Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8DF5/31E0F16AF96011EF9D679C7AC4F9AE02/xvdY7N3EybD3LwZcNa1UaXQycRs.mft
File:                     xvdY7N3EybD3LwZcNa1UaXQycRs.mft (raw, json)
Hash identifier:          FWmeSf8NJqvms8SS0/X/dhBIHDQhCvi5OH8SDTRVnjQ=
Subject key identifier:   32:6A:03:54:BB:D4:B3:04:14:3C:83:64:B3:FB:3A:6D:D0:61:27:F2
Authority key identifier: C6:F7:58:EC:DD:C4:C9:B0:F7:2F:06:5C:35:AD:54:69:74:32:71:1B
Certificate issuer:       /CN=A91E8DF5/serialNumber=C6F758ECDDC4C9B0F72F065C35AD54697432711B
Certificate serial:       57
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xvdY7N3EybD3LwZcNa1UaXQycRs.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E8DF5/31E0F16AF96011EF9D679C7AC4F9AE02/xvdY7N3EybD3LwZcNa1UaXQycRs.mft
Manifest number:          4E
Signing time:             Fri 25 Jul 2025 07:43:22 +0000
Manifest this update:     Fri 25 Jul 2025 07:43:22 +0000
Manifest next update:     Fri 01 Aug 2025 07:43:22 +0000
Files and hashes:         1: xvdY7N3EybD3LwZcNa1UaXQycRs.crl (hash: /CA6cYkT4RBQhGmntwsHD6cPMbD+os/iwJKD3R4ZX3Q=)
                          2: 8F9B067EF96011EF89D9E37DC4F9AE02.roa (hash: C4f1DGgr88zvtZI01sEk4X9+P0XVPyTaQ0X1w0t3gJE=)
                          3: 8F350932F96011EF89D9E37DC4F9AE02.roa (hash: EiButkFaJmxH2f9GmfvH+3lmi0BQDdaX71kUaJ4cIPE=)
                          4: 8EB1E9BCF96011EF89D9E37DC4F9AE02.roa (hash: ckgf3xD+pqJNwNoVSxIFNqkicDtbDleG9nDMcEDte9Q=)
                          5: 917D3A184BED11F0A2F7CC21C4F9AE02.roa (hash: IYpTiwoDdKk+DKwv65zZ7BTxOeFfDIMdePJWFd5JpGE=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91E8DF5/31E0F16AF96011EF9D679C7AC4F9AE02/xvdY7N3EybD3LwZcNa1UaXQycRs.crl
                          rsync://rpki.apnic.net/member_repository/A91E8DF5/31E0F16AF96011EF9D679C7AC4F9AE02/xvdY7N3EybD3LwZcNa1UaXQycRs.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xvdY7N3EybD3LwZcNa1UaXQycRs.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 01 Aug 2025 07:43:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 87 (0x57)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E8DF5, serialNumber=C6F758ECDDC4C9B0F72F065C35AD54697432711B
        Validity
            Not Before: Jul 25 07:43:22 2025 GMT
            Not After : Aug  1 07:43:22 2025 GMT
        Subject: CN=6883359a-1a34
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:f5:f0:6c:c1:e5:ec:1f:13:2c:18:4b:cc:f2:
                    87:b8:3c:04:a7:cc:06:49:20:ec:3c:10:01:fa:c4:
                    8b:c4:72:1d:ec:69:ac:c8:fa:4d:53:7b:2c:ee:f1:
                    63:01:81:0d:7a:e6:31:80:5f:ed:fd:07:92:52:64:
                    c0:20:39:be:3a:d5:81:45:ef:d3:d8:11:e5:fa:8e:
                    90:a0:2a:da:26:1d:f0:87:c3:12:dc:4d:6e:36:ea:
                    b7:21:51:5d:3b:9f:8b:13:7c:d3:92:73:2b:91:b1:
                    9f:e0:fd:03:a4:8e:0a:f8:89:27:c4:8b:68:5d:57:
                    7e:62:0e:ab:86:77:3a:06:46:55:12:62:de:cb:2a:
                    5a:9f:7a:07:0f:e1:81:97:2e:a7:98:bf:bb:23:22:
                    ff:09:e7:c5:8e:04:ec:b1:04:18:74:86:85:c2:d5:
                    21:c1:0b:68:0f:6d:46:4e:21:81:49:b2:56:49:c9:
                    eb:c9:62:6b:e8:2e:ff:a3:df:e5:c0:90:8c:7d:d1:
                    bc:b4:2e:c6:ff:7f:19:ef:eb:2a:e3:f1:ec:27:e3:
                    08:eb:ab:06:13:11:db:9d:1d:fb:b1:5e:a5:6e:68:
                    44:f9:97:01:93:34:66:44:d4:8d:4b:5f:db:db:07:
