Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9131A2D/DA46609AF7C311EA9B2EF785C4F9AE02/HQSsXQPY72rEMd4aeq57aHaBtjY.mft
File:                     HQSsXQPY72rEMd4aeq57aHaBtjY.mft (raw, json)
Hash identifier:          MJiTsVhXR3MxwwCIsn9U6A2fcmbUq0J2a5KApPZw6s0=
Subject key identifier:   34:0E:24:65:2B:0B:8B:40:AD:58:A8:1C:8A:F2:6D:9A:80:AF:46:DD
Authority key identifier: 1D:04:AC:5D:03:D8:EF:6A:C4:31:DE:1A:7A:AE:7B:68:76:81:B6:36
Certificate issuer:       /CN=A9131A2D/serialNumber=1D04AC5D03D8EF6AC431DE1A7AAE7B687681B636
Certificate serial:       07E5
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HQSsXQPY72rEMd4aeq57aHaBtjY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9131A2D/DA46609AF7C311EA9B2EF785C4F9AE02/HQSsXQPY72rEMd4aeq57aHaBtjY.mft
Manifest number:          07D2
Signing time:             Sun 08 Jun 2025 20:47:46 +0000
Manifest this update:     Sun 08 Jun 2025 20:47:46 +0000
Manifest next update:     Sun 15 Jun 2025 20:47:46 +0000
Files and hashes:         1: HQSsXQPY72rEMd4aeq57aHaBtjY.crl (hash: eVwClKoy0MoWilPeX5/jT/YAAwcrn0qtkmZhxqSHj7g=)
                          2: 66EE9D94152511ECAD055780C4F9AE02.roa (hash: xYIcgS1Zp8wD+PJFBZBjfV7mWptLx74W20qrbaZleiE=)
                          3: 111E53B6152811ECB2C0B70BC4F9AE02.roa (hash: vzmf8XnwJutTzSkLhDDX6poVkZL6XtaY1a0fPCQC+dY=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9131A2D/DA46609AF7C311EA9B2EF785C4F9AE02/HQSsXQPY72rEMd4aeq57aHaBtjY.crl
                          rsync://rpki.apnic.net/member_repository/A9131A2D/DA46609AF7C311EA9B2EF785C4F9AE02/HQSsXQPY72rEMd4aeq57aHaBtjY.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HQSsXQPY72rEMd4aeq57aHaBtjY.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 15 Jun 2025 20:47:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2021 (0x7e5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9131A2D, serialNumber=1D04AC5D03D8EF6AC431DE1A7AAE7B687681B636
        Validity
            Not Before: Jun  8 20:47:46 2025 GMT
            Not After : Jun 15 20:47:46 2025 GMT
        Subject: CN=6845f6f2-ad1a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:dd:35:d2:a0:d2:33:dd:47:a8:30:ed:5b:42:
                    50:77:fc:3f:69:1e:64:6c:76:4d:c4:6f:cc:64:63:
                    65:a7:44:97:d4:d0:e2:67:3f:e6:55:80:3c:0b:5e:
                    7f:76:f5:31:0c:b3:81:62:75:8e:db:eb:c5:2f:eb:
                    82:38:68:69:a7:b6:1f:7b:3a:7f:d4:fa:f8:47:1c:
                    39:e2:c2:a7:a4:04:20:69:c8:d4:2c:74:ea:39:c0:
                    d8:63:bb:8e:fe:90:2d:c5:d3:22:85:bb:cb:79:0f:
                    11:fa:b5:4f:1d:01:a1:42:df:4f:f6:ff:81:5a:3a:
                    25:1b:0f:c3:0a:ba:ca:a5:99:e2:14:78:ee:ae:93:
                    f3:96:65:d8:1f:33:e2:93:b2:3c:8b:62:0c:a4:08:
                    ed:e7:77:96:50:3f:3c:62:3d:64:d8:ff:07:ea:d7:
                    39:ec:53:a1:a7:09:02:45:58:9c:fd:11:3b:5b:92:
                    9a:5a:39:5f:f7:77:dc:3b:95:1a:6b:c3:19:bd:cd:
                    1a:da:ca:5e:9d:ce:f1:bc:ad:f1:4c:49:41:b1:d3:
                    b2:05:af:8e:65:8f:7a:65:40:39:cf:65:18:98:58:
                    24:42:3c:b8:b8:e2:5b:ab:4c:3c:c4:7f:bb:dd:77:
                    be:aa:24:af:93:af:78:87:7f:b7:31:22:5b:57:23:
                    f3:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:0E:24:65:2B:0B:8B:40:AD:58:A8:1C:8A:F2:6D:9A:80:AF:46:DD
            X509v3 Authority Key Identifier:
                keyid:1D:04:AC:5D:03:D8:EF:6A:C4:31:DE:1A:7A:AE:7B:68:76:81:B6:36

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9131A2D/DA46609AF7C311EA9B2EF785C4F9AE02/HQSsXQPY72rEMd4aeq57aHaBtjY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HQSsXQPY72rEMd4aeq57aHaBtjY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9131A2D/DA46609AF7C311EA9B2EF785C4F9AE02/HQSsXQPY72rEMd4aeq57aHaBtjY.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:d6:ae:9b:02:af:9d:4d:a6:ec:f2:57:4e:4b:b2:c1:ec:c9:
         ca:6f:34:36:dc:4c:9f:23:64:78:4f:ee:d6:7a:e2:f3:16:b2:
         4c:dc:91:d5:59:51:9c:8e:68:62:fc:c0:d9:82:3c:6e:dc:45:
         8f:ff:9a:b7:59:9d:a2:10:07:6d:5d:37:67:14:09:fa:69:3d:
         19:a8:b6:51:61:68:4f:95:a6:22:45:9b:cd:f6:69:3b:38:c1:
         b0:1c:ba:78:3d:1d:73:6b:5d:49:26:e7:f7:c8:27:b0:48:7f:
         ee:8c:70:5b:dc:32:1a:50:fb:49:c7:bf:f7:ad:95:43:c5:d9:
         67:f2:96:5d:67:df:83:46:27:f1:de:6a:62:c3:72:48:d4:aa:
         20:8a:47:e8:f2:c2:20:d7:6d:77:6b:ac:44:5d:6d:81:5e:19:
         6c:cd:2e:fc:98:cb:2b:c6:7b:61:1f:41:dc:90:ed:6b:97:42:
         be:9c:c9:4f:53:3e:e0:22:e3:85:e1:db:c0:a2:20:a5:12:13:
         58:40:64:8b:d5:d6:b4:7b:a5:e9:92:8f:41:b1:89:51:48:e2:
         c4:fa:aa:c5:66:e6:c1:15:f9:c9:d2:7b:18:e8:b8:c4:5c:3b:
         c7:9d:67:06:bf:32:70:67:ec:c0:13:d3:d3:8c:21:1e:b2:5a:
         88:97:f5:52
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICB+UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzFBMkQxMTAvBgNVBAUTKDFEMDRBQzVEMDNEOEVGNkFDNDMxREUxQTdBQUU3QjY4
NzY4MUI2MzYwHhcNMjUwNjA4MjA0NzQ2WhcNMjUwNjE1MjA0NzQ2WjAYMRYwFAYD
VQQDEw02ODQ1ZjZmMi1hZDFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA99010qDSM91HqDDtW0JQd/w/aR5kbHZNxG/MZGNlp0SX1NDiZz/mVYA8C15/
dvUxDLOBYnWO2+vFL+uCOGhpp7Yfezp/1Pr4Rxw54sKnpAQgacjULHTqOcDYY7uO
/pAtxdMihbvLeQ8R+rVPHQGhQt9P9v+BWjolGw/DCrrKpZniFHjurpPzlmXYHzPi
k7I8i2IMpAjt53eWUD88Yj1k2P8H6tc57FOhpwkCRVic/RE7W5KaWjlf93fcO5Ua
a8MZvc0a2spenc7xvK3xTElBsdOyBa+OZY96ZUA5z2UYmFgkQjy4uOJbq0w8xH+7
3Xe+qiSvk694h3+3MSJbVyPzhQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDQOJGUr
C4tArVioHIrybZqAr0bdMB8GA1UdIwQYMBaAFB0ErF0D2O9qxDHeGnque2h2gbY2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMUEyRC9EQTQ2NjA5QUY3
QzMxMUVBOUIyRUY3ODVDNEY5QUUwMi9IUVNzWFFQWTcyckVNZDRhZXE1N2FIYUJ0
alkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0hRU3NYUVBZNzJyRU1kNGFlcTU3YUhhQnRqWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
MUEyRC9EQTQ2NjA5QUY3QzMxMUVBOUIyRUY3ODVDNEY5QUUwMi9IUVNzWFFQWTcy
ckVNZDRhZXE1N2FIYUJ0alkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCa1q6bAq+dTabs8ldOS7LB7MnKbzQ23EyfI2R4T+7WeuLzFrJM3JHV
WVGcjmhi/MDZgjxu3EWP/5q3WZ2iEAdtXTdnFAn6aT0ZqLZRYWhPlaYiRZvN9mk7
OMGwHLp4PR1za11JJuf3yCewSH/ujHBb3DIaUPtJx7/3rZVDxdln8pZdZ9+DRifx
3mpiw3JI1Kogikfo8sIg1213a6xEXW2BXhlszS78mMsrxnthH0HckO1rl0K+nMlP
Uz7gIuOF4dvAoiClEhNYQGSL1da0e6Xpko9BsYlRSOLE+qrFZubBFfnJ0nsY6LjE
XDvHnWcGvzJwZ+zAE9PTjCEeslqIl/VS
-----END CERTIFICATE-----
Generated at Mon Jun 9 19:46:53 2025 by rpki-client