Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A911972D/99EE950CA68211ECB4E3EC3AC4F9AE02/KiZlwxQeS_P9LwBKrimlmHETod8.mft
File:                     KiZlwxQeS_P9LwBKrimlmHETod8.mft (raw, json)
Hash identifier:          LEUpbk3Ot3eY6oEGKKUUh88ZpFVq597j0R+SjZvBeas=
Subject key identifier:   DC:92:38:A9:BD:92:70:61:0B:F3:B6:9A:CB:1A:79:C3:8B:E3:4F:1E
Authority key identifier: 2A:26:65:C3:14:1E:4B:F3:FD:2F:00:4A:AE:29:A5:98:71:13:A1:DF
Certificate issuer:       /CN=A911972D/serialNumber=2A2665C3141E4BF3FD2F004AAE29A5987113A1DF
Certificate serial:       038B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KiZlwxQeS_P9LwBKrimlmHETod8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A911972D/99EE950CA68211ECB4E3EC3AC4F9AE02/KiZlwxQeS_P9LwBKrimlmHETod8.mft
Manifest number:          0386
Signing time:             Wed 11 Jun 2025 00:47:29 +0000
Manifest this update:     Wed 11 Jun 2025 00:47:28 +0000
Manifest next update:     Wed 18 Jun 2025 00:47:28 +0000
Files and hashes:         1: KiZlwxQeS_P9LwBKrimlmHETod8.crl (hash: +th+JXI7MmsDkjV2bZrX84dUEoXX8pYbtvTX5KTlfA8=)
                          2: B067CCDCA8C511EC8F560C42C4F9AE02.roa (hash: xmdlJLhBfyeauv2Ft4ug73ckVk3r1dVH2Fa5m4Eb/po=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A911972D/99EE950CA68211ECB4E3EC3AC4F9AE02/KiZlwxQeS_P9LwBKrimlmHETod8.crl
                          rsync://rpki.apnic.net/member_repository/A911972D/99EE950CA68211ECB4E3EC3AC4F9AE02/KiZlwxQeS_P9LwBKrimlmHETod8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KiZlwxQeS_P9LwBKrimlmHETod8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 18 Jun 2025 00:47:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 907 (0x38b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A911972D, serialNumber=2A2665C3141E4BF3FD2F004AAE29A5987113A1DF
        Validity
            Not Before: Jun 11 00:47:28 2025 GMT
            Not After : Jun 18 00:47:28 2025 GMT
        Subject: CN=6848d220-a355
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:97:e1:8c:b9:26:cd:78:94:7d:39:4a:d1:e2:
                    6d:36:3b:ed:62:d5:3f:a8:ed:66:77:6c:32:d4:79:
                    d2:84:00:20:70:d0:4b:40:f0:cb:fa:81:28:12:5b:
                    71:b6:92:96:60:38:d8:87:a2:da:69:7d:e5:76:9c:
                    3a:59:72:b8:a2:00:7b:ad:13:b4:3a:5d:5d:5d:eb:
                    46:e5:f8:e3:9b:7b:9b:f8:a2:85:9e:58:f8:b0:3d:
                    32:c9:53:17:c0:f2:f7:20:27:03:28:61:ba:38:9e:
                    32:80:3e:b2:eb:1d:e9:32:4c:19:ff:04:de:a1:c9:
                    36:64:02:1d:ed:64:b9:0e:c3:9f:d1:11:46:be:01:
                    cf:db:52:f8:45:e7:97:7c:f6:3e:b9:f5:4f:35:03:
                    b6:5c:e7:d5:dc:05:6f:64:85:54:d6:fe:fd:dd:1d:
                    e5:ef:5b:b5:81:6a:7b:98:7b:3a:5f:53:e6:7f:e4:
                    ba:e1:e1:59:dd:f7:0d:e1:73:36:04:df:00:ce:a4:
                    b0:2e:5f:be:59:b4:e1:d4:e7:09:6f:03:05:ad:74:
                    86:ef:bc:f5:e0:0a:04:7f:d0:72:6a:fd:29:73:a5:
                    6e:d7:15:94:72:51:84:3d:8f:b8:56:10:37:3a:3c:
                    59:02:43:8f:8b:93:62:df:06:79:a8:37:e1:c9:76:
                    e6:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:92:38:A9:BD:92:70:61:0B:F3:B6:9A:CB:1A:79:C3:8B:E3:4F:1E
            X509v3 Authority Key Identifier:
                keyid:2A:26:65:C3:14:1E:4B:F3:FD:2F:00:4A:AE:29:A5:98:71:13:A1:DF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A911972D/99EE950CA68211ECB4E3EC3AC4F9AE02/KiZlwxQeS_P9LwBKrimlmHETod8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KiZlwxQeS_P9LwBKrimlmHETod8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911972D/99EE950CA68211ECB4E3EC3AC4F9AE02/KiZlwxQeS_P9LwBKrimlmHETod8.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:2d:83:51:85:e0:26:0d:86:2d:89:c2:16:41:a0:bd:ae:52:
         10:dd:e4:cb:3f:12:4d:03:3b:00:c2:49:3e:1a:19:85:03:08:
         4f:7b:28:cf:31:53:51:81:5f:72:e9:2e:e5:f2:90:df:c9:98:
         dc:ba:dc:d8:3e:ab:11:d6:fe:78:5d:7a:e6:15:4c:e8:80:80:
         dc:88:ac:11:ae:fd:71:af:22:ed:30:1d:f8:6d:bd:94:bd:8c:
         a8:3c:db:dd:15:8a:96:1d:18:d8:8f:54:02:f4:b7:56:e9:29:
         4d:55:aa:ec:3b:7d:eb:8b:a2:2a:6e:50:dc:3e:26:c9:60:77:
         f2:63:c5:33:1a:bd:43:e0:74:92:4f:d3:d1:9b:78:49:13:e5:
         1f:dd:f5:c3:2b:dd:6b:c2:60:db:e9:96:58:91:15:3d:4c:ae:
         04:43:0c:ed:7a:d0:bf:19:bb:fc:52:89:36:19:6d:1d:e7:c8:
         e2:8c:19:38:f7:28:9c:cd:3c:09:8d:13:d6:77:9a:89:e8:52:
         e2:8d:70:d0:fb:2a:a6:44:44:54:1f:a2:7d:65:62:de:4f:a2:
         2f:55:22:c0:62:cb:95:34:7f:a3:c3:9e:c7:80:86:47:c6:e2:
         72:85:2d:8e:f6:2b:e8:f1:b6:79:6d:1e:ff:a9:10:0c:67:d9:
         5c:40:43:aa
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICA4swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTk3MkQxMTAvBgNVBAUTKDJBMjY2NUMzMTQxRTRCRjNGRDJGMDA0QUFFMjlBNTk4
NzExM0ExREYwHhcNMjUwNjExMDA0NzI4WhcNMjUwNjE4MDA0NzI4WjAYMRYwFAYD
VQQDEw02ODQ4ZDIyMC1hMzU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAo5fhjLkmzXiUfTlK0eJtNjvtYtU/qO1md2wy1HnShAAgcNBLQPDL+oEoEltx
tpKWYDjYh6LaaX3ldpw6WXK4ogB7rRO0Ol1dXetG5fjjm3ub+KKFnlj4sD0yyVMX
wPL3ICcDKGG6OJ4ygD6y6x3pMkwZ/wTeock2ZAId7WS5DsOf0RFGvgHP21L4ReeX
fPY+ufVPNQO2XOfV3AVvZIVU1v793R3l71u1gWp7mHs6X1Pmf+S64eFZ3fcN4XM2
BN8AzqSwLl++WbTh1OcJbwMFrXSG77z14AoEf9Byav0pc6Vu1xWUclGEPY+4VhA3
OjxZAkOPi5Ni3wZ5qDfhyXbm9wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNySOKm9
knBhC/O2mssaecOL408eMB8GA1UdIwQYMBaAFComZcMUHkvz/S8ASq4ppZhxE6Hf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOTcyRC85OUVFOTUwQ0E2
ODIxMUVDQjRFM0VDM0FDNEY5QUUwMi9LaVpsd3hRZVNfUDlMd0JLcmltbG1IRVRv
ZDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tpWmx3eFFlU19QOUx3QktyaW1sbUhFVG9kOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
OTcyRC85OUVFOTUwQ0E2ODIxMUVDQjRFM0VDM0FDNEY5QUUwMi9LaVpsd3hRZVNf
UDlMd0JLcmltbG1IRVRvZDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBkLYNRheAmDYYticIWQaC9rlIQ3eTLPxJNAzsAwkk+GhmFAwhPeyjP
MVNRgV9y6S7l8pDfyZjcutzYPqsR1v54XXrmFUzogIDciKwRrv1xryLtMB34bb2U
vYyoPNvdFYqWHRjYj1QC9LdW6SlNVarsO33ri6IqblDcPibJYHfyY8UzGr1D4HSS
T9PRm3hJE+Uf3fXDK91rwmDb6ZZYkRU9TK4EQwztetC/Gbv8Uok2GW0d58jijBk4
9yiczTwJjRPWd5qJ6FLijXDQ+yqmRERUH6J9ZWLeT6IvVSLAYsuVNH+jw57HgIZH
xuJyhS2O9ivo8bZ5bR7/qRAMZ9lcQEOq
-----END CERTIFICATE-----
Generated at Wed Jun 11 08:08:29 2025 by rpki-client