Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9149C2D/4D5A7880087311E79C839B09C4F9AE02/G9xHZ6bV6-C--lyhI1MI915IiRo.mft
File:                     G9xHZ6bV6-C--lyhI1MI915IiRo.mft (raw, json)
Hash identifier:          UHy5WnWNI8S6MwC094VjL/PFrcoLOSSPuwGHKsMaLMw=
Subject key identifier:   DD:60:9B:58:E6:3C:16:41:A8:19:2D:7E:80:48:CB:89:6F:A9:80:4D
Authority key identifier: 1B:DC:47:67:A6:D5:EB:E0:BE:FA:5C:A1:23:53:08:F7:5E:48:89:1A
Certificate issuer:       /CN=A9149C2D/serialNumber=1BDC4767A6D5EBE0BEFA5CA1235308F75E48891A
Certificate serial:       1B42
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/G9xHZ6bV6-C--lyhI1MI915IiRo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9149C2D/4D5A7880087311E79C839B09C4F9AE02/G9xHZ6bV6-C--lyhI1MI915IiRo.mft
Manifest number:          1B31
Signing time:             Fri 22 Nov 2024 16:17:32 +0000
Manifest this update:     Fri 22 Nov 2024 16:17:31 +0000
Manifest next update:     Fri 29 Nov 2024 16:17:31 +0000
Files and hashes:         1: G9xHZ6bV6-C--lyhI1MI915IiRo.crl (hash: VgLWDSNOTS4aWhq6b9yxwkN6rwq6oa45KIYQZV4bxss=)
                          2: A607F8965F4611EE80BD8D2DC4F9AE02.roa (hash: i9O1XjNiOxohoSOkwBSOCWg1fccYbraqqs7MGV2WXXs=)

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9149C2D/4D5A7880087311E79C839B09C4F9AE02/G9xHZ6bV6-C--lyhI1MI915IiRo.crl
                          rsync://rpki.apnic.net/member_repository/A9149C2D/4D5A7880087311E79C839B09C4F9AE02/G9xHZ6bV6-C--lyhI1MI915IiRo.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/G9xHZ6bV6-C--lyhI1MI915IiRo.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 16:17:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6978 (0x1b42)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9149C2D/serialNumber=1BDC4767A6D5EBE0BEFA5CA1235308F75E48891A
        Validity
            Not Before: Nov 22 16:17:31 2024 GMT
            Not After : Nov 29 16:17:31 2024 GMT
        Subject: CN=6740ae9b-2ac1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:6b:5d:d8:d4:80:7a:60:22:f8:c1:d8:20:18:
                    7c:8b:de:16:f6:a1:fc:5f:23:5f:52:60:b3:d3:db:
                    8c:3e:b3:76:6c:24:a3:cb:74:61:90:75:e9:1c:01:
                    73:b2:d0:00:3b:57:a2:cb:ab:e3:95:c0:5a:45:73:
                    b8:b9:3b:c6:c9:7e:2c:d3:28:bf:50:d9:8f:45:d4:
                    ed:ac:bc:a8:8f:ec:36:f0:94:cb:c0:cf:35:14:e1:
                    1a:23:7e:9f:9f:fe:d1:cc:fc:74:b1:84:52:2d:3a:
                    e0:2d:cf:7c:f5:61:55:e6:a7:f4:6c:d5:f7:80:ce:
                    4e:3b:59:d4:5e:9f:2f:22:4a:d3:78:b5:b2:6f:3c:
                    08:e5:29:90:39:69:6a:a5:d7:87:35:24:7d:1e:c6:
                    d3:05:b6:e3:18:64:83:6c:ba:96:9b:10:16:6c:d7:
                    f1:5b:18:f4:67:8e:65:e0:ab:3f:bd:c2:05:1a:ac:
                    b8:1b:64:d8:e3:d7:5c:b4:37:8c:af:18:56:ea:97:
                    91:c2:7a:37:e3:1c:b5:00:56:81:e2:4b:95:c3:18:
                    ee:0f:cd:a7:8f:9e:ea:29:9f:f5:87:f5:ee:55:21:
                    7a:8f:7f:f2:4a:f5:76:48:68:b9:ab:4a:ba:cc:f3:
                    56:46:fd:10:a3:ff:ab:bd:a6:2a:b3:6d:16:82:86:
                    60:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:60:9B:58:E6:3C:16:41:A8:19:2D:7E:80:48:CB:89:6F:A9:80:4D
            X509v3 Authority Key Identifier:
                keyid:1B:DC:47:67:A6:D5:EB:E0:BE:FA:5C:A1:23:53:08:F7:5E:48:89:1A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9149C2D/4D5A7880087311E79C839B09C4F9AE02/G9xHZ6bV6-C--lyhI1MI915IiRo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/G9xHZ6bV6-C--lyhI1MI915IiRo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9149C2D/4D5A7880087311E79C839B09C4F9AE02/G9xHZ6bV6-C--lyhI1MI915IiRo.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:48:36:9b:75:6e:4b:8b:a7:b0:2f:15:16:e5:bb:12:bf:d8:
         66:c9:56:c4:02:f8:db:3d:62:7d:a4:4d:da:b0:b0:e7:2d:23:
         69:9b:ef:98:c9:2a:18:1c:ab:01:c0:35:26:92:b2:0e:fc:ac:
         fd:ca:73:72:a7:f3:ab:06:0e:ae:f0:a4:4c:8c:ff:7f:c4:06:
         f8:9e:6c:d3:8a:3d:8e:f5:3a:28:6d:47:dc:d1:f2:ad:e8:ee:
         be:43:27:a2:d6:26:fa:c1:d6:c8:cb:7b:ad:08:04:3c:64:56:
         d2:2e:75:16:6e:0d:0a:87:14:82:c3:ae:cd:2e:13:1b:3f:cd:
         99:39:f8:16:81:da:08:b0:86:73:81:da:2f:c2:a4:7b:9d:d6:
         1c:82:fc:fb:14:34:ec:04:8f:fd:15:81:10:23:35:54:d8:90:
         96:f5:e0:19:c1:9e:4a:d2:1b:a2:3f:18:dd:7e:0a:18:3c:f2:
         27:de:84:45:a6:68:7e:9c:bf:47:9d:d2:09:92:30:6f:5b:ca:
         82:a5:01:6c:7b:25:06:c0:3b:03:46:14:9b:7d:87:d6:cd:7b:
         78:af:a7:e8:8c:84:0c:9f:3f:33:0b:a8:26:32:57:cf:f1:02:
         b1:c1:df:49:c6:0e:d4:e9:a6:9d:2b:04:d0:07:23:6e:35:43:
         e5:ba:22:e6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICG0IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDlDMkQxMTAvBgNVBAUTKDFCREM0NzY3QTZENUVCRTBCRUZBNUNBMTIzNTMwOEY3
NUU0ODg5MUEwHhcNMjQxMTIyMTYxNzMxWhcNMjQxMTI5MTYxNzMxWjAYMRYwFAYD
VQQDEw02NzQwYWU5Yi0yYWMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyWtd2NSAemAi+MHYIBh8i94W9qH8XyNfUmCz09uMPrN2bCSjy3RhkHXpHAFz
stAAO1eiy6vjlcBaRXO4uTvGyX4s0yi/UNmPRdTtrLyoj+w28JTLwM81FOEaI36f
n/7RzPx0sYRSLTrgLc989WFV5qf0bNX3gM5OO1nUXp8vIkrTeLWybzwI5SmQOWlq
pdeHNSR9HsbTBbbjGGSDbLqWmxAWbNfxWxj0Z45l4Ks/vcIFGqy4G2TY49dctDeM
rxhW6peRwno34xy1AFaB4kuVwxjuD82nj57qKZ/1h/XuVSF6j3/ySvV2SGi5q0q6
zPNWRv0Qo/+rvaYqs20WgoZg8wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFN1gm1jm
PBZBqBktfoBIy4lvqYBNMB8GA1UdIwQYMBaAFBvcR2em1evgvvpcoSNTCPdeSIka
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OUMyRC80RDVBNzg4MDA4
NzMxMUU3OUM4MzlCMDlDNEY5QUUwMi9HOXhIWjZiVjYtQy0tbHloSTFNSTkxNUlp
Um8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0c5eEhaNmJWNi1DLS1seWhJMU1JOTE1SWlSby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
OUMyRC80RDVBNzg4MDA4NzMxMUU3OUM4MzlCMDlDNEY5QUUwMi9HOXhIWjZiVjYt
Qy0tbHloSTFNSTkxNUlpUm8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBhSDabdW5Li6ewLxUW5bsSv9hmyVbEAvjbPWJ9pE3asLDnLSNpm++Y
ySoYHKsBwDUmkrIO/Kz9ynNyp/OrBg6u8KRMjP9/xAb4nmzTij2O9ToobUfc0fKt
6O6+Qyei1ib6wdbIy3utCAQ8ZFbSLnUWbg0KhxSCw67NLhMbP82ZOfgWgdoIsIZz
gdovwqR7ndYcgvz7FDTsBI/9FYEQIzVU2JCW9eAZwZ5K0huiPxjdfgoYPPIn3oRF
pmh+nL9HndIJkjBvW8qCpQFseyUGwDsDRhSbfYfWzXt4r6fojIQMnz8zC6gmMlfP
8QKxwd9Jxg7U6aadKwTQByNuNUPluiLm
-----END CERTIFICATE-----
Generated at Fri Nov 22 17:55:44 2024 by rpki-client on console-fra.rpki-client.org