Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E953B/C8D039226C9A11EE85BFDF4FC4F9AE02/oiQ2hCI9LCXGrxdqXwL6ArJPaAs.mft
File:                     oiQ2hCI9LCXGrxdqXwL6ArJPaAs.mft (raw, json)
Hash identifier:          P/OP1zZbcwbQIiFTMtWobZQ7Y3uPj0lPgVSkTFZLlCA=
Subject key identifier:   79:F3:92:46:BA:FF:DC:0A:3D:8D:48:CD:45:D2:1F:FC:A7:6E:18:B4
Authority key identifier: A2:24:36:84:22:3D:2C:25:C6:AF:17:6A:5F:02:FA:02:B2:4F:68:0B
Certificate issuer:       /CN=A91E953B/serialNumber=A2243684223D2C25C6AF176A5F02FA02B24F680B
Certificate serial:       014A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oiQ2hCI9LCXGrxdqXwL6ArJPaAs.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E953B/C8D039226C9A11EE85BFDF4FC4F9AE02/oiQ2hCI9LCXGrxdqXwL6ArJPaAs.mft
Manifest number:          0148
Signing time:             Sat 19 Jul 2025 04:26:53 +0000
Manifest this update:     Sat 19 Jul 2025 04:26:52 +0000
Manifest next update:     Sat 26 Jul 2025 04:26:52 +0000
Files and hashes:         1: oiQ2hCI9LCXGrxdqXwL6ArJPaAs.crl (hash: xWQZ6dg8IOJAt9krgqhAGQrRR9QcIvayyn7aAy2IdF8=)
                          2: 12E1FD886C9C11EE9F3C5653C4F9AE02.roa (hash: QQ5QrwGTURdTMG/7o8+lIRwrf/ztbEh4ekM9cA/bz/4=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91E953B/C8D039226C9A11EE85BFDF4FC4F9AE02/oiQ2hCI9LCXGrxdqXwL6ArJPaAs.crl
                          rsync://rpki.apnic.net/member_repository/A91E953B/C8D039226C9A11EE85BFDF4FC4F9AE02/oiQ2hCI9LCXGrxdqXwL6ArJPaAs.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oiQ2hCI9LCXGrxdqXwL6ArJPaAs.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 26 Jul 2025 04:26:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 330 (0x14a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E953B, serialNumber=A2243684223D2C25C6AF176A5F02FA02B24F680B
        Validity
            Not Before: Jul 19 04:26:52 2025 GMT
            Not After : Jul 26 04:26:52 2025 GMT
        Subject: CN=687b1e8c-3526
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:79:d4:a7:c7:1e:e0:e7:b9:c4:6d:be:6f:a8:
                    24:c2:4c:e7:14:ca:48:8b:21:1d:f5:a1:ff:8e:05:
                    ce:74:5d:59:cc:a2:65:42:df:6e:c4:88:bb:19:31:
                    65:35:c9:7f:b6:ef:e4:7a:81:b0:79:cd:0d:38:bc:
                    00:13:1b:a8:56:b6:b7:d2:b5:21:78:c2:0d:b0:78:
                    a1:67:63:9d:b9:d6:9c:97:cb:98:17:22:c4:d8:2c:
                    94:64:9f:dc:74:62:3e:d0:27:27:0b:74:ad:a2:05:
                    25:01:6b:23:e0:46:4c:f0:9f:26:93:2f:33:ea:eb:
                    63:fe:8f:54:4a:b0:fc:b5:c8:f0:a9:36:cf:cd:58:
                    65:86:4f:25:d6:91:86:12:c7:c4:78:6b:4e:ef:4c:
                    96:04:d4:2d:ab:89:c3:ec:81:e1:f5:d8:ad:1c:d0:
                    69:50:a8:48:ab:71:f0:a2:8f:38:97:19:a1:c5:c4:
                    d5:0c:f8:0a:2e:f4:c1:69:51:41:29:c3:70:7a:82:
                    bb:f1:43:35:6e:f5:07:90:cc:be:a3:79:ef:dd:9a:
                    4b:c2:f1:a1:a2:10:4d:48:8d:2d:db:37:a4:ca:78:
                    cd:17:03:6f:43:cb:38:69:74:14:f6:9e:32:53:bb:
                    da:46:26:09:07:09:87:30:1e:53:ea:44:b2:21:43:
