Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A914B29B/8A3E1D1A0F8211EF8266F05EC4F9AE02/xPfznmL0ydeMXhL9wVGuTjK8mkI.mft
File:                     xPfznmL0ydeMXhL9wVGuTjK8mkI.mft (raw, json)
Hash identifier:          tAuyUCiEJetuiBkwX1iIf2gpuUMvpSlZtYMRetCPh2A=
Subject key identifier:   7C:21:2D:CD:D8:20:1E:C5:91:08:27:25:02:04:4F:BE:C7:20:F7:F6
Authority key identifier: C4:F7:F3:9E:62:F4:C9:D7:8C:5E:12:FD:C1:51:AE:4E:32:BC:9A:42
Certificate issuer:       /CN=A914B29B/serialNumber=C4F7F39E62F4C9D78C5E12FDC151AE4E32BC9A42
Certificate serial:       70
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xPfznmL0ydeMXhL9wVGuTjK8mkI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A914B29B/8A3E1D1A0F8211EF8266F05EC4F9AE02/xPfznmL0ydeMXhL9wVGuTjK8mkI.mft
Manifest number:          6B
Signing time:             Thu 21 Nov 2024 05:04:06 +0000
Manifest this update:     Thu 21 Nov 2024 05:04:05 +0000
Manifest next update:     Thu 28 Nov 2024 05:04:05 +0000
Files and hashes:         1: xPfznmL0ydeMXhL9wVGuTjK8mkI.crl (hash: CnsVGldHFDCXGXtMbVh/AgLpifH7XUXQAAEUZp320YI=)
                          2: 127604E20F8B11EF87FC5918C4F9AE02.roa (hash: 5edOTZ9WpkItw4RWOBwB3WoAQbD4XzuXBzAkLSr3s8Q=)

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A914B29B/8A3E1D1A0F8211EF8266F05EC4F9AE02/xPfznmL0ydeMXhL9wVGuTjK8mkI.crl
                          rsync://rpki.apnic.net/member_repository/A914B29B/8A3E1D1A0F8211EF8266F05EC4F9AE02/xPfznmL0ydeMXhL9wVGuTjK8mkI.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xPfznmL0ydeMXhL9wVGuTjK8mkI.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 28 Nov 2024 05:04:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 112 (0x70)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A914B29B/serialNumber=C4F7F39E62F4C9D78C5E12FDC151AE4E32BC9A42
        Validity
            Not Before: Nov 21 05:04:05 2024 GMT
            Not After : Nov 28 05:04:05 2024 GMT
        Subject: CN=673ebf45-0bc8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:5e:56:04:2d:56:30:47:26:20:6d:00:e1:22:
                    b7:e5:35:90:ad:61:f8:af:79:24:0f:cf:7f:4d:48:
                    f0:e4:a7:0a:d7:fd:65:98:34:bb:8e:61:ed:c9:60:
                    2f:9a:3b:b4:67:21:34:85:3c:52:17:af:be:bb:31:
                    25:e3:d1:d2:10:ef:97:55:4b:71:16:bd:1c:bf:b3:
                    0a:2e:d6:07:5d:70:72:6a:bb:fc:19:77:ce:42:b7:
                    b1:4a:db:2c:ec:c3:c1:ab:df:b4:4d:37:78:67:fc:
                    ef:86:08:2d:21:8a:4c:9b:26:3f:9f:34:65:ec:2f:
                    62:df:69:89:81:df:15:a2:97:d8:ab:35:af:0f:0e:
                    63:92:c0:d4:3b:07:8c:fb:02:b9:9f:c0:16:f6:27:
                    d6:9b:10:42:5e:17:6f:91:2d:58:c0:65:5a:ac:40:
                    c6:26:0f:ef:1c:d1:08:64:32:1f:79:16:71:cf:6e:
                    36:f8:f4:f5:22:f4:8f:53:78:9e:d2:5c:22:54:9e:
                    ef:27:41:9b:f3:39:60:f5:6d:24:d5:bc:23:8a:eb:
                    94:a8:8d:8a:2d:1f:c4:0f:bd:4e:80:89:7a:60:cb:
                    c6:26:34:e4:bf:1a:9e:4b:f5:10:c7:2c:16:0b:9b:
                    29:da:aa:f6:4e:43:f2:ad:5b:c3:e1:d2:47:67:3d:
                    cd:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:21:2D:CD:D8:20:1E:C5:91:08:27:25:02:04:4F:BE:C7:20:F7:F6
