Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9143CB3/1516679E259D11E785D3250AC4F9AE02/PFRw6B-koZCHAh0K130zbOvipo0.mft
File:                     PFRw6B-koZCHAh0K130zbOvipo0.mft (raw, json)
Hash identifier:          YYdJ7mMFY8g3bgJbKC/srdrs5YC94RJOMHmNPg9HCnw=
Subject key identifier:   A4:CF:21:32:22:A8:6F:57:48:18:0A:03:9B:33:AC:64:6C:89:F7:DB
Authority key identifier: 3C:54:70:E8:1F:A4:A1:90:87:02:1D:0A:D7:7D:33:6C:EB:E2:A6:8D
Certificate issuer:       /CN=A9143CB3/serialNumber=3C5470E81FA4A19087021D0AD77D336CEBE2A68D
Certificate serial:       1AE6
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PFRw6B-koZCHAh0K130zbOvipo0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9143CB3/1516679E259D11E785D3250AC4F9AE02/PFRw6B-koZCHAh0K130zbOvipo0.mft
Manifest number:          1AE3
Signing time:             Sun 08 Jun 2025 16:14:41 +0000
Manifest this update:     Sun 08 Jun 2025 16:14:40 +0000
Manifest next update:     Sun 15 Jun 2025 16:14:40 +0000
Files and hashes:         1: PFRw6B-koZCHAh0K130zbOvipo0.crl (hash: 9b6UWfCAxsnyy9L8hz6l/ayBgf8uhtlr7WutAWWuL8Y=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9143CB3/1516679E259D11E785D3250AC4F9AE02/PFRw6B-koZCHAh0K130zbOvipo0.crl
                          rsync://rpki.apnic.net/member_repository/A9143CB3/1516679E259D11E785D3250AC4F9AE02/PFRw6B-koZCHAh0K130zbOvipo0.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PFRw6B-koZCHAh0K130zbOvipo0.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 15 Jun 2025 16:14:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6886 (0x1ae6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9143CB3, serialNumber=3C5470E81FA4A19087021D0AD77D336CEBE2A68D
        Validity
            Not Before: Jun  8 16:14:40 2025 GMT
            Not After : Jun 15 16:14:40 2025 GMT
        Subject: CN=6845b6f1-80c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:ab:5c:29:3d:55:a2:f6:de:6f:49:6c:ab:35:
                    42:3c:b6:2c:23:88:c4:5a:32:42:56:36:d4:62:b0:
                    06:99:66:0a:2f:6b:2c:ff:d3:fd:86:e5:51:e7:80:
                    fc:4a:43:ef:bf:cd:12:cc:90:4e:2b:56:e5:3a:1a:
                    89:ce:de:52:50:32:59:fc:c0:49:76:93:33:57:f1:
                    66:da:00:f0:b4:67:f8:29:a5:8d:9a:7f:3e:27:59:
                    5a:61:df:f5:22:f6:b5:a1:8b:b7:e0:cb:75:53:27:
                    39:de:98:05:0c:7a:2b:e2:ad:55:79:05:fa:b0:18:
                    ce:cb:18:5b:1c:37:4a:b9:cb:1b:0c:18:30:92:ec:
                    b5:2e:3e:45:39:e5:66:fe:13:0c:0a:47:58:9b:eb:
                    1d:a4:38:08:0e:b0:d7:85:fd:6e:0a:3c:83:63:c9:
                    e4:13:4b:58:e1:05:87:89:40:24:44:10:61:cb:58:
                    7c:80:f2:3a:af:30:d7:89:80:22:6f:80:72:0f:b7:
                    ca:4d:49:d2:25:81:27:74:96:8d:47:5d:69:f0:a4:
                    e8:4d:81:38:3f:45:f2:22:a5:af:60:8c:64:a8:55:
                    a3:99:43:a8:34:00:2f:92:7a:a8:b7:c6:b0:db:a8:
                    41:e0:5d:f6:7c:7f:d2:70:3d:71:fd:27:39:b2:c3:
                    cb:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:CF:21:32:22:A8:6F:57:48:18:0A:03:9B:33:AC:64:6C:89:F7:DB
            X509v3 Authority Key Identifier:
                keyid:3C:54:70:E8:1F:A4:A1:90:87:02:1D:0A:D7:7D:33:6C:EB:E2:A6:8D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1516679E259D11E785D3250AC4F9AE02/PFRw6B-koZCHAh0K130zbOvipo0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PFRw6B-koZCHAh0K130zbOvipo0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1516679E259D11E785D3250AC4F9AE02/PFRw6B-koZCHAh0K130zbOvipo0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:33:d0:b6:ca:49:fd:c9:1d:63:bb:f1:11:f3:6e:f3:39:d3:
         18:e7:94:2d:e2:26:70:80:99:45:9b:15:19:ad:a3:b6:d6:a1:
         6d:3a:52:0f:ab:a1:74:ae:70:6a:05:29:02:78:c3:fa:3b:24:
         3e:b3:c4:a2:89:1b:05:23:36:71:71:77:3b:4e:16:25:db:d2:
         48:a6:9e:3f:6d:f1:d8:e0:6e:7f:6f:10:df:f3:43:5e:0d:09:
         ca:4c:1f:02:53:c7:73:be:7a:1a:79:1b:cc:aa:43:ca:61:bb:
         ec:ef:55:0e:a9:21:0b:fa:e7:c1:aa:34:1e:23:22:19:39:08:
         9a:31:c3:1d:db:2d:02:c6:5f:f6:67:67:17:fb:f3:7d:4e:0c:
         90:4b:4a:70:13:90:d5:f1:73:56:0c:8d:7d:ba:e7:1b:37:9b:
         fd:aa:b5:00:26:76:8d:c9:eb:ee:10:17:64:1e:c1:5f:e5:a9:
         26:62:d4:a8:c5:5d:9d:04:62:cb:2a:f8:10:b3:2c:5d:30:79:
         13:c0:00:9a:2f:70:88:37:4f:3c:2d:fe:47:aa:b8:bc:55:79:
         1f:ea:be:bd:46:2a:46:80:d4:89:d3:b2:0c:5c:b6:83:3b:9a:
         d0:ae:a5:d6:57:6e:c2:1f:7d:b1:f3:d2:8d:e3:83:20:9a:c3:
         85:a6:bb:68
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICGuYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDNDQjMxMTAvBgNVBAUTKDNDNTQ3MEU4MUZBNEExOTA4NzAyMUQwQUQ3N0QzMzZD
RUJFMkE2OEQwHhcNMjUwNjA4MTYxNDQwWhcNMjUwNjE1MTYxNDQwWjAYMRYwFAYD
VQQDEw02ODQ1YjZmMS04MGM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzatcKT1Vovbeb0lsqzVCPLYsI4jEWjJCVjbUYrAGmWYKL2ss/9P9huVR54D8
SkPvv80SzJBOK1blOhqJzt5SUDJZ/MBJdpMzV/Fm2gDwtGf4KaWNmn8+J1laYd/1
Iva1oYu34Mt1Uyc53pgFDHor4q1VeQX6sBjOyxhbHDdKucsbDBgwkuy1Lj5FOeVm
/hMMCkdYm+sdpDgIDrDXhf1uCjyDY8nkE0tY4QWHiUAkRBBhy1h8gPI6rzDXiYAi
b4ByD7fKTUnSJYEndJaNR11p8KToTYE4P0XyIqWvYIxkqFWjmUOoNAAvknqot8aw
26hB4F32fH/ScD1x/Sc5ssPL0QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKTPITIi
qG9XSBgKA5szrGRsiffbMB8GA1UdIwQYMBaAFDxUcOgfpKGQhwIdCtd9M2zr4qaN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0NCMy8xNTE2Njc5RTI1
OUQxMUU3ODVEMzI1MEFDNEY5QUUwMi9QRlJ3NkIta29aQ0hBaDBLMTMwemJPdmlw
bzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1BGUnc2Qi1rb1pDSEFoMEsxMzB6Yk92aXBvMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
M0NCMy8xNTE2Njc5RTI1OUQxMUU3ODVEMzI1MEFDNEY5QUUwMi9QRlJ3NkIta29a
Q0hBaDBLMTMwemJPdmlwbzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBzM9C2ykn9yR1ju/ER827zOdMY55Qt4iZwgJlFmxUZraO21qFtOlIP
q6F0rnBqBSkCeMP6OyQ+s8SiiRsFIzZxcXc7ThYl29JIpp4/bfHY4G5/bxDf80Ne
DQnKTB8CU8dzvnoaeRvMqkPKYbvs71UOqSEL+ufBqjQeIyIZOQiaMcMd2y0Cxl/2
Z2cX+/N9TgyQS0pwE5DV8XNWDI19uucbN5v9qrUAJnaNyevuEBdkHsFf5akmYtSo
xV2dBGLLKvgQsyxdMHkTwACaL3CIN088Lf5Hqri8VXkf6r69RipGgNSJ07IMXLaD
O5rQrqXWV27CH32x89KN44MgmsOFprto
-----END CERTIFICATE-----
Generated at Tue Jun 10 02:24:45 2025 by rpki-client