Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9140EE2/EA01D55ADF7311E9ABEBD43BC4F9AE02/R1JQ5qBVR49Kwerx7TLVZyw80bM.mft
File:                     R1JQ5qBVR49Kwerx7TLVZyw80bM.mft (raw, json)
Hash identifier:          hRloYZC8LfkuI+Uj/AmMummITz2+mB12dw47SEaKUKk=
Subject key identifier:   94:5A:9D:1D:BB:EC:97:D0:38:A0:D5:55:51:7E:7A:EC:66:2A:44:F7
Authority key identifier: 47:52:50:E6:A0:55:47:8F:4A:C1:EA:F1:ED:32:D5:67:2C:3C:D1:B3
Certificate issuer:       /CN=A9140EE2/serialNumber=475250E6A055478F4AC1EAF1ED32D5672C3CD1B3
Certificate serial:       0D21
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R1JQ5qBVR49Kwerx7TLVZyw80bM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9140EE2/EA01D55ADF7311E9ABEBD43BC4F9AE02/R1JQ5qBVR49Kwerx7TLVZyw80bM.mft
Manifest number:          0D13
Signing time:             Tue 10 Jun 2025 18:00:17 +0000
Manifest this update:     Tue 10 Jun 2025 18:00:16 +0000
Manifest next update:     Tue 17 Jun 2025 18:00:16 +0000
Files and hashes:         1: R1JQ5qBVR49Kwerx7TLVZyw80bM.crl (hash: NTG8dPhkafDCX50TFGl2WP1XV5+mOfduaUJ8O3LqPGM=)
                          2: B523DAE68C9211EABC682867C4F9AE02.roa (hash: O1kd0Y8YHGAuQNE1wq4lO26tfNPiZv4mNi6pAigMPUU=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9140EE2/EA01D55ADF7311E9ABEBD43BC4F9AE02/R1JQ5qBVR49Kwerx7TLVZyw80bM.crl
                          rsync://rpki.apnic.net/member_repository/A9140EE2/EA01D55ADF7311E9ABEBD43BC4F9AE02/R1JQ5qBVR49Kwerx7TLVZyw80bM.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R1JQ5qBVR49Kwerx7TLVZyw80bM.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 17 Jun 2025 18:00:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3361 (0xd21)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9140EE2, serialNumber=475250E6A055478F4AC1EAF1ED32D5672C3CD1B3
        Validity
            Not Before: Jun 10 18:00:16 2025 GMT
            Not After : Jun 17 18:00:16 2025 GMT
        Subject: CN=684872b1-2617
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:22:ae:e1:c9:07:10:06:d4:9e:61:ec:3e:ec:
                    02:3a:3d:93:b0:4b:8c:27:4c:2d:68:2a:fe:4c:71:
                    e1:96:5a:b7:9f:95:f0:19:77:6a:36:8b:a9:d7:cf:
                    93:14:ea:b5:e2:97:24:30:e5:97:f0:ee:4e:c1:ff:
                    03:c4:e2:8a:0f:a6:ca:8f:2d:36:2e:9e:7a:90:2b:
                    9e:08:c0:32:21:c8:83:7f:03:42:41:31:a9:d4:b0:
                    fc:b6:14:48:ef:f8:16:d8:dc:f0:57:2d:77:28:92:
                    ea:2d:7f:84:96:5f:11:ad:37:0a:55:d5:0c:57:e8:
                    09:d1:1d:d0:52:1b:09:5f:3f:34:cd:ff:bb:46:03:
                    30:0d:0b:0d:10:50:5b:cc:98:9d:66:70:e0:b4:bb:
                    e6:14:2b:af:4a:40:fc:a7:2f:b7:03:e4:32:81:54:
                    95:86:3c:aa:c3:37:1b:bc:da:ef:b2:24:c6:78:fa:
                    68:bd:6b:b5:4d:32:f1:fc:a4:da:3d:9b:ae:7e:50:
                    9f:0c:17:de:4c:01:dd:11:20:9a:d0:15:6a:ad:ea:
                    a3:2a:6e:c8:d8:ae:9d:16:5b:2d:e3:ac:f7:a4:da:
                    d3:c1:e8:74:bd:be:58:0f:5b:70:a2:ca:e9:1e:44:
                    2d:e9:84:5b:01:6b:f0:d0:2f:56:57:ed:40:b1:e7:
