Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9171B1A/51FFC4E4F41111E9A435B04CC4F9AE02/kY5yieKMGkkiojy1Zb2CG34gphE.mft
File:                     kY5yieKMGkkiojy1Zb2CG34gphE.mft (raw, json)
Hash identifier:          02ukYW8UvzLhW4C6tGA9GvPp8IFGvmjgMJ0/2BOcSJQ=
Subject key identifier:   7A:41:A2:C7:8E:16:74:AD:EA:FA:6E:F3:37:3E:58:8B:BF:D4:D3:58
Authority key identifier: 91:8E:72:89:E2:8C:1A:49:22:A2:3C:B5:65:BD:82:1B:7E:20:A6:11
Certificate issuer:       /CN=A9171B1A/serialNumber=918E7289E28C1A4922A23CB565BD821B7E20A611
Certificate serial:       0CA8
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kY5yieKMGkkiojy1Zb2CG34gphE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9171B1A/51FFC4E4F41111E9A435B04CC4F9AE02/kY5yieKMGkkiojy1Zb2CG34gphE.mft
Manifest number:          0C9C
Signing time:             Sun 08 Jun 2025 18:00:22 +0000
Manifest this update:     Sun 08 Jun 2025 18:00:22 +0000
Manifest next update:     Sun 15 Jun 2025 18:00:22 +0000
Files and hashes:         1: kY5yieKMGkkiojy1Zb2CG34gphE.crl (hash: K3KwIrBYtlBbcWPz7Swvl7KGNAFa4YRJp2hsNGJQ+6E=)
                          2: 6D9433B0F41211E9AAF5924EC4F9AE02.roa (hash: hSO23qhSJreuhOLk9R8p+4DtFYxsss4sjYdKljRJK2k=)
                          3: 6E3B1338F41211E9AAF5924EC4F9AE02.roa (hash: 7iLE2NbcVEE13k7k5xb5wiFVYhBSAES33qNPZQmTZqs=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9171B1A/51FFC4E4F41111E9A435B04CC4F9AE02/kY5yieKMGkkiojy1Zb2CG34gphE.crl
                          rsync://rpki.apnic.net/member_repository/A9171B1A/51FFC4E4F41111E9A435B04CC4F9AE02/kY5yieKMGkkiojy1Zb2CG34gphE.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kY5yieKMGkkiojy1Zb2CG34gphE.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 15 Jun 2025 18:00:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3240 (0xca8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9171B1A, serialNumber=918E7289E28C1A4922A23CB565BD821B7E20A611
        Validity
            Not Before: Jun  8 18:00:22 2025 GMT
            Not After : Jun 15 18:00:22 2025 GMT
        Subject: CN=6845cfb6-6e5d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:7b:08:0f:01:1e:22:e6:6b:4a:77:a6:20:e3:
                    cc:da:16:7c:53:e5:43:b8:89:ef:9b:f7:ab:47:e9:
                    32:0a:3c:b7:62:8a:a3:3c:9c:1a:7f:e6:4b:10:9d:
                    ea:89:8f:ff:d0:cb:e0:b6:1c:c1:29:d9:cf:79:64:
                    c4:9d:35:67:c6:d2:8b:42:c1:55:38:d0:97:fd:72:
                    63:39:54:1b:ee:bb:59:d4:5b:e4:32:25:57:8b:01:
                    57:fc:d2:97:b0:02:0b:7c:af:b9:ec:fb:5a:57:a9:
                    d0:68:63:11:a9:ab:c9:98:e3:95:c2:c3:f6:2d:71:
                    3d:b9:8b:bb:12:9d:4a:ee:c2:6c:f7:72:e3:25:47:
                    d4:4c:b2:5e:1a:57:aa:d6:c2:94:94:1c:17:4a:97:
                    72:30:57:02:b7:da:54:77:97:cc:b6:4e:07:b3:84:
                    8b:6d:2c:cd:7e:6e:a4:f1:6b:80:67:33:d3:f8:ca:
                    09:bd:29:c4:6e:f0:1d:7f:23:2a:6c:ae:68:68:ef:
                    ab:1d:79:d7:ca:15:39:65:6c:a7:a2:a0:43:d2:94:
                    a2:c2:21:13:c0:17:ed:c4:a5:a1:01:db:66:c9:97:
                    d0:95:03:73:41:04:b5:6e:11:03:56:a3:08:76:3b:
                    55:5e:2e:57:b8:0e:f6:cd:a7:70:82:fe:bd:21:17:
