Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91FEFBB/D896B5C8EA6A11EDB5B6B55EC4F9AE02/2nWrD7Oqh1r631o4-FK9zB3YJvc.mft
File:                     2nWrD7Oqh1r631o4-FK9zB3YJvc.mft (raw, json)
Hash identifier:          hoCg2eq0qxSIgulTRyEuyUZXOSqD0+LwAAS1Mn/+g8s=
Subject key identifier:   0A:E7:39:F0:EF:7E:F8:F0:A9:5B:76:C1:F3:F5:62:90:02:9F:A0:48
Authority key identifier: DA:75:AB:0F:B3:AA:87:5A:FA:DF:5A:38:F8:52:BD:CC:1D:D8:26:F7
Certificate issuer:       /CN=A91FEFBB/serialNumber=DA75AB0FB3AA875AFADF5A38F852BDCC1DD826F7
Certificate serial:       01AC
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2nWrD7Oqh1r631o4-FK9zB3YJvc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91FEFBB/D896B5C8EA6A11EDB5B6B55EC4F9AE02/2nWrD7Oqh1r631o4-FK9zB3YJvc.mft
Manifest number:          01A4
Signing time:             Wed 23 Jul 2025 03:32:14 +0000
Manifest this update:     Wed 23 Jul 2025 03:32:14 +0000
Manifest next update:     Wed 30 Jul 2025 03:32:14 +0000
Files and hashes:         1: 2nWrD7Oqh1r631o4-FK9zB3YJvc.crl (hash: M9g20ABBMc9Rd8i9D4DyLdxYJIB3gLRZbfD/gimGWig=)
                          2: 261D3B8AEE4611ED9BEFED31C4F9AE02.roa (hash: HkCOmQRPg+yDDZPtodRzZcHCpOQoTEGcVWS7eV1BiSA=)
                          3: 881C3F9CABD311EFBFED7130C4F9AE02.roa (hash: 4Vu2iECkKD+oqedLfhjWXd7CHOWEQhszvHID7EwF+IE=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91FEFBB/D896B5C8EA6A11EDB5B6B55EC4F9AE02/2nWrD7Oqh1r631o4-FK9zB3YJvc.crl
                          rsync://rpki.apnic.net/member_repository/A91FEFBB/D896B5C8EA6A11EDB5B6B55EC4F9AE02/2nWrD7Oqh1r631o4-FK9zB3YJvc.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2nWrD7Oqh1r631o4-FK9zB3YJvc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 30 Jul 2025 03:32:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 428 (0x1ac)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91FEFBB, serialNumber=DA75AB0FB3AA875AFADF5A38F852BDCC1DD826F7
        Validity
            Not Before: Jul 23 03:32:14 2025 GMT
            Not After : Jul 30 03:32:14 2025 GMT
        Subject: CN=688057be-8298
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:c4:23:c2:22:b1:05:3a:f7:bc:fa:2a:c1:9f:
                    d3:ab:78:9d:19:6e:f4:a4:69:84:a7:0c:42:ad:51:
                    43:64:64:49:68:7e:10:dd:c9:a4:0b:32:b9:50:e4:
                    56:8e:d8:6c:3c:6f:a2:2b:ad:88:f7:e1:e7:44:88:
                    14:d5:14:14:5f:f1:3d:b0:73:8c:a7:c7:17:0d:fc:
                    8f:06:f5:17:70:c3:9d:3e:43:ff:03:3d:e2:c4:eb:
                    92:0d:ca:03:6c:79:bd:63:5a:db:d5:bf:59:7a:7e:
                    67:fa:d0:a8:88:4e:e2:4d:36:cc:5d:c0:23:d3:ef:
                    6d:fc:0f:fb:90:e4:e4:cb:78:6e:46:a6:46:4c:75:
                    dd:c6:fd:f8:28:24:5f:d1:76:31:ca:12:ec:04:7a:
                    25:15:83:9b:83:35:e3:a5:35:67:ca:64:80:0e:e7:
                    65:00:bf:d7:11:93:14:ea:4f:2f:5c:38:94:3e:d0:
                    c6:16:95:c7:e3:51:3f:2f:44:a8:42:b0:33:22:42:
                    e2:c1:59:a3:71:e8:94:e7:47:57:c5:c2:36:75:11:
                    75:27:03:71:ed:51:2a:52:4b:02:8e:5e:55:14:81:
                    73:41:50:c6:8b:09:af:ec:49:8e:32:ab:5e:4d:61:
                    a3:3f:9d:c7:15:fe:89:b5:92:33:c1:d7:50:49:49:
