Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9124803/977D73608C7011EBAEA11341C4F9AE02/G43u2x08SMwcTCF7lpx5hUGkzHc.mft
File:                     G43u2x08SMwcTCF7lpx5hUGkzHc.mft (raw, json)
Hash identifier:          rIRW6TDGq8WkjdPgLicAzd9I0RBY1nEFkygk+TWLsXE=
Subject key identifier:   47:5F:31:9C:CE:78:A5:94:61:42:B7:5C:88:39:D4:25:43:99:F2:C5
Authority key identifier: 1B:8D:EE:DB:1D:3C:48:CC:1C:4C:21:7B:96:9C:79:85:41:A4:CC:77
Certificate issuer:       /CN=A9124803/serialNumber=1B8DEEDB1D3C48CC1C4C217B969C798541A4CC77
Certificate serial:       0657
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/G43u2x08SMwcTCF7lpx5hUGkzHc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9124803/977D73608C7011EBAEA11341C4F9AE02/G43u2x08SMwcTCF7lpx5hUGkzHc.mft
Manifest number:          0650
Signing time:             Sun 08 Jun 2025 22:11:53 +0000
Manifest this update:     Sun 08 Jun 2025 22:11:52 +0000
Manifest next update:     Sun 15 Jun 2025 22:11:52 +0000
Files and hashes:         1: G43u2x08SMwcTCF7lpx5hUGkzHc.crl (hash: n2Vy3IXTabFFcvRt/zo0Ne1gbL3hjP+ZNfOBb87yr/E=)
                          2: 62CCFF308C7211EB98A6DD43C4F9AE02.roa (hash: lV/cpNWUCFTUuQ8wWKZTK1Tzrge3tnngMyqR3AbKgb4=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9124803/977D73608C7011EBAEA11341C4F9AE02/G43u2x08SMwcTCF7lpx5hUGkzHc.crl
                          rsync://rpki.apnic.net/member_repository/A9124803/977D73608C7011EBAEA11341C4F9AE02/G43u2x08SMwcTCF7lpx5hUGkzHc.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/G43u2x08SMwcTCF7lpx5hUGkzHc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 15 Jun 2025 22:11:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1623 (0x657)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9124803, serialNumber=1B8DEEDB1D3C48CC1C4C217B969C798541A4CC77
        Validity
            Not Before: Jun  8 22:11:52 2025 GMT
            Not After : Jun 15 22:11:52 2025 GMT
        Subject: CN=68460aa8-94d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:1c:4e:bd:60:1d:7f:2e:b1:7e:82:d0:16:44:
                    00:45:d0:47:5b:f1:71:f6:57:20:db:0c:92:59:f1:
                    9f:80:de:a5:1e:25:06:e3:14:33:30:46:a2:95:2b:
                    82:c9:e0:48:51:14:9d:5e:21:42:40:b1:b1:99:bf:
                    57:8a:4e:25:c5:2e:1a:a5:03:a9:ab:e8:b6:da:58:
                    cc:b2:17:37:00:ce:6c:6b:3d:c0:fd:05:0e:02:7d:
                    5e:16:cb:31:b4:36:9f:72:d5:5c:31:f8:fd:f9:79:
                    04:0a:b2:aa:9e:b0:22:80:d0:0c:d5:72:23:90:5a:
                    5e:03:df:f3:22:87:31:ca:66:cf:ea:39:6a:93:0f:
                    6e:fc:d1:95:fc:ba:1d:39:47:c9:df:59:26:bd:02:
                    21:2a:1d:03:fa:d3:99:dd:07:23:fa:09:11:05:7a:
                    3b:8a:06:bf:fa:c6:82:dd:d8:50:3c:ad:2a:50:8c:
                    50:a7:8a:da:06:97:f8:0b:13:ff:6d:40:03:fa:16:
                    17:4b:cb:70:32:98:af:d8:b8:1c:31:dc:97:59:29:
                    78:cf:f1:e7:a7:20:ce:69:39:57:4c:d5:ff:a0:38:
                    95:26:ee:9b:0f:5d:f4:88:b3:93:c5:54:f0:54:c1:
                    68:ce:c9:3d:c0:55:f5:fa:82:92:17:31:c8:3c:79:
