Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9158568/3618AB6E72A311EE94557211C4F9AE02/lDrZvGF3q4wvjoExwUpUZexClU8.mft
File:                     lDrZvGF3q4wvjoExwUpUZexClU8.mft (raw, json)
Hash identifier:          blWupgBBjauXh8Yn8p/uWcqcpdMo8r0fWdA1vWxc2JY=
Subject key identifier:   4F:53:23:5D:DF:0C:B4:69:68:D2:C3:81:D8:0A:9C:4B:29:9F:CE:4B
Authority key identifier: 94:3A:D9:BC:61:77:AB:8C:2F:8E:81:31:C1:4A:54:65:EC:42:95:4F
Certificate issuer:       /CN=A9158568/serialNumber=943AD9BC6177AB8C2F8E8131C14A5465EC42954F
Certificate serial:       D1
Authority info access:    rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/lDrZvGF3q4wvjoExwUpUZexClU8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9158568/3618AB6E72A311EE94557211C4F9AE02/lDrZvGF3q4wvjoExwUpUZexClU8.mft
Manifest number:          CE
Signing time:             Wed 20 Nov 2024 18:45:11 +0000
Manifest this update:     Wed 20 Nov 2024 18:45:10 +0000
Manifest next update:     Wed 27 Nov 2024 18:45:10 +0000
Files and hashes:         1: lDrZvGF3q4wvjoExwUpUZexClU8.crl (hash: RXraI/MCFdx5Yu3OCaieah//psZIQgc9DyZcr8X+OJ8=)
                          2: 203DB338782111EEAFDDBD86C4F9AE02.roa (hash: bl0GHKiC7T7tXaNRCpxkPx+K/rr5owVX0QnJL/3VOow=)

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9158568/3618AB6E72A311EE94557211C4F9AE02/lDrZvGF3q4wvjoExwUpUZexClU8.crl
                          rsync://rpki.apnic.net/member_repository/A9158568/3618AB6E72A311EE94557211C4F9AE02/lDrZvGF3q4wvjoExwUpUZexClU8.mft
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/lDrZvGF3q4wvjoExwUpUZexClU8.cer
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 27 Nov 2024 18:45:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 209 (0xd1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9158568/serialNumber=943AD9BC6177AB8C2F8E8131C14A5465EC42954F
        Validity
            Not Before: Nov 20 18:45:10 2024 GMT
            Not After : Nov 27 18:45:10 2024 GMT
        Subject: CN=673e2e36-53f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:e1:25:f9:7a:90:bd:dd:db:9c:80:ee:51:49:
                    43:ba:5b:f9:d5:a2:c2:39:5a:4c:fe:24:3b:0c:cd:
                    d0:80:e6:54:52:08:94:8b:99:c3:94:bc:0a:97:3d:
                    ba:4f:be:71:c4:5a:35:2f:d1:2d:0d:44:0c:ca:f3:
                    73:30:d0:43:a3:65:9a:8a:b7:43:a1:3c:f4:fe:08:
                    8c:c4:60:f2:3d:09:de:d3:36:3c:11:d6:47:4f:a4:
                    f6:4b:e5:0e:88:95:53:2d:09:af:5c:39:4e:95:42:
                    1e:ad:84:f3:ab:7f:83:27:ed:ef:9d:9f:01:8d:1e:
                    2a:ed:ea:3c:58:28:46:ba:61:8e:fc:82:b5:1f:98:
                    ea:85:2d:e1:15:04:a4:8b:ea:58:b4:3a:4c:d5:c9:
                    67:dd:ac:35:0e:99:53:40:37:6f:67:16:e4:7f:e5:
                    76:85:6d:57:6e:74:b8:85:4d:0c:c9:dc:41:54:94:
                    bd:28:b9:b2:19:9f:c6:eb:b2:2d:dd:b0:ef:d5:32:
                    3d:4f:35:66:3f:d7:36:80:a2:07:42:fb:42:64:b4:
                    4a:ec:ac:cd:b2:53:7a:99:3e:e5:c9:5f:ec:23:4a:
                    79:8e:d0:c0:c5:e1:eb:7b:52:39:ce:f8:41:1f:22:
                    22:e5:0a:91:e5:12:3b:1d:0b:c4:7c:76:26:14:43:
                    2d:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:53:23:5D:DF:0C:B4:69:68:D2:C3:81:D8:0A:9C:4B:29:9F:CE:4B
            X509v3 Authority Key Identifier:
                keyid:94:3A:D9:BC:61:77:AB:8C:2F:8E:81:31:C1:4A:54:65:EC:42:95:4F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9158568/3618AB6E72A311EE94557211C4F9AE02/lDrZvGF3q4wvjoExwUpUZexClU8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/lDrZvGF3q4wvjoExwUpUZexClU8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158568/3618AB6E72A311EE94557211C4F9AE02/lDrZvGF3q4wvjoExwUpUZexClU8.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:27:fd:7d:35:e1:8b:ef:e3:4e:60:36:63:1e:7a:f3:6d:0c:
         1e:47:2a:b4:f2:c3:6b:ba:bb:ce:ac:a5:fc:48:5b:16:ac:5d:
         42:d1:47:5a:45:d5:5c:11:63:16:1d:ab:be:5a:82:6d:bb:45:
         3f:0f:85:22:65:a7:d5:6b:dc:5c:84:a9:c2:b5:6f:f9:e5:00:
         95:fd:fc:41:66:c4:ea:9e:78:7d:0c:8e:1f:8f:55:b6:1b:28:
         46:ba:c2:fd:0d:23:0d:a5:25:fa:12:b0:fb:7a:7f:5f:46:df:
         f4:a0:de:52:5a:f4:ff:c0:95:fe:5e:49:95:7c:47:23:75:76:
         f0:f8:4f:af:af:26:ff:dc:c9:16:53:71:f8:3f:d8:8b:b6:5a:
         fb:33:78:6b:fd:c8:40:9c:bf:79:2c:e9:93:66:b6:a9:b1:a6:
         d4:f4:3a:21:03:a2:95:29:b2:41:bf:ea:54:d6:0e:73:1d:24:
         1c:b9:b5:05:53:81:81:0f:5c:9b:cf:49:64:ff:50:9e:68:e8:
         90:c3:ae:51:0f:3b:02:a9:9e:87:14:cf:04:e2:a7:5d:ff:4f:
         65:ca:ee:31:dc:9b:80:6f:34:60:ff:14:44:54:af:77:ac:ba:
         02:88:27:00:5f:cf:41:df:fb:08:3a:d0:4e:df:9e:cc:59:5d:
         6c:69:60:32
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICANEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTg1NjgxMTAvBgNVBAUTKDk0M0FEOUJDNjE3N0FCOEMyRjhFODEzMUMxNEE1NDY1
RUM0Mjk1NEYwHhcNMjQxMTIwMTg0NTEwWhcNMjQxMTI3MTg0NTEwWjAYMRYwFAYD
VQQDEw02NzNlMmUzNi01M2YxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1eEl+XqQvd3bnIDuUUlDulv51aLCOVpM/iQ7DM3QgOZUUgiUi5nDlLwKlz26
T75xxFo1L9EtDUQMyvNzMNBDo2WairdDoTz0/giMxGDyPQne0zY8EdZHT6T2S+UO
iJVTLQmvXDlOlUIerYTzq3+DJ+3vnZ8BjR4q7eo8WChGumGO/IK1H5jqhS3hFQSk
i+pYtDpM1cln3aw1DplTQDdvZxbkf+V2hW1XbnS4hU0MydxBVJS9KLmyGZ/G67It
3bDv1TI9TzVmP9c2gKIHQvtCZLRK7KzNslN6mT7lyV/sI0p5jtDAxeHre1I5zvhB
HyIi5QqR5RI7HQvEfHYmFEMtEwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFE9TI13f
DLRpaNLDgdgKnEspn85LMB8GA1UdIwQYMBaAFJQ62bxhd6uML46BMcFKVGXsQpVP
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1ODU2OC8zNjE4QUI2RTcy
QTMxMUVFOTQ1NTcyMTFDNEY5QUUwMi9sRHJadkdGM3E0d3Zqb0V4d1VwVVpleENs
VTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyL2xEclp2R0YzcTR3dmpvRXh3VXBVWmV4Q2xVOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
ODU2OC8zNjE4QUI2RTcyQTMxMUVFOTQ1NTcyMTFDNEY5QUUwMi9sRHJadkdGM3E0
d3Zqb0V4d1VwVVpleENsVTgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQA9J/19NeGL7+NOYDZjHnrzbQweRyq08sNrurvOrKX8SFsWrF1C0Uda
RdVcEWMWHau+WoJtu0U/D4UiZafVa9xchKnCtW/55QCV/fxBZsTqnnh9DI4fj1W2
GyhGusL9DSMNpSX6ErD7en9fRt/0oN5SWvT/wJX+XkmVfEcjdXbw+E+vryb/3MkW
U3H4P9iLtlr7M3hr/chAnL95LOmTZrapsabU9DohA6KVKbJBv+pU1g5zHSQcubUF
U4GBD1ybz0lk/1CeaOiQw65RDzsCqZ6HFM8E4qdd/09lyu4x3JuAbzRg/xREVK93
rLoCiCcAX89B3/sIOtBO357MWV1saWAy
-----END CERTIFICATE-----
Generated at Wed Nov 20 21:34:49 2024 by rpki-client on console-ams.rpki-client.org