Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A912EE4D/523FDA808A0211EEB289032CC4F9AE02/lFmgev60b3mSRf7CNW08usm-2Ig.mft
File:                     lFmgev60b3mSRf7CNW08usm-2Ig.mft (raw, json)
Hash identifier:          4Tku5fQto93lJkDCIvS7FgyT4h/mjTZH+lJCX5l3PbI=
Subject key identifier:   19:F4:EB:5D:79:CC:92:0B:39:D3:08:49:02:5A:32:EB:E5:94:8B:A5
Authority key identifier: 94:59:A0:7A:FE:B4:6F:79:92:45:FE:C2:35:6D:3C:BA:C9:BE:D8:88
Certificate issuer:       /CN=A912EE4D/serialNumber=9459A07AFEB46F799245FEC2356D3CBAC9BED888
Certificate serial:       0128
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lFmgev60b3mSRf7CNW08usm-2Ig.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A912EE4D/523FDA808A0211EEB289032CC4F9AE02/lFmgev60b3mSRf7CNW08usm-2Ig.mft
Manifest number:          0124
Signing time:             Mon 09 Jun 2025 03:46:04 +0000
Manifest this update:     Mon 09 Jun 2025 03:46:04 +0000
Manifest next update:     Mon 16 Jun 2025 03:46:04 +0000
Files and hashes:         1: lFmgev60b3mSRf7CNW08usm-2Ig.crl (hash: nU7Rp5KbIcViN7f1+RLfWmtTm4CjZYsXBMkgQGYd+Nk=)
                          2: 81A901FA8A0411EEA251F746C4F9AE02.roa (hash: JHvhSwDOyCbk05zvE3c35/2oeXE8ikJi+kxwUoPeaf4=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A912EE4D/523FDA808A0211EEB289032CC4F9AE02/lFmgev60b3mSRf7CNW08usm-2Ig.crl
                          rsync://rpki.apnic.net/member_repository/A912EE4D/523FDA808A0211EEB289032CC4F9AE02/lFmgev60b3mSRf7CNW08usm-2Ig.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lFmgev60b3mSRf7CNW08usm-2Ig.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 16 Jun 2025 03:46:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 296 (0x128)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A912EE4D, serialNumber=9459A07AFEB46F799245FEC2356D3CBAC9BED888
        Validity
            Not Before: Jun  9 03:46:04 2025 GMT
            Not After : Jun 16 03:46:04 2025 GMT
        Subject: CN=684658fc-08e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:d8:56:33:d1:f3:5a:26:3b:ab:86:ff:de:3b:
                    b8:94:28:c1:55:24:0b:04:d2:61:87:f2:bd:4e:86:
                    3f:cc:00:0f:06:ff:f2:72:c7:35:93:51:fe:16:3b:
                    64:e4:86:25:35:ca:2a:c1:e2:b2:10:22:22:f9:bf:
                    71:b3:e3:52:7d:be:dc:6e:63:9d:27:31:28:a2:f8:
                    ca:4a:76:d9:11:92:a6:65:dd:68:2a:38:73:39:8c:
                    43:30:ba:d6:05:29:ec:a5:72:83:89:3f:3f:bb:fa:
                    b8:5d:cc:89:42:dd:fa:5f:89:6e:41:42:b9:41:48:
                    1f:65:48:60:d3:8f:d5:60:3e:07:28:fe:67:a8:ae:
                    cf:68:1c:95:f5:23:2b:b2:25:c0:b4:31:39:81:23:
                    db:68:f2:8d:f0:5b:d3:87:a9:7b:09:ba:19:d1:85:
                    fd:9d:14:35:b4:8c:84:36:38:ad:d6:0e:6c:42:65:
                    dd:cf:e4:a4:14:7e:25:19:ee:14:d6:ce:97:32:e3:
                    1a:2e:7f:35:c5:11:76:0c:4b:ee:ae:20:3f:e3:4a:
                    2e:00:35:83:7c:48:03:fa:1c:42:d3:56:48:f3:91:
                    72:8c:71:e8:51:31:ca:8f:25:00:04:0b:a8:b3:67:
                    90:54:f8:c7:b7:4d:f6:9e:cf:4e:61:f4:73:13:0a:
                    28:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:F4:EB:5D:79:CC:92:0B:39:D3:08:49:02:5A:32:EB:E5:94:8B:A5
            X509v3 Authority Key Identifier:
                keyid:94:59:A0:7A:FE:B4:6F:79:92:45:FE:C2:35:6D:3C:BA:C9:BE:D8:88

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A912EE4D/523FDA808A0211EEB289032CC4F9AE02/lFmgev60b3mSRf7CNW08usm-2Ig.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lFmgev60b3mSRf7CNW08usm-2Ig.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912EE4D/523FDA808A0211EEB289032CC4F9AE02/lFmgev60b3mSRf7CNW08usm-2Ig.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:32:d4:7a:9e:76:5d:7e:44:dc:20:54:79:bd:bd:41:39:36:
         58:a1:4c:c0:d5:6e:53:b5:4b:eb:22:19:6b:1c:df:de:04:00:
         b8:93:2f:b8:58:f5:ef:00:0f:52:6b:13:d4:bd:e7:44:de:fb:
         66:3c:12:72:05:b9:f0:32:3e:1e:4e:98:af:69:08:44:77:4f:
         87:78:5f:ba:00:0e:51:43:15:f6:11:ac:39:24:f6:fd:39:c2:
         e6:fd:64:b8:46:6e:65:29:d8:ff:fd:8a:08:fd:2a:46:2c:4a:
         d3:63:42:58:94:35:f7:80:c8:ca:a8:37:4d:da:eb:2a:c1:cb:
         11:05:98:6a:5c:06:7b:cb:54:ce:52:d1:75:c0:81:05:60:4c:
         a5:f7:80:c2:cc:db:93:41:9b:c6:0c:19:7c:46:58:01:d5:0c:
         78:61:24:5b:e6:c7:52:52:51:57:97:c8:da:98:21:cc:a0:42:
         0e:82:d0:2f:04:63:ea:83:5d:e2:21:69:44:88:c0:22:8e:21:
         9a:ff:3f:48:94:b4:f4:c0:9f:bf:32:f5:2a:4f:0c:af:5e:f8:
         b6:18:a2:b0:01:f8:5d:75:21:d9:d8:a6:8b:4a:86:a5:c4:da:
         81:4b:16:6a:a5:48:3d:1f:36:fc:99:ae:30:e7:32:71:8a:3b:
         87:30:b7:9b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICASgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkVFNEQxMTAvBgNVBAUTKDk0NTlBMDdBRkVCNDZGNzk5MjQ1RkVDMjM1NkQzQ0JB
QzlCRUQ4ODgwHhcNMjUwNjA5MDM0NjA0WhcNMjUwNjE2MDM0NjA0WjAYMRYwFAYD
VQQDEw02ODQ2NThmYy0wOGU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtthWM9HzWiY7q4b/3ju4lCjBVSQLBNJhh/K9ToY/zAAPBv/ycsc1k1H+Fjtk
5IYlNcoqweKyECIi+b9xs+NSfb7cbmOdJzEoovjKSnbZEZKmZd1oKjhzOYxDMLrW
BSnspXKDiT8/u/q4XcyJQt36X4luQUK5QUgfZUhg04/VYD4HKP5nqK7PaByV9SMr
siXAtDE5gSPbaPKN8FvTh6l7CboZ0YX9nRQ1tIyENjit1g5sQmXdz+SkFH4lGe4U
1s6XMuMaLn81xRF2DEvuriA/40ouADWDfEgD+hxC01ZI85FyjHHoUTHKjyUABAuo
s2eQVPjHt032ns9OYfRzEwooLwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBn06115
zJILOdMISQJaMuvllIulMB8GA1UdIwQYMBaAFJRZoHr+tG95kkX+wjVtPLrJvtiI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRUU0RC81MjNGREE4MDhB
MDIxMUVFQjI4OTAzMkNDNEY5QUUwMi9sRm1nZXY2MGIzbVNSZjdDTlcwOHVzbS0y
SWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2xGbWdldjYwYjNtU1JmN0NOVzA4dXNtLTJJZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
RUU0RC81MjNGREE4MDhBMDIxMUVFQjI4OTAzMkNDNEY5QUUwMi9sRm1nZXY2MGIz
bVNSZjdDTlcwOHVzbS0ySWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBBMtR6nnZdfkTcIFR5vb1BOTZYoUzA1W5TtUvrIhlrHN/eBAC4ky+4
WPXvAA9SaxPUvedE3vtmPBJyBbnwMj4eTpivaQhEd0+HeF+6AA5RQxX2Eaw5JPb9
OcLm/WS4Rm5lKdj//YoI/SpGLErTY0JYlDX3gMjKqDdN2usqwcsRBZhqXAZ7y1TO
UtF1wIEFYEyl94DCzNuTQZvGDBl8RlgB1Qx4YSRb5sdSUlFXl8jamCHMoEIOgtAv
BGPqg13iIWlEiMAijiGa/z9IlLT0wJ+/MvUqTwyvXvi2GKKwAfhddSHZ2KaLSoal
xNqBSxZqpUg9Hzb8ma4w5zJxijuHMLeb
-----END CERTIFICATE-----
Generated at Tue Jun 10 15:22:02 2025 by rpki-client