221
Certificate serial:       0141
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fNlYoAf08OVuSo0kV2aIYiurciE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E8AF2/5732C838844C11EEB1F2CA29C4F9AE02/fNlYoAf08OVuSo0kV2aIYiurciE.mft
Manifest number:          013D
Signing time:             Mon 21 Jul 2025 04:30:59 +0000
Manifest this update:     Mon 21 Jul 2025 04:30:58 +0000
Manifest next update:     Mon 28 Jul 2025 04:30:58 +0000
Files and hashes:         1: fNlYoAf08OVuSo0kV2aIYiurciE.crl (hash: k8oPye7ekIjsw7mnswQSAW2EmNwSpOlnVQooje8w8ME=)
                          2: E7021416B54B11EE86895416C4F9AE02.roa (hash: vzHahXAFIekcStIbFKvBTMDftL9nSsfmNUK1qbKIERQ=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91E8AF2/5732C838844C11EEB1F2CA29C4F9AE02/fNlYoAf08OVuSo0kV2aIYiurciE.crl
                          rsync://rpki.apnic.net/member_repository/A91E8AF2/5732C838844C11EEB1F2CA29C4F9AE02/fNlYoAf08OVuSo0kV2aIYiurciE.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fNlYoAf08OVuSo0kV2aIYiurciE.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 28 Jul 2025 04:30:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 321 (0x141)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E8AF2, serialNumber=7CD958A007F4F0E56E4A8D24576688622BAB7221
        Validity
            Not Before: Jul 21 04:30:58 2025 GMT
            Not After : Jul 28 04:30:58 2025 GMT
        Subject: CN=687dc283-fea9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:85:c2:6c:19:db:f0:5a:3b:b9:9b:51:33:d2:
                    81:17:9d:af:81:3f:06:58:bc:71:ce:5e:2f:50:a8:
                    67:fb:36:6f:46:0c:93:d2:52:b2:0c:e4:ce:d9:31:
                    6c:9b:60:ea:42:b1:eb:0b:f2:ad:5b:93:86:f5:90:
                    bb:97:25:f2:f4:bb:88:8e:8f:aa:95:65:5f:21:5a:
                    59:59:ac:4e:d9:33:9c:58:06:d5:a8:ad:32:45:40:
                    59:99:63:37:86:96:69:4a:bb:c6:e2:d9:92:0d:bc:
                    c4:1b:2a:90:cc:3f:ce:20:a2:e4:b6:fc:19:c3:ce:
                    32:c8:f4:68:15:aa:ce:81:f6:04:a7:50:fc:2d:c2:
                    db:7e:50:ff:4f:83:49:7c:30:3a:74:be:ca:3f:f5:
                    fa:8b:78:80:1c:b6:4f:98:2e:87:54:a9:79:58:0d:
                    3b:1e:dc:63:76:3b:a8:a3:b3:0e:ba:af:cc:02:02:
                    ab:97:e5:af:a4:e4:4f:e6:ab:8d:ef:75:f6:81:2a:
                    39:9a:fe:d3:1b:87:3b:72:c3:a1:16:e0:e9:db:46:
                    38:51:8d:68:bf:ff:07:4c:c2:ba:ca:25:ad:73:ab:
                    55:df:cb:e1:e5:8c:ba:dd:8f:02:7d:27:d0:7b:cc:
                    5c:1f:79:3d:16:f6:bf:51:51:7e:26:5b:2f:05:91:
                    cb:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:A5:69:F2:44:DE:6A:13:74:E2:EF:0D:18:A2:A1:6D:C0:D1:29:80
            X509v3 Authority Key Identifier:
                keyid:7C:D9:58:A0:07:F4:F0:E5:6E:4A:8D:24:57:66:88:62:2B:AB:72:21

