Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9170533/22ED2C9A9F8211ECBFC3CF1CC4F9AE02/5Y-Y48YUIUZUU6xCVfCvsK2V0kY.mft
File:                     5Y-Y48YUIUZUU6xCVfCvsK2V0kY.mft (raw, json)
Hash identifier:          q/45Dfxge5arumOHc/Go2OVeJ7VNZ9+j2BviI4o4cSg=
Subject key identifier:   68:00:D2:D8:A8:30:52:C6:69:BF:AA:F2:42:41:16:A0:9C:38:77:C4
Authority key identifier: E5:8F:98:E3:C6:14:21:46:54:53:AC:42:55:F0:AF:B0:AD:95:D2:46
Certificate issuer:       /CN=A9170533/serialNumber=E58F98E3C61421465453AC4255F0AFB0AD95D246
Certificate serial:       0398
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5Y-Y48YUIUZUU6xCVfCvsK2V0kY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9170533/22ED2C9A9F8211ECBFC3CF1CC4F9AE02/5Y-Y48YUIUZUU6xCVfCvsK2V0kY.mft
Manifest number:          0394
Signing time:             Mon 09 Jun 2025 00:24:22 +0000
Manifest this update:     Mon 09 Jun 2025 00:24:21 +0000
Manifest next update:     Mon 16 Jun 2025 00:24:21 +0000
Files and hashes:         1: 5Y-Y48YUIUZUU6xCVfCvsK2V0kY.crl (hash: TLSqPLUu2gBp2UXr27mgy6C9VUxCAuWaZLe1pcMEOsQ=)
                          2: 6664BEB29F8611ECBE806D30C4F9AE02.roa (hash: 3Zz0SoScV6fPNZfJ9ERkFkDBxGo2mzRnK0TlcOdgOTI=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9170533/22ED2C9A9F8211ECBFC3CF1CC4F9AE02/5Y-Y48YUIUZUU6xCVfCvsK2V0kY.crl
                          rsync://rpki.apnic.net/member_repository/A9170533/22ED2C9A9F8211ECBFC3CF1CC4F9AE02/5Y-Y48YUIUZUU6xCVfCvsK2V0kY.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5Y-Y48YUIUZUU6xCVfCvsK2V0kY.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 16 Jun 2025 00:24:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 920 (0x398)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9170533, serialNumber=E58F98E3C61421465453AC4255F0AFB0AD95D246
        Validity
            Not Before: Jun  9 00:24:21 2025 GMT
            Not After : Jun 16 00:24:21 2025 GMT
        Subject: CN=684629b5-e2e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:86:94:f6:86:b9:c9:54:7a:62:63:31:e1:61:
                    4e:84:1f:79:1b:67:fc:b2:69:7a:40:43:fc:a1:14:
                    dd:a6:c8:43:45:ae:e4:cf:7e:39:58:67:ac:21:5c:
                    eb:59:8f:81:31:72:2a:f4:c1:6c:73:8b:dd:92:a7:
                    05:c9:b8:af:32:8d:79:fc:84:48:24:3e:3d:d6:99:
                    d1:7e:9d:e3:99:88:dd:fa:4c:bf:84:cf:30:dd:69:
                    00:41:60:b1:50:52:d0:89:4d:0e:bd:c1:c1:62:f6:
                    83:55:b1:8d:08:24:2d:38:86:6d:dd:6b:84:0a:c4:
                    f9:bc:c7:a8:d3:ee:46:f3:f3:b8:01:24:1d:84:98:
                    cd:f7:0e:f7:19:ef:ce:08:59:cd:64:50:ef:23:52:
                    75:46:e1:ea:3a:26:0e:22:f6:8b:dc:42:8a:90:e1:
                    8c:27:d1:6c:20:fc:7e:85:0c:ae:41:d9:38:f1:fc:
                    57:c4:06:aa:99:f7:9a:62:6d:b4:18:db:2c:c4:7d:
                    f5:db:6f:79:05:c2:4d:f4:ea:cf:f2:c7:b9:65:27:
                    bd:df:03:50:cc:42:f3:68:f4:7d:23:40:0c:3e:c1:
                    3a:95:a3:a3:2d:d4:6a:02:e5:ae:4b:6a:b5:ca:69:
                    29:d5:3b:01:77:2a:ca:be:fe:62:87:84:c4:77:11:
                    ae:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:00:D2:D8:A8:30:52:C6:69:BF:AA:F2:42:41:16:A0:9C:38:77:C4
            X509v3 Authority Key Identifier:
                keyid:E5:8F:98:E3:C6:14:21:46:54:53:AC:42:55:F0:AF:B0:AD:95:D2:46

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9170533/22ED2C9A9F8211ECBFC3CF1CC4F9AE02/5Y-Y48YUIUZUU6xCVfCvsK2V0kY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5Y-Y48YUIUZUU6xCVfCvsK2V0kY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170533/22ED2C9A9F8211ECBFC3CF1CC4F9AE02/5Y-Y48YUIUZUU6xCVfCvsK2V0kY.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:a0:df:57:0c:bb:f9:c7:45:4f:b9:84:b9:7d:54:ff:d3:bf:
         1a:cd:1c:2a:83:b1:bc:b8:4d:44:67:14:1c:aa:6c:c2:61:e2:
         b7:14:14:5d:18:91:6a:38:23:35:d0:f2:ef:b0:2c:ea:59:ef:
         92:a3:4e:4c:b5:0e:84:fb:67:b4:89:4a:c3:db:be:72:38:fb:
         75:2a:dd:f6:6f:b6:41:12:c4:87:78:02:5c:54:02:4c:33:09:
         e8:18:1e:09:23:22:bc:1d:37:2c:41:98:e1:ba:67:fa:85:20:
         ae:24:10:2a:61:5f:b9:47:01:48:91:64:58:7d:26:30:37:a2:
         60:b9:97:03:50:dd:d8:d8:fa:62:c3:d6:7a:2d:96:6f:9e:e3:
         e6:f8:5b:7c:d1:a3:52:43:c6:f2:73:83:8d:7b:fb:1f:30:69:
         b4:3f:24:b1:61:7d:fe:92:71:88:ef:cd:23:20:60:36:cc:f1:
         66:19:8d:77:a4:3b:2e:ab:5c:37:42:b9:f2:f1:14:c7:63:b3:
         00:7b:04:8f:0d:8e:eb:bf:17:64:01:47:43:82:a9:89:14:24:
         01:29:ec:a4:b6:93:c0:0e:d4:46:99:f8:48:c6:e9:b8:29:83:
         26:06:46:72:ea:c1:91:29:69:3f:fa:ff:9e:e7:56:ff:b7:d0:
         4a:04:22:ec
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICA5gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzA1MzMxMTAvBgNVBAUTKEU1OEY5OEUzQzYxNDIxNDY1NDUzQUM0MjU1RjBBRkIw
QUQ5NUQyNDYwHhcNMjUwNjA5MDAyNDIxWhcNMjUwNjE2MDAyNDIxWjAYMRYwFAYD
VQQDEw02ODQ2MjliNS1lMmU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxoaU9oa5yVR6YmMx4WFOhB95G2f8sml6QEP8oRTdpshDRa7kz345WGesIVzr
WY+BMXIq9MFsc4vdkqcFybivMo15/IRIJD491pnRfp3jmYjd+ky/hM8w3WkAQWCx
UFLQiU0OvcHBYvaDVbGNCCQtOIZt3WuECsT5vMeo0+5G8/O4ASQdhJjN9w73Ge/O
CFnNZFDvI1J1RuHqOiYOIvaL3EKKkOGMJ9FsIPx+hQyuQdk48fxXxAaqmfeaYm20
GNssxH312295BcJN9OrP8se5ZSe93wNQzELzaPR9I0AMPsE6laOjLdRqAuWuS2q1
ymkp1TsBdyrKvv5ih4TEdxGuiQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGgA0tio
MFLGab+q8kJBFqCcOHfEMB8GA1UdIwQYMBaAFOWPmOPGFCFGVFOsQlXwr7CtldJG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MDUzMy8yMkVEMkM5QTlG
ODIxMUVDQkZDM0NGMUNDNEY5QUUwMi81WS1ZNDhZVUlVWlVVNnhDVmZDdnNLMlYw
a1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVZLVk0OFlVSVVaVVU2eENWZkN2c0syVjBrWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MDUzMy8yMkVEMkM5QTlGODIxMUVDQkZDM0NGMUNDNEY5QUUwMi81WS1ZNDhZVUlV
WlVVNnhDVmZDdnNLMlYwa1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAKoN9XDLv5x0VPuYS5fVT/078azRwqg7G8uE1EZxQcqmzCYeK3FBRd
GJFqOCM10PLvsCzqWe+So05MtQ6E+2e0iUrD275yOPt1Kt32b7ZBEsSHeAJcVAJM
MwnoGB4JIyK8HTcsQZjhumf6hSCuJBAqYV+5RwFIkWRYfSYwN6JguZcDUN3Y2Ppi
w9Z6LZZvnuPm+Ft80aNSQ8byc4ONe/sfMGm0PySxYX3+knGI780jIGA2zPFmGY13
pDsuq1w3Qrny8RTHY7MAewSPDY7rvxdkAUdDgqmJFCQBKeyktpPADtRGmfhIxum4
KYMmBkZy6sGRKWk/+v+e51b/t9BKBCLs
-----END CERTIFICATE-----
Generated at Tue Jun 10 05:28:46 2025 by rpki-client