Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91FEFBB/D896B5C8EA6A11EDB5B6B55EC4F9AE02/2nWrD7Oqh1r631o4-FK9zB3YJvc.mft
File:                     2nWrD7Oqh1r631o4-FK9zB3YJvc.mft (raw, json)
Hash identifier:          HUa+EvNBKDP/Qw2rkNRT407bzBStgmMQ9YsDikh0zkg=
Subject key identifier:   73:10:EA:FE:33:C0:0A:92:0A:CC:4E:C9:BF:67:D5:67:48:13:67:B2
Authority key identifier: DA:75:AB:0F:B3:AA:87:5A:FA:DF:5A:38:F8:52:BD:CC:1D:D8:26:F7
Certificate issuer:       /CN=A91FEFBB/serialNumber=DA75AB0FB3AA875AFADF5A38F852BDCC1DD826F7
Certificate serial:       01AB
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2nWrD7Oqh1r631o4-FK9zB3YJvc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91FEFBB/D896B5C8EA6A11EDB5B6B55EC4F9AE02/2nWrD7Oqh1r631o4-FK9zB3YJvc.mft
Manifest number:          01A3
Signing time:             Mon 21 Jul 2025 03:22:53 +0000
Manifest this update:     Mon 21 Jul 2025 03:22:52 +0000
Manifest next update:     Mon 28 Jul 2025 03:22:52 +0000
Files and hashes:         1: 2nWrD7Oqh1r631o4-FK9zB3YJvc.crl (hash: JMBNEIFhvjb0V//XjFG7/6HcktRZauFjQK3sxyQoBYQ=)
                          2: 261D3B8AEE4611ED9BEFED31C4F9AE02.roa (hash: HkCOmQRPg+yDDZPtodRzZcHCpOQoTEGcVWS7eV1BiSA=)
                          3: 881C3F9CABD311EFBFED7130C4F9AE02.roa (hash: 4Vu2iECkKD+oqedLfhjWXd7CHOWEQhszvHID7EwF+IE=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91FEFBB/D896B5C8EA6A11EDB5B6B55EC4F9AE02/2nWrD7Oqh1r631o4-FK9zB3YJvc.crl
                          rsync://rpki.apnic.net/member_repository/A91FEFBB/D896B5C8EA6A11EDB5B6B55EC4F9AE02/2nWrD7Oqh1r631o4-FK9zB3YJvc.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2nWrD7Oqh1r631o4-FK9zB3YJvc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 28 Jul 2025 03:22:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 427 (0x1ab)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91FEFBB, serialNumber=DA75AB0FB3AA875AFADF5A38F852BDCC1DD826F7
        Validity
            Not Before: Jul 21 03:22:52 2025 GMT
            Not After : Jul 28 03:22:52 2025 GMT
        Subject: CN=687db28c-abd4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:e8:e9:ee:ef:21:98:d5:f4:40:3d:f3:4a:73:
                    a3:ea:60:85:30:c5:70:ce:32:f0:54:d7:1a:06:60:
                    ea:1b:13:86:48:eb:76:db:73:34:2c:f8:63:ae:4c:
                    60:88:88:eb:1a:0f:12:df:d4:bb:d0:60:99:44:bc:
                    56:6a:02:18:d9:fd:46:23:31:b1:82:2a:bc:f7:b8:
                    4a:a7:6a:96:ee:b3:44:eb:62:00:04:34:4b:3f:e7:
                    35:ab:77:58:6d:de:e0:57:71:bd:8b:be:86:ce:57:
                    99:9f:09:a3:eb:46:5f:de:a6:c2:ad:27:32:c9:78:
                    0e:28:11:77:71:d1:9e:b8:23:62:1c:07:00:0b:c7:
                    48:07:51:36:58:8f:78:cc:0b:8e:56:15:ef:91:8a:
                    63:39:86:85:89:eb:57:e0:b8:9a:34:16:ab:fe:15:
                    39:0c:94:47:f7:23:fe:f0:0d:e2:17:4f:2c:e3:8c:
                    d3:c1:ca:c8:19:2f:2b:f4:6e:0e:ba:c2:02:41:86:
                    0f:f4:cb:a4:a0:ef:73:49:54:98:55:7e:1a:09:e3:
                    e4:96:9f:e9:eb:4e:ab:1e:78:48:97:4b:45:6a:8d:
                    1e:9a:01:f4:8c:d5:e5:7f:3b:8b:e7:2e:63:f8:39:
                    e1:2b:82:34:c5:8c:86:00:34:aa:56:e2:15:95:b0:
                    4b:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:10:EA:FE:33:C0:0A:92:0A:CC:4E:C9:BF:67:D5:67:48:13:67:B2
            X509v3 Authority Key Identifier:
                keyid:DA:75:AB:0F:B3:AA:87:5A:FA:DF:5A:38:F8:52:BD:CC:1D:D8:26:F7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91FEFBB/D896B5C8EA6A11EDB5B6B55EC4F9AE02/2nWrD7Oqh1r631o4-FK9zB3YJvc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2nWrD7Oqh1r631o4-FK9zB3YJvc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FEFBB/D896B5C8EA6A11EDB5B6B55EC4F9AE02/2nWrD7Oqh1r631o4-FK9zB3YJvc.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:70:b6:39:b0:be:e4:69:2b:b9:7b:0c:70:47:24:32:63:38:
         41:83:b3:92:fa:4d:1f:42:a0:57:19:28:4e:e7:09:15:ef:d8:
         32:87:85:9c:6c:d2:d7:a0:0b:ae:06:06:87:75:6d:40:12:c3:
         c1:9b:85:37:a8:a7:b9:96:ca:9a:bf:04:4f:92:fd:dd:28:e0:
         44:96:1a:35:8b:fb:51:82:54:dd:88:ae:be:38:ef:ae:91:78:
         50:b7:74:12:fe:29:cb:09:7e:e3:09:4e:b9:ef:3a:16:d4:57:
         86:b6:46:81:6c:1e:db:b7:f3:35:95:a4:94:01:86:53:4a:f7:
         13:66:dc:88:89:c9:99:e4:d3:e4:f7:e1:34:60:79:56:15:f2:
         89:07:51:ec:71:b6:25:52:dd:da:5b:db:27:50:37:1c:cd:e1:
         db:a3:e1:c7:3b:00:12:e8:43:e0:aa:fd:4c:6c:fc:a4:3c:21:
         52:f5:89:c5:5d:ca:5d:a1:30:55:e9:b5:4a:a5:48:71:70:67:
         90:40:b5:ac:b8:51:73:f4:c3:96:04:00:c1:d9:37:e8:5d:c0:
         3b:a4:e4:45:4b:03:d1:0c:10:a8:fc:ed:67:5a:6c:f6:bb:cf:
         48:aa:09:17:12:63:f8:5f:04:9c:0e:cc:33:fc:32:7c:b3:49:
         84:b7:85:8a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAaswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkVGQkIxMTAvBgNVBAUTKERBNzVBQjBGQjNBQTg3NUFGQURGNUEzOEY4NTJCREND
MUREODI2RjcwHhcNMjUwNzIxMDMyMjUyWhcNMjUwNzI4MDMyMjUyWjAYMRYwFAYD
VQQDEw02ODdkYjI4Yy1hYmQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqejp7u8hmNX0QD3zSnOj6mCFMMVwzjLwVNcaBmDqGxOGSOt223M0LPhjrkxg
iIjrGg8S39S70GCZRLxWagIY2f1GIzGxgiq897hKp2qW7rNE62IABDRLP+c1q3dY
bd7gV3G9i76GzleZnwmj60Zf3qbCrScyyXgOKBF3cdGeuCNiHAcAC8dIB1E2WI94
zAuOVhXvkYpjOYaFietX4LiaNBar/hU5DJRH9yP+8A3iF08s44zTwcrIGS8r9G4O
usICQYYP9MukoO9zSVSYVX4aCePklp/p606rHnhIl0tFao0emgH0jNXlfzuL5y5j
+DnhK4I0xYyGADSqVuIVlbBLywIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHMQ6v4z
wAqSCsxOyb9n1WdIE2eyMB8GA1UdIwQYMBaAFNp1qw+zqoda+t9aOPhSvcwd2Cb3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRUZCQi9EODk2QjVDOEVB
NkExMUVEQjVCNkI1NUVDNEY5QUUwMi8ybldyRDdPcWgxcjYzMW80LUZLOXpCM1lK
dmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJuV3JEN09xaDFyNjMxbzQtRks5ekIzWUp2Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
RUZCQi9EODk2QjVDOEVBNkExMUVEQjVCNkI1NUVDNEY5QUUwMi8ybldyRDdPcWgx
cjYzMW80LUZLOXpCM1lKdmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCHcLY5sL7kaSu5ewxwRyQyYzhBg7OS+k0fQqBXGShO5wkV79gyh4Wc
bNLXoAuuBgaHdW1AEsPBm4U3qKe5lsqavwRPkv3dKOBElho1i/tRglTdiK6+OO+u
kXhQt3QS/inLCX7jCU657zoW1FeGtkaBbB7bt/M1laSUAYZTSvcTZtyIicmZ5NPk
9+E0YHlWFfKJB1HscbYlUt3aW9snUDcczeHbo+HHOwAS6EPgqv1MbPykPCFS9YnF
XcpdoTBV6bVKpUhxcGeQQLWsuFFz9MOWBADB2TfoXcA7pORFSwPRDBCo/O1nWmz2
u89IqgkXEmP4XwScDswz/DJ8s0mEt4WK
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:55:20 2025 by rpki-client