Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9118689/515ECB32C4A711EE875D082CC4F9AE02/Y_wvXeCUyDltyLyXRO1oL_SyOIE.mft
File:                     Y_wvXeCUyDltyLyXRO1oL_SyOIE.mft (raw, json)
Hash identifier:          tNSFdrdIyu8XQEL4H0V3jhYpCKot9Jsy4uN38IPLy78=
Subject key identifier:   52:54:95:99:9A:2B:BD:08:17:E0:D9:3A:D1:8F:ED:83:75:E8:A1:94
Authority key identifier: 63:FC:2F:5D:E0:94:C8:39:6D:C8:BC:97:44:ED:68:2F:F4:B2:38:81
Certificate issuer:       /CN=A9118689/serialNumber=63FC2F5DE094C8396DC8BC9744ED682FF4B23881
Certificate serial:       FF
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y_wvXeCUyDltyLyXRO1oL_SyOIE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9118689/515ECB32C4A711EE875D082CC4F9AE02/Y_wvXeCUyDltyLyXRO1oL_SyOIE.mft
Manifest number:          FD
Signing time:             Wed 11 Jun 2025 04:32:58 +0000
Manifest this update:     Wed 11 Jun 2025 04:32:58 +0000
Manifest next update:     Wed 18 Jun 2025 04:32:58 +0000
Files and hashes:         1: Y_wvXeCUyDltyLyXRO1oL_SyOIE.crl (hash: G6Tqwz6omtP6VxYJVgNi7beDL8zBE8LtCSgIl/0qVUY=)
                          2: D1D880A6C4FB11EEA30ECF34C4F9AE02.roa (hash: HaM1uGW7CpLpf57Ix2SDrMkVRudstrm9oD5WtSudmS8=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9118689/515ECB32C4A711EE875D082CC4F9AE02/Y_wvXeCUyDltyLyXRO1oL_SyOIE.crl
                          rsync://rpki.apnic.net/member_repository/A9118689/515ECB32C4A711EE875D082CC4F9AE02/Y_wvXeCUyDltyLyXRO1oL_SyOIE.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y_wvXeCUyDltyLyXRO1oL_SyOIE.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 18 Jun 2025 04:32:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 255 (0xff)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9118689, serialNumber=63FC2F5DE094C8396DC8BC9744ED682FF4B23881
        Validity
            Not Before: Jun 11 04:32:58 2025 GMT
            Not After : Jun 18 04:32:58 2025 GMT
        Subject: CN=684906fa-6a71
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:58:45:ef:21:c8:c0:8e:a1:be:b8:8f:dc:aa:
                    5b:ca:d7:59:a2:79:aa:45:31:ed:a0:06:61:94:07:
                    f0:1a:7d:73:3f:bb:dc:a8:7b:cb:10:71:5b:e7:1b:
                    80:d2:86:5f:c7:3d:52:b1:23:4e:26:13:44:e3:36:
                    3b:c4:74:d2:62:72:69:9f:21:84:62:82:3b:7e:9c:
                    81:8f:a7:8f:56:e6:4f:45:d7:00:34:b7:31:ca:ea:
                    4d:9b:64:23:cb:ee:be:ee:b3:08:e1:c4:99:c6:2e:
                    2a:ea:93:04:37:c0:9f:eb:d8:de:d8:d4:0a:1c:33:
                    86:79:f6:a3:70:ed:52:79:bb:de:2f:ff:41:f2:42:
                    95:c0:6a:98:61:2d:99:e5:bd:35:62:0f:d1:8f:10:
                    ae:8d:c3:de:e1:5b:e6:ce:f9:47:08:07:2d:8d:ae:
                    dd:77:30:bf:63:e9:20:44:19:7d:b4:1a:d7:d9:74:
                    83:47:08:ec:41:19:1f:d2:d1:16:fb:e4:bc:d6:47:
                    84:20:0b:11:3d:3b:6a:6e:f3:1a:84:a3:8c:0e:06:
                    2a:91:18:3b:df:20:2f:56:31:f1:7c:17:ff:2f:26:
                    d9:88:5f:5f:26:4d:87:16:d9:50:fb:0b:ff:a8:5a:
                    5d:70:d6:33:aa:4f:fb:ae:33:18:c0:c6:e2:96:62:
                    55:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:54:95:99:9A:2B:BD:08:17:E0:D9:3A:D1:8F:ED:83:75:E8:A1:94
            X509v3 Authority Key Identifier:
                keyid:63:FC:2F:5D:E0:94:C8:39:6D:C8:BC:97:44:ED:68:2F:F4:B2:38:81

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9118689/515ECB32C4A711EE875D082CC4F9AE02/Y_wvXeCUyDltyLyXRO1oL_SyOIE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y_wvXeCUyDltyLyXRO1oL_SyOIE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9118689/515ECB32C4A711EE875D082CC4F9AE02/Y_wvXeCUyDltyLyXRO1oL_SyOIE.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:e0:01:cd:9a:1e:b1:d7:a2:a1:5d:40:3f:33:86:7f:76:c1:
         76:a3:f6:20:9a:ea:ba:a8:fc:4d:c5:eb:0d:64:1a:27:b9:e9:
         d2:5c:fd:76:c3:91:7a:ff:c5:04:f7:35:e6:a3:3f:85:4a:ae:
         e2:cb:f3:9c:38:df:90:29:f1:4c:ad:cb:89:83:16:32:65:1e:
         c3:2e:e0:b4:4a:af:25:74:dc:a1:12:10:3f:59:5e:0e:17:dd:
         1e:c0:a2:d8:ed:78:02:19:50:db:52:56:ff:44:2e:7e:7d:bf:
         2a:cc:80:22:2e:5c:50:47:99:18:8c:2b:15:ec:c1:63:c7:3e:
         66:98:c5:0d:60:93:3f:b3:90:7c:5f:e7:2e:5c:5f:4e:c4:c1:
         a2:5c:22:de:b5:9b:b4:17:f2:c9:49:85:d3:51:42:d3:50:1b:
         e2:7a:74:1d:47:20:c3:a6:ec:69:9b:e0:5b:ac:81:88:dd:3b:
         b1:f5:15:c7:c9:09:b5:61:e6:cd:4c:a4:96:7e:be:b0:2d:36:
         e0:48:11:11:3a:65:c2:c1:3d:f7:5f:46:a8:11:07:ec:06:74:
         9b:ab:6a:19:4f:fd:1c:d9:14:e1:6d:f3:a8:7a:fd:dd:bf:59:
         94:49:55:9c:2a:e3:78:51:5e:ac:b5:53:f3:22:f3:d2:de:5a:
         0e:f5:06:de
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAP8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTg2ODkxMTAvBgNVBAUTKDYzRkMyRjVERTA5NEM4Mzk2REM4QkM5NzQ0RUQ2ODJG
RjRCMjM4ODEwHhcNMjUwNjExMDQzMjU4WhcNMjUwNjE4MDQzMjU4WjAYMRYwFAYD
VQQDEw02ODQ5MDZmYS02YTcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuFhF7yHIwI6hvriP3KpbytdZonmqRTHtoAZhlAfwGn1zP7vcqHvLEHFb5xuA
0oZfxz1SsSNOJhNE4zY7xHTSYnJpnyGEYoI7fpyBj6ePVuZPRdcANLcxyupNm2Qj
y+6+7rMI4cSZxi4q6pMEN8Cf69je2NQKHDOGefajcO1SebveL/9B8kKVwGqYYS2Z
5b01Yg/RjxCujcPe4VvmzvlHCActja7ddzC/Y+kgRBl9tBrX2XSDRwjsQRkf0tEW
++S81keEIAsRPTtqbvMahKOMDgYqkRg73yAvVjHxfBf/LybZiF9fJk2HFtlQ+wv/
qFpdcNYzqk/7rjMYwMbilmJVdQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFJUlZma
K70IF+DZOtGP7YN16KGUMB8GA1UdIwQYMBaAFGP8L13glMg5bci8l0TtaC/0sjiB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExODY4OS81MTVFQ0IzMkM0
QTcxMUVFODc1RDA4MkNDNEY5QUUwMi9ZX3d2WGVDVXlEbHR5THlYUk8xb0xfU3lP
SUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lfd3ZYZUNVeURsdHlMeVhSTzFvTF9TeU9JRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
ODY4OS81MTVFQ0IzMkM0QTcxMUVFODc1RDA4MkNDNEY5QUUwMi9ZX3d2WGVDVXlE
bHR5THlYUk8xb0xfU3lPSUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCL4AHNmh6x16KhXUA/M4Z/dsF2o/Ygmuq6qPxNxesNZBonuenSXP12
w5F6/8UE9zXmoz+FSq7iy/OcON+QKfFMrcuJgxYyZR7DLuC0Sq8ldNyhEhA/WV4O
F90ewKLY7XgCGVDbUlb/RC5+fb8qzIAiLlxQR5kYjCsV7MFjxz5mmMUNYJM/s5B8
X+cuXF9OxMGiXCLetZu0F/LJSYXTUULTUBvienQdRyDDpuxpm+BbrIGI3Tux9RXH
yQm1YebNTKSWfr6wLTbgSBEROmXCwT33X0aoEQfsBnSbq2oZT/0c2RThbfOoev3d
v1mUSVWcKuN4UV6stVPzIvPS3loO9Qbe
-----END CERTIFICATE-----
Generated at Thu Jun 12 09:02:57 2025 by rpki-client