                    f2:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:5A:9D:1D:BB:EC:97:D0:38:A0:D5:55:51:7E:7A:EC:66:2A:44:F7
            X509v3 Authority Key Identifier:
                keyid:47:52:50:E6:A0:55:47:8F:4A:C1:EA:F1:ED:32:D5:67:2C:3C:D1:B3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9140EE2/EA01D55ADF7311E9ABEBD43BC4F9AE02/R1JQ5qBVR49Kwerx7TLVZyw80bM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R1JQ5qBVR49Kwerx7TLVZyw80bM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9140EE2/EA01D55ADF7311E9ABEBD43BC4F9AE02/R1JQ5qBVR49Kwerx7TLVZyw80bM.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:9d:18:8c:fa:24:29:15:ae:ba:01:33:14:b4:62:d5:bf:85:
         7e:bf:3e:fc:c8:0c:84:16:82:1a:8d:b7:6b:0c:f6:3d:31:6f:
         3c:5b:4f:25:06:55:50:dc:f7:8e:51:cf:25:66:e6:5f:2e:4a:
         0b:32:60:6f:51:72:83:2c:85:c2:0b:f3:65:47:5b:e9:c6:d3:
         93:ce:ba:33:f8:76:3a:1a:5d:9f:6a:ac:8d:3d:df:cb:bb:c1:
         9b:6e:75:a4:58:74:3d:97:9b:98:cb:71:93:6c:f5:6a:86:ed:
         4e:d2:91:2e:c5:b9:7b:66:53:ba:5b:62:7d:d3:53:d1:99:6e:
         24:89:2c:27:14:80:40:e1:1f:72:77:f2:5c:76:22:c8:18:f0:
         4a:12:74:e8:a1:d7:6c:5a:03:00:81:e0:91:4e:9c:93:02:b6:
         2d:3e:dd:17:33:99:f9:b8:d7:12:cb:23:71:8b:80:95:84:e7:
         a8:c2:7c:12:dc:63:44:80:3f:35:6c:a2:2e:52:b5:ea:e4:91:
         ab:2c:6c:0c:08:85:24:df:15:bd:24:ae:75:a2:4b:b2:be:ec:
         af:4b:8b:37:58:f5:8b:26:d9:85:8e:75:c2:98:ab:14:50:23:
         32:d6:d2:37:96:91:7e:1d:42:6c:65:52:77:94:ca:05:72:2f:
         21:aa:6e:01
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICDSEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDBFRTIxMTAvBgNVBAUTKDQ3NTI1MEU2QTA1NTQ3OEY0QUMxRUFGMUVEMzJENTY3
MkMzQ0QxQjMwHhcNMjUwNjEwMTgwMDE2WhcNMjUwNjE3MTgwMDE2WjAYMRYwFAYD
VQQDEw02ODQ4NzJiMS0yNjE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyiKu4ckHEAbUnmHsPuwCOj2TsEuMJ0wtaCr+THHhllq3n5XwGXdqNoup18+T
FOq14pckMOWX8O5Owf8DxOKKD6bKjy02Lp56kCueCMAyIciDfwNCQTGp1LD8thRI
7/gW2NzwVy13KJLqLX+Ell8RrTcKVdUMV+gJ0R3QUhsJXz80zf+7RgMwDQsNEFBb
zJidZnDgtLvmFCuvSkD8py+3A+QygVSVhjyqwzcbvNrvsiTGePpovWu1TTLx/KTa
PZuuflCfDBfeTAHdESCa0BVqreqjKm7I2K6dFlst46z3pNrTweh0vb5YD1twosrp
HkQt6YRbAWvw0C9WV+1AsefyIwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJRanR27
7JfQOKDVVVF+euxmKkT3MB8GA1UdIwQYMBaAFEdSUOagVUePSsHq8e0y1WcsPNGz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MEVFMi9FQTAxRDU1QURG
NzMxMUU5QUJFQkQ0M0JDNEY5QUUwMi9SMUpRNXFCVlI0OUt3ZXJ4N1RMVlp5dzgw
Yk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1IxSlE1cUJWUjQ5S3dlcng3VExWWnl3ODBiTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
MEVFMi9FQTAxRDU1QURGNzMxMUU5QUJFQkQ0M0JDNEY5QUUwMi9SMUpRNXFCVlI0
OUt3ZXJ4N1RMVlp5dzgwYk0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQACnRiM+iQpFa66ATMUtGLVv4V+vz78yAyEFoIajbdrDPY9MW88W08l
BlVQ3PeOUc8lZuZfLkoLMmBvUXKDLIXCC/NlR1vpxtOTzroz+HY6Gl2faqyNPd/L
u8GbbnWkWHQ9l5uYy3GTbPVqhu1O0pEuxbl7ZlO6W2J901PRmW4kiSwnFIBA4R9y
d/JcdiLIGPBKEnTooddsWgMAgeCRTpyTArYtPt0XM5n5uNcSyyNxi4CVhOeownwS
3GNEgD81bKIuUrXq5JGrLGwMCIUk3xW9JK51okuyvuyvS4s3WPWLJtmFjnXCmKsU
UCMy1tI3lpF+HUJsZVJ3lMoFci8hqm4B
-----END CERTIFICATE-----
Generated at Wed Jun 11 20:39:42 2025 by rpki-client