            X509v3 Authority Key Identifier:
                keyid:C4:F7:F3:9E:62:F4:C9:D7:8C:5E:12:FD:C1:51:AE:4E:32:BC:9A:42

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A914B29B/8A3E1D1A0F8211EF8266F05EC4F9AE02/xPfznmL0ydeMXhL9wVGuTjK8mkI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xPfznmL0ydeMXhL9wVGuTjK8mkI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914B29B/8A3E1D1A0F8211EF8266F05EC4F9AE02/xPfznmL0ydeMXhL9wVGuTjK8mkI.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:7e:82:3d:79:a7:8a:01:ae:26:9d:3c:26:bb:4f:29:09:5d:
         da:1c:1d:11:e0:8d:b5:0a:40:19:dc:be:9e:0a:bb:e1:ea:0b:
         44:97:73:9f:38:dc:21:0a:6d:73:e7:22:38:0e:9f:af:6b:60:
         b1:53:b8:bd:6d:40:a8:78:96:de:d2:e5:71:9c:88:79:58:f0:
         fd:2f:7b:aa:d0:fa:d9:89:3e:04:eb:b6:9e:01:ae:b6:b2:c7:
         cd:ba:23:cf:1f:46:de:67:a7:e7:b5:bd:86:9b:5e:31:57:df:
         5b:fe:f4:2f:c1:68:e8:e0:7b:df:7e:37:e4:43:80:b2:2b:8e:
         f6:e6:84:79:6d:76:66:de:99:8b:4a:a1:ac:05:eb:cd:b1:4e:
         e7:95:12:ec:f5:f4:7b:33:f2:72:43:d9:4b:ca:77:1e:07:02:
         82:69:a4:8d:24:bb:24:b7:c1:e4:6d:04:00:fc:01:3e:bb:49:
         68:4f:f3:a8:de:1c:be:e4:71:23:da:3c:9e:6a:bc:b5:b2:3f:
         06:1e:5e:58:2c:a9:88:12:08:2b:89:8d:75:d5:35:c1:79:21:
         36:35:69:c2:74:f0:b0:fa:02:65:a1:3d:12:16:51:17:7c:2c:
         22:c3:11:83:00:3a:2b:5d:5e:53:18:cb:15:52:79:0d:bd:fd:
         e1:df:1f:24
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBcDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
QjI5QjExMC8GA1UEBRMoQzRGN0YzOUU2MkY0QzlENzhDNUUxMkZEQzE1MUFFNEUz
MkJDOUE0MjAeFw0yNDExMjEwNTA0MDVaFw0yNDExMjgwNTA0MDVaMBgxFjAUBgNV
BAMTDTY3M2ViZjQ1LTBiYzgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDMXlYELVYwRyYgbQDhIrflNZCtYfiveSQPz39NSPDkpwrX/WWYNLuOYe3JYC+a
O7RnITSFPFIXr767MSXj0dIQ75dVS3EWvRy/swou1gddcHJqu/wZd85Ct7FK2yzs
w8Gr37RNN3hn/O+GCC0hikybJj+fNGXsL2LfaYmB3xWil9irNa8PDmOSwNQ7B4z7
ArmfwBb2J9abEEJeF2+RLVjAZVqsQMYmD+8c0QhkMh95FnHPbjb49PUi9I9TeJ7S
XCJUnu8nQZvzOWD1bSTVvCOK65SojYotH8QPvU6AiXpgy8YmNOS/Gp5L9RDHLBYL
mynaqvZOQ/KtW8Ph0kdnPc1dAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUfCEtzdgg
HsWRCCclAgRPvscg9/YwHwYDVR0jBBgwFoAUxPfznmL0ydeMXhL9wVGuTjK8mkIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTRCMjlCLzhBM0UxRDFBMEY4
MjExRUY4MjY2RjA1RUM0RjlBRTAyL3hQZnpubUwweWRlTVhoTDl3Vkd1VGpLOG1r
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIveFBmem5tTDB5ZGVNWGhMOXdWR3VUaks4bWtJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL
hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTRC
MjlCLzhBM0UxRDFBMEY4MjExRUY4MjY2RjA1RUM0RjlBRTAyL3hQZnpubUwweWRl
TVhoTDl3Vkd1VGpLOG1rSS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h
cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA
MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL
BQADggEBAJZ+gj15p4oBriadPCa7TykJXdocHRHgjbUKQBncvp4Ku+HqC0SXc584
3CEKbXPnIjgOn69rYLFTuL1tQKh4lt7S5XGciHlY8P0ve6rQ+tmJPgTrtp4Brray
x826I88fRt5np+e1vYabXjFX31v+9C/BaOjge99+N+RDgLIrjvbmhHltdmbemYtK
oawF682xTueVEuz19Hsz8nJD2UvKdx4HAoJppI0kuyS3weRtBAD8AT67SWhP86je
HL7kcSPaPJ5qvLWyPwYeXlgsqYgSCCuJjXXVNcF5ITY1acJ08LD6AmWhPRIWURd8
LCLDEYMAOitdXlMYyxVSeQ29/eHfHyQ=
-----END CERTIFICATE-----
Generated at Thu Nov 21 07:40:02 2024 by rpki-client on console-ams.rpki-client.org