                    e4:83:13:04:6a:ca:09:6b:52:e0:79:d3:d0:55:fc:
                    a0:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:6A:03:54:BB:D4:B3:04:14:3C:83:64:B3:FB:3A:6D:D0:61:27:F2
            X509v3 Authority Key Identifier:
                keyid:C6:F7:58:EC:DD:C4:C9:B0:F7:2F:06:5C:35:AD:54:69:74:32:71:1B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E8DF5/31E0F16AF96011EF9D679C7AC4F9AE02/xvdY7N3EybD3LwZcNa1UaXQycRs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xvdY7N3EybD3LwZcNa1UaXQycRs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8DF5/31E0F16AF96011EF9D679C7AC4F9AE02/xvdY7N3EybD3LwZcNa1UaXQycRs.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:bf:a2:33:e4:c2:97:51:59:da:c9:74:ea:7b:f9:d2:73:35:
         9b:2a:8e:c0:60:9d:3a:d2:20:13:cd:76:b0:f6:13:72:38:a7:
         75:ca:0f:db:d7:59:a6:a1:6c:fa:6c:63:37:4d:e8:ef:de:c7:
         a3:2f:da:b0:f7:e2:38:67:92:3b:46:75:c5:6a:49:70:ce:fe:
         13:14:54:bb:c0:a9:20:ba:ab:9c:16:40:2b:69:c4:b9:d8:9d:
         9d:ee:95:30:07:e5:06:f8:a8:95:54:d6:57:fc:0c:f5:5f:6a:
         29:ff:e3:d4:0b:ce:bc:dc:bf:5b:69:a5:30:ce:3e:49:68:c7:
         f1:66:e7:fa:6d:bb:06:31:ce:e0:3f:f0:4d:00:42:7a:bd:28:
         f4:20:32:35:9d:e5:16:1f:14:97:03:aa:a4:c6:b1:63:36:6e:
         00:9d:8b:67:5e:ec:05:a5:f8:f8:f2:5d:86:86:66:79:19:6e:
         63:54:89:ad:41:83:11:c5:39:25:2e:58:c1:e2:41:0d:2e:39:
         e6:25:12:87:f3:f3:77:64:09:b3:73:d6:ed:4a:d4:9d:48:f4:
         56:ec:59:b0:8b:e8:41:fa:22:d7:8f:e4:17:60:7e:2e:0e:eb:
         a6:fb:bd:7a:bd:f6:20:ce:fa:8b:fd:8e:4f:c7:d1:78:05:50:
         a5:ca:3f:a9
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBVzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
OERGNTExMC8GA1UEBRMoQzZGNzU4RUNEREM0QzlCMEY3MkYwNjVDMzVBRDU0Njk3
NDMyNzExQjAeFw0yNTA3MjUwNzQzMjJaFw0yNTA4MDEwNzQzMjJaMBgxFjAUBgNV
BAMTDTY4ODMzNTlhLTFhMzQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC39fBsweXsHxMsGEvM8oe4PASnzAZJIOw8EAH6xIvEch3saazI+k1Teyzu8WMB
gQ165jGAX+39B5JSZMAgOb461YFF79PYEeX6jpCgKtomHfCHwxLcTW426rchUV07
n4sTfNOScyuRsZ/g/QOkjgr4iSfEi2hdV35iDquGdzoGRlUSYt7LKlqfegcP4YGX
LqeYv7sjIv8J58WOBOyxBBh0hoXC1SHBC2gPbUZOIYFJslZJyevJYmvoLv+j3+XA
kIx90by0Lsb/fxnv6yrj8ewn4wjrqwYTEdudHfuxXqVuaET5lwGTNGZE1I1LX9vb
B+SDEwRqyglrUuB509BV/KC3AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUMmoDVLvU
swQUPINks/s6bdBhJ/IwHwYDVR0jBBgwFoAUxvdY7N3EybD3LwZcNa1UaXQycRsw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU4REY1LzMxRTBGMTZBRjk2
MDExRUY5RDY3OUM3QUM0RjlBRTAyL3h2ZFk3TjNFeWJEM0x3WmNOYTFVYVhReWNS
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIveHZkWTdOM0V5YkQzTHdaY05hMVVhWFF5Y1JzLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL
hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU4
REY1LzMxRTBGMTZBRjk2MDExRUY5RDY3OUM3QUM0RjlBRTAyL3h2ZFk3TjNFeWJE
M0x3WmNOYTFVYVhReWNScy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h
cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA
MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL
BQADggEBAAG/ojPkwpdRWdrJdOp7+dJzNZsqjsBgnTrSIBPNdrD2E3I4p3XKD9vX
WaahbPpsYzdN6O/ex6Mv2rD34jhnkjtGdcVqSXDO/hMUVLvAqSC6q5wWQCtpxLnY
nZ3ulTAH5Qb4qJVU1lf8DPVfain/49QLzrzcv1tppTDOPklox/Fm5/ptuwYxzuA/
8E0AQnq9KPQgMjWd5RYfFJcDqqTGsWM2bgCdi2de7AWl+PjyXYaGZnkZbmNUia1B
gxHFOSUuWMHiQQ0uOeYlEofz83dkCbNz1u1K1J1I9FbsWbCL6EH6IteP5Bdgfi4O
66b7vXq99iDO+ov9jk/H0XgFUKXKP6k=
-----END CERTIFICATE-----
Generated at Sat Jul 26 02:00:19 2025 by rpki-client