Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9137B39/A7599D7AA03511EC82255D3AC4F9AE02/khdBhFmoypIuDWajy6pAZyDLSJA.mft
File:                     khdBhFmoypIuDWajy6pAZyDLSJA.mft (raw, json)
Hash identifier:          M8uoz4gS0IG3lsoPRYq3F5wLjHQCIGEDtcl8tKiHy94=
Subject key identifier:   7F:BF:E0:D6:56:CC:1B:F9:C0:65:66:C4:04:21:1C:24:9D:12:3C:F9
Authority key identifier: 92:17:41:84:59:A8:CA:92:2E:0D:66:A3:CB:AA:40:67:20:CB:48:90
Certificate issuer:       /CN=A9137B39/serialNumber=9217418459A8CA922E0D66A3CBAA406720CB4890
Certificate serial:       039C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/khdBhFmoypIuDWajy6pAZyDLSJA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9137B39/A7599D7AA03511EC82255D3AC4F9AE02/khdBhFmoypIuDWajy6pAZyDLSJA.mft
Manifest number:          0397
Signing time:             Fri 13 Jun 2025 00:22:34 +0000
Manifest this update:     Fri 13 Jun 2025 00:22:33 +0000
Manifest next update:     Fri 20 Jun 2025 00:22:33 +0000
Files and hashes:         1: khdBhFmoypIuDWajy6pAZyDLSJA.crl (hash: 6vAnTpkR40q6TvnKBJ5cSurgvvqToN+7C78mqMlKHZ8=)
                          2: 44FBB466A03911EC9AD2F840C4F9AE02.roa (hash: u8Y2qHn4dP492v5Q3muwggQyuBR/yx2lsL2jNNDR8KY=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9137B39/A7599D7AA03511EC82255D3AC4F9AE02/khdBhFmoypIuDWajy6pAZyDLSJA.crl
                          rsync://rpki.apnic.net/member_repository/A9137B39/A7599D7AA03511EC82255D3AC4F9AE02/khdBhFmoypIuDWajy6pAZyDLSJA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/khdBhFmoypIuDWajy6pAZyDLSJA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 20 Jun 2025 00:22:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 924 (0x39c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9137B39, serialNumber=9217418459A8CA922E0D66A3CBAA406720CB4890
        Validity
            Not Before: Jun 13 00:22:33 2025 GMT
            Not After : Jun 20 00:22:33 2025 GMT
        Subject: CN=684b6f49-93f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:19:a1:55:1e:c5:50:29:74:f3:51:5b:e5:9f:
                    06:4f:1f:d0:90:ab:f5:2c:48:d0:76:96:31:0d:44:
                    54:75:70:03:7d:92:02:7d:9c:46:02:03:0e:eb:71:
                    d3:08:26:d4:41:cd:b8:a6:30:1c:c9:d7:8b:7a:aa:
                    3a:c9:8b:58:80:05:9c:00:89:f5:c4:bd:cf:f2:88:
                    61:7e:f9:69:ef:2a:bf:bb:e0:e2:39:42:0b:0b:80:
                    f5:55:e1:c9:25:20:bd:5d:77:c1:51:84:97:e6:72:
                    b3:66:d2:a0:af:d4:e6:0e:e7:d2:27:f3:32:7a:8c:
                    41:72:43:ac:20:a9:bb:bd:08:79:ad:52:27:a3:8a:
                    a9:9f:c9:e9:9b:1a:0f:b4:7c:0a:8c:c1:bf:1d:49:
                    b0:63:c7:9c:5b:3f:79:7b:ce:82:71:c5:99:92:46:
                    61:97:b9:0e:0c:1f:59:c6:b2:4a:d9:8a:f3:74:81:
                    72:96:87:0d:bb:63:47:cf:bc:5c:d8:0d:b3:e3:b1:
                    99:43:30:0b:0f:30:66:d8:2a:51:6a:be:f0:71:04:
                    d4:c7:db:af:fd:a7:58:37:db:1b:7c:2a:9f:dc:94:
                    c8:6c:2b:32:85:0c:05:c8:03:b1:d2:a6:49:3f:09:
                    03:61:90:cc:a5:41:a4:f8:dc:da:f6:29:2c:97:97:
                    65:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:BF:E0:D6:56:CC:1B:F9:C0:65:66:C4:04:21:1C:24:9D:12:3C:F9
            X509v3 Authority Key Identifier:
                keyid:92:17:41:84:59:A8:CA:92:2E:0D:66:A3:CB:AA:40:67:20:CB:48:90

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9137B39/A7599D7AA03511EC82255D3AC4F9AE02/khdBhFmoypIuDWajy6pAZyDLSJA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/khdBhFmoypIuDWajy6pAZyDLSJA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9137B39/A7599D7AA03511EC82255D3AC4F9AE02/khdBhFmoypIuDWajy6pAZyDLSJA.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:13:4e:cd:e7:22:8f:e5:bd:b6:1f:f3:3a:53:cd:f0:fa:d9:
         9e:88:66:b8:9c:94:94:db:90:2c:77:97:5d:a0:94:c6:0e:53:
         fb:dc:e8:4f:bd:a6:14:cf:6f:53:fd:73:60:b8:9c:ea:9b:72:
         4f:82:ca:81:f6:58:85:45:d0:f7:3e:35:9b:05:e0:5a:81:60:
         0e:62:42:e2:01:ee:0e:58:4a:b6:31:4a:bb:48:54:82:04:33:
         25:28:d4:37:b4:1c:8d:53:01:2a:24:51:5d:cd:39:43:50:71:
         e7:b6:64:59:21:64:2b:3e:8b:16:75:9d:ea:17:5a:1e:a7:11:
         69:59:88:a5:97:dd:7e:89:aa:ca:bc:33:48:ec:7e:5e:cc:0a:
         1b:e7:3d:f6:19:d3:5b:9a:7b:ff:de:c3:24:b1:58:7b:5b:63:
         23:51:e9:63:df:b0:96:1b:a6:04:9c:a5:58:ba:d5:1e:68:e4:
         14:f8:3e:c4:22:1b:4c:d0:d1:c5:59:d6:4f:6f:c5:34:f2:1d:
         23:15:04:13:ec:9a:8d:51:0e:e8:a2:2d:fa:6a:75:49:ad:67:
         16:39:6a:7a:53:c5:ca:f3:de:fd:93:f5:6d:01:6b:3a:e5:f7:
         7a:55:cc:55:69:d8:6c:6d:3c:f4:71:2f:52:77:28:b0:41:bd:
         4b:e1:73:71
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICA5wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzdCMzkxMTAvBgNVBAUTKDkyMTc0MTg0NTlBOENBOTIyRTBENjZBM0NCQUE0MDY3
MjBDQjQ4OTAwHhcNMjUwNjEzMDAyMjMzWhcNMjUwNjIwMDAyMjMzWjAYMRYwFAYD
VQQDEw02ODRiNmY0OS05M2Y2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4xmhVR7FUCl081Fb5Z8GTx/QkKv1LEjQdpYxDURUdXADfZICfZxGAgMO63HT
CCbUQc24pjAcydeLeqo6yYtYgAWcAIn1xL3P8ohhfvlp7yq/u+DiOUILC4D1VeHJ
JSC9XXfBUYSX5nKzZtKgr9TmDufSJ/MyeoxBckOsIKm7vQh5rVIno4qpn8npmxoP
tHwKjMG/HUmwY8ecWz95e86CccWZkkZhl7kODB9ZxrJK2YrzdIFylocNu2NHz7xc
2A2z47GZQzALDzBm2CpRar7wcQTUx9uv/adYN9sbfCqf3JTIbCsyhQwFyAOx0qZJ
PwkDYZDMpUGk+Nza9iksl5dlxwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFH+/4NZW
zBv5wGVmxAQhHCSdEjz5MB8GA1UdIwQYMBaAFJIXQYRZqMqSLg1mo8uqQGcgy0iQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzN0IzOS9BNzU5OUQ3QUEw
MzUxMUVDODIyNTVEM0FDNEY5QUUwMi9raGRCaEZtb3lwSXVEV2FqeTZwQVp5RExT
SkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2toZEJoRm1veXBJdURXYWp5NnBBWnlETFNKQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
N0IzOS9BNzU5OUQ3QUEwMzUxMUVDODIyNTVEM0FDNEY5QUUwMi9raGRCaEZtb3lw
SXVEV2FqeTZwQVp5RExTSkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAcE07N5yKP5b22H/M6U83w+tmeiGa4nJSU25Asd5ddoJTGDlP73OhP
vaYUz29T/XNguJzqm3JPgsqB9liFRdD3PjWbBeBagWAOYkLiAe4OWEq2MUq7SFSC
BDMlKNQ3tByNUwEqJFFdzTlDUHHntmRZIWQrPosWdZ3qF1oepxFpWYill91+iarK
vDNI7H5ezAob5z32GdNbmnv/3sMksVh7W2MjUelj37CWG6YEnKVYutUeaOQU+D7E
IhtM0NHFWdZPb8U08h0jFQQT7JqNUQ7ooi36anVJrWcWOWp6U8XK8979k/VtAWs6
5fd6VcxVadhsbTz0cS9SdyiwQb1L4XNx
-----END CERTIFICATE-----
Generated at Fri Jun 13 10:08:23 2025 by rpki-client