Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9173C63/4D11319CD85C11ED8181A22FC4F9AE02/kIoYD5SUlgetwBExSb6IKuqo6I8.mft
File:                     kIoYD5SUlgetwBExSb6IKuqo6I8.mft (raw, json)
Hash identifier:          dTQaYzPOcu4ELTtA3vYNEPaDxW8qgoXbWMYvAk54VhU=
Subject key identifier:   85:BA:3B:7E:51:50:09:54:94:AC:35:6C:8F:6C:7E:3A:90:F2:9C:45
Authority key identifier: 90:8A:18:0F:94:94:96:07:AD:C0:11:31:49:BE:88:2A:EA:A8:E8:8F
Certificate issuer:       /CN=A9173C63/serialNumber=908A180F94949607ADC0113149BE882AEAA8E88F
Certificate serial:       01AB
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kIoYD5SUlgetwBExSb6IKuqo6I8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9173C63/4D11319CD85C11ED8181A22FC4F9AE02/kIoYD5SUlgetwBExSb6IKuqo6I8.mft
Manifest number:          01A0
Signing time:             Wed 11 Jun 2025 02:52:40 +0000
Manifest this update:     Wed 11 Jun 2025 02:52:39 +0000
Manifest next update:     Wed 18 Jun 2025 02:52:39 +0000
Files and hashes:         1: kIoYD5SUlgetwBExSb6IKuqo6I8.crl (hash: hTmzrD+jkiB338K1ieicQ5tKqX39AttR8o8kLYdHd88=)
                          2: E8B2BE5ADBCE11EFA9FC2C0EC4F9AE02.roa (hash: q+zKhGyTkhD9t3RA2sk/l2Z7I4u1fYSlG/t4K9NE2MA=)
                          3: CC0BA4E0E17F11EFA4CE224CC4F9AE02.roa (hash: 2muYFP9e+zpeHJKxcDs7l8Ftqcg1X7boruyyCY1igvQ=)
                          4: 9BE6554CB72411EF98F7D577C4F9AE02.roa (hash: fA1bLFIYT/o1YfhIaSWGb0FrTvcVU+WRusOC3nOK6Gk=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9173C63/4D11319CD85C11ED8181A22FC4F9AE02/kIoYD5SUlgