Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91F6227/0D728A0A7A3F11EA8E3D8035C4F9AE02/HfNLnj96ONdYmO1LBfntTEAEzrw.mft
File:                     HfNLnj96ONdYmO1LBfntTEAEzrw.mft (raw, json)
Hash identifier:          r0AIIj4NOF7Da08YaFWzMtdyF8TGLM+JmwPOpgJ4CSA=
Subject key identifier:   48:B2:E0:E8:37:BE:D7:C1:4F:06:9A:F4:D4:53:E8:33:B1:9C:DD:D3
Authority key identifier: 1D:F3:4B:9E:3F:7A:38:D7:58:98:ED:4B:05:F9:ED:4C:40:04:CE:BC
Certificate issuer:       /CN=A91F6227/serialNumber=1DF34B9E3F7A38D75898ED4B05F9ED4C4004CEBC
Certificate serial:       0A14
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HfNLnj96ONdYmO1LBfntTEAEzrw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91F6227/0D728A0A7A3F11EA8E3D8035C4F9AE02/HfNLnj96ONdYmO1LBfntTEAEzrw.mft
Manifest number:          0A09
Signing time:             Sun 20 Jul 2025 19:56:57 +0000
Manifest this update:     Sun 20 Jul 2025 19:56:57 +0000
Manifest next update:     Sun 27 Jul 2025 19:56:57 +0000
Files and hashes:         1: HfNLnj96ONdYmO1LBfntTEAEzrw.crl (hash: M+WzLcyCxyyH6aRQJag//WIXzL030nkhNyX7xC+e93I=)
                          2: A23D5DE87A6911EA930EB439C4F9AE02.roa (hash: 0c8vFwsGm0y9J7tirCRPVhjPNwdGg4DZRn3e0fuJjls=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91F6227/0D728A0A7A3F11EA8E3D8035C4F9AE02/HfNLnj96ONdYmO1LBfntTEAEzrw.crl
                          rsync://rpki.apnic.net/member_repository/A91F6227/0D728A0A7A3F11EA8E3D8035C4F9AE02/HfNLnj96ONdYmO1LBfntTEAEzrw.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HfNLnj96ONdYmO1LBfntTEAEzrw.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 27 Jul 2025 19:56:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2580 (0xa14)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F6227, serialNumber=1DF34B9E3F7A38D75898ED4B05F9ED4C4004CEBC
        Validity
            Not Before: Jul 20 19:56:57 2025 GMT
            Not After : Jul 27 19:56:57 2025 GMT
        Subject: CN=687d4a09-ed28
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:a8:48:ce:68:54:f4:fd:fb:91:1f:24:a8:96:
                    dd:8b:88:dc:9e:96:4d:3d:6e:36:89:b7:b9:10:68:
                    76:75:6b:cb:48:86:02:d0:eb:5c:2e:49:9c:4c:7d:
                    7b:7f:1b:3f:ca:ae:6e:7e:35:5f:04:be:21:48:a5:
                    03:ba:ae:0c:88:d6:2b:bb:47:6f:28:ff:3d:e6:3d:
                    5a:20:3a:4c:5b:a4:ec:69:e1:5e:3a:25:b7:0b:70:
                    21:90:63:19:94:f6:0b:db:d4:d0:86:d8:7f:ad:0a:
                    7c:9d:44:5c:1a:4c:d9:9e:69:c3:ef:02:1d:f5:d6:
                    e8:12:1d:e9:19:7b:c3:95:87:62:f7:28:ab:71:c7:
                    8e:e5:6d:cf:34:96:e2:63:dc:9c:0a:28:1f:07:db:
                    fc:7a:22:22:a4:31:a9:fe:45:46:1b:95:44:32:5b:
                    5f:e9:88:13:ef:da:33:f2:33:f1:17:b2:d4:c3:24:
                    99:64:24:c4:33:cb:ab:e6:21:21:8c:05:69:fa:9a:
                    03:b1:9a:a1:1a:e4:4e:94:6e:bc:52:65:71:b7:dd:
                    dc:22:23:6e:53:92:56:d8:e5:b2:cd:f6:e8:3f:7b:
                    2b:39:9f:b4:10:3b:d6:f3:8c:0e:0f:0d:9e:28:a9:
                    45:22:d3:63:a9:63:c3:51:7f:14:c0:d2:89:cf:74:
                    b8:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:B2:E0:E8:37:BE:D7:C1:4F:06:9A:F4:D4:53:E8:33:B1:9C:DD:D3
            X509v3 Authority Key Identifier:
                keyid:1D:F3:4B:9E:3F:7A:38:D7:58:98:ED:4B:05:F9:ED:4C:40:04:CE:BC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91F6227/0D728A0A7A3F11EA8E3D8035C4F9AE02/HfNLnj96ONdYmO1LBfntTEAEzrw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HfNLnj96ONdYmO1LBfntTEAEzrw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F6227/0D728A0A7A3F11EA8E3D8035C4F9AE02/HfNLnj96ONdYmO1LBfntTEAEzrw.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:be:65:00:b7:34:e8:78:25:c3:82:ee:ff:e0:39:30:17:c6:
         e1:23:dd:5d:6d:af:4e:a4:62:d7:fa:e3:ca:09:e3:80:ab:21:
         fe:6a:52:59:aa:ff:c5:d8:88:02:a1:45:bf:df:54:01:4b:e7:
         ba:1e:2e:39:77:99:04:94:24:7f:59:b4:fc:db:d9:aa:7c:2e:
         dc:6b:9f:fd:9b:44:38:81:82:c8:52:d9:a0:90:3c:3f:e7:01:
         13:67:ae:4e:1b:ad:78:6a:0c:aa:d7:8e:68:8f:a9:e8:15:2d:
         59:13:da:d3:79:45:72:36:b1:f2:c1:b7:dd:67:88:1f:15:db:
         48:2d:b9:7c:b9:ea:21:a7:7f:18:fa:b8:55:6a:ae:24:fc:5c:
         41:63:71:06:01:f7:8f:99:48:77:0c:40:18:6f:74:e4:c2:44:
         d2:4f:89:e0:0a:33:27:25:19:8c:d0:e5:a5:3a:21:c5:1a:74:
         c0:63:b8:fd:8d:cf:6a:ee:07:31:7a:4b:b1:6e:b1:5c:f0:af:
         65:14:26:8f:d5:3d:93:13:c6:d5:87:d6:ca:d2:5c:96:a6:00:
         a4:f4:66:fe:f7:0a:13:64:97:41:c1:5e:de:bc:1b:29:23:ef:
         f3:19:73:e7:96:a0:ed:68:8c:7f:fd:c4:25:cc:20:19:c6:14:
         05:d2:a4:8b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICChQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjYyMjcxMTAvBgNVBAUTKDFERjM0QjlFM0Y3QTM4RDc1ODk4RUQ0QjA1RjlFRDRD
NDAwNENFQkMwHhcNMjUwNzIwMTk1NjU3WhcNMjUwNzI3MTk1NjU3WjAYMRYwFAYD
VQQDEw02ODdkNGEwOS1lZDI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2qhIzmhU9P37kR8kqJbdi4jcnpZNPW42ibe5EGh2dWvLSIYC0OtcLkmcTH17
fxs/yq5ufjVfBL4hSKUDuq4MiNYru0dvKP895j1aIDpMW6TsaeFeOiW3C3AhkGMZ
lPYL29TQhth/rQp8nURcGkzZnmnD7wId9dboEh3pGXvDlYdi9yircceO5W3PNJbi
Y9ycCigfB9v8eiIipDGp/kVGG5VEMltf6YgT79oz8jPxF7LUwySZZCTEM8ur5iEh
jAVp+poDsZqhGuROlG68UmVxt93cIiNuU5JW2OWyzfboP3srOZ+0EDvW84wODw2e
KKlFItNjqWPDUX8UwNKJz3S4MwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEiy4Og3
vtfBTwaa9NRT6DOxnN3TMB8GA1UdIwQYMBaAFB3zS54/ejjXWJjtSwX57UxABM68
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjIyNy8wRDcyOEEwQTdB
M0YxMUVBOEUzRDgwMzVDNEY5QUUwMi9IZk5Mbmo5Nk9OZFltTzFMQmZudFRFQUV6
cncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0hmTkxuajk2T05kWW1PMUxCZm50VEVBRXpydy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
NjIyNy8wRDcyOEEwQTdBM0YxMUVBOEUzRDgwMzVDNEY5QUUwMi9IZk5Mbmo5Nk9O
ZFltTzFMQmZudFRFQUV6cncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAAvmUAtzToeCXDgu7/4DkwF8bhI91dba9OpGLX+uPKCeOAqyH+alJZ
qv/F2IgCoUW/31QBS+e6Hi45d5kElCR/WbT829mqfC7ca5/9m0Q4gYLIUtmgkDw/
5wETZ65OG614agyq145oj6noFS1ZE9rTeUVyNrHywbfdZ4gfFdtILbl8ueohp38Y
+rhVaq4k/FxBY3EGAfePmUh3DEAYb3TkwkTST4ngCjMnJRmM0OWlOiHFGnTAY7j9
jc9q7gcxekuxbrFc8K9lFCaP1T2TE8bVh9bK0lyWpgCk9Gb+9woTZJdBwV7evBsp
I+/zGXPnlqDtaIx//cQlzCAZxhQF0qSL
-----END CERTIFICATE-----
Generated at Tue Jul 22 06:00:28 2025 by rpki-client