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E8AF2/5732C838844C11EEB1F2CA29C4F9AE02/fNlYoAf08OVuSo0kV2aIYiurciE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fNlYoAf08OVuSo0kV2aIYiurciE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8AF2/5732C838844C11EEB1F2CA29C4F9AE02/fNlYoAf08OVuSo0kV2aIYiurciE.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:ed:94:0a:45:58:f3:16:b9:5f:bc:a8:af:b1:a2:0d:39:cb:
         9e:64:28:59:dc:95:b9:3c:35:15:97:ea:34:36:4d:a3:30:fe:
         d9:b5:32:5c:91:f8:c4:be:f1:c2:8c:c4:34:04:e8:46:23:b0:
         0b:a0:1f:69:67:ee:9c:17:f8:33:87:97:15:79:ed:e9:54:ff:
         6a:a1:1f:79:46:71:f9:43:03:5a:99:39:5e:73:51:aa:ed:90:
         ef:c4:6e:9f:b1:2a:ed:e0:68:4f:cb:fd:8c:2b:24:08:d4:b1:
         0b:16:03:8c:f5:b7:ab:ff:28:70:55:bb:b6:74:38:48:91:ca:
         13:e3:fc:51:09:a7:8e:0b:82:57:b7:1d:c2:84:68:b5:b9:f3:
         2f:88:8f:ac:fc:01:8e:97:97:ce:51:36:9f:ca:e8:03:da:44:
         ca:3b:43:85:9c:85:72:8f:a1:e9:fa:5f:db:15:f4:ac:71:d6:
         27:2e:47:c7:97:da:05:c8:c3:fb:da:cc:d5:7c:e9:b5:5c:f4:
         98:d1:2b:18:48:67:1b:94:4d:de:b1:00:0f:8f:f7:e0:e1:8f:
         f4:c5:86:f8:82:be:4d:17:cc:9a:28:27:5e:3f:5e:ab:6e:85:
         4a:e6:9a:82:f6:6a:59:eb:df:97:3f:5a:b3:59:71:6e:f9:2e:
         12:07:2f:9d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAUEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RThBRjIxMTAvBgNVBAUTKDdDRDk1OEEwMDdGNEYwRTU2RTRBOEQyNDU3NjY4ODYy
MkJBQjcyMjEwHhcNMjUwNzIxMDQzMDU4WhcNMjUwNzI4MDQzMDU4WjAYMRYwFAYD
VQQDEw02ODdkYzI4My1mZWE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAroXCbBnb8Fo7uZtRM9KBF52vgT8GWLxxzl4vUKhn+zZvRgyT0lKyDOTO2TFs
m2DqQrHrC/KtW5OG9ZC7lyXy9LuIjo+qlWVfIVpZWaxO2TOcWAbVqK0yRUBZmWM3
hpZpSrvG4tmSDbzEGyqQzD/OIKLktvwZw84yyPRoFarOgfYEp1D8LcLbflD/T4NJ
fDA6dL7KP/X6i3iAHLZPmC6HVKl5WA07Htxjdjuoo7MOuq/MAgKrl+WvpORP5quN
73X2gSo5mv7TG4c7csOhFuDp20Y4UY1ov/8HTMK6yiWtc6tV38vh5Yy63Y8CfSfQ
e8xcH3k9Fva/UVF+JlsvBZHLdwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMalafJE
3moTdOLvDRiioW3A0SmAMB8GA1UdIwQYMBaAFHzZWKAH9PDlbkqNJFdmiGIrq3Ih
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEFGMi81NzMyQzgzODg0
NEMxMUVFQjFGMkNBMjlDNEY5QUUwMi9mTmxZb0FmMDhPVnVTbzBrVjJhSVlpdXJj
aUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZObFlvQWYwOE9WdVNvMGtWMmFJWWl1cmNpRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
OEFGMi81NzMyQzgzODg0NEMxMUVFQjFGMkNBMjlDNEY5QUUwMi9mTmxZb0FmMDhP
VnVTbzBrVjJhSVlpdXJjaUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAh7ZQKRVjzFrlfvKivsaINOcueZChZ3JW5PDUVl+o0Nk2jMP7ZtTJc
kfjEvvHCjMQ0BOhGI7ALoB9pZ+6cF/gzh5cVee3pVP9qoR95RnH5QwNamTlec1Gq
7ZDvxG6fsSrt4GhPy/2MKyQI1LELFgOM9ber/yhwVbu2dDhIkcoT4/xRCaeOC4JX
tx3ChGi1ufMviI+s/AGOl5fOUTafyugD2kTKO0OFnIVyj6Hp+l/bFfSscdYnLkfH
l9oFyMP72szVfOm1XPSY0SsYSGcblE3esQAPj/fg4Y/0xYb4gr5NF8yaKCdeP16r
boVK5pqC9mpZ69+XP1qzWXFu+S4SBy+d
-----END CERTIFICATE-----
Generated at Mon Jul 21 07:05:32 2025 by rpki-client