Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9115620/14A376446BA911EFA3B34684C4F9AE02/M3WpYTTFczGvVN1xTtNj2rMba9A.mft
File:                     M3WpYTTFczGvVN1xTtNj2rMba9A.mft (raw, json)
Hash identifier:          QmM4eYB5IuMSSgwPLI9kg+pWkCz6cOH2TgpDdBCUzwA=
Subject key identifier:   15:C6:9A:D6:9F:4D:6B:09:10:84:34:A3:87:22:87:79:4E:B3:FB:68
Authority key identifier: 33:75:A9:61:34:C5:73:31:AF:54:DD:71:4E:D3:63:DA:B3:1B:6B:D0
Certificate issuer:       /CN=A9115620/serialNumber=3375A96134C57331AF54DD714ED363DAB31B6BD0
Certificate serial:       2B
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/M3WpYTTFczGvVN1xTtNj2rMba9A.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9115620/14A376446BA911EFA3B34684C4F9AE02/M3WpYTTFczGvVN1xTtNj2rMba9A.mft
Manifest number:          2A
Signing time:             Sat 23 Nov 2024 05:40:39 +0000
Manifest this update:     Sat 23 Nov 2024 05:40:39 +0000
Manifest next update:     Sat 30 Nov 2024 05:40:39 +0000
Files and hashes:         1: M3WpYTTFczGvVN1xTtNj2rMba9A.crl (hash: 8XpblFGuSYat19J6pgqvktlWu3RKq+QDgtsODiLfPPo=)
                          2: 8334E4446BA911EFADEBED84C4F9AE02.roa (hash: Ur23uerjkF05UN2d4OV8Z6LvPx8JS26HE6YTaEzhleU=)

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9115620/14A376446BA911EFA3B34684C4F9AE02/M3WpYTTFczGvVN1xTtNj2rMba9A.crl
                          rsync://rpki.apnic.net/member_repository/A9115620/14A376446BA911EFA3B34684C4F9AE02/M3WpYTTFczGvVN1xTtNj2rMba9A.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/M3WpYTTFczGvVN1xTtNj2rMba9A.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Nov 2024 02:50:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 43 (0x2b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9115620/serialNumber=3375A96134C57331AF54DD714ED363DAB31B6BD0
        Validity
            Not Before: Nov 23 05:40:39 2024 GMT
            Not After : Nov 30 05:40:39 2024 GMT
        Subject: CN=67416ad7-e353
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:54:85:cd:76:1b:17:8f:8d:6d:b8:7c:2c:d1:
                    3f:91:ae:53:83:a4:f2:3a:e6:6f:83:87:f0:9d:a1:
                    38:c6:6f:cb:81:b4:a7:f3:8b:27:d1:ca:5c:03:0b:
                    34:f0:cc:60:2d:9a:09:dd:a8:09:25:cd:59:2e:b7:
                    a4:3f:c9:12:6b:47:7e:39:12:da:f4:8c:da:bf:51:
                    6e:1b:c3:83:fa:95:f0:a3:36:8d:6b:e0:de:ad:0a:
                    bb:9a:94:d3:cd:76:24:a7:e8:0a:7a:73:af:38:ae:
                    0e:59:f1:15:80:13:93:c2:54:f4:5a:77:fd:6f:21:
                    f2:5a:9a:df:03:62:d1:e0:60:77:63:cb:0f:79:b6:
                    72:95:ae:53:a0:08:16:46:48:5e:53:e8:aa:47:7d:
                    9f:68:f5:87:44:42:7a:14:c8:02:0d:22:7d:da:99:
                    56:59:5b:8e:3b:d1:19:3c:b5:f8:c2:30:56:26:3b:
                    13:39:ac:06:ac:48:d0:99:bf:d8:67:92:dd:be:5f:
                    8c:c0:6c:a2:6f:e3:34:2a:22:ef:8f:7b:e3:5e:81:
                    8d:cb:9e:76:3b:13:9f:37:38:ec:70:97:71:0f:ad:
                    a8:ae:a7:4f:be:3c:f3:7b:c5:53:57:e1:44:53:3c:
                    cb:77:65:c9:9e:af:9b:67:3a:06:9d:b4:80:e9:66:
                    a1:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:C6:9A:D6:9F:4D:6B:09:10:84:34:A3:87:22:87:79:4E:B3:FB:68
