Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.mft
File:                     hOT_tpJ_d_XD8KJSaC9x3bN3sR0.mft (raw, json)
Hash identifier:          L8vRHYw4ilWpSTSzsqZ/hZIdZAX0txqJbthzYiJ12zo=
Subject key identifier:   7D:59:00:D6:B4:0B:E3:59:40:25:29:5B:1D:CD:08:30:82:19:98:71
Authority key identifier: 84:E4:FF:B6:92:7F:77:F5:C3:F0:A2:52:68:2F:71:DD:B3:77:B1:1D
Certificate issuer:       /CN=A911C743/serialNumber=84E4FFB6927F77F5C3F0A252682F71DDB377B11D
Certificate serial:       0E51
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.mft
Manifest number:          0E44
Signing time:             Thu 12 Jun 2025 17:39:25 +0000
Manifest this update:     Thu 12 Jun 2025 17:39:25 +0000
Manifest next update:     Thu 19 Jun 2025 17:39:25 +0000
Files and hashes:         1: hOT_tpJ_d_XD8KJSaC9x3bN3sR0.crl (hash: DOlgnB/I5tFu5VwjUQJmp08mTiScCB/58cdL4c7UuoA=)
                          2: 2B21EC2EE4E111E981365C17C4F9AE02.roa (hash: jnR4T4XlGdfZ2gOhYWumXwRlSJ7MxpHX0lAGLhkJjWk=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.crl
                          rsync://rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 19 Jun 2025 17:39:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3665 (0xe51)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A911C743, serialNumber=84E4FFB6927F77F5C3F0A252682F71DDB377B11D
        Validity
            Not Before: Jun 12 17:39:25 2025 GMT
            Not After : Jun 19 17:39:25 2025 GMT
        Subject: CN=684b10cd-c08d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:48:40:2d:f8:ba:1e:d9:b3:d5:3d:f9:d0:72:
                    59:d3:fd:82:54:cc:74:02:c6:d6:5a:01:3e:bf:e1:
                    db:7b:80:a9:54:24:35:c9:f0:19:2b:a3:39:be:c8:
                    5c:0e:ca:cc:40:71:8d:7b:bb:59:5f:fa:b6:6d:de:
                    08:43:70:02:24:93:93:a0:e3:3a:6b:0c:82:c1:a6:
                    88:05:e0:35:f9:82:3a:6a:1e:95:11:ae:76:99:0d:
                    a4:7e:15:2b:1b:cf:c3:a6:b0:14:20:2d:68:17:e3:
                    45:11:98:c1:c1:eb:ae:e9:5d:68:8a:ea:0e:56:19:
                    27:6a:c4:12:b1:3b:4e:d1:ff:f2:bf:82:d7:f9:15:
                    50:f2:25:84:fc:4f:af:10:8e:94:48:8b:02:b8:b4:
                    b4:64:af:2f:81:f9:51:04:dd:d6:63:74:65:4b:c2:
                    a5:b4:f0:08:7f:7f:11:9d:71:d8:d2:e1:f7:a3:4f:
                    d2:a8:2f:b6:e4:9b:0f:fb:e5:70:e4:29:ce:0b:25:
                    49:b0:34:d3:31:a1:ba:77:9b:75:b9:73:42:e9:01:
                    7d:0e:20:e1:31:19:cc:4b:49:28:03:a0:16:76:d8:
                    b9:11:ce:7e:1e:6a:49:b5:50:51:b4:89:6b:94:3e:
                    aa:7e:5a:0f:17:80:a2:7a:91:a0:69:f6:09:7e:93:
                    00:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:59:00:D6:B4:0B:E3:59:40:25:29:5B:1D:CD:08:30:82:19:98:71
