Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A913CAE9/08DA60C6F1B211E68E74A26CC4F9AE02/HVb-TaQriGb-lqKX93LugLUYpAo.mft
File:                     HVb-TaQriGb-lqKX93LugLUYpAo.mft (raw, json)
Hash identifier:          pQM1kKQZNyUH6UjnlWcnZj+ZtL4j/OkCB1GEeXmT9ic=
Subject key identifier:   0C:EF:BE:87:8F:C8:E6:30:E7:CC:77:C2:AC:AA:6E:15:F0:FF:0E:E2
Authority key identifier: 1D:56:FE:4D:A4:2B:88:66:FE:96:A2:97:F7:72:EE:80:B5:18:A4:0A
Certificate issuer:       /CN=A913CAE9/serialNumber=1D56FE4DA42B8866FE96A297F772EE80B518A40A
Certificate serial:       1B3C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HVb-TaQriGb-lqKX93LugLUYpAo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A913CAE9/08DA60C6F1B211E68E74A26CC4F9AE02/HVb-TaQriGb-lqKX93LugLUYpAo.mft
Manifest number:          1B19
Signing time:             Thu 28 Mar 2024 16:40:58 +0000
Manifest this update:     Thu 28 Mar 2024 16:40:57 +0000
Manifest next update:     Thu 04 Apr 2024 16:40:57 +0000
Files and hashes:         1: HVb-TaQriGb-lqKX93LugLUYpAo.crl (hash: SH274ZtvR4920elRmbbL7v/j+kV9nkkesHqnE70p104=)
                          2: 9B315A5E46A011E7B9BAF254C4F9AE02.roa (hash: DbkBrE3yf6eTRjLQ1Tf5NcGY0sop7MmBR+m/dNqdI6I=)
                          3: 9933B21049D411E7AA790315C4F9AE02.roa (hash: nBhLFz/G2rXndPzhgzBD31wJh18WPJGfGQXA7I+GCSc=)
                          4: 619B0B285AE611E781C33D7CC4F9AE02.roa (hash: PJZWl9/W8fabcDKxs3z+LpX5XSTRZXZ8e4Srjm/kLTc=)
                          5: 486F81CE4B4B11E79F2FF37BC4F9AE02.roa (hash: OjugscuwSxg6O+LjQabc766gtjQFnuR3xjR9F05JFcM=)

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A913CAE9/08DA60C6F1B211E68E74A26CC4F9AE02/HVb-TaQriGb-lqKX93LugLUYpAo.crl
                          rsync://rpki.apnic.net/member_repository/A913CAE9/08DA60C6F1B211E68E74A26CC4F9AE02/HVb-TaQriGb-lqKX93LugLUYpAo.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HVb-TaQriGb-lqKX93LugLUYpAo.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 16:40:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6972 (0x1b3c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A913CAE9/serialNumber=1D56FE4DA42B8866FE96A297F772EE80B518A40A
        Validity
            Not Before: Mar 28 16:40:57 2024 GMT
            Not After : Apr  4 16:40:57 2024 GMT
        Subject: CN=66059d99-7275
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:7c:63:ce:6d:2b:6a:88:e6:a9:25:5d:af:a7:
                    e6:97:00:b3:1f:bd:5e:6f:6b:77:85:3c:81:d3:b7:
                    87:59:b9:4c:d1:cd:c3:22:7f:2f:88:58:db:97:49:
                    9f:ab:57:f4:1b:2d:20:e1:b9:7e:d2:4e:3d:e2:71:
                    c3:a0:ce:e5:3a:cd:da:04:fe:7c:b5:eb:e9:de:fe:
                    88:93:05:3d:99:27:cd:1e:aa:ce:d6:25:bb:b1:8c:
                    bb:4e:c0:d6:58:4c:56:d1:b7:7f:55:eb:3c:f5:58:
                    32:a8:2c:4e:2e:28:51:1e:f3:02:93:b2:68:56:54:
                    fb:17:27:91:3f:29:e7:ab:07:36:a3:dd:f0:76:b3:
                    24:e4:a3:c5:46:44:11:9f:04:2d:91:50:17:4f:2a:
                    63:c4:7b:2a:f5:f0:56:18:8f:15:28:f2:59:bf:8f:
                    de:80:9c:a2:29:fc:71:ea:28:d6:0c:77:98:75:e2:
                    9f:c9:e7:2f:a0:c5:13:9e:df:b8:1d:29:00:c2:d7:
                    d1:43:26:b6:21:b1:7b:71:c0:0a:5b:25:a4:87:2c:
                    e7:d0:e2:14:86:e6:da:20:08:78:3a:7f:1d:30:5b:
                    ec:b9:ea:ca:7a:f4:3b:18:35:64:ab:68:79:b8:f5:
                    29:1c:fb:17:f2:56:8b:e2:ef:cf:53:c5:90:bf:47:
                    66:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:EF:BE:87:8F:C8:E6:30:E7:CC:77:C2:AC:AA:6E:15:F0:FF:0E:E2
            X509v3 Authority Key Identifier:
                keyid:1D:56:FE:4D:A4:2B:88:66:FE:96:A2:97:F7:72:EE:80:B5:18:A4:0A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A913CAE9/08DA60C6F1B211E68E74A26CC4F9AE02/HVb-TaQriGb-lqKX93LugLUYpAo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HVb-TaQriGb-lqKX93LugLUYpAo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913CAE9/08DA60C6F1B211E68E74A26CC4F9AE02/HVb-TaQriGb-lqKX93LugLUYpAo.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:93:c0:31:88:3d:57:2a:ab:db:63:6f:c9:f7:d8:d5:09:20:
         65:c7:fd:a3:62:06:22:af:76:15:23:cb:5d:40:72:3b:df:9b:
         14:e5:f3:31:db:40:ff:5b:ad:28:c8:28:42:2e:29:cf:a3:f9:
         79:2f:79:c4:1b:a0:de:7f:df:60:1b:40:50:a4:ee:40:c0:dd:
         4b:c3:e2:23:f3:cd:bd:8b:e7:65:86:f0:5a:d0:d8:18:0d:b6:
         74:63:2b:21:98:aa:b1:cd:fd:f1:35:5a:2a:a4:e5:1f:7d:6e:
         ce:fb:35:2d:6e:7c:1f:d8:26:be:3c:57:22:4f:a9:e4:92:bc:
         e9:e5:ad:14:4f:e9:23:d2:3b:2a:de:66:f2:4a:1e:1f:1f:d2:
         f2:b0:92:5e:fa:d7:a8:c3:da:04:32:ba:27:3a:fa:fd:85:89:
         82:57:b0:af:d0:b6:4d:96:20:40:72:33:f2:09:04:61:1f:2f:
         fb:b8:c2:96:0c:f4:e6:36:62:00:7c:6b:c7:89:0b:5e:16:89:
         f1:1e:ca:e4:d3:34:cd:51:48:15:c0:8e:78:58:48:89:77:b7:
         d3:c9:4d:b2:76:f0:fc:fa:7a:35:bb:96:bf:a1:eb:a1:85:47:
         fe:4f:78:8e:0b:be:b1:77:ba:0b:96:84:28:cd:63:b8:1a:42:
         86:20:ed:77
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICGzwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0NBRTkxMTAvBgNVBAUTKDFENTZGRTREQTQyQjg4NjZGRTk2QTI5N0Y3NzJFRTgw
QjUxOEE0MEEwHhcNMjQwMzI4MTY0MDU3WhcNMjQwNDA0MTY0MDU3WjAYMRYwFAYD
VQQDEw02NjA1OWQ5OS03Mjc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy3xjzm0raojmqSVdr6fmlwCzH71eb2t3hTyB07eHWblM0c3DIn8viFjbl0mf
q1f0Gy0g4bl+0k494nHDoM7lOs3aBP58tevp3v6IkwU9mSfNHqrO1iW7sYy7TsDW
WExW0bd/Ves89VgyqCxOLihRHvMCk7JoVlT7FyeRPynnqwc2o93wdrMk5KPFRkQR
nwQtkVAXTypjxHsq9fBWGI8VKPJZv4/egJyiKfxx6ijWDHeYdeKfyecvoMUTnt+4
HSkAwtfRQya2IbF7ccAKWyWkhyzn0OIUhubaIAh4On8dMFvsuerKevQ7GDVkq2h5
uPUpHPsX8laL4u/PU8WQv0dmfQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAzvvoeP
yOYw58x3wqyqbhXw/w7iMB8GA1UdIwQYMBaAFB1W/k2kK4hm/pail/dy7oC1GKQK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQ0FFOS8wOERBNjBDNkYx
QjIxMUU2OEU3NEEyNkNDNEY5QUUwMi9IVmItVGFRcmlHYi1scUtYOTNMdWdMVVlw
QW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0hWYi1UYVFyaUdiLWxxS1g5M0x1Z0xVWXBBby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
Q0FFOS8wOERBNjBDNkYxQjIxMUU2OEU3NEEyNkNDNEY5QUUwMi9IVmItVGFRcmlH
Yi1scUtYOTNMdWdMVVlwQW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAyk8AxiD1XKqvbY2/J99jVCSBlx/2jYgYir3YVI8tdQHI735sU5fMx
20D/W60oyChCLinPo/l5L3nEG6Def99gG0BQpO5AwN1Lw+Ij8829i+dlhvBa0NgY
DbZ0YyshmKqxzf3xNVoqpOUffW7O+zUtbnwf2Ca+PFciT6nkkrzp5a0UT+kj0jsq
3mbySh4fH9LysJJe+teow9oEMronOvr9hYmCV7Cv0LZNliBAcjPyCQRhHy/7uMKW
DPTmNmIAfGvHiQteFonxHsrk0zTNUUgVwI54WEiJd7fTyU2ydvD8+no1u5a/oeuh
hUf+T3iOC76xd7oLloQozWO4GkKGIO13
-----END CERTIFICATE-----
Generated at Thu Mar 28 18:54:03 2024 by rpki-client on console-ams.rpki-client.org