Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9143CB3/1516679E259D11E785D3250AC4F9AE02/PFRw6B-koZCHAh0K130zbOvipo0.mft
File:                     PFRw6B-koZCHAh0K130zbOvipo0.mft (raw, json)
Hash identifier:          mhpvRXcpEh0670EDpsqp6ntmmAhByF+3Svt7OxJTShU=
Subject key identifier:   6F:23:D6:C2:14:FE:1A:FA:D4:E4:BE:73:56:58:6A:04:79:77:4F:2D
Authority key identifier: 3C:54:70:E8:1F:A4:A1:90:87:02:1D:0A:D7:7D:33:6C:EB:E2:A6:8D
Certificate issuer:       /CN=A9143CB3/serialNumber=3C5470E81FA4A19087021D0AD77D336CEBE2A68D
Certificate serial:       1AE8
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PFRw6B-koZCHAh0K130zbOvipo0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9143CB3/1516679E259D11E785D3250AC4F9AE02/PFRw6B-koZCHAh0K130zbOvipo0.mft
Manifest number:          1AE5
Signing time:             Thu 12 Jun 2025 16:15:58 +0000
Manifest this update:     Thu 12 Jun 2025 16:15:58 +0000
Manifest next update:     Thu 19 Jun 2025 16:15:58 +0000
Files and hashes:         1: PFRw6B-koZCHAh0K130zbOvipo0.crl (hash: a7LLdFp3Ni4I7WY8qSrrnao3fnBqSo9mtdTklAg4CQ0=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9143CB3/1516679E259D11E785D3250AC4F9AE02/PFRw6B-koZCHAh0K130zbOvipo0.crl
                          rsync://rpki.apnic.net/member_repository/A9143CB3/1516679E259D11E785D3250AC4F9AE02/PFRw6B-koZCHAh0K130zbOvipo0.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PFRw6B-koZCHAh0K130zbOvipo0.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 19 Jun 2025 16:15:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6888 (0x1ae8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9143CB3, serialNumber=3C5470E81FA4A19087021D0AD77D336CEBE2A68D
        Validity
            Not Before: Jun 12 16:15:58 2025 GMT
            Not After : Jun 19 16:15:58 2025 GMT
        Subject: CN=684afd3e-c028
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:a2:03:d7:19:22:19:bd:3a:c1:16:b2:f9:48:
                    af:6c:63:1b:bf:bd:6c:33:1d:f9:92:90:48:68:e7:
                    35:06:ea:9c:6e:6d:d9:e7:de:03:26:30:e7:94:55:
                    9a:f7:ed:80:d1:a2:36:9b:2d:87:20:78:2e:f3:a7:
                    55:63:12:21:94:fd:0b:55:c7:7e:1d:52:75:20:fd:
                    39:ef:d6:d5:7f:20:f3:5c:b4:6d:bb:bb:fa:f0:98:
                    c5:ae:e0:9f:00:bb:b7:cd:6c:34:d1:d2:35:e8:d3:
                    e9:02:4f:a2:a6:42:2e:5b:0e:f9:1b:98:9d:7e:b2:
                    8d:8c:b3:06:02:a8:98:1c:57:76:9c:5f:58:19:9f:
                    00:5a:29:e4:4e:ac:6d:40:f0:39:cb:69:79:03:22:
                    54:b0:f2:cb:4b:60:8f:1d:dc:ea:58:94:93:62:ec:
                    65:17:b1:16:b7:3b:27:60:92:f5:dc:79:dc:b2:0b:
                    a7:fd:a1:ca:f0:f2:44:5d:c3:76:6e:a4:4f:33:93:
                    af:5b:12:b5:25:c2:5e:8b:10:11:c5:dd:04:eb:fb:
                    4f:5b:c6:49:67:61:c5:bb:a5:82:80:03:9a:96:f7:
                    b6:d3:0f:76:7e:ff:1e:be:d4:6f:43:6c:7e:68:ac:
                    46:df:a4:47:d4:e4:3b:ff:47:7d:09:87:2d:8c:f5:
                    a9:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:23:D6:C2:14:FE:1A:FA:D4:E4:BE:73:56:58:6A:04:79:77:4F:2D
