Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9137B39/A7599D7AA03511EC82255D3AC4F9AE02/khdBhFmoypIuDWajy6pAZyDLSJA.mft
File:                     khdBhFmoypIuDWajy6pAZyDLSJA.mft (raw, json)
Hash identifier:          tLu/GUjYYY8644e+uk8nZmq/DbKDecCxryw4nTfkq8A=
Subject key identifier:   59:A1:A9:39:A9:00:69:BD:B3:ED:91:12:5D:E2:74:8F:E8:C7:D2:B7
Authority key identifier: 92:17:41:84:59:A8:CA:92:2E:0D:66:A3:CB:AA:40:67:20:CB:48:90
Certificate issuer:       /CN=A9137B39/serialNumber=9217418459A8CA922E0D66A3CBAA406720CB4890
Certificate serial:       039A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/khdBhFmoypIuDWajy6pAZyDLSJA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9137B39/A7599D7AA03511EC82255D3AC4F9AE02/khdBhFmoypIuDWajy6pAZyDLSJA.mft
Manifest number:          0395
Signing time:             Mon 09 Jun 2025 00:25:04 +0000
Manifest this update:     Mon 09 Jun 2025 00:25:03 +0000
Manifest next update:     Mon 16 Jun 2025 00:25:03 +0000
Files and hashes:         1: khdBhFmoypIuDWajy6pAZyDLSJA.crl (hash: ZugkKoXQylgn9+xln31xjCRqap9k+6svKGeR1yB096U=)
                          2: 44FBB466A03911EC9AD2F840C4F9AE02.roa (hash: u8Y2qHn4dP492v5Q3muwggQyuBR/yx2lsL2jNNDR8KY=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9137B39/A7599D7AA03511EC82255D3AC4F9AE02/khdBhFmoypIuDWajy6pAZyDLSJA.crl
                          rsync://rpki.apnic.net/member_repository/A9137B39/A7599D7AA03511EC82255D3AC4F9AE02/khdBhFmoypIuDWajy6pAZyDLSJA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/khdBhFmoypIuDWajy6pAZyDLSJA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 16 Jun 2025 00:25:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 922 (0x39a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9137B39, serialNumber=9217418459A8CA922E0D66A3CBAA406720CB4890
        Validity
            Not Before: Jun  9 00:25:03 2025 GMT
            Not After : Jun 16 00:25:03 2025 GMT
        Subject: CN=684629e0-3891
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:1e:24:95:28:59:5e:42:43:18:dc:e0:4d:70:
                    44:8a:d3:a7:51:c3:fe:91:0f:fc:97:f9:d8:b2:e2:
                    7a:ba:f7:02:9c:34:e5:fd:d6:12:19:ff:54:38:80:
                    88:24:19:c4:e7:e4:38:01:64:0e:05:04:3a:48:da:
                    a7:f3:81:5b:8b:60:2e:3c:4b:d6:03:e7:90:10:e4:
                    85:76:17:1f:b5:90:40:9c:d6:e6:bc:50:a4:92:af:
                    c4:59:c5:e9:af:9b:7e:19:d5:ac:0f:18:20:f6:39:
                    d6:53:29:d9:9d:f9:b6:75:5c:43:db:c4:5e:d8:1e:
                    9e:fd:f8:84:de:e4:ac:44:69:d9:38:15:05:a1:40:
                    69:1f:18:d1:6c:8a:68:54:46:af:c4:98:7d:58:87:
                    25:5f:39:b1:17:b2:d3:12:66:f1:42:c1:17:cf:5b:
                    c4:88:be:4a:b3:4c:d9:d3:6f:0e:2e:08:73:f2:b6:
                    3a:c0:3f:0a:2e:a3:43:0a:f8:21:04:c8:68:6b:96:
                    66:dd:00:f5:f1:56:75:73:89:61:a7:e5:6f:88:95:
                    6f:e9:f0:13:d0:b2:69:c6:4b:3a:38:ec:45:f5:2d:
                    e2:b8:4e:e5:d5:99:98:bf:81:3e:2e:2e:d3:a1:3a:
                    4d:06:ab:34:fc:e9:e8:7c:83:64:f4:6c:5d:0c:09:
                    38:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:A1:A9:39:A9:00:69:BD:B3:ED:91:12:5D:E2:74:8F:E8:C7:D2:B7
            X509v3 Authority Key Identifier:
                keyid:92:17:41:84:59:A8:CA:92:2E:0D:66:A3:CB:AA:40:67:20:CB:48:90

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9137B39/A7599D7AA03511EC82255D3AC4F9AE02/khdBhFmoypIuDWajy6pAZyDLSJA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/khdBhFmoypIuDWajy6pAZyDLSJA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9137B39/A7599D7AA03511EC82255D3AC4F9AE02/khdBhFmoypIuDWajy6pAZyDLSJA.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:e4:ce:39:1c:e1:a7:db:75:46:0d:3f:4a:6c:6c:28:7b:da:
         d6:cb:fe:31:bc:47:01:63:2a:c8:31:1a:89:22:6a:58:a4:01:
         2a:34:28:1d:09:25:48:99:ce:f2:eb:66:fc:9a:0e:0c:c3:7f:
         36:e4:cd:ea:5f:e6:40:90:4d:51:f1:76:4f:af:9c:2f:44:f0:
         d3:f3:f5:0a:9f:c5:73:a7:58:55:17:c5:90:6f:93:ab:43:6b:
         ed:97:5c:a1:10:2f:7e:85:40:d9:9c:ea:30:ca:b9:7e:e6:11:
         33:40:10:ec:9e:b0:6d:59:97:1f:ad:2f:10:6a:33:5b:e5:22:
         f1:d2:dc:f0:95:1f:26:6b:99:72:8c:7a:e2:ca:72:55:03:d0:
         4c:2f:16:61:64:6f:6d:fc:c6:6a:86:b3:60:2d:f0:69:fc:59:
         51:8d:d4:d5:42:38:2f:d5:a3:80:e4:82:47:8c:bf:6d:5b:d9:
         ef:ef:99:cd:a0:f0:eb:69:6e:01:c5:e0:c3:8b:61:31:1c:50:
         24:c5:16:5e:ee:5b:f5:af:35:d4:58:87:24:15:43:34:5a:4e:
         79:18:50:e0:5c:52:9d:a3:38:c8:fb:bb:b8:83:81:91:3f:d6:
         c8:23:1d:3b:e9:cb:80:94:5c:53:6d:29:5f:76:94:0a:63:f3:
         fe:1e:24:74
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICA5owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzdCMzkxMTAvBgNVBAUTKDkyMTc0MTg0NTlBOENBOTIyRTBENjZBM0NCQUE0MDY3
MjBDQjQ4OTAwHhcNMjUwNjA5MDAyNTAzWhcNMjUwNjE2MDAyNTAzWjAYMRYwFAYD
VQQDEw02ODQ2MjllMC0zODkxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvB4klShZXkJDGNzgTXBEitOnUcP+kQ/8l/nYsuJ6uvcCnDTl/dYSGf9UOICI
JBnE5+Q4AWQOBQQ6SNqn84Fbi2AuPEvWA+eQEOSFdhcftZBAnNbmvFCkkq/EWcXp
r5t+GdWsDxgg9jnWUynZnfm2dVxD28Re2B6e/fiE3uSsRGnZOBUFoUBpHxjRbIpo
VEavxJh9WIclXzmxF7LTEmbxQsEXz1vEiL5Ks0zZ028OLghz8rY6wD8KLqNDCvgh
BMhoa5Zm3QD18VZ1c4lhp+VviJVv6fAT0LJpxks6OOxF9S3iuE7l1ZmYv4E+Li7T
oTpNBqs0/OnofINk9GxdDAk4gwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFmhqTmp
AGm9s+2REl3idI/ox9K3MB8GA1UdIwQYMBaAFJIXQYRZqMqSLg1mo8uqQGcgy0iQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzN0IzOS9BNzU5OUQ3QUEw
MzUxMUVDODIyNTVEM0FDNEY5QUUwMi9raGRCaEZtb3lwSXVEV2FqeTZwQVp5RExT
SkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2toZEJoRm1veXBJdURXYWp5NnBBWnlETFNKQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
N0IzOS9BNzU5OUQ3QUEwMzUxMUVDODIyNTVEM0FDNEY5QUUwMi9raGRCaEZtb3lw
SXVEV2FqeTZwQVp5RExTSkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAY5M45HOGn23VGDT9KbGwoe9rWy/4xvEcBYyrIMRqJImpYpAEqNCgd
CSVImc7y62b8mg4Mw3825M3qX+ZAkE1R8XZPr5wvRPDT8/UKn8Vzp1hVF8WQb5Or
Q2vtl1yhEC9+hUDZnOowyrl+5hEzQBDsnrBtWZcfrS8QajNb5SLx0tzwlR8ma5ly
jHriynJVA9BMLxZhZG9t/MZqhrNgLfBp/FlRjdTVQjgv1aOA5IJHjL9tW9nv75nN
oPDraW4BxeDDi2ExHFAkxRZe7lv1rzXUWIckFUM0Wk55GFDgXFKdozjI+7u4g4GR
P9bIIx076cuAlFxTbSlfdpQKY/P+HiR0
-----END CERTIFICATE-----
Generated at Mon Jun 9 21:36:20 2025 by rpki-client