Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A916423B/DC49A5FA0AB211EE80B35537C4F9AE02/-AoX4Y4_OhL3UjNnLorGf4DlL98.mft
File:                     -AoX4Y4_OhL3UjNnLorGf4DlL98.mft (raw, json)
Hash identifier:          +1mPcamf8yomglS/6QGxfkQNpN2/cJ9zksHmPPRUwb8=
Subject key identifier:   FA:83:8E:20:18:87:00:E9:75:37:31:7E:A0:D9:F1:02:67:37:66:AE
Authority key identifier: F8:0A:17:E1:8E:3F:3A:12:F7:52:33:67:2E:8A:C6:7F:80:E5:2F:DF
Certificate issuer:       /CN=A916423B/serialNumber=F80A17E18E3F3A12F75233672E8AC67F80E52FDF
Certificate serial:       0179
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-AoX4Y4_OhL3UjNnLorGf4DlL98.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A916423B/DC49A5FA0AB211EE80B35537C4F9AE02/-AoX4Y4_OhL3UjNnLorGf4DlL98.mft
Manifest number:          0176
Signing time:             Fri 13 Jun 2025 02:45:32 +0000
Manifest this update:     Fri 13 Jun 2025 02:45:31 +0000
Manifest next update:     Fri 20 Jun 2025 02:45:31 +0000
Files and hashes:         1: -AoX4Y4_OhL3UjNnLorGf4DlL98.crl (hash: lv14NMp+cO6wAAEbumqqb8ftLBRtLrv2DNGo39DpRlQ=)
                          2: 593888C40AB811EE97CC7A32C4F9AE02.roa (hash: Hgvy/rbsLEaWAnrB/PMoMX/RB2XdkdZAeykYpDBMbDc=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A916423B/DC49A5FA0AB211EE80B35537C4F9AE02/-AoX4Y4_OhL3UjNnLorGf4DlL98.crl
                          rsync://rpki.apnic.net/member_repository/A916423B/DC49A5FA0AB211EE80B35537C4F9AE02/-AoX4Y4_OhL3UjNnLorGf4DlL98.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-AoX4Y4_OhL3UjNnLorGf4DlL98.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 20 Jun 2025 02:45:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 377 (0x179)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A916423B, serialNumber=F80A17E18E3F3A12F75233672E8AC67F80E52FDF
        Validity
            Not Before: Jun 13 02:45:31 2025 GMT
            Not After : Jun 20 02:45:31 2025 GMT
        Subject: CN=684b90cb-655e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:20:b1:62:5a:ab:f7:66:95:fb:58:68:6e:cb:
                    3e:f3:43:5b:bb:79:f7:7b:e3:a4:01:a2:15:8a:e0:
                    22:2f:bd:5b:0c:7e:ce:15:e6:15:20:f7:71:58:f3:
                    e3:bb:92:73:7b:a6:13:c6:a2:7d:1c:b6:25:84:9c:
                    ac:f0:ca:d7:63:bc:a1:95:8e:08:3a:76:6c:2d:32:
                    65:a2:8c:1e:97:1a:3c:26:f6:15:20:13:8e:04:fb:
                    68:1a:67:1c:ce:84:3f:fa:7f:fc:a4:53:cc:50:70:
                    46:2a:29:89:b6:bc:17:d9:40:29:2a:15:76:8e:a6:
                    0e:0f:08:0c:83:98:a9:cd:47:0b:de:38:13:0a:12:
                    78:57:5c:e7:3b:78:08:cb:64:36:70:79:da:d7:e7:
                    c2:47:33:83:3f:c1:d4:3c:2f:70:0a:55:3c:4e:4c:
                    25:3a:c5:1b:c5:14:5f:6e:18:9c:22:a1:23:11:a5:
                    2b:e7:74:41:70:08:6c:6d:7b:5d:d3:3b:3a:ed:ae:
                    eb:05:b2:39:f4:e5:b0:4e:e9:b9:4a:60:d3:94:93:
                    af:b2:cf:e9:c8:3a:29:f0:b1:bd:a9:b5:6f:0d:dd:
                    9d:84:48:f5:a5:b5:77:63:ce:96:a5:25:ff:61:b0:
                    cf:0d:c1:b2:fd:c5:9f:4d:20:cd:ed:85:2d:a2:2a:
                    2a:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:83:8E:20:18:87:00:E9:75:37:31:7E:A0:D9:F1:02:67:37:66:AE
            X509v3 Authority Key Identifier:
                keyid:F8:0A:17:E1:8E:3F:3A:12:F7:52:33:67:2E:8A:C6:7F:80:E5:2F:DF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A916423B/DC49A5FA0AB211EE80B35537C4F9AE02/-AoX4Y4_OhL3UjNnLorGf4DlL98.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-AoX4Y4_OhL3UjNnLorGf4DlL98.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916423B/DC49A5FA0AB211EE80B35537C4F9AE02/-AoX4Y4_OhL3UjNnLorGf4DlL98.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:4b:b7:0f:91:0e:ce:d1:9b:a1:92:13:96:56:5a:a0:3a:a7:
         07:25:8a:f3:7a:be:f5:3d:27:cc:44:80:6e:85:d9:c1:87:50:
         97:0f:58:34:13:4d:5e:da:61:05:97:bf:dd:d7:cb:5d:61:7b:
         3c:da:b0:61:f4:b8:4f:7f:2f:28:89:e4:02:2e:61:eb:e6:2e:
         11:d8:ba:9d:f2:5e:57:77:f4:c7:8c:4f:84:e1:aa:b9:38:f3:
         cd:56:07:d5:f2:cb:39:3b:98:ca:c5:b1:c6:d3:68:f5:ec:ee:
         96:06:4f:b6:99:ea:11:fb:61:00:48:c0:3c:65:94:ce:71:55:
         08:7b:57:a0:23:4b:44:89:ad:0b:07:b3:4d:b7:11:3c:fe:a1:
         33:2a:75:7d:66:ac:2a:b5:09:a9:40:65:4f:8a:6f:dd:f1:21:
         2f:d4:fb:dd:4d:c7:0a:65:25:12:73:0e:fb:e6:12:68:8f:94:
         f9:88:df:59:d5:be:2a:50:fd:91:63:01:18:30:b0:9f:3a:1e:
         ff:44:4a:f0:24:3e:e4:a6:f7:5a:83:f1:77:38:10:35:80:81:
         07:4d:9b:9b:ff:97:d2:31:d0:1b:6d:a2:ad:8c:ce:34:8a:5b:
         2c:cb:98:e4:e1:27:ba:25:4d:7c:c9:93:7f:93:20:88:06:73:
         ae:aa:2f:d5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAXkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjQyM0IxMTAvBgNVBAUTKEY4MEExN0UxOEUzRjNBMTJGNzUyMzM2NzJFOEFDNjdG
ODBFNTJGREYwHhcNMjUwNjEzMDI0NTMxWhcNMjUwNjIwMDI0NTMxWjAYMRYwFAYD
VQQDEw02ODRiOTBjYi02NTVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7SCxYlqr92aV+1hobss+80Nbu3n3e+OkAaIViuAiL71bDH7OFeYVIPdxWPPj
u5Jze6YTxqJ9HLYlhJys8MrXY7yhlY4IOnZsLTJloowelxo8JvYVIBOOBPtoGmcc
zoQ/+n/8pFPMUHBGKimJtrwX2UApKhV2jqYODwgMg5ipzUcL3jgTChJ4V1znO3gI
y2Q2cHna1+fCRzODP8HUPC9wClU8TkwlOsUbxRRfbhicIqEjEaUr53RBcAhsbXtd
0zs67a7rBbI59OWwTum5SmDTlJOvss/pyDop8LG9qbVvDd2dhEj1pbV3Y86WpSX/
YbDPDcGy/cWfTSDN7YUtoioq7wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPqDjiAY
hwDpdTcxfqDZ8QJnN2auMB8GA1UdIwQYMBaAFPgKF+GOPzoS91IzZy6Kxn+A5S/f
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NDIzQi9EQzQ5QTVGQTBB
QjIxMUVFODBCMzU1MzdDNEY5QUUwMi8tQW9YNFk0X09oTDNVak5uTG9yR2Y0RGxM
OTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLy1Bb1g0WTRfT2hMM1VqTm5Mb3JHZjREbEw5OC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
NDIzQi9EQzQ5QTVGQTBBQjIxMUVFODBCMzU1MzdDNEY5QUUwMi8tQW9YNFk0X09o
TDNVak5uTG9yR2Y0RGxMOTgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAES7cPkQ7O0ZuhkhOWVlqgOqcHJYrzer71PSfMRIBuhdnBh1CXD1g0
E01e2mEFl7/d18tdYXs82rBh9LhPfy8oieQCLmHr5i4R2Lqd8l5Xd/THjE+E4aq5
OPPNVgfV8ss5O5jKxbHG02j17O6WBk+2meoR+2EASMA8ZZTOcVUIe1egI0tEia0L
B7NNtxE8/qEzKnV9ZqwqtQmpQGVPim/d8SEv1PvdTccKZSUScw775hJoj5T5iN9Z
1b4qUP2RYwEYMLCfOh7/RErwJD7kpvdag/F3OBA1gIEHTZub/5fSMdAbbaKtjM40
ilssy5jk4Se6JU18yZN/kyCIBnOuqi/V
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:24:41 2025 by rpki-client