                    03:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:5F:31:9C:CE:78:A5:94:61:42:B7:5C:88:39:D4:25:43:99:F2:C5
            X509v3 Authority Key Identifier:
                keyid:1B:8D:EE:DB:1D:3C:48:CC:1C:4C:21:7B:96:9C:79:85:41:A4:CC:77

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9124803/977D73608C7011EBAEA11341C4F9AE02/G43u2x08SMwcTCF7lpx5hUGkzHc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/G43u2x08SMwcTCF7lpx5hUGkzHc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9124803/977D73608C7011EBAEA11341C4F9AE02/G43u2x08SMwcTCF7lpx5hUGkzHc.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:ab:33:7f:ae:92:f2:14:1b:9e:0c:66:17:de:96:df:ba:fc:
         08:b3:92:0d:4d:6f:f7:8b:2b:e8:53:12:65:2a:c8:ac:a4:be:
         23:05:1b:02:3e:60:0e:5f:9a:a0:36:3e:e1:03:66:f8:0b:ce:
         82:23:f7:2d:54:16:ef:59:0a:d7:b3:4a:88:bb:23:2b:3a:cc:
         a7:2c:7c:ed:29:ee:41:e3:44:9b:92:93:23:13:21:62:8d:3c:
         0f:cf:32:ed:6b:4d:fa:1c:13:60:f4:04:97:a6:20:c2:9d:1f:
         a9:fe:c9:b1:46:76:56:be:56:c6:54:59:f3:96:e4:c5:9d:e8:
         d4:93:bd:39:a7:27:ef:00:54:0d:30:1a:33:04:db:25:07:29:
         7e:75:65:4a:bc:45:94:79:eb:9b:98:77:34:16:ed:18:da:ec:
         39:c2:61:d9:3b:09:79:a1:99:24:a3:00:98:93:b5:0b:5b:30:
         bd:b0:ed:48:60:96:42:a0:c5:ab:7a:c1:22:a8:e0:39:ca:18:
         49:15:2c:fb:39:36:a6:9b:95:b1:fb:00:18:fb:2a:7f:54:f0:
         ef:45:e3:e9:a7:ae:a9:73:fd:f7:35:79:1d:ca:60:47:42:da:
         bc:4e:e4:30:f5:c7:79:5a:fd:ea:b7:f5:21:68:f2:9b:b5:0e:
         90:a6:fb:3e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICBlcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjQ4MDMxMTAvBgNVBAUTKDFCOERFRURCMUQzQzQ4Q0MxQzRDMjE3Qjk2OUM3OTg1
NDFBNENDNzcwHhcNMjUwNjA4MjIxMTUyWhcNMjUwNjE1MjIxMTUyWjAYMRYwFAYD
VQQDEw02ODQ2MGFhOC05NGQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzhxOvWAdfy6xfoLQFkQARdBHW/Fx9lcg2wySWfGfgN6lHiUG4xQzMEailSuC
yeBIURSdXiFCQLGxmb9Xik4lxS4apQOpq+i22ljMshc3AM5saz3A/QUOAn1eFssx
tDafctVcMfj9+XkECrKqnrAigNAM1XIjkFpeA9/zIocxymbP6jlqkw9u/NGV/Lod
OUfJ31kmvQIhKh0D+tOZ3Qcj+gkRBXo7iga/+saC3dhQPK0qUIxQp4raBpf4CxP/
bUAD+hYXS8twMpiv2LgcMdyXWSl4z/HnpyDOaTlXTNX/oDiVJu6bD130iLOTxVTw
VMFozsk9wFX1+oKSFzHIPHkDqwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEdfMZzO
eKWUYUK3XIg51CVDmfLFMB8GA1UdIwQYMBaAFBuN7tsdPEjMHEwhe5aceYVBpMx3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNDgwMy85NzdENzM2MDhD
NzAxMUVCQUVBMTEzNDFDNEY5QUUwMi9HNDN1MngwOFNNd2NUQ0Y3bHB4NWhVR2t6
SGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0c0M3UyeDA4U013Y1RDRjdscHg1aFVHa3pIYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
NDgwMy85NzdENzM2MDhDNzAxMUVCQUVBMTEzNDFDNEY5QUUwMi9HNDN1MngwOFNN
d2NUQ0Y3bHB4NWhVR2t6SGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBvqzN/rpLyFBueDGYX3pbfuvwIs5INTW/3iyvoUxJlKsispL4jBRsC
PmAOX5qgNj7hA2b4C86CI/ctVBbvWQrXs0qIuyMrOsynLHztKe5B40SbkpMjEyFi
jTwPzzLta036HBNg9ASXpiDCnR+p/smxRnZWvlbGVFnzluTFnejUk705pyfvAFQN
MBozBNslByl+dWVKvEWUeeubmHc0Fu0Y2uw5wmHZOwl5oZkkowCYk7ULWzC9sO1I
YJZCoMWresEiqOA5yhhJFSz7OTamm5Wx+wAY+yp/VPDvRePpp66pc/33NXkdymBH
Qtq8TuQw9cd5Wv3qt/UhaPKbtQ6Qpvs+
-----END CERTIFICATE-----
Generated at Tue Jun 10 17:09:49 2025 by rpki-client