Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91724A6/18E5D484C3C311EDAA5ACB47C4F9AE02/0nYmctKXWA5IQijBceWokHMMF28.mft
File:                     0nYmctKXWA5IQijBceWokHMMF28.mft (raw, json)
Hash identifier:          EPQ+F9xFa0fZjlrehGnEQeBbhTI2GLuWL0YYmn83oTI=
Subject key identifier:   0E:A1:AA:66:F1:86:40:CF:9A:BA:E0:12:BD:14:1C:89:70:34:5D:B5
Authority key identifier: D2:76:26:72:D2:97:58:0E:48:42:28:C1:71:E5:A8:90:73:0C:17:6F
Certificate issuer:       /CN=A91724A6/serialNumber=D2762672D297580E484228C171E5A890730C176F
Certificate serial:       0144
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0nYmctKXWA5IQijBceWokHMMF28.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91724A6/18E5D484C3C311EDAA5ACB47C4F9AE02/0nYmctKXWA5IQijBceWokHMMF28.mft
Manifest number:          0141
Signing time:             Sat 23 Nov 2024 02:40:17 +0000
Manifest this update:     Sat 23 Nov 2024 02:40:16 +0000
Manifest next update:     Sat 30 Nov 2024 02:40:16 +0000
Files and hashes:         1: 0nYmctKXWA5IQijBceWokHMMF28.crl (hash: 8CRKQsHYFWzS28llC5GzW/76e9pVGlLFoHUegLZHA6I=)
                          2: 950A55CCC3C711ED8419AA64C4F9AE02.roa (hash: sxdz9/OyOQYTo6p59vOkf0N1FGUmUNKIj7Hl/elMisQ=)

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91724A6/18E5D484C3C311EDAA5ACB47C4F9AE02/0nYmctKXWA5IQijBceWokHMMF28.crl
                          rsync://rpki.apnic.net/member_repository/A91724A6/18E5D484C3C311EDAA5ACB47C4F9AE02/0nYmctKXWA5IQijBceWokHMMF28.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0nYmctKXWA5IQijBceWokHMMF28.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Nov 2024 02:40:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 324 (0x144)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91724A6/serialNumber=D2762672D297580E484228C171E5A890730C176F
        Validity
            Not Before: Nov 23 02:40:16 2024 GMT
            Not After : Nov 30 02:40:16 2024 GMT
        Subject: CN=67414091-4b5a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:9a:66:f8:bd:74:bc:3a:51:ff:af:cc:36:9c:
                    56:a7:27:44:64:a7:b0:15:9e:e0:9f:1b:1d:ec:d9:
                    49:6e:60:f6:48:5a:e7:4d:75:c6:45:7f:fc:b0:f4:
                    9c:00:a2:82:a1:c6:60:13:7b:ca:14:f3:33:0e:6d:
                    e9:10:cc:f9:30:41:9e:e1:b1:a4:5c:5c:98:60:7c:
                    4a:0a:db:3b:6b:25:0d:93:87:19:19:af:62:ee:a1:
                    8e:bf:3f:2d:47:e3:72:a6:c3:76:c5:fb:aa:c2:eb:
                    6d:57:02:cb:94:9f:d0:f7:f5:f2:24:d2:13:41:f5:
                    25:5e:8e:d7:07:16:fa:4e:4c:73:3e:92:e0:3f:2f:
                    05:68:61:cd:61:9f:9a:44:75:65:92:89:29:f2:0c:
                    4e:32:22:b6:c5:ca:a3:b5:12:fd:7f:9e:d3:25:cc:
                    d0:47:ed:77:0e:cd:72:b8:f2:5e:26:ba:19:8e:4b:
                    a4:99:74:2b:e0:ec:75:a3:a9:4b:ce:e0:24:f5:ca:
                    40:84:94:74:0b:9b:7e:db:bc:85:3c:7f:e5:ef:0c:
                    d6:ff:1c:93:59:d8:57:17:d1:2f:75:df:2d:30:6d:
                    d2:98:d7:a1:31:39:01:73:19:9e:f3:b2:34:fa:b8:
                    de:62:06:42:ef:fa:ab:30:8a:5e:73:9e:8c:0e:b3:
                    d1:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:A1:AA:66:F1:86:40:CF:9A:BA:E0:12:BD:14:1C:89:70:34:5D:B5
            X509v3 Authority Key Identifier:
                keyid:D2:76:26:72:D2:97:58:0E:48:42:28:C1:71:E5:A8:90:73:0C:17:6F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91724A6/18E5D484C3C311EDAA5ACB47C4F9AE02/0nYmctKXWA5IQijBceWokHMMF28.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0nYmctKXWA5IQijBceWokHMMF28.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91724A6/18E5D484C3C311EDAA5ACB47C4F9AE02/0nYmctKXWA5IQijBceWokHMMF28.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:ea:5c:b4:03:de:d5:dd:01:26:86:3e:28:a5:76:af:c0:6c:
         8f:78:d6:86:46:9d:bb:0e:13:8a:85:45:c0:f3:b2:93:53:5b:
         fc:d6:c1:89:85:6a:29:09:5d:4a:c8:0b:af:18:05:a4:59:e8:
         65:2d:c5:05:92:55:cc:a0:fb:f5:c1:f9:c8:d4:67:44:08:7d:
         34:07:03:7e:2f:d6:30:f2:7a:4c:f9:9e:e2:79:8b:99:50:6d:
         eb:82:af:2f:4d:ef:d7:ce:26:49:38:5e:3f:ff:76:55:bb:82:
         42:ef:c1:e3:56:0e:33:96:43:6a:54:b3:a8:89:b9:7f:af:33:
         00:d4:d6:b3:e4:61:a8:af:52:8b:bd:fe:7b:55:5d:e6:f5:cb:
         31:ab:f4:4f:4d:94:4d:7d:de:8d:fc:ec:cb:e4:c2:3e:8b:3a:
         1d:cc:02:b6:a8:6a:81:4b:2f:7b:dc:1b:a6:f9:19:48:4f:37:
         1f:7d:16:38:61:97:88:8f:38:67:42:59:8e:07:3d:f1:94:91:
         3b:66:b8:e8:71:8e:93:f4:9a:b3:f6:cf:39:f5:58:be:05:97:
         c1:9e:a3:a1:9b:e2:bb:7b:c5:41:87:e7:b4:48:30:a1:6f:49:
         b8:89:82:89:9b:58:8d:c5:db:73:1c:28:66:2d:4f:0e:bd:3b:
         72:ed:fd:af
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAUQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzI0QTYxMTAvBgNVBAUTKEQyNzYyNjcyRDI5NzU4MEU0ODQyMjhDMTcxRTVBODkw
NzMwQzE3NkYwHhcNMjQxMTIzMDI0MDE2WhcNMjQxMTMwMDI0MDE2WjAYMRYwFAYD
VQQDEw02NzQxNDA5MS00YjVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2Jpm+L10vDpR/6/MNpxWpydEZKewFZ7gnxsd7NlJbmD2SFrnTXXGRX/8sPSc
AKKCocZgE3vKFPMzDm3pEMz5MEGe4bGkXFyYYHxKCts7ayUNk4cZGa9i7qGOvz8t
R+NypsN2xfuqwuttVwLLlJ/Q9/XyJNITQfUlXo7XBxb6TkxzPpLgPy8FaGHNYZ+a
RHVlkokp8gxOMiK2xcqjtRL9f57TJczQR+13Ds1yuPJeJroZjkukmXQr4Ox1o6lL
zuAk9cpAhJR0C5t+27yFPH/l7wzW/xyTWdhXF9Evdd8tMG3SmNehMTkBcxme87I0
+rjeYgZC7/qrMIpec56MDrPRqQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFA6hqmbx
hkDPmrrgEr0UHIlwNF21MB8GA1UdIwQYMBaAFNJ2JnLSl1gOSEIowXHlqJBzDBdv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MjRBNi8xOEU1RDQ4NEMz
QzMxMUVEQUE1QUNCNDdDNEY5QUUwMi8wblltY3RLWFdBNUlRaWpCY2VXb2tITU1G
MjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzBuWW1jdEtYV0E1SVFpakJjZVdva0hNTUYyOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MjRBNi8xOEU1RDQ4NEMzQzMxMUVEQUE1QUNCNDdDNEY5QUUwMi8wblltY3RLWFdB
NUlRaWpCY2VXb2tITU1GMjgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAP6ly0A97V3QEmhj4opXavwGyPeNaGRp27DhOKhUXA87KTU1v81sGJ
hWopCV1KyAuvGAWkWehlLcUFklXMoPv1wfnI1GdECH00BwN+L9Yw8npM+Z7ieYuZ
UG3rgq8vTe/XziZJOF4//3ZVu4JC78HjVg4zlkNqVLOoibl/rzMA1Naz5GGor1KL
vf57VV3m9csxq/RPTZRNfd6N/OzL5MI+izodzAK2qGqBSy973Bum+RlITzcffRY4
YZeIjzhnQlmOBz3xlJE7ZrjocY6T9Jqz9s859Vi+BZfBnqOhm+K7e8VBh+e0SDCh
b0m4iYKJm1iNxdtzHChmLU8OvTty7f2v
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:58:41 2024 by rpki-client on console-ams.rpki-client.org