Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A914247C/8A1C4616430A11EA858CDC76C4F9AE02/1aAlBjTfwD3Jz8q6l5UYD_BRWPw.mft
File:                     1aAlBjTfwD3Jz8q6l5UYD_BRWPw.mft (raw, json)
Hash identifier:          3hVYdAuEzUgON3DzYyBw5mRRePwuv/7hoWNIE8bD7zE=
Subject key identifier:   FB:67:F4:93:0E:A6:1A:12:E1:20:FE:C9:D4:78:5D:8C:4C:C7:D3:9C
Authority key identifier: D5:A0:25:06:34:DF:C0:3D:C9:CF:CA:BA:97:95:18:0F:F0:51:58:FC
Certificate issuer:       /CN=A914247C/serialNumber=D5A0250634DFC03DC9CFCABA9795180FF05158FC
Certificate serial:       0B34
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1aAlBjTfwD3Jz8q6l5UYD_BRWPw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A914247C/8A1C4616430A11EA858CDC76C4F9AE02/1aAlBjTfwD3Jz8q6l5UYD_BRWPw.mft
Manifest number:          0B27
Signing time:             Sun 20 Jul 2025 19:22:17 +0000
Manifest this update:     Sun 20 Jul 2025 19:22:16 +0000
Manifest next update:     Sun 27 Jul 2025 19:22:16 +0000
Files and hashes:         1: 1aAlBjTfwD3Jz8q6l5UYD_BRWPw.crl (hash: MaPGFaSFtT9aSOCe9oxe07hZ5EZv0qD232rriy1YXc8=)
                          2: 9156042083EB11ECB7EC3B76C4F9AE02.roa (hash: dPrx3cF0sDj9FTl2qCoRHJgtgGOLW5ACbJ0tx2wVxmU=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A914247C/8A1C4616430A11EA858CDC76C4F9AE02/1aAlBjTfwD3Jz8q6l5UYD_BRWPw.crl
                          rsync://rpki.apnic.net/member_repository/A914247C/8A1C4616430A11EA858CDC76C4F9AE02/1aAlBjTfwD3Jz8q6l5UYD_BRWPw.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1aAlBjTfwD3Jz8q6l5UYD_BRWPw.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 27 Jul 2025 19:22:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2868 (0xb34)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A914247C, serialNumber=D5A0250634DFC03DC9CFCABA9795180FF05158FC
        Validity
            Not Before: Jul 20 19:22:16 2025 GMT
            Not After : Jul 27 19:22:16 2025 GMT
        Subject: CN=687d41e9-e685
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:6d:6a:67:e3:39:47:ee:78:fc:e6:b4:05:f1:
                    4e:92:61:1e:7a:35:a6:43:cf:7d:c1:50:73:ae:cb:
                    dc:c0:30:e4:39:22:1e:89:0c:7d:d5:53:53:1d:1b:
                    e3:88:c7:52:f6:5f:35:ea:ea:c1:e1:d6:e8:e4:4e:
                    5f:6a:83:82:c9:bc:17:47:f0:06:2f:46:83:1d:d6:
                    ea:7b:60:4d:63:56:d2:83:76:85:b6:f1:f8:7f:9f:
                    71:bf:67:0e:1e:63:87:9e:64:77:de:23:e8:d9:d9:
                    f2:d8:ca:8b:d6:b1:c2:dd:6a:35:1d:05:a8:c7:de:
                    c2:4b:97:43:3e:39:09:20:b4:0e:c8:f3:4c:0d:05:
                    25:55:09:e0:6e:b2:a7:ff:81:b3:9f:a4:59:f8:f0:
                    cb:7f:0d:b0:b8:52:a4:b7:e2:5f:4e:8a:19:58:73:
                    77:c1:8e:68:ee:41:e3:d0:68:0d:be:f3:7a:c2:b5:
                    02:98:22:e1:75:03:e2:0b:fe:6a:32:9d:ec:95:60:
                    22:65:c4:1e:bc:bb:83:81:9e:4d:65:8a:9d:d5:9e:
                    b4:d9:a0:8c:de:87:67:3a:3d:51:8f:85:78:30:58:
                    94:2e:ae:c5:d7:49:d9:2b:a6:f9:15:84:5e:d5:71:
                    bb:f8:ec:0b:77:ab:92:36:ca:00:9a:73:10:22:22:
                    6a:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:67:F4:93:0E:A6:1A:12:E1:20:FE:C9:D4:78:5D:8C:4C:C7:D3:9C
            X509v3 Authority Key Identifier:
                keyid:D5:A0:25:06:34:DF:C0:3D:C9:CF:CA:BA:97:95:18:0F:F0:51:58:FC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A914247C/8A1C4616430A11EA858CDC76C4F9AE02/1aAlBjTfwD3Jz8q6l5UYD_BRWPw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1aAlBjTfwD3Jz8q6l5UYD_BRWPw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914247C/8A1C4616430A11EA858CDC76C4F9AE02/1aAlBjTfwD3Jz8q6l5UYD_BRWPw.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:d3:79:a7:05:56:97:cb:3e:ff:45:28:1e:64:0e:38:42:de:
         b0:de:79:6d:64:61:79:99:b1:ff:74:62:b7:b6:26:00:9c:1a:
         58:91:93:0a:32:48:3c:d8:df:f4:3b:d3:d7:d6:4e:2a:e3:39:
         95:91:ea:7f:ca:4a:16:66:42:ae:59:30:18:7d:7f:fd:4d:47:
         d3:ef:b1:43:df:09:fd:4c:8f:51:7a:ac:52:aa:8d:4a:d1:35:
         71:f0:4e:67:82:2e:dd:33:50:03:18:8a:90:f6:fd:c3:9d:3a:
         7e:0f:fd:24:d4:78:7f:92:be:77:7c:51:b9:71:c7:6e:d6:5c:
         50:07:d8:85:f7:40:42:21:93:bf:30:59:0f:18:4d:ed:b5:66:
         b1:cf:41:ee:00:c4:4f:9e:e8:b6:45:30:ae:f6:a5:b1:8d:c5:
         0b:d5:91:b0:68:7f:92:17:cf:40:28:6b:6e:70:a2:1c:71:56:
         5a:07:24:8a:79:ab:f9:1a:96:3a:af:51:ca:07:94:16:57:30:
         5d:ef:d4:de:04:03:ec:1e:6f:96:ae:ad:49:8d:1f:58:3b:a1:
         06:c8:95:3d:64:5d:19:7b:7c:5c:a0:59:e2:42:84:73:27:5d:
         01:a5:f9:87:ad:72:df:78:84:7b:84:de:59:11:4b:39:0a:eb:
         60:1c:00:f6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCzQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDI0N0MxMTAvBgNVBAUTKEQ1QTAyNTA2MzRERkMwM0RDOUNGQ0FCQTk3OTUxODBG
RjA1MTU4RkMwHhcNMjUwNzIwMTkyMjE2WhcNMjUwNzI3MTkyMjE2WjAYMRYwFAYD
VQQDEw02ODdkNDFlOS1lNjg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtm1qZ+M5R+54/Oa0BfFOkmEeejWmQ899wVBzrsvcwDDkOSIeiQx91VNTHRvj
iMdS9l816urB4dbo5E5faoOCybwXR/AGL0aDHdbqe2BNY1bSg3aFtvH4f59xv2cO
HmOHnmR33iPo2dny2MqL1rHC3Wo1HQWox97CS5dDPjkJILQOyPNMDQUlVQngbrKn
/4Gzn6RZ+PDLfw2wuFKkt+JfTooZWHN3wY5o7kHj0GgNvvN6wrUCmCLhdQPiC/5q
Mp3slWAiZcQevLuDgZ5NZYqd1Z602aCM3odnOj1Rj4V4MFiULq7F10nZK6b5FYRe
1XG7+OwLd6uSNsoAmnMQIiJqmwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPtn9JMO
phoS4SD+ydR4XYxMx9OcMB8GA1UdIwQYMBaAFNWgJQY038A9yc/KupeVGA/wUVj8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MjQ3Qy84QTFDNDYxNjQz
MEExMUVBODU4Q0RDNzZDNEY5QUUwMi8xYUFsQmpUZndEM0p6OHE2bDVVWURfQlJX
UHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLzFhQWxCalRmd0QzSno4cTZsNVVZRF9CUldQdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
MjQ3Qy84QTFDNDYxNjQzMEExMUVBODU4Q0RDNzZDNEY5QUUwMi8xYUFsQmpUZndE
M0p6OHE2bDVVWURfQlJXUHcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCs03mnBVaXyz7/RSgeZA44Qt6w3nltZGF5mbH/dGK3tiYAnBpYkZMK
Mkg82N/0O9PX1k4q4zmVkep/ykoWZkKuWTAYfX/9TUfT77FD3wn9TI9ReqxSqo1K
0TVx8E5ngi7dM1ADGIqQ9v3DnTp+D/0k1Hh/kr53fFG5ccdu1lxQB9iF90BCIZO/
MFkPGE3ttWaxz0HuAMRPnui2RTCu9qWxjcUL1ZGwaH+SF89AKGtucKIccVZaBySK
eav5GpY6r1HKB5QWVzBd79TeBAPsHm+Wrq1JjR9YO6EGyJU9ZF0Ze3xcoFniQoRz
J10BpfmHrXLfeIR7hN5ZEUs5CutgHAD2
-----END CERTIFICATE-----
Generated at Mon Jul 21 07:48:29 2025 by rpki-client