Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91240E6/660742C8FD2111E488AB0C34C4F9AE02/bc5S-aIoy_bzDNVdQzhNEmhIe2U.mft
File:                     bc5S-aIoy_bzDNVdQzhNEmhIe2U.mft (raw, json)
Hash identifier:          atgUHN2TYO9o+oRrpO4QRkqkl4oJgDkSQa/V9OkeFi0=
Subject key identifier:   AD:FA:99:86:95:61:D0:F8:BE:D8:97:16:BB:2F:E0:25:81:D9:51:4B
Authority key identifier: 6D:CE:52:F9:A2:28:CB:F6:F3:0C:D5:5D:43:38:4D:12:68:48:7B:65
Certificate issuer:       /CN=A91240E6/serialNumber=6DCE52F9A228CBF6F30CD55D43384D1268487B65
Certificate serial:       2557
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bc5S-aIoy_bzDNVdQzhNEmhIe2U.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91240E6/660742C8FD2111E488AB0C34C4F9AE02/bc5S-aIoy_bzDNVdQzhNEmhIe2U.mft
Manifest number:          2541
Signing time:             Sun 26 May 2024 16:01:57 +0000
Manifest this update:     Sun 26 May 2024 16:01:57 +0000
Manifest next update:     Sun 02 Jun 2024 16:01:57 +0000
Files and hashes:         1: bc5S-aIoy_bzDNVdQzhNEmhIe2U.crl (hash: 8EIM3UK8H+biRGVsVzYXNapbw5ZEbVchLPoHjEAFcO8=)
                          2: 8A721F4EB10C11E5BB6B2A16C4F9AE02.roa (hash: zjFPN9IlvbUvgrK4TiEnI3P674oOFqbeO/VgwKwjEUk=)

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91240E6/660742C8FD2111E488AB0C34C4F9AE02/bc5S-aIoy_bzDNVdQzhNEmhIe2U.crl
                          rsync://rpki.apnic.net/member_repository/A91240E6/660742C8FD2111E488AB0C34C4F9AE02/bc5S-aIoy_bzDNVdQzhNEmhIe2U.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bc5S-aIoy_bzDNVdQzhNEmhIe2U.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 02 Jun 2024 14:57:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9559 (0x2557)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91240E6/serialNumber=6DCE52F9A228CBF6F30CD55D43384D1268487B65
        Validity
            Not Before: May 26 16:01:57 2024 GMT
            Not After : Jun  2 16:01:57 2024 GMT
        Subject: CN=66535cf5-bca0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:c7:9e:98:1d:67:c3:17:d5:35:c6:0b:8f:64:
                    35:73:31:bb:1d:a6:f6:6f:ba:6c:8e:a8:96:51:25:
                    b7:b4:53:9b:cd:08:40:de:69:04:80:b8:64:e8:7d:
                    8c:13:61:0e:cc:92:2f:54:d4:74:7f:ea:09:23:91:
                    9d:84:54:b1:bc:24:a5:d6:32:bb:a8:fb:5e:e1:ca:
                    89:24:ff:fd:2d:b9:03:38:10:2f:0a:3f:cd:1e:0e:
                    ac:c2:0a:77:42:cf:f4:ce:b6:75:b8:e1:e4:46:94:
                    bd:77:b1:2d:2f:b5:d5:64:7a:3f:e4:fa:b3:a6:61:
                    93:3f:e7:6f:d3:97:74:6f:78:c4:13:4c:af:3a:6e:
                    6c:bc:06:45:24:01:79:4f:de:fb:74:59:70:cc:a7:
                    45:50:2b:1a:17:42:20:1e:ba:88:0a:5a:cc:d4:26:
                    39:86:01:8e:a0:c0:5e:6c:40:3c:4c:af:2c:fe:06:
                    46:fa:e9:d9:16:e0:28:bb:cd:0c:24:9d:cd:88:34:
                    de:d8:e1:15:c3:c4:1e:27:1f:eb:68:8f:87:cf:d4:
                    7d:e3:bc:c7:27:9a:44:fa:36:2d:35:73:87:36:5e:
                    75:07:6e:43:3c:a7:5e:b1:3d:c4:43:ae:4f:d8:f4:
                    30:f4:95:59:4d:9b:5a:f0:35:94:2a:96:0a:89:e1:
                    00:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:FA:99:86:95:61:D0:F8:BE:D8:97:16:BB:2F:E0:25:81:D9:51:4B
            X509v3 Authority Key Identifier:
                keyid:6D:CE:52:F9:A2:28:CB:F6:F3:0C:D5:5D:43:38:4D:12:68:48:7B:65

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91240E6/660742C8FD2111E488AB0C34C4F9AE02/bc5S-aIoy_bzDNVdQzhNEmhIe2U.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bc5S-aIoy_bzDNVdQzhNEmhIe2U.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91240E6/660742C8FD2111E488AB0C34C4F9AE02/bc5S-aIoy_bzDNVdQzhNEmhIe2U.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:8b:dc:1f:ac:3a:1e:33:8d:f6:69:64:f0:83:58:66:d3:be:
         de:86:c4:03:ed:7b:48:7d:8b:25:51:20:51:b1:26:13:18:57:
         eb:f1:2a:5d:b7:1a:f5:03:6e:3b:4e:26:38:e4:5b:58:0c:58:
         e5:c5:91:90:a7:1e:5a:73:b6:83:31:cd:4a:98:ed:34:47:29:
         b8:a3:32:4b:d4:50:06:a4:22:87:90:43:55:e6:ff:67:ff:3d:
         34:34:69:53:2c:cf:cd:53:d9:d9:32:9d:3b:35:2b:3f:0d:fb:
         f3:6e:d1:2b:db:d7:75:4e:f4:b0:67:3c:b1:0f:8c:0d:b9:20:
         61:5f:3e:10:6b:42:08:16:a3:35:2d:dd:4d:60:fe:e4:8c:3a:
         d9:99:b9:c3:57:c8:c3:8e:33:c2:eb:c5:44:3d:07:99:9e:20:
         82:cd:ee:a1:e6:92:3a:f6:3d:20:df:ca:09:40:df:44:20:34:
         ad:2c:4f:aa:55:c3:38:5e:64:ec:0c:47:55:00:8f:30:34:58:
         ba:22:2a:73:2f:2c:b7:99:a7:6b:6a:b3:10:dd:04:f8:9a:76:
         32:ff:f6:13:49:3b:e7:e7:24:b2:0e:ff:2b:eb:5d:d8:82:82:
         96:25:a4:2b:96:8f:8c:37:aa:95:25:40:db:f2:eb:d0:4f:6f:
         b9:1c:41:8b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICJVcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjQwRTYxMTAvBgNVBAUTKDZEQ0U1MkY5QTIyOENCRjZGMzBDRDU1RDQzMzg0RDEy
Njg0ODdCNjUwHhcNMjQwNTI2MTYwMTU3WhcNMjQwNjAyMTYwMTU3WjAYMRYwFAYD
VQQDEw02NjUzNWNmNS1iY2EwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq8eemB1nwxfVNcYLj2Q1czG7Hab2b7psjqiWUSW3tFObzQhA3mkEgLhk6H2M
E2EOzJIvVNR0f+oJI5GdhFSxvCSl1jK7qPte4cqJJP/9LbkDOBAvCj/NHg6swgp3
Qs/0zrZ1uOHkRpS9d7EtL7XVZHo/5PqzpmGTP+dv05d0b3jEE0yvOm5svAZFJAF5
T977dFlwzKdFUCsaF0IgHrqIClrM1CY5hgGOoMBebEA8TK8s/gZG+unZFuAou80M
JJ3NiDTe2OEVw8QeJx/raI+Hz9R947zHJ5pE+jYtNXOHNl51B25DPKdesT3EQ65P
2PQw9JVZTZta8DWUKpYKieEAvQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFK36mYaV
YdD4vtiXFrsv4CWB2VFLMB8GA1UdIwQYMBaAFG3OUvmiKMv28wzVXUM4TRJoSHtl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNDBFNi82NjA3NDJDOEZE
MjExMUU0ODhBQjBDMzRDNEY5QUUwMi9iYzVTLWFJb3lfYnpETlZkUXpoTkVtaEll
MlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JjNVMtYUlveV9iekROVmRRemhORW1oSWUyVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
NDBFNi82NjA3NDJDOEZEMjExMUU0ODhBQjBDMzRDNEY5QUUwMi9iYzVTLWFJb3lf
YnpETlZkUXpoTkVtaEllMlUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBoi9wfrDoeM432aWTwg1hm077ehsQD7XtIfYslUSBRsSYTGFfr8Spd
txr1A247TiY45FtYDFjlxZGQpx5ac7aDMc1KmO00Rym4ozJL1FAGpCKHkENV5v9n
/z00NGlTLM/NU9nZMp07NSs/DfvzbtEr29d1TvSwZzyxD4wNuSBhXz4Qa0IIFqM1
Ld1NYP7kjDrZmbnDV8jDjjPC68VEPQeZniCCze6h5pI69j0g38oJQN9EIDStLE+q
VcM4XmTsDEdVAI8wNFi6IipzLyy3madrarMQ3QT4mnYy//YTSTvn5ySyDv8r613Y
goKWJaQrlo+MN6qVJUDb8uvQT2+5HEGL
-----END CERTIFICATE-----
Generated at Sun May 26 16:40:07 2024 by rpki-client on console-fra.rpki-client.org