            X509v3 Authority Key Identifier:
                keyid:3C:54:70:E8:1F:A4:A1:90:87:02:1D:0A:D7:7D:33:6C:EB:E2:A6:8D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1516679E259D11E785D3250AC4F9AE02/PFRw6B-koZCHAh0K130zbOvipo0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PFRw6B-koZCHAh0K130zbOvipo0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1516679E259D11E785D3250AC4F9AE02/PFRw6B-koZCHAh0K130zbOvipo0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         b5:9d:28:6d:3d:4d:94:ac:ea:cb:2b:f3:6f:38:fe:6f:a5:ff:
         65:5c:8a:07:d8:cf:73:f5:48:34:98:80:5c:85:b6:fe:61:82:
         e4:fa:c0:4d:bf:a5:46:f4:d0:e7:2c:2d:cc:c6:db:e4:e6:bd:
         e6:2e:d6:cb:87:84:c3:f3:8a:40:12:ce:fb:2d:1c:fb:b6:a4:
         92:cf:12:17:06:60:e5:8a:53:06:14:4a:c1:d0:ae:a1:5b:b3:
         f1:c8:74:b9:3d:d3:fd:61:65:f3:a1:14:78:86:8b:c5:ef:19:
         bd:0a:f0:f1:75:b3:61:26:f6:72:0d:92:34:6e:e4:6b:37:81:
         7a:3a:ab:12:1b:73:b6:2c:2c:bd:fb:b9:9c:b6:f7:96:0d:f1:
         2c:9c:0d:d6:2e:56:93:9a:4e:0c:de:bb:81:37:66:41:86:05:
         10:97:40:4a:b5:04:15:46:42:bf:c7:bf:fe:99:bb:9e:23:99:
         9a:c6:bc:89:74:e8:ed:36:7c:fa:40:c4:7c:95:04:59:fa:f1:
         67:37:f6:3a:6c:8b:32:6a:62:f6:43:9a:cc:5f:ec:ec:76:70:
         bf:42:c3:60:a9:9f:7e:96:62:b3:61:9b:44:b1:27:18:90:ed:
         c2:e3:81:9d:41:46:70:e4:dc:b7:6e:84:66:41:f1:dc:cd:fe:
         ac:cb:d0:08
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICGugwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDNDQjMxMTAvBgNVBAUTKDNDNTQ3MEU4MUZBNEExOTA4NzAyMUQwQUQ3N0QzMzZD
RUJFMkE2OEQwHhcNMjUwNjEyMTYxNTU4WhcNMjUwNjE5MTYxNTU4WjAYMRYwFAYD
VQQDEw02ODRhZmQzZS1jMDI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvKID1xkiGb06wRay+UivbGMbv71sMx35kpBIaOc1Buqcbm3Z594DJjDnlFWa
9+2A0aI2my2HIHgu86dVYxIhlP0LVcd+HVJ1IP0579bVfyDzXLRtu7v68JjFruCf
ALu3zWw00dI16NPpAk+ipkIuWw75G5idfrKNjLMGAqiYHFd2nF9YGZ8AWinkTqxt
QPA5y2l5AyJUsPLLS2CPHdzqWJSTYuxlF7EWtzsnYJL13Hncsgun/aHK8PJEXcN2
bqRPM5OvWxK1JcJeixARxd0E6/tPW8ZJZ2HFu6WCgAOalve20w92fv8evtRvQ2x+
aKxG36RH1OQ7/0d9CYctjPWpGwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFG8j1sIU
/hr61OS+c1ZYagR5d08tMB8GA1UdIwQYMBaAFDxUcOgfpKGQhwIdCtd9M2zr4qaN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0NCMy8xNTE2Njc5RTI1
OUQxMUU3ODVEMzI1MEFDNEY5QUUwMi9QRlJ3NkIta29aQ0hBaDBLMTMwemJPdmlw
bzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1BGUnc2Qi1rb1pDSEFoMEsxMzB6Yk92aXBvMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
M0NCMy8xNTE2Njc5RTI1OUQxMUU3ODVEMzI1MEFDNEY5QUUwMi9QRlJ3NkIta29a
Q0hBaDBLMTMwemJPdmlwbzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQC1nShtPU2UrOrLK/NvOP5vpf9lXIoH2M9z9Ug0mIBchbb+YYLk+sBN
v6VG9NDnLC3Mxtvk5r3mLtbLh4TD84pAEs77LRz7tqSSzxIXBmDlilMGFErB0K6h
W7PxyHS5PdP9YWXzoRR4hovF7xm9CvDxdbNhJvZyDZI0buRrN4F6OqsSG3O2LCy9
+7mctveWDfEsnA3WLlaTmk4M3ruBN2ZBhgUQl0BKtQQVRkK/x7/+mbueI5maxryJ
dOjtNnz6QMR8lQRZ+vFnN/Y6bIsyamL2Q5rMX+zsdnC/QsNgqZ9+lmKzYZtEsScY
kO3C44GdQUZw5Ny3boRmQfHczf6sy9AI
-----END CERTIFICATE-----
Generated at Fri Jun 13 06:43:45 2025 by rpki-client