                    23:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:F3:92:46:BA:FF:DC:0A:3D:8D:48:CD:45:D2:1F:FC:A7:6E:18:B4
            X509v3 Authority Key Identifier:
                keyid:A2:24:36:84:22:3D:2C:25:C6:AF:17:6A:5F:02:FA:02:B2:4F:68:0B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E953B/C8D039226C9A11EE85BFDF4FC4F9AE02/oiQ2hCI9LCXGrxdqXwL6ArJPaAs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oiQ2hCI9LCXGrxdqXwL6ArJPaAs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E953B/C8D039226C9A11EE85BFDF4FC4F9AE02/oiQ2hCI9LCXGrxdqXwL6ArJPaAs.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:5d:f8:85:90:a7:c4:1c:e0:cd:ad:41:ba:93:87:d1:12:c0:
         6f:2d:d5:a6:c7:b5:a1:17:96:6e:00:77:31:c5:b9:a1:af:78:
         bf:07:1a:36:8a:95:d3:82:f2:70:01:b2:b8:43:ad:a5:38:1f:
         92:d4:40:d8:ed:45:45:42:48:1a:5f:a7:bf:f8:0d:24:14:38:
         d3:94:2f:38:fc:5e:6c:c7:d6:cd:0d:9c:a9:76:b6:22:1f:41:
         49:41:d0:6d:2c:1c:09:9a:06:e0:6e:fd:98:37:ca:0e:6d:84:
         bc:75:bf:75:5f:94:d8:27:c4:a1:48:65:ae:53:c5:2d:b2:f2:
         04:38:86:b2:af:3a:92:3d:23:41:d4:d0:b1:b9:4c:e1:45:b2:
         34:ef:25:3f:9e:5e:8e:a4:a5:c3:df:39:8b:3a:e2:33:76:62:
         b8:cb:81:ad:74:e5:49:92:da:0f:0c:96:0e:ff:dc:e3:8e:29:
         75:d3:5a:3a:e6:e6:fb:4e:13:4d:68:84:c0:21:f6:8a:f8:c3:
         2d:df:d9:bd:a0:bf:5d:06:8c:2a:4d:3b:ea:fd:17:3e:89:7d:
         cd:3e:6a:ba:47:36:36:74:0d:d2:fb:17:5a:65:7c:d2:66:42:
         7b:ef:70:46:9e:65:2f:11:8f:51:a4:8a:13:e4:eb:31:fd:ee:
         f3:4a:88:ea
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAUowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTk1M0IxMTAvBgNVBAUTKEEyMjQzNjg0MjIzRDJDMjVDNkFGMTc2QTVGMDJGQTAy
QjI0RjY4MEIwHhcNMjUwNzE5MDQyNjUyWhcNMjUwNzI2MDQyNjUyWjAYMRYwFAYD
VQQDEw02ODdiMWU4Yy0zNTI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu3nUp8ce4Oe5xG2+b6gkwkznFMpIiyEd9aH/jgXOdF1ZzKJlQt9uxIi7GTFl
Ncl/tu/keoGwec0NOLwAExuoVra30rUheMINsHihZ2Odudacl8uYFyLE2CyUZJ/c
dGI+0CcnC3StogUlAWsj4EZM8J8mky8z6utj/o9USrD8tcjwqTbPzVhlhk8l1pGG
EsfEeGtO70yWBNQtq4nD7IHh9ditHNBpUKhIq3Hwoo84lxmhxcTVDPgKLvTBaVFB
KcNweoK78UM1bvUHkMy+o3nv3ZpLwvGhohBNSI0t2zekynjNFwNvQ8s4aXQU9p4y
U7vaRiYJBwmHMB5T6kSyIUMj2QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHnzkka6
/9wKPY1IzUXSH/ynbhi0MB8GA1UdIwQYMBaAFKIkNoQiPSwlxq8Xal8C+gKyT2gL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOTUzQi9DOEQwMzkyMjZD
OUExMUVFODVCRkRGNEZDNEY5QUUwMi9vaVEyaENJOUxDWEdyeGRxWHdMNkFySlBh
QXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29pUTJoQ0k5TENYR3J4ZHFYd0w2QXJKUGFBcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
OTUzQi9DOEQwMzkyMjZDOUExMUVFODVCRkRGNEZDNEY5QUUwMi9vaVEyaENJOUxD
WEdyeGRxWHdMNkFySlBhQXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCEXfiFkKfEHODNrUG6k4fREsBvLdWmx7WhF5ZuAHcxxbmhr3i/Bxo2
ipXTgvJwAbK4Q62lOB+S1EDY7UVFQkgaX6e/+A0kFDjTlC84/F5sx9bNDZypdrYi
H0FJQdBtLBwJmgbgbv2YN8oObYS8db91X5TYJ8ShSGWuU8UtsvIEOIayrzqSPSNB
1NCxuUzhRbI07yU/nl6OpKXD3zmLOuIzdmK4y4GtdOVJktoPDJYO/9zjjil101o6
5ub7ThNNaITAIfaK+MMt39m9oL9dBowqTTvq/Rc+iX3NPmq6RzY2dA3S+xdaZXzS
ZkJ773BGnmUvEY9RpIoT5Osx/e7zSojq
-----END CERTIFICATE-----
Generated at Sun Jul 20 21:56:27 2025 by rpki-client