            X509v3 Authority Key Identifier:
                keyid:33:75:A9:61:34:C5:73:31:AF:54:DD:71:4E:D3:63:DA:B3:1B:6B:D0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9115620/14A376446BA911EFA3B34684C4F9AE02/M3WpYTTFczGvVN1xTtNj2rMba9A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/M3WpYTTFczGvVN1xTtNj2rMba9A.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9115620/14A376446BA911EFA3B34684C4F9AE02/M3WpYTTFczGvVN1xTtNj2rMba9A.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:72:d6:09:40:dd:d3:b2:55:18:b4:80:d3:68:31:3c:1f:d2:
         e0:49:27:48:83:e5:80:8a:7c:c6:5e:27:9b:ab:19:34:2c:ed:
         cf:83:1a:19:ec:44:b4:ff:ad:fc:29:35:f8:0a:36:a6:67:14:
         31:c9:f9:27:2e:64:8e:35:1f:c1:ba:89:5a:d3:5e:70:5b:42:
         3e:6c:df:be:50:7e:97:cf:36:69:4e:bc:47:f3:e7:ff:36:d6:
         75:73:c7:b8:9c:72:33:7e:96:82:14:3c:d6:8d:2e:60:b9:4b:
         80:7a:20:4d:22:d1:80:cf:3d:71:67:96:b9:0d:c4:4a:26:f8:
         9d:72:17:3f:b2:c6:25:31:ab:41:f1:13:0e:97:31:b1:04:3b:
         b5:e7:ad:09:ae:13:4c:77:d7:e9:a4:c6:1d:2b:1f:39:60:44:
         d9:50:2e:32:c4:83:f5:39:f6:a2:ae:02:dd:6f:1c:80:f8:16:
         0d:32:a3:b3:48:63:79:4d:ab:7f:8a:b6:ad:61:81:1e:90:23:
         4e:c4:c4:26:66:17:07:a0:0f:fa:2c:fd:fc:f9:cf:74:ae:63:
         9a:0d:f5:d5:38:84:5e:df:38:26:3c:97:83:26:07:72:4e:0e:
         8f:3b:6d:46:91:00:7e:46:98:5f:fd:2d:06:12:5e:85:fd:13:
         1c:89:f4:66
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBKzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
NTYyMDExMC8GA1UEBRMoMzM3NUE5NjEzNEM1NzMzMUFGNTRERDcxNEVEMzYzREFC
MzFCNkJEMDAeFw0yNDExMjMwNTQwMzlaFw0yNDExMzAwNTQwMzlaMBgxFjAUBgNV
BAMTDTY3NDE2YWQ3LWUzNTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDWVIXNdhsXj41tuHws0T+RrlODpPI65m+Dh/CdoTjGb8uBtKfziyfRylwDCzTw
zGAtmgndqAklzVkut6Q/yRJrR345Etr0jNq/UW4bw4P6lfCjNo1r4N6tCrualNPN
diSn6Ap6c684rg5Z8RWAE5PCVPRad/1vIfJamt8DYtHgYHdjyw95tnKVrlOgCBZG
SF5T6KpHfZ9o9YdEQnoUyAINIn3amVZZW4470Rk8tfjCMFYmOxM5rAasSNCZv9hn
kt2+X4zAbKJv4zQqIu+Pe+NegY3LnnY7E583OOxwl3EPraiup0++PPN7xVNX4URT
PMt3Zcmer5tnOgadtIDpZqGxAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUFcaa1p9N
awkQhDSjhyKHeU6z+2gwHwYDVR0jBBgwFoAUM3WpYTTFczGvVN1xTtNj2rMba9Aw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTE1NjIwLzE0QTM3NjQ0NkJB
OTExRUZBM0IzNDY4NEM0RjlBRTAyL00zV3BZVFRGY3pHdlZOMXhUdE5qMnJNYmE5
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvTTNXcFlUVEZjekd2Vk4xeFR0Tmoyck1iYTlBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL
hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTE1
NjIwLzE0QTM3NjQ0NkJBOTExRUZBM0IzNDY4NEM0RjlBRTAyL00zV3BZVFRGY3pH
dlZOMXhUdE5qMnJNYmE5QS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h
cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA
MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL
BQADggEBAGJy1glA3dOyVRi0gNNoMTwf0uBJJ0iD5YCKfMZeJ5urGTQs7c+DGhns
RLT/rfwpNfgKNqZnFDHJ+ScuZI41H8G6iVrTXnBbQj5s375QfpfPNmlOvEfz5/82
1nVzx7iccjN+loIUPNaNLmC5S4B6IE0i0YDPPXFnlrkNxEom+J1yFz+yxiUxq0Hx
Ew6XMbEEO7XnrQmuE0x31+mkxh0rHzlgRNlQLjLEg/U59qKuAt1vHID4Fg0yo7NI
Y3lNq3+Ktq1hgR6QI07ExCZmFwegD/os/fz5z3SuY5oN9dU4hF7fOCY8l4MmB3JO
Do87bUaRAH5GmF/9LQYSXoX9ExyJ9GY=
-----END CERTIFICATE-----
Generated at Sat Nov 23 07:45:02 2024 by rpki-client on console-ams.rpki-client.org