Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91534B8/9665997E094411ED8DD10971C4F9AE02/2iwTK47FBxr425BJG63bwPCntEU.mft
File:                     2iwTK47FBxr425BJG63bwPCntEU.mft (raw, json)
Hash identifier:          VbYOuhAOvC7AFaghPSBCa/flEXFNedbyiZi3cJhlpLQ=
Subject key identifier:   A8:D0:90:A6:B0:E3:85:87:68:DF:AF:E3:2F:FA:A7:BF:44:99:F1:02
Authority key identifier: DA:2C:13:2B:8E:C5:07:1A:F8:DB:90:49:1B:AD:DB:C0:F0:A7:B4:45
Certificate issuer:       /CN=A91534B8/serialNumber=DA2C132B8EC5071AF8DB90491BADDBC0F0A7B445
Certificate serial:       0290
Authority info access:    rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/2iwTK47FBxr425BJG63bwPCntEU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91534B8/9665997E094411ED8DD10971C4F9AE02/2iwTK47FBxr425BJG63bwPCntEU.mft
Manifest number:          0290
Signing time:             Fri 13 Jun 2025 01:08:09 +0000
Manifest this update:     Fri 13 Jun 2025 01:08:09 +0000
Manifest next update:     Fri 20 Jun 2025 01:08:09 +0000
Files and hashes:         1: 2iwTK47FBxr425BJG63bwPCntEU.crl (hash: jHl1+urMCkSAqe25v6kxrnbUYSHvNrm/XwgbmR4yhFA=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91534B8/9665997E094411ED8DD10971C4F9AE02/2iwTK47FBxr425BJG63bwPCntEU.crl
                          rsync://rpki.apnic.net/member_repository/A91534B8/9665997E094411ED8DD10971C4F9AE02/2iwTK47FBxr425BJG63bwPCntEU.mft
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/2iwTK47FBxr425BJG63bwPCntEU.cer
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 20 Jun 2025 01:08:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 656 (0x290)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91534B8, serialNumber=DA2C132B8EC5071AF8DB90491BADDBC0F0A7B445
        Validity
            Not Before: Jun 13 01:08:09 2025 GMT
            Not After : Jun 20 01:08:09 2025 GMT
        Subject: CN=684b79f9-a11b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:fc:fb:23:5e:de:ff:de:ab:f0:f2:00:7e:ac:
                    ab:37:8a:4c:87:e5:c1:cb:c9:a6:25:5f:e8:4a:d3:
                    c5:1d:b7:a0:89:6f:77:c7:ff:c9:e1:2c:c4:0c:82:
                    56:53:3e:f1:7d:f7:58:2b:c7:bd:28:8a:b8:f6:60:
                    4a:92:19:ed:c2:4e:73:3b:b4:ab:8b:f3:96:0c:fc:
                    b7:7b:df:84:f6:2b:3e:90:09:69:3b:16:74:d2:cf:
                    af:87:a0:84:64:88:fb:e7:78:bf:6d:88:ce:ad:f4:
                    82:37:3a:c6:82:b0:f0:89:89:33:a5:b2:e8:1c:e7:
                    5a:d7:de:27:48:aa:4f:5b:83:cc:47:24:f2:14:cf:
                    ba:52:7a:ac:d0:f1:70:f2:c3:c8:c0:a4:72:31:1b:
                    21:4c:b4:6e:9d:72:48:25:92:08:b0:4e:bf:28:95:
                    ec:de:76:a4:31:c5:5a:2c:cb:cd:fe:58:38:a0:c3:
                    d6:26:6e:36:f8:31:e8:07:43:32:4d:0e:51:d9:8f:
                    38:44:b1:6b:ae:be:37:41:28:95:a1:4e:46:de:06:
                    bc:fd:49:c0:71:45:43:48:76:0f:5c:f7:09:ea:8e:
                    d7:69:d9:3d:8a:f1:e2:10:51:23:4e:1f:cb:7e:50:
                    3e:f0:e5:57:ca:34:65:f3:74:bd:20:87:67:30:9d:
                    b6:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:D0:90:A6:B0:E3:85:87:68:DF:AF:E3:2F:FA:A7:BF:44:99:F1:02
