Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9118022/C61C256AADCC11E9AC672F4BC4F9AE02/x2h2G8gatP5_1EAVSCYcuocge-o.mft
File:                     x2h2G8gatP5_1EAVSCYcuocge-o.mft (raw, json)
Hash identifier:          KuXrijWz7s7kdS7schlAvLy623tdhEtKmMUVIzKJ1CY=
Subject key identifier:   B4:24:92:CE:34:8E:D5:1E:27:78:8B:A6:55:89:04:0E:9A:DA:72:4A
Authority key identifier: C7:68:76:1B:C8:1A:B4:FE:7F:D4:40:15:48:26:1C:BA:87:20:7B:EA
Certificate issuer:       /CN=A9118022/serialNumber=C768761BC81AB4FE7FD4401548261CBA87207BEA
Certificate serial:       0D3F
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x2h2G8gatP5_1EAVSCYcuocge-o.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9118022/C61C256AADCC11E9AC672F4BC4F9AE02/x2h2G8gatP5_1EAVSCYcuocge-o.mft
Manifest number:          0D23
Signing time:             Mon 18 Mar 2024 18:41:04 +0000
Manifest this update:     Mon 18 Mar 2024 18:41:03 +0000
Manifest next update:     Mon 25 Mar 2024 18:41:03 +0000
Files and hashes:         1: x2h2G8gatP5_1EAVSCYcuocge-o.crl (hash: ivHDhFecqdaJ1W5TerbdH1zZZcIH8K3g4FE3tgEQ/qo=)
                          2: 127D33EC027011EB98FEC44BC4F9AE02.roa (hash: 4eivdy7iUHPnbbf0QqEnZ5O6EBrtqP+PskH9srTKeZs=)
                          3: 1C99C7E021D911EB85DAFE71C4F9AE02.roa (hash: EmJg+3RnTIJYZYL5yzZw8Z1H2W+A9s+Ez9dbRRBv1tQ=)
                          4: 670DF186232111EB9896B783C4F9AE02.roa (hash: 1JwBKAEIAweLmlt0L9r0MPn0DTxnRYYgSdL2gpwkSss=)
                          5: 1609CE067A4A11EB99C11F5FC4F9AE02.roa (hash: 6QmdcypA/OQtUQ8J98l61FzY6ILdAvykkNOFA5mx94I=)
                          6: 1D93B82C21D911EB85DAFE71C4F9AE02.roa (hash: QNSC7VK1kFgqyy8v3E/yLmmMxrwcMLxmyVsk/HA5YiI=)
                          7: 1BBE249C21D911EB85DAFE71C4F9AE02.roa (hash: tbuo5XmVwKJlY6wNAj+sEi0Y8m8muC9NuM2llp4KX5E=)

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9118022/C61C256AADCC11E9AC672F4BC4F9AE02/x2h2G8gatP5_1EAVSCYcuocge-o.crl
                          rsync://rpki.apnic.net/member_repository/A9118022/C61C256AADCC11E9AC672F4BC4F9AE02/x2h2G8gatP5_1EAVSCYcuocge-o.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x2h2G8gatP5_1EAVSCYcuocge-o.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 25 Mar 2024 18:41:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3391 (0xd3f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9118022/serialNumber=C768761BC81AB4FE7FD4401548261CBA87207BEA
        Validity
            Not Before: Mar 18 18:41:03 2024 GMT
            Not After : Mar 25 18:41:03 2024 GMT
        Subject: CN=65f88ac0-7c2b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:9b:5f:18:62:ae:62:12:3e:94:c7:fe:f9:aa:
                    43:77:9f:0e:9e:0c:d4:d1:9a:e2:22:44:95:30:41:
                    64:7e:57:61:23:89:4f:b1:f3:3c:12:7e:80:28:79:
                    bb:c5:fd:49:b9:5d:64:a5:fe:af:f5:23:6a:7d:bf:
                    a2:3d:13:f7:5c:d0:22:90:25:77:97:b1:16:99:21:
                    ef:6e:50:84:98:6e:ca:2b:05:79:fc:53:36:55:f6:
                    3d:bb:a4:9c:55:39:cf:05:47:3b:22:49:b6:ab:1c:
                    2c:ce:8d:84:6c:4f:4a:28:3a:e8:49:40:98:1c:76:
                    41:4a:ba:b7:ee:0c:88:27:7c:b7:99:35:05:30:6e:
                    df:a4:72:b6:1c:80:c9:d0:09:9d:c7:dd:51:c2:a1:
                    50:d6:fb:05:0e:4c:1c:fd:43:2f:ae:3f:57:cc:1e:
                    a8:f5:88:02:34:1e:2b:3e:c1:e3:82:1f:59:83:83:
                    ed:6c:c0:6f:a7:b4:3e:2f:18:0c:44:e4:15:0b:24:
                    82:f5:c2:61:62:b6:f3:db:8e:ea:fd:80:31:37:15:
                    5e:ca:e7:20:f9:53:d3:13:e3:1c:aa:34:f7:9a:51:
                    3e:eb:54:88:f8:a0:db:2f:cf:d0:c6:d2:84:d5:be:
                    75:5c:23:23:ca:82:0a:8f:2b:a8:5e:ab:7a:1f:8c:
                    9a:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:24:92:CE:34:8E:D5:1E:27:78:8B:A6:55:89:04:0E:9A:DA:72:4A
            X509v3 Authority Key Identifier:
                keyid:C7:68:76:1B:C8:1A:B4:FE:7F:D4:40:15:48:26:1C:BA:87:20:7B:EA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9118022/C61C256AADCC11E9AC672F4BC4F9AE02/x2h2G8gatP5_1EAVSCYcuocge-o.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x2h2G8gatP5_1EAVSCYcuocge-o.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9118022/C61C256AADCC11E9AC672F4BC4F9AE02/x2h2G8gatP5_1EAVSCYcuocge-o.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:d4:9e:cd:f4:d4:2e:67:51:6a:59:d9:14:bf:3c:91:05:ea:
         54:db:61:9a:f0:0d:79:d0:4e:a5:eb:26:39:94:cc:74:bc:dc:
         53:c8:6e:8c:95:1f:07:b4:5d:59:68:44:43:65:16:2a:60:5f:
         ad:56:68:3d:fd:c8:6f:bd:30:59:39:a5:b6:6a:7b:e1:01:ec:
         2b:30:94:03:10:b8:ad:1b:ea:5f:68:37:ec:3e:0c:93:19:97:
         51:1e:23:bc:5b:a4:c7:89:82:88:51:78:ef:43:ce:dc:4d:90:
         1d:cc:24:06:8c:0c:be:8a:27:03:09:63:c0:1e:07:ad:25:21:
         9b:6c:2b:cb:74:3c:d8:82:a9:bd:4f:18:7a:f1:34:8d:cb:03:
         62:66:01:01:7d:88:ae:ce:6d:98:20:be:25:20:c5:ef:d4:ee:
         a3:bf:5f:6d:71:0c:06:c8:b8:16:6d:53:0b:3c:07:df:53:24:
         8d:5e:ab:22:89:78:11:e8:db:7a:99:e3:ef:fd:b5:6e:b0:1c:
         b7:4c:56:f1:d8:2e:67:34:6c:fb:e1:79:d6:ed:c4:fd:4c:ae:
         c4:9d:29:5d:f2:29:af:8d:50:bd:1a:38:d4:dd:0a:79:cc:4d:
         89:98:81:0f:40:ce:f3:87:0d:75:14:01:6b:41:3e:10:81:0e:
         48:2b:18:00
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICDT8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTgwMjIxMTAvBgNVBAUTKEM3Njg3NjFCQzgxQUI0RkU3RkQ0NDAxNTQ4MjYxQ0JB
ODcyMDdCRUEwHhcNMjQwMzE4MTg0MTAzWhcNMjQwMzI1MTg0MTAzWjAYMRYwFAYD
VQQDEw02NWY4OGFjMC03YzJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyptfGGKuYhI+lMf++apDd58OngzU0ZriIkSVMEFkfldhI4lPsfM8En6AKHm7
xf1JuV1kpf6v9SNqfb+iPRP3XNAikCV3l7EWmSHvblCEmG7KKwV5/FM2VfY9u6Sc
VTnPBUc7Ikm2qxwszo2EbE9KKDroSUCYHHZBSrq37gyIJ3y3mTUFMG7fpHK2HIDJ
0Amdx91RwqFQ1vsFDkwc/UMvrj9XzB6o9YgCNB4rPsHjgh9Zg4PtbMBvp7Q+LxgM
ROQVCySC9cJhYrbz247q/YAxNxVeyucg+VPTE+McqjT3mlE+61SI+KDbL8/QxtKE
1b51XCMjyoIKjyuoXqt6H4yaMQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLQkks40
jtUeJ3iLplWJBA6a2nJKMB8GA1UdIwQYMBaAFMdodhvIGrT+f9RAFUgmHLqHIHvq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExODAyMi9DNjFDMjU2QUFE
Q0MxMUU5QUM2NzJGNEJDNEY5QUUwMi94MmgyRzhnYXRQNV8xRUFWU0NZY3VvY2dl
LW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3gyaDJHOGdhdFA1XzFFQVZTQ1ljdW9jZ2Utby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
ODAyMi9DNjFDMjU2QUFEQ0MxMUU5QUM2NzJGNEJDNEY5QUUwMi94MmgyRzhnYXRQ
NV8xRUFWU0NZY3VvY2dlLW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCl1J7N9NQuZ1FqWdkUvzyRBepU22Ga8A150E6l6yY5lMx0vNxTyG6M
lR8HtF1ZaERDZRYqYF+tVmg9/chvvTBZOaW2anvhAewrMJQDELitG+pfaDfsPgyT
GZdRHiO8W6THiYKIUXjvQ87cTZAdzCQGjAy+iicDCWPAHgetJSGbbCvLdDzYgqm9
Txh68TSNywNiZgEBfYiuzm2YIL4lIMXv1O6jv19tcQwGyLgWbVMLPAffUySNXqsi
iXgR6Nt6mePv/bVusBy3TFbx2C5nNGz74XnW7cT9TK7EnSld8imvjVC9GjjU3Qp5
zE2JmIEPQM7zhw11FAFrQT4QgQ5IKxgA
-----END CERTIFICATE-----
Generated at Mon Mar 18 20:12:12 2024 by rpki-client on console-fra.rpki-client.org