                    d8:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:41:A2:C7:8E:16:74:AD:EA:FA:6E:F3:37:3E:58:8B:BF:D4:D3:58
            X509v3 Authority Key Identifier:
                keyid:91:8E:72:89:E2:8C:1A:49:22:A2:3C:B5:65:BD:82:1B:7E:20:A6:11

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9171B1A/51FFC4E4F41111E9A435B04CC4F9AE02/kY5yieKMGkkiojy1Zb2CG34gphE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kY5yieKMGkkiojy1Zb2CG34gphE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9171B1A/51FFC4E4F41111E9A435B04CC4F9AE02/kY5yieKMGkkiojy1Zb2CG34gphE.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:04:89:aa:dd:b4:e3:47:2c:92:24:56:58:e6:07:96:c2:63:
         84:1e:3c:86:b3:79:c2:0a:ee:ef:bc:17:be:13:f8:f7:08:54:
         5c:79:c4:5e:8b:90:9a:c2:67:af:ae:2e:e9:47:cc:31:57:f0:
         a2:91:82:1e:6f:40:c8:1e:f1:16:91:40:f2:14:b3:a4:fb:72:
         df:fd:de:5e:5e:8b:ec:ff:4b:12:bd:e3:74:db:2b:8c:11:ce:
         46:23:f8:b6:63:40:44:a1:03:2c:b5:81:80:25:95:78:06:e0:
         b0:c5:78:77:80:e2:d1:5a:0f:d6:86:34:09:1d:a6:ef:60:7e:
         db:2b:78:d1:49:97:18:e3:df:e0:5e:53:90:c3:15:2a:16:cb:
         4c:37:75:32:43:f6:06:e5:74:ca:d0:d6:97:e7:70:41:0b:f4:
         7e:c6:22:65:ad:f8:aa:89:b7:27:fe:67:f1:58:6c:3b:99:7d:
         cf:5c:c6:1b:14:90:52:62:f3:40:a5:92:b4:48:bb:d5:d0:b5:
         71:6e:0b:54:e9:11:68:77:f4:18:a9:cb:01:45:2c:cf:b8:39:
         7f:9a:be:c7:61:4f:2d:1a:74:35:15:ff:f5:c1:24:90:09:dd:
         18:ad:01:41:56:e8:84:cf:da:db:d4:7e:93:86:0e:c8:ff:3c:
         6d:03:8e:d7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICDKgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzFCMUExMTAvBgNVBAUTKDkxOEU3Mjg5RTI4QzFBNDkyMkEyM0NCNTY1QkQ4MjFC
N0UyMEE2MTEwHhcNMjUwNjA4MTgwMDIyWhcNMjUwNjE1MTgwMDIyWjAYMRYwFAYD
VQQDEw02ODQ1Y2ZiNi02ZTVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmnsIDwEeIuZrSnemIOPM2hZ8U+VDuInvm/erR+kyCjy3YoqjPJwaf+ZLEJ3q
iY//0MvgthzBKdnPeWTEnTVnxtKLQsFVONCX/XJjOVQb7rtZ1FvkMiVXiwFX/NKX
sAILfK+57PtaV6nQaGMRqavJmOOVwsP2LXE9uYu7Ep1K7sJs93LjJUfUTLJeGleq
1sKUlBwXSpdyMFcCt9pUd5fMtk4Hs4SLbSzNfm6k8WuAZzPT+MoJvSnEbvAdfyMq
bK5oaO+rHXnXyhU5ZWynoqBD0pSiwiETwBftxKWhAdtmyZfQlQNzQQS1bhEDVqMI
djtVXi5XuA72zadwgv69IRfY2wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHpBoseO
FnSt6vpu8zc+WIu/1NNYMB8GA1UdIwQYMBaAFJGOconijBpJIqI8tWW9ght+IKYR
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MUIxQS81MUZGQzRFNEY0
MTExMUU5QTQzNUIwNENDNEY5QUUwMi9rWTV5aWVLTUdra2lvankxWmIyQ0czNGdw
aEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tZNXlpZUtNR2traW9qeTFaYjJDRzM0Z3BoRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MUIxQS81MUZGQzRFNEY0MTExMUU5QTQzNUIwNENDNEY5QUUwMi9rWTV5aWVLTUdr
a2lvankxWmIyQ0czNGdwaEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCHBImq3bTjRyySJFZY5geWwmOEHjyGs3nCCu7vvBe+E/j3CFRcecRe
i5Cawmevri7pR8wxV/CikYIeb0DIHvEWkUDyFLOk+3Lf/d5eXovs/0sSveN02yuM
Ec5GI/i2Y0BEoQMstYGAJZV4BuCwxXh3gOLRWg/WhjQJHabvYH7bK3jRSZcY49/g
XlOQwxUqFstMN3UyQ/YG5XTK0NaX53BBC/R+xiJlrfiqibcn/mfxWGw7mX3PXMYb
FJBSYvNApZK0SLvV0LVxbgtU6RFod/QYqcsBRSzPuDl/mr7HYU8tGnQ1Ff/1wSSQ
Cd0YrQFBVuiEz9rb1H6Thg7I/zxtA47X
-----END CERTIFICATE-----
Generated at Tue Jun 10 06:41:25 2025 by rpki-client