Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9118022/C61C256AADCC11E9AC672F4BC4F9AE02/x2h2G8gatP5_1EAVSCYcuocge-o.mft
File:                     x2h2G8gatP5_1EAVSCYcuocge-o.mft (raw, json)
Hash identifier:          vasqfxKqdhlGSkAP4abaXSd8xdmd+F8oD+JQsPlI0FE=
Subject key identifier:   04:2F:D5:D3:BA:09:A1:05:D8:C9:FC:F7:55:F9:FD:3D:97:E1:10:C1
Authority key identifier: C7:68:76:1B:C8:1A:B4:FE:7F:D4:40:15:48:26:1C:BA:87:20:7B:EA
Certificate issuer:       /CN=A9118022/serialNumber=C768761BC81AB4FE7FD4401548261CBA87207BEA
Certificate serial:       0D44
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x2h2G8gatP5_1EAVSCYcuocge-o.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9118022/C61C256AADCC11E9AC672F4BC4F9AE02/x2h2G8gatP5_1EAVSCYcuocge-o.mft
Manifest number:          0D28
Signing time:             Thu 28 Mar 2024 18:38:53 +0000
Manifest this update:     Thu 28 Mar 2024 18:38:52 +0000
Manifest next update:     Thu 04 Apr 2024 18:38:52 +0000
Files and hashes:         1: x2h2G8gatP5_1EAVSCYcuocge-o.crl (hash: pQ6g9YUWxwTOyhY+GUvxka9aaN8sV35jYTV7b+H0Dxk=)
                          2: 127D33EC027011EB98FEC44BC4F9AE02.roa (hash: 4eivdy7iUHPnbbf0QqEnZ5O6EBrtqP+PskH9srTKeZs=)
                          3: 1C99C7E021D911EB85DAFE71C4F9AE02.roa (hash: EmJg+3RnTIJYZYL5yzZw8Z1H2W+A9s+Ez9dbRRBv1tQ=)
                          4: 670DF186232111EB9896B783C4F9AE02.roa (hash: 1JwBKAEIAweLmlt0L9r0MPn0DTxnRYYgSdL2gpwkSss=)
                          5: 1609CE067A4A11EB99C11F5FC4F9AE02.roa (hash: 6QmdcypA/OQtUQ8J98l61FzY6ILdAvykkNOFA5mx94I=)
                          6: 1D93B82C21D911EB85DAFE71C4F9AE02.roa (hash: QNSC7VK1kFgqyy8v3E/yLmmMxrwcMLxmyVsk/HA5YiI=)
                          7: 1BBE249C21D911EB85DAFE71C4F9AE02.roa (hash: tbuo5XmVwKJlY6wNAj+sEi0Y8m8muC9NuM2llp4KX5E=)

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9118022/C61C256AADCC11E9AC672F4BC4F9AE02/x2h2G8gatP5_1EAVSCYcuocge-o.crl
                          rsync://rpki.apnic.net/member_repository/A9118022/C61C256AADCC11E9AC672F4BC4F9AE02/x2h2G8gatP5_1EAVSCYcuocge-o.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x2h2G8gatP5_1EAVSCYcuocge-o.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 18:26:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3396 (0xd44)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9118022/serialNumber=C768761BC81AB4FE7FD4401548261CBA87207BEA
        Validity
            Not Before: Mar 28 18:38:52 2024 GMT
            Not After : Apr  4 18:38:52 2024 GMT
        Subject: CN=6605b93d-23c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:4c:e8:39:05:4e:be:32:d2:d4:91:7b:1f:2c:
                    8e:ee:77:c0:21:21:55:bb:7b:68:f5:17:e2:76:2e:
                    59:da:9f:57:73:73:43:aa:8a:c6:27:4d:8a:66:5c:
                    54:ff:c1:9e:91:98:32:ec:7a:a3:f6:4d:e4:fc:0b:
                    ae:ac:e8:1c:54:77:50:1d:22:39:23:59:29:e3:1d:
                    1c:da:7d:99:0b:c3:e4:bc:77:82:c5:4f:e7:63:48:
                    b4:bf:21:91:5e:83:f1:36:ef:ff:c1:e2:8f:56:15:
                    28:72:10:ba:cd:24:7f:ca:5a:37:04:d2:26:f0:2f:
                    b3:d2:dd:b7:f6:f7:37:6e:1e:c0:df:42:19:4d:7f:
                    b0:2f:93:b9:1e:31:a4:f0:24:06:1d:ea:c5:98:23:
                    ef:56:79:29:e8:12:ba:63:cd:9c:3f:6a:dc:fc:71:
                    43:fc:70:e8:80:85:5a:1c:92:c4:bd:e3:23:3a:83:
                    57:5f:2f:b6:64:60:89:8e:77:bc:69:0d:be:2d:dc:
                    4f:95:e5:cd:65:83:7d:99:92:49:a2:b8:cc:23:88:
                    f0:73:bd:26:04:1c:c0:6e:2f:34:d1:3a:52:4b:9e:
                    88:2d:0d:f9:b3:2d:e3:dc:7c:e5:2b:cb:66:64:60:
                    8c:95:30:a6:b0:7e:01:85:64:1e:d6:5c:11:fb:cd:
                    cb:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:2F:D5:D3:BA:09:A1:05:D8:C9:FC:F7:55:F9:FD:3D:97:E1:10:C1
            X509v3 Authority Key Identifier:
                keyid:C7:68:76:1B:C8:1A:B4:FE:7F:D4:40:15:48:26:1C:BA:87:20:7B:EA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9118022/C61C256AADCC11E9AC672F4BC4F9AE02/x2h2G8gatP5_1EAVSCYcuocge-o.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x2h2G8gatP5_1EAVSCYcuocge-o.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9118022/C61C256AADCC11E9AC672F4BC4F9AE02/x2h2G8gatP5_1EAVSCYcuocge-o.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:3c:15:f7:c3:0a:24:17:7e:69:f5:97:cd:dd:3e:05:41:7d:
         62:bc:d2:7b:58:64:c5:6a:6f:8e:7b:59:ef:e7:63:37:c3:8b:
         09:99:15:16:13:0f:22:c0:f8:2f:16:2e:0c:be:10:97:06:03:
         03:fa:e4:62:ad:1d:79:8e:e5:9a:c2:73:75:2f:0e:09:13:76:
         98:df:94:21:31:8c:b8:28:cb:01:f5:64:c2:f8:b5:2c:07:3b:
         42:c5:b2:7f:7b:79:c3:38:41:65:57:e2:2f:3a:89:bb:de:2d:
         fa:8e:c4:e1:b7:1d:7b:a4:36:1d:6c:3a:9e:e4:3d:4a:bb:9f:
         f6:cf:1f:0d:44:f3:9f:68:89:ab:e4:7c:20:06:d9:e2:ae:88:
         02:22:f3:88:4b:3f:82:45:ae:6f:f9:35:e0:ec:39:8b:ec:6a:
         7a:a1:a8:12:6d:37:ee:1d:30:b0:0c:50:5e:cf:66:a4:8e:6a:
         35:62:6f:44:e7:1e:fc:bb:8d:22:ce:48:ef:a5:70:2b:32:c7:
         87:45:1d:0a:bd:d4:bf:53:7b:d6:72:5d:27:ca:13:3a:6d:96:
         f5:de:23:f6:93:d9:17:78:dd:07:54:94:fd:e8:ed:2b:e2:01:
         3d:99:02:bb:03:d4:28:5b:3a:79:38:06:49:43:9e:d5:df:97:
         a9:03:9f:57
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICDUQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTgwMjIxMTAvBgNVBAUTKEM3Njg3NjFCQzgxQUI0RkU3RkQ0NDAxNTQ4MjYxQ0JB
ODcyMDdCRUEwHhcNMjQwMzI4MTgzODUyWhcNMjQwNDA0MTgzODUyWjAYMRYwFAYD
VQQDEw02NjA1YjkzZC0yM2M4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv0zoOQVOvjLS1JF7HyyO7nfAISFVu3to9Rfidi5Z2p9Xc3NDqorGJ02KZlxU
/8GekZgy7Hqj9k3k/AuurOgcVHdQHSI5I1kp4x0c2n2ZC8PkvHeCxU/nY0i0vyGR
XoPxNu//weKPVhUochC6zSR/ylo3BNIm8C+z0t239vc3bh7A30IZTX+wL5O5HjGk
8CQGHerFmCPvVnkp6BK6Y82cP2rc/HFD/HDogIVaHJLEveMjOoNXXy+2ZGCJjne8
aQ2+LdxPleXNZYN9mZJJorjMI4jwc70mBBzAbi800TpSS56ILQ35sy3j3HzlK8tm
ZGCMlTCmsH4BhWQe1lwR+83LnwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAQv1dO6
CaEF2Mn891X5/T2X4RDBMB8GA1UdIwQYMBaAFMdodhvIGrT+f9RAFUgmHLqHIHvq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExODAyMi9DNjFDMjU2QUFE
Q0MxMUU5QUM2NzJGNEJDNEY5QUUwMi94MmgyRzhnYXRQNV8xRUFWU0NZY3VvY2dl
LW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3gyaDJHOGdhdFA1XzFFQVZTQ1ljdW9jZ2Utby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
ODAyMi9DNjFDMjU2QUFEQ0MxMUU5QUM2NzJGNEJDNEY5QUUwMi94MmgyRzhnYXRQ
NV8xRUFWU0NZY3VvY2dlLW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQChPBX3wwokF35p9ZfN3T4FQX1ivNJ7WGTFam+Oe1nv52M3w4sJmRUW
Ew8iwPgvFi4MvhCXBgMD+uRirR15juWawnN1Lw4JE3aY35QhMYy4KMsB9WTC+LUs
BztCxbJ/e3nDOEFlV+IvOom73i36jsThtx17pDYdbDqe5D1Ku5/2zx8NRPOfaImr
5HwgBtnirogCIvOISz+CRa5v+TXg7DmL7Gp6oagSbTfuHTCwDFBez2akjmo1Ym9E
5x78u40izkjvpXArMseHRR0KvdS/U3vWcl0nyhM6bZb13iP2k9kXeN0HVJT96O0r
4gE9mQK7A9QoWzp5OAZJQ57V35epA59X
-----END CERTIFICATE-----
Generated at Thu Mar 28 19:44:07 2024 by rpki-client on console-fra.rpki-client.org