Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9138447/4CEB3C3CB0FD11EA8A099242C4F9AE02/H2wzTrxkYqJkUoZ6u1-E72itwCw.mft
File:                     H2wzTrxkYqJkUoZ6u1-E72itwCw.mft (raw, json)
Hash identifier:          79ZLstqdAWpk15YsR8VcvHyT76uEBN4B67RcDuvLDPA=
Subject key identifier:   D0:FC:06:C9:1B:C9:20:1B:63:DB:6A:7A:DE:B3:E2:72:43:FA:17:85
Authority key identifier: 1F:6C:33:4E:BC:64:62:A2:64:52:86:7A:BB:5F:84:EF:68:AD:C0:2C
Certificate issuer:       /CN=A9138447/serialNumber=1F6C334EBC6462A26452867ABB5F84EF68ADC02C
Certificate serial:       08EE
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H2wzTrxkYqJkUoZ6u1-E72itwCw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9138447/4CEB3C3CB0FD11EA8A099242C4F9AE02/H2wzTrxkYqJkUoZ6u1-E72itwCw.mft
Manifest number:          08E0
Signing time:             Tue 10 Jun 2025 20:20:27 +0000
Manifest this update:     Tue 10 Jun 2025 20:20:27 +0000
Manifest next update:     Tue 17 Jun 2025 20:20:27 +0000
Files and hashes:         1: H2wzTrxkYqJkUoZ6u1-E72itwCw.crl (hash: 8jNu+KL0RTzRC3rYlynkSLqEUbv1mhZWe++L8lbY2vw=)
                          2: 6AD73A584A8811ED8D0B8B38C4F9AE02.roa (hash: fXl2igGJye4ZYwQR43jAvZ6b6h7qYdiNfyIYWYelBPs=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9138447/4CEB3C3CB0FD11EA8A099242C4F9AE02/H2wzTrxkYqJkUoZ6u1-E72itwCw.crl
                          rsync://rpki.apnic.net/member_repository/A9138447/4CEB3C3CB0FD11EA8A099242C4F9AE02/H2wzTrxkYqJkUoZ6u1-E72itwCw.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H2wzTrxkYqJkUoZ6u1-E72itwCw.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 17 Jun 2025 19:59:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2286 (0x8ee)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9138447, serialNumber=1F6C334EBC6462A26452867ABB5F84EF68ADC02C
        Validity
            Not Before: Jun 10 20:20:27 2025 GMT
            Not After : Jun 17 20:20:27 2025 GMT
        Subject: CN=6848938b-456b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:98:60:2b:4f:ea:2b:1f:e5:1b:b2:16:39:b0:
                    d4:29:9f:e6:5d:78:03:55:57:c3:be:1f:11:d1:3a:
                    61:1e:57:95:f8:81:b9:30:dc:22:a8:25:1b:96:63:
                    f3:17:2c:fd:ee:fd:a2:17:69:20:14:d0:ab:26:91:
                    ee:88:c0:b3:7c:8c:78:a3:c6:f8:8b:01:84:bd:31:
                    88:b9:df:3a:c2:d6:3b:31:99:69:51:6a:e2:67:5c:
                    ab:5c:3e:e5:6f:ab:69:57:51:0d:1b:c9:fa:df:ac:
                    65:7c:7b:a0:bc:df:83:f6:9b:69:0b:58:c8:be:4d:
                    68:75:93:f9:17:6b:49:2e:37:c3:b7:ef:a3:44:54:
                    06:ec:7d:55:ba:cf:ce:3f:ba:e9:9c:a0:80:54:14:
                    3c:c7:f3:b3:2a:d9:5e:4d:34:e9:29:1a:0d:c6:a1:
                    45:d1:63:c3:7a:79:e7:de:78:65:50:b8:01:c7:94:
                    a2:b7:18:56:5b:8b:53:90:dd:24:84:ec:3b:30:62:
                    d7:27:21:a2:70:4c:72:8e:d7:c9:41:97:5a:0b:3e:
                    19:53:c0:86:47:a9:25:bc:07:fd:e6:04:65:7d:e4:
                    d7:fa:79:ad:f2:8f:d1:1c:26:9d:b4:aa:d5:51:a9:
                    c0:32:d1:1d:63:19:be:d3:50:bd:8b:55:b7:a5:29:
                    16:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:FC:06:C9:1B:C9:20:1B:63:DB:6A:7A:DE:B3:E2:72:43:FA:17:85
            X509v3 Authority Key Identifier:
                keyid:1F:6C:33:4E:BC:64:62:A2:64:52:86:7A:BB:5F:84:EF:68:AD:C0:2C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9138447/4CEB3C3CB0FD11EA8A099242C4F9AE02/H2wzTrxkYqJkUoZ6u1-E72itwCw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H2wzTrxkYqJkUoZ6u1-E72itwCw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9138447/4CEB3C3CB0FD11EA8A099242C4F9AE02/H2wzTrxkYqJkUoZ6u1-E72itwCw.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:76:81:40:3a:43:f1:46:55:3e:3e:5e:cb:7b:59:f5:41:00:
         ad:52:22:28:15:28:6c:58:1b:c1:36:f8:7f:3a:d0:e6:ed:08:
         ca:74:3a:72:19:78:68:9b:0b:77:3d:6d:54:2c:ce:94:a0:16:
         e5:d1:7c:52:95:85:3d:83:80:c4:56:f3:8b:c2:d2:40:7d:79:
         a3:0b:55:56:94:a4:19:fa:8e:ae:22:b3:fa:51:10:b6:df:45:
         b7:80:95:bc:55:6a:27:3e:ca:8c:45:a5:4a:79:d1:3a:50:24:
         1f:d6:21:8d:08:ab:82:69:1e:06:eb:71:d6:71:9d:62:9e:33:
         b8:50:db:b0:a4:e3:d5:22:9b:14:ed:b7:1c:5c:05:2d:b5:79:
         0f:ee:9c:95:45:4b:f9:84:df:af:22:2e:ad:81:3a:74:84:01:
         b4:08:a3:02:d7:8c:06:88:49:9e:c6:19:e3:da:4e:77:7e:58:
         0d:77:a0:06:16:c9:46:f8:f3:98:95:bb:ca:4f:73:77:fb:8b:
         79:f9:0b:97:14:1c:80:56:a7:3f:97:da:1b:24:bf:91:00:88:
         15:54:a8:95:50:07:be:46:8d:42:ae:5c:d9:80:16:ee:c4:8c:
         81:dd:bd:7c:d1:9c:9d:79:54:ec:0d:52:66:8d:93:81:8e:26:
         68:f3:22:05
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCO4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mzg0NDcxMTAvBgNVBAUTKDFGNkMzMzRFQkM2NDYyQTI2NDUyODY3QUJCNUY4NEVG
NjhBREMwMkMwHhcNMjUwNjEwMjAyMDI3WhcNMjUwNjE3MjAyMDI3WjAYMRYwFAYD
VQQDEw02ODQ4OTM4Yi00NTZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqZhgK0/qKx/lG7IWObDUKZ/mXXgDVVfDvh8R0TphHleV+IG5MNwiqCUblmPz
Fyz97v2iF2kgFNCrJpHuiMCzfIx4o8b4iwGEvTGIud86wtY7MZlpUWriZ1yrXD7l
b6tpV1ENG8n636xlfHugvN+D9ptpC1jIvk1odZP5F2tJLjfDt++jRFQG7H1Vus/O
P7rpnKCAVBQ8x/OzKtleTTTpKRoNxqFF0WPDennn3nhlULgBx5SitxhWW4tTkN0k
hOw7MGLXJyGicExyjtfJQZdaCz4ZU8CGR6klvAf95gRlfeTX+nmt8o/RHCadtKrV
UanAMtEdYxm+01C9i1W3pSkW9QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFND8Bskb
ySAbY9tqet6z4nJD+heFMB8GA1UdIwQYMBaAFB9sM068ZGKiZFKGertfhO9orcAs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzODQ0Ny80Q0VCM0MzQ0Iw
RkQxMUVBOEEwOTkyNDJDNEY5QUUwMi9IMnd6VHJ4a1lxSmtVb1o2dTEtRTcyaXR3
Q3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0gyd3pUcnhrWXFKa1VvWjZ1MS1FNzJpdHdDdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
ODQ0Ny80Q0VCM0MzQ0IwRkQxMUVBOEEwOTkyNDJDNEY5QUUwMi9IMnd6VHJ4a1lx
SmtVb1o2dTEtRTcyaXR3Q3cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBMdoFAOkPxRlU+Pl7Le1n1QQCtUiIoFShsWBvBNvh/OtDm7QjKdDpy
GXhomwt3PW1ULM6UoBbl0XxSlYU9g4DEVvOLwtJAfXmjC1VWlKQZ+o6uIrP6URC2
30W3gJW8VWonPsqMRaVKedE6UCQf1iGNCKuCaR4G63HWcZ1injO4UNuwpOPVIpsU
7bccXAUttXkP7pyVRUv5hN+vIi6tgTp0hAG0CKMC14wGiEmexhnj2k53flgNd6AG
FslG+POYlbvKT3N3+4t5+QuXFByAVqc/l9obJL+RAIgVVKiVUAe+Ro1CrlzZgBbu
xIyB3b180ZydeVTsDVJmjZOBjiZo8yIF
-----END CERTIFICATE-----
Generated at Tue Jun 10 23:42:22 2025 by rpki-client