            X509v3 Authority Key Identifier:
                keyid:DA:2C:13:2B:8E:C5:07:1A:F8:DB:90:49:1B:AD:DB:C0:F0:A7:B4:45

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91534B8/9665997E094411ED8DD10971C4F9AE02/2iwTK47FBxr425BJG63bwPCntEU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/2iwTK47FBxr425BJG63bwPCntEU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91534B8/9665997E094411ED8DD10971C4F9AE02/2iwTK47FBxr425BJG63bwPCntEU.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:0a:01:3f:df:76:58:78:01:cc:9d:ea:d5:e4:68:05:4d:aa:
         43:b6:47:5a:57:f9:3d:fc:12:12:71:6d:52:b6:47:b1:92:93:
         2d:f2:e7:fb:74:92:92:5d:2c:2c:2c:09:b8:2a:f9:af:25:5a:
         bb:0b:e2:62:1c:fd:e1:99:ed:d6:6f:5a:13:4c:ab:86:7b:a9:
         0b:88:1a:41:f2:35:fc:4c:a6:5f:c4:e8:dc:ca:e4:66:90:ef:
         8e:11:59:e0:05:08:11:08:db:22:be:a1:93:c7:7a:03:e1:00:
         9b:01:71:5d:fe:14:a1:56:b0:33:ab:82:34:31:71:0f:29:78:
         c5:c5:a4:36:0c:b9:49:58:55:31:ed:e8:a2:13:53:d8:ee:ea:
         06:74:3a:43:7a:34:35:aa:96:83:20:95:61:75:3e:fc:69:47:
         84:0d:06:8f:03:26:ae:ce:2c:a3:08:4a:34:c7:2e:8c:80:64:
         32:94:5d:56:be:89:32:77:4c:3d:2e:fd:62:2b:4e:b9:c2:87:
         3b:d8:03:d3:82:7f:74:7f:37:5c:a7:36:26:39:52:d9:ff:12:
         29:3d:33:d6:ec:ed:ec:d9:5a:dc:08:da:f6:c9:63:4e:a2:56:
         85:0a:81:ee:21:2a:fa:24:5d:e5:d3:2e:3c:23:6a:68:3a:3f:
         a1:2d:7d:3c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICApAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTM0QjgxMTAvBgNVBAUTKERBMkMxMzJCOEVDNTA3MUFGOERCOTA0OTFCQUREQkMw
RjBBN0I0NDUwHhcNMjUwNjEzMDEwODA5WhcNMjUwNjIwMDEwODA5WjAYMRYwFAYD
VQQDEw02ODRiNzlmOS1hMTFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtvz7I17e/96r8PIAfqyrN4pMh+XBy8mmJV/oStPFHbegiW93x//J4SzEDIJW
Uz7xffdYK8e9KIq49mBKkhntwk5zO7Sri/OWDPy3e9+E9is+kAlpOxZ00s+vh6CE
ZIj753i/bYjOrfSCNzrGgrDwiYkzpbLoHOda194nSKpPW4PMRyTyFM+6Unqs0PFw
8sPIwKRyMRshTLRunXJIJZIIsE6/KJXs3nakMcVaLMvN/lg4oMPWJm42+DHoB0My
TQ5R2Y84RLFrrr43QSiVoU5G3ga8/UnAcUVDSHYPXPcJ6o7Xadk9ivHiEFEjTh/L
flA+8OVXyjRl83S9IIdnMJ22aQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKjQkKaw
44WHaN+v4y/6p79EmfECMB8GA1UdIwQYMBaAFNosEyuOxQca+NuQSRut28Dwp7RF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MzRCOC85NjY1OTk3RTA5
NDQxMUVEOEREMTA5NzFDNEY5QUUwMi8yaXdUSzQ3RkJ4cjQyNUJKRzYzYndQQ250
RVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyLzJpd1RLNDdGQnhyNDI1QkpHNjNid1BDbnRFVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
MzRCOC85NjY1OTk3RTA5NDQxMUVEOEREMTA5NzFDNEY5QUUwMi8yaXdUSzQ3RkJ4
cjQyNUJKRzYzYndQQ250RVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQA8CgE/33ZYeAHMnerV5GgFTapDtkdaV/k9/BIScW1StkexkpMt8uf7
dJKSXSwsLAm4KvmvJVq7C+JiHP3hme3Wb1oTTKuGe6kLiBpB8jX8TKZfxOjcyuRm
kO+OEVngBQgRCNsivqGTx3oD4QCbAXFd/hShVrAzq4I0MXEPKXjFxaQ2DLlJWFUx
7eiiE1PY7uoGdDpDejQ1qpaDIJVhdT78aUeEDQaPAyauziyjCEo0xy6MgGQylF1W
vokyd0w9Lv1iK065woc72APTgn90fzdcpzYmOVLZ/xIpPTPW7O3s2VrcCNr2yWNO
olaFCoHuISr6JF3l0y48I2poOj+hLX08
-----END CERTIFICATE-----
Generated at Fri Jun 13 15:02:49 2025 by rpki-client