                    15:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:E7:39:F0:EF:7E:F8:F0:A9:5B:76:C1:F3:F5:62:90:02:9F:A0:48
            X509v3 Authority Key Identifier:
                keyid:DA:75:AB:0F:B3:AA:87:5A:FA:DF:5A:38:F8:52:BD:CC:1D:D8:26:F7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91FEFBB/D896B5C8EA6A11EDB5B6B55EC4F9AE02/2nWrD7Oqh1r631o4-FK9zB3YJvc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2nWrD7Oqh1r631o4-FK9zB3YJvc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FEFBB/D896B5C8EA6A11EDB5B6B55EC4F9AE02/2nWrD7Oqh1r631o4-FK9zB3YJvc.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:ab:59:37:b2:e0:88:33:a0:b6:dc:50:03:7d:0a:6f:f3:7c:
         af:e8:30:71:1d:9a:f9:ed:cc:7d:7c:94:92:39:40:ca:bc:1a:
         d2:5a:5a:0c:04:88:9d:bb:5a:d1:27:3b:4e:9d:a2:0b:74:82:
         27:aa:25:ff:57:c6:d5:cf:a3:dc:16:5d:0d:41:4d:81:8b:10:
         d2:8f:33:00:24:8c:f7:46:ca:15:05:0c:de:9d:a6:a6:7d:2b:
         47:dd:9f:25:82:8d:a2:25:07:81:50:b1:68:50:25:1b:ae:e8:
         eb:9a:66:79:1b:27:c9:ea:f1:f0:14:b6:5e:b2:49:5a:1e:d3:
         f5:55:35:91:da:c5:af:92:fd:e1:d5:5a:e5:f5:96:6e:bb:ff:
         02:d8:9e:ad:4b:dc:78:6e:76:7f:1a:72:04:24:53:d1:79:91:
         5e:85:16:7a:aa:34:08:18:02:a4:2a:33:50:7a:30:1c:e5:81:
         04:6f:9f:c2:59:36:42:4b:85:47:e6:50:15:5a:bb:3e:77:ea:
         b8:cb:44:f7:a3:5a:9a:2a:85:7b:4b:02:4f:54:ff:13:17:d0:
         cf:fd:c2:e4:86:5e:c8:86:0a:09:93:6f:57:d8:99:84:5c:77:
         24:f0:b4:3a:e7:6a:44:f4:d5:fa:35:83:57:09:2d:aa:4c:8c:
         7f:f7:66:9e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAawwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkVGQkIxMTAvBgNVBAUTKERBNzVBQjBGQjNBQTg3NUFGQURGNUEzOEY4NTJCREND
MUREODI2RjcwHhcNMjUwNzIzMDMzMjE0WhcNMjUwNzMwMDMzMjE0WjAYMRYwFAYD
VQQDEw02ODgwNTdiZS04Mjk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2MQjwiKxBTr3vPoqwZ/Tq3idGW70pGmEpwxCrVFDZGRJaH4Q3cmkCzK5UORW
jthsPG+iK62I9+HnRIgU1RQUX/E9sHOMp8cXDfyPBvUXcMOdPkP/Az3ixOuSDcoD
bHm9Y1rb1b9Zen5n+tCoiE7iTTbMXcAj0+9t/A/7kOTky3huRqZGTHXdxv34KCRf
0XYxyhLsBHolFYObgzXjpTVnymSADudlAL/XEZMU6k8vXDiUPtDGFpXH41E/L0So
QrAzIkLiwVmjceiU50dXxcI2dRF1JwNx7VEqUksCjl5VFIFzQVDGiwmv7EmOMqte
TWGjP53HFf6JtZIzwddQSUkVFQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFArnOfDv
fvjwqVt2wfP1YpACn6BIMB8GA1UdIwQYMBaAFNp1qw+zqoda+t9aOPhSvcwd2Cb3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRUZCQi9EODk2QjVDOEVB
NkExMUVEQjVCNkI1NUVDNEY5QUUwMi8ybldyRDdPcWgxcjYzMW80LUZLOXpCM1lK
dmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJuV3JEN09xaDFyNjMxbzQtRks5ekIzWUp2Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
RUZCQi9EODk2QjVDOEVBNkExMUVEQjVCNkI1NUVDNEY5QUUwMi8ybldyRDdPcWgx
cjYzMW80LUZLOXpCM1lKdmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBGq1k3suCIM6C23FADfQpv83yv6DBxHZr57cx9fJSSOUDKvBrSWloM
BIidu1rRJztOnaILdIInqiX/V8bVz6PcFl0NQU2BixDSjzMAJIz3RsoVBQzenaam
fStH3Z8lgo2iJQeBULFoUCUbrujrmmZ5GyfJ6vHwFLZesklaHtP1VTWR2sWvkv3h
1Vrl9ZZuu/8C2J6tS9x4bnZ/GnIEJFPReZFehRZ6qjQIGAKkKjNQejAc5YEEb5/C
WTZCS4VH5lAVWrs+d+q4y0T3o1qaKoV7SwJPVP8TF9DP/cLkhl7IhgoJk29X2JmE
XHck8LQ652pE9NX6NYNXCS2qTIx/92ae
-----END CERTIFICATE-----
Generated at Thu Jul 24 04:56:11 2025 by rpki-client