Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91F6227/0D728A0A7A3F11EA8E3D8035C4F9AE02/HfNLnj96ONdYmO1LBfntTEAEzrw.mft
File:                     HfNLnj96ONdYmO1LBfntTEAEzrw.mft (raw, json)
Hash identifier:          9Gz+pshHgTA3//g/jpSmnOpla9PoUpNK85XOaWV2zjw=
Subject key identifier:   E1:E0:26:EF:AA:E7:7B:F0:D1:A1:49:25:60:F6:32:83:48:6E:B7:3F
Authority key identifier: 1D:F3:4B:9E:3F:7A:38:D7:58:98:ED:4B:05:F9:ED:4C:40:04:CE:BC
Certificate issuer:       /CN=A91F6227/serialNumber=1DF34B9E3F7A38D75898ED4B05F9ED4C4004CEBC
Certificate serial:       0A15
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HfNLnj96ONdYmO1LBfntTEAEzrw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91F6227/0D728A0A7A3F11EA8E3D8035C4F9AE02/HfNLnj96ONdYmO1LBfntTEAEzrw.mft
Manifest number:          0A0A
Signing time:             Tue 22 Jul 2025 20:05:16 +0000
Manifest this update:     Tue 22 Jul 2025 20:05:15 +0000
Manifest next update:     Tue 29 Jul 2025 20:05:15 +0000
Files and hashes:         1: HfNLnj96ONdYmO1LBfntTEAEzrw.crl (hash: g9KodU9gzAUAYodRNzi98259c8JOnAuNwG3CAvwlZTc=)
                          2: A23D5DE87A6911EA930EB439C4F9AE02.roa (hash: 0c8vFwsGm0y9J7tirCRPVhjPNwdGg4DZRn3e0fuJjls=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91F6227/0D728A0A7A3F11EA8E3D8035C4F9AE02/HfNLnj96ONdYmO1LBfntTEAEzrw.crl
                          rsync://rpki.apnic.net/member_repository/A91F6227/0D728A0A7A3F11EA8E3D8035C4F9AE02/HfNLnj96ONdYmO1LBfntTEAEzrw.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HfNLnj96ONdYmO1LBfntTEAEzrw.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 29 Jul 2025 20:05:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2581 (0xa15)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F6227, serialNumber=1DF34B9E3F7A38D75898ED4B05F9ED4C4004CEBC
        Validity
            Not Before: Jul 22 20:05:15 2025 GMT
            Not After : Jul 29 20:05:15 2025 GMT
        Subject: CN=687feefb-30ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:87:54:49:78:0a:5d:9f:a3:90:d0:0b:c2:ef:
                    a7:8c:2f:e3:31:b8:be:2e:19:b0:0b:49:bc:91:33:
                    57:22:9a:8b:70:9f:31:f6:0d:23:13:c0:2e:d0:15:
                    f1:f7:9f:6b:01:64:b8:f0:ce:a2:38:69:f0:d4:ff:
                    07:94:62:a3:ed:66:ac:6f:a3:7e:2c:39:b1:f2:67:
                    4e:08:b8:22:4c:1f:60:47:e2:6f:6b:f0:fa:92:e6:
                    8f:43:ec:7d:3c:86:f5:c6:18:9e:a6:c9:94:f7:fb:
                    1f:3f:c9:ca:8f:23:ff:a8:64:ae:5d:90:d8:e8:e0:
                    38:89:d8:88:ad:6e:31:c2:fa:ae:99:ab:4a:8a:d6:
                    40:20:89:9b:65:61:cd:e3:24:c3:c3:39:25:49:67:
                    47:6c:fa:14:64:90:0b:cb:33:1e:cd:41:77:cd:52:
                    d3:3f:89:e0:01:ea:f2:40:22:43:25:41:83:9f:e3:
                    38:bc:6b:05:46:28:2f:fb:f9:0b:aa:98:91:55:1b:
                    5e:32:f8:d5:22:1f:45:d1:e4:93:bc:c5:28:8a:6a:
                    58:6b:da:a5:39:39:ce:3e:e3:a1:de:3d:7a:92:e7:
                    33:dc:fa:eb:a9:e0:01:de:43:fe:37:12:cb:dc:8b:
                    5a:2f:74:0a:f9:f5:29:14:80:d8:5b:f4:ff:ce:7a:
                    a9:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:E0:26:EF:AA:E7:7B:F0:D1:A1:49:25:60:F6:32:83:48:6E:B7:3F
            X509v3 Authority Key Identifier:
                keyid:1D:F3:4B:9E:3F:7A:38:D7:58:98:ED:4B:05:F9:ED:4C:40:04:CE:BC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91F6227/0D728A0A7A3F11EA8E3D8035C4F9AE02/HfNLnj96ONdYmO1LBfntTEAEzrw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HfNLnj96ONdYmO1LBfntTEAEzrw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F6227/0D728A0A7A3F11EA8E3D8035C4F9AE02/HfNLnj96ONdYmO1LBfntTEAEzrw.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         d0:9e:00:e7:84:33:f2:63:ce:3e:92:6f:bb:0a:1e:29:27:79:
         ff:54:eb:37:fa:41:1b:f1:31:5c:17:f9:dc:8d:3e:8d:a8:f6:
         79:b9:2a:12:76:da:96:21:14:66:f8:1d:dd:9e:e1:1a:7e:6d:
         9c:86:bc:16:8c:98:02:6c:11:e6:8b:8e:d8:7a:40:98:e1:47:
         12:72:16:c9:7e:39:5e:95:7b:5b:1b:52:08:c3:1e:21:47:6b:
         bf:8e:91:e9:f9:cb:f9:01:6b:59:c6:31:0a:9d:12:b9:13:64:
         eb:10:f7:59:b9:6d:d7:87:f3:15:1a:6a:ea:6f:f0:c1:b4:ca:
         4c:50:d6:68:ca:67:e7:5b:b6:63:88:38:18:b6:e3:44:1b:72:
         09:72:3d:66:6c:08:d9:ec:2d:81:34:de:e4:ce:d7:58:d2:8f:
         1a:2f:ee:6c:af:fa:24:38:ba:ff:ea:ab:31:84:42:e5:6d:10:
         34:63:00:41:dd:fe:e7:35:5b:15:10:c9:b7:75:dc:2c:ce:d7:
         6a:05:fa:55:40:4f:49:2b:71:1b:69:2a:d5:e6:a7:3d:43:29:
         ab:8f:6a:aa:bb:60:9b:3b:77:b5:da:30:eb:ae:47:e5:c0:c7:
         c7:5f:46:23:1c:77:30:89:d7:79:d9:bb:27:7e:14:f8:1d:ba:
         23:13:17:85
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICChUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjYyMjcxMTAvBgNVBAUTKDFERjM0QjlFM0Y3QTM4RDc1ODk4RUQ0QjA1RjlFRDRD
NDAwNENFQkMwHhcNMjUwNzIyMjAwNTE1WhcNMjUwNzI5MjAwNTE1WjAYMRYwFAYD
VQQDEw02ODdmZWVmYi0zMGVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3IdUSXgKXZ+jkNALwu+njC/jMbi+LhmwC0m8kTNXIpqLcJ8x9g0jE8Au0BXx
959rAWS48M6iOGnw1P8HlGKj7Wasb6N+LDmx8mdOCLgiTB9gR+Jva/D6kuaPQ+x9
PIb1xhiepsmU9/sfP8nKjyP/qGSuXZDY6OA4idiIrW4xwvqumatKitZAIImbZWHN
4yTDwzklSWdHbPoUZJALyzMezUF3zVLTP4ngAeryQCJDJUGDn+M4vGsFRigv+/kL
qpiRVRteMvjVIh9F0eSTvMUoimpYa9qlOTnOPuOh3j16kucz3PrrqeAB3kP+NxLL
3ItaL3QK+fUpFIDYW/T/znqpEQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOHgJu+q
53vw0aFJJWD2MoNIbrc/MB8GA1UdIwQYMBaAFB3zS54/ejjXWJjtSwX57UxABM68
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjIyNy8wRDcyOEEwQTdB
M0YxMUVBOEUzRDgwMzVDNEY5QUUwMi9IZk5Mbmo5Nk9OZFltTzFMQmZudFRFQUV6
cncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0hmTkxuajk2T05kWW1PMUxCZm50VEVBRXpydy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
NjIyNy8wRDcyOEEwQTdBM0YxMUVBOEUzRDgwMzVDNEY5QUUwMi9IZk5Mbmo5Nk9O
ZFltTzFMQmZudFRFQUV6cncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQDQngDnhDPyY84+km+7Ch4pJ3n/VOs3+kEb8TFcF/ncjT6NqPZ5uSoS
dtqWIRRm+B3dnuEafm2chrwWjJgCbBHmi47YekCY4UcSchbJfjlelXtbG1IIwx4h
R2u/jpHp+cv5AWtZxjEKnRK5E2TrEPdZuW3Xh/MVGmrqb/DBtMpMUNZoymfnW7Zj
iDgYtuNEG3IJcj1mbAjZ7C2BNN7kztdY0o8aL+5sr/okOLr/6qsxhELlbRA0YwBB
3f7nNVsVEMm3ddwsztdqBfpVQE9JK3EbaSrV5qc9Qymrj2qqu2CbO3e12jDrrkfl
wMfHX0YjHHcwidd52bsnfhT4HbojExeF
-----END CERTIFICATE-----
Generated at Thu Jul 24 04:01:56 2025 by rpki-client