            X509v3 Authority Key Identifier:
                keyid:84:E4:FF:B6:92:7F:77:F5:C3:F0:A2:52:68:2F:71:DD:B3:77:B1:1D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:4f:f8:2a:b1:50:04:cf:ca:8d:09:7d:d8:df:b2:ce:54:37:
         9b:c9:29:0e:83:3c:fe:b4:35:51:ec:a8:ef:80:4e:75:66:39:
         8f:b5:93:ce:c3:6c:0a:89:90:6d:5e:be:de:46:cf:52:3c:0b:
         c3:2a:f6:3f:42:a7:44:70:ba:a8:36:e4:1e:06:86:25:52:33:
         71:f4:bf:2f:58:ae:54:f2:ce:25:c6:b6:9d:c2:b7:bf:2a:07:
         6e:9d:f0:85:4e:a5:c4:df:75:21:a9:6b:38:76:d6:5a:b6:9f:
         3f:04:3f:75:b1:61:57:f4:5f:62:3d:70:67:9f:08:c0:db:cf:
         09:f2:58:b6:10:01:c7:f4:38:9c:1d:e3:3d:25:a5:9a:55:90:
         5a:fb:41:a9:d8:bd:e5:ea:4f:6f:15:f2:e7:91:80:0e:46:80:
         c3:92:08:aa:04:bb:c7:a8:2e:b6:18:e5:ca:c3:4b:cb:8f:86:
         10:0b:ae:dd:ab:10:ee:51:50:4e:0a:92:db:b1:ca:ba:68:75:
         03:14:0f:a9:78:3e:b2:0d:5b:70:74:93:a0:13:d6:ce:f1:da:
         21:0c:70:da:51:10:59:03:41:63:fc:c8:7c:54:84:bc:3e:b1:
         3e:eb:44:57:bc:cf:37:39:1f:6e:40:99:a9:38:e1:db:38:34:
         ab:4d:fa:a8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICDlEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUM3NDMxMTAvBgNVBAUTKDg0RTRGRkI2OTI3Rjc3RjVDM0YwQTI1MjY4MkY3MURE
QjM3N0IxMUQwHhcNMjUwNjEyMTczOTI1WhcNMjUwNjE5MTczOTI1WjAYMRYwFAYD
VQQDEw02ODRiMTBjZC1jMDhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA40hALfi6Htmz1T350HJZ0/2CVMx0AsbWWgE+v+Hbe4CpVCQ1yfAZK6M5vshc
DsrMQHGNe7tZX/q2bd4IQ3ACJJOToOM6awyCwaaIBeA1+YI6ah6VEa52mQ2kfhUr
G8/DprAUIC1oF+NFEZjBweuu6V1oiuoOVhknasQSsTtO0f/yv4LX+RVQ8iWE/E+v
EI6USIsCuLS0ZK8vgflRBN3WY3RlS8KltPAIf38RnXHY0uH3o0/SqC+25JsP++Vw
5CnOCyVJsDTTMaG6d5t1uXNC6QF9DiDhMRnMS0koA6AWdti5Ec5+HmpJtVBRtIlr
lD6qfloPF4CiepGgafYJfpMApwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFH1ZANa0
C+NZQCUpWx3NCDCCGZhxMB8GA1UdIwQYMBaAFITk/7aSf3f1w/CiUmgvcd2zd7Ed
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzc0My9GOEFFMjg4MEEy
MUQxMUU5ODI0MkFEODFDNEY5QUUwMi9oT1RfdHBKX2RfWEQ4S0pTYUM5eDNiTjNz
UjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2hPVF90cEpfZF9YRDhLSlNhQzl4M2JOM3NSMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
Qzc0My9GOEFFMjg4MEEyMUQxMUU5ODI0MkFEODFDNEY5QUUwMi9oT1RfdHBKX2Rf
WEQ4S0pTYUM5eDNiTjNzUjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQA4T/gqsVAEz8qNCX3Y37LOVDebySkOgzz+tDVR7KjvgE51ZjmPtZPO
w2wKiZBtXr7eRs9SPAvDKvY/QqdEcLqoNuQeBoYlUjNx9L8vWK5U8s4lxradwre/
KgdunfCFTqXE33UhqWs4dtZatp8/BD91sWFX9F9iPXBnnwjA288J8li2EAHH9Dic
HeM9JaWaVZBa+0Gp2L3l6k9vFfLnkYAORoDDkgiqBLvHqC62GOXKw0vLj4YQC67d
qxDuUVBOCpLbscq6aHUDFA+peD6yDVtwdJOgE9bO8dohDHDaURBZA0Fj/Mh8VIS8
PrE+60RXvM83OR9uQJmpOOHbODSrTfqo
-----END CERTIFICATE-----
Generated at Thu Jun 12 21:30:07 2025 by rpki-client