Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9170C53/CE445BD0DA5B11ED96747C5AC4F9AE02/4dFD2djqAiJMHLDJFey4TuKLWqo.mft
File:                     4dFD2djqAiJMHLDJFey4TuKLWqo.mft (raw, json)
Hash identifier:          3Q7Z2141zODpVPLcslfeOqhvvSE61p+cedOncuySmLk=
Subject key identifier:   F2:C3:FC:0D:68:77:B2:B9:0F:7F:40:67:11:DB:4A:30:4B:EE:8B:2C
Authority key identifier: E1:D1:43:D9:D8:EA:02:22:4C:1C:B0:C9:15:EC:B8:4E:E2:8B:5A:AA
Certificate issuer:       /CN=A9170C53/serialNumber=E1D143D9D8EA02224C1CB0C915ECB84EE28B5AAA
Certificate serial:       01A5
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4dFD2djqAiJMHLDJFey4TuKLWqo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9170C53/CE445BD0DA5B11ED96747C5AC4F9AE02/4dFD2djqAiJMHLDJFey4TuKLWqo.mft
Manifest number:          0198
Signing time:             Wed 11 Jun 2025 02:53:06 +0000
Manifest this update:     Wed 11 Jun 2025 02:53:06 +0000
Manifest next update:     Wed 18 Jun 2025 02:53:06 +0000
Files and hashes:         1: 4dFD2djqAiJMHLDJFey4TuKLWqo.crl (hash: NGKv7yukjjcWDNyi/df16fjAG/CfMnFP7LaG7XDfjT4=)
                          2: 916EFEE0DA6011ED9BC6175FC4F9AE02.roa (hash: RDPi47SZcDAz4xmQe0PzevESUJOCnp77k9KEsG3kOPw=)
                          3: 9283C1F8DA6011ED9BC6175FC4F9AE02.roa (hash: 4ZxnpGjaykPQCM8pL2N1CRQo3+QNzrfE6n7zpJytINg=)
                          4: 90AE648CDA6011ED9BC6175FC4F9AE02.roa (hash: +lHlOLbl/5RnNOcPx8/sJld2TYpyfZTtFIxadDBZYdU=)
                          5: 91FAB1ECDA6011ED9BC6175FC4F9AE02.roa (hash: v8W7oHHzaQTWG5Q9zg44OzZnUjsO7rk1vnHeE+xeDvw=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9170C53/CE445BD0DA5B11ED96747C5AC4F9AE02/4dFD2djqAiJMHLDJFey4TuKLWqo.crl
                          rsync://rpki.apnic.net/member_repository/A9170C53/CE445BD0DA5B11ED96747C5AC4F9AE02/4dFD2djqAiJMHLDJFey4TuKLWqo.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4dFD2djqAiJMHLDJFey4TuKLWqo.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 18 Jun 2025 02:53:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 421 (0x1a5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9170C53, serialNumber=E1D143D9D8EA02224C1CB0C915ECB84EE28B5AAA
        Validity
            Not Before: Jun 11 02:53:06 2025 GMT
            Not After : Jun 18 02:53:06 2025 GMT
        Subject: CN=6848ef92-8324
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:1e:08:0d:e8:d1:de:1b:93:d4:1a:63:47:d6:
                    b7:45:98:08:f7:55:e1:02:7d:b0:cb:ea:8d:b7:21:
                    0b:e5:a3:c1:11:39:d1:c7:56:0a:e7:03:6e:aa:b1:
                    1c:34:0b:6d:f9:96:62:a9:28:7e:c5:aa:97:7b:bd:
                    5d:b2:85:7d:61:f6:f2:27:24:03:52:b2:7b:07:5a:
                    4a:2f:7a:b5:cf:90:23:9e:ac:36:e7:57:bb:11:d1:
                    59:e0:e7:5b:e9:95:b2:8c:56:fc:7f:dd:de:51:ab:
                    b0:e9:1f:03:d9:61:ca:89:13:5c:97:c9:32:75:fc:
                    f4:04:fa:45:d5:93:e5:27:88:ad:0c:08:f8:57:80:
                    6c:4d:b9:ba:37:c2:f5:60:90:7f:23:52:f7:5d:8d:
                    49:e2:50:f3:75:22:07:2a:04:06:6e:ab:6b:96:a7:
                    cd:5d:86:52:69:17:d2:7c:12:e2:ac:36:3f:e4:eb:
                    52:20:bb:3c:c2:f1:d3:25:a9:e8:96:17:2f:64:78:
                    5a:bb:5e:e2:f0:62:9a:51:b3:6f:05:8f:b1:d9:e0:
                    26:b1:73:a5:38:6b:42:5c:b9:25:b8:ad:9b:d2:e5:
                    e4:ae:0d:b7:f2:7d:c9:77:82:b8:4c:94:94:03:81:
                    24:04:6e:de:3d:04:f0:5a:4d:4c:67:ba:b1:44:d9:
                    3a:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:C3:FC:0D:68:77:B2:B9:0F:7F:40:67:11:DB:4A:30:4B:EE:8B:2C
            X509v3 Authority Key Identifier:
                keyid:E1:D1:43:D9:D8:EA:02:22:4C:1C:B0:C9:15:EC:B8:4E:E2:8B:5A:AA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9170C53/CE445BD0DA5B11ED96747C5AC4F9AE02/4dFD2djqAiJMHLDJFey4TuKLWqo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4dFD2djqAiJMHLDJFey4TuKLWqo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170C53/CE445BD0DA5B11ED96747C5AC4F9AE02/4dFD2djqAiJMHLDJFey4TuKLWqo.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:c2:eb:32:d0:c4:e9:82:5a:47:3a:b8:3a:d9:65:7e:33:99:
         d8:02:ba:4c:49:df:63:53:f1:34:89:ee:2d:43:49:1b:1c:90:
         33:0d:2d:03:15:c1:0f:bb:fa:41:2f:08:a7:a4:07:6b:d2:20:
         0f:a0:42:5c:05:09:7f:63:f3:81:e3:11:bb:42:9d:07:db:d6:
         c1:70:94:8f:51:05:42:64:68:d3:0d:a6:8a:94:8d:fe:6e:9e:
         91:7a:2e:c8:37:5c:35:c8:6e:66:91:0a:f0:44:5c:5a:90:05:
         d5:31:df:6b:33:d5:f9:21:36:96:5f:94:14:57:9b:75:89:4f:
         0e:c6:3a:f8:ca:87:f4:e9:db:80:19:fe:64:99:f5:df:f1:4f:
         7e:d7:93:f2:6a:6c:d5:0c:8d:9a:c3:ab:ed:ca:9c:2a:df:86:
         e1:2f:e9:36:cb:93:e6:bc:75:97:86:94:2c:be:84:f8:0f:df:
         4f:4b:c8:4e:72:bc:6c:3d:6d:29:d5:80:a5:8e:f1:16:d6:a6:
         ad:07:53:9c:5f:51:b9:09:a4:be:14:c3:f1:94:40:f8:ab:3d:
         1b:a5:31:63:89:be:c5:b2:4a:58:f5:8d:42:a2:80:9b:67:e4:
         fe:e4:1d:e0:a3:37:83:df:9d:09:0b:e3:5b:e9:fa:55:95:ee:
         13:10:86:3f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAaUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzBDNTMxMTAvBgNVBAUTKEUxRDE0M0Q5RDhFQTAyMjI0QzFDQjBDOTE1RUNCODRF
RTI4QjVBQUEwHhcNMjUwNjExMDI1MzA2WhcNMjUwNjE4MDI1MzA2WjAYMRYwFAYD
VQQDEw02ODQ4ZWY5Mi04MzI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0h4IDejR3huT1BpjR9a3RZgI91XhAn2wy+qNtyEL5aPBETnRx1YK5wNuqrEc
NAtt+ZZiqSh+xaqXe71dsoV9YfbyJyQDUrJ7B1pKL3q1z5Ajnqw251e7EdFZ4Odb
6ZWyjFb8f93eUauw6R8D2WHKiRNcl8kydfz0BPpF1ZPlJ4itDAj4V4BsTbm6N8L1
YJB/I1L3XY1J4lDzdSIHKgQGbqtrlqfNXYZSaRfSfBLirDY/5OtSILs8wvHTJano
lhcvZHhau17i8GKaUbNvBY+x2eAmsXOlOGtCXLkluK2b0uXkrg238n3Jd4K4TJSU
A4EkBG7ePQTwWk1MZ7qxRNk63QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPLD/A1o
d7K5D39AZxHbSjBL7ossMB8GA1UdIwQYMBaAFOHRQ9nY6gIiTBywyRXsuE7ii1qq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MEM1My9DRTQ0NUJEMERB
NUIxMUVEOTY3NDdDNUFDNEY5QUUwMi80ZEZEMmRqcUFpSk1ITERKRmV5NFR1S0xX
cW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRkRkQyZGpxQWlKTUhMREpGZXk0VHVLTFdxby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MEM1My9DRTQ0NUJEMERBNUIxMUVEOTY3NDdDNUFDNEY5QUUwMi80ZEZEMmRqcUFp
Sk1ITERKRmV5NFR1S0xXcW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCIwusy0MTpglpHOrg62WV+M5nYArpMSd9jU/E0ie4tQ0kbHJAzDS0D
FcEPu/pBLwinpAdr0iAPoEJcBQl/Y/OB4xG7Qp0H29bBcJSPUQVCZGjTDaaKlI3+
bp6Rei7IN1w1yG5mkQrwRFxakAXVMd9rM9X5ITaWX5QUV5t1iU8Oxjr4yof06duA
Gf5kmfXf8U9+15PyamzVDI2aw6vtypwq34bhL+k2y5PmvHWXhpQsvoT4D99PS8hO
crxsPW0p1YCljvEW1qatB1OcX1G5CaS+FMPxlED4qz0bpTFjib7FskpY9Y1CooCb
Z+T+5B3gozeD350JC+Nb6fpVle4TEIY/
-----END CERTIFICATE-----
Generated at Thu Jun 12 06:27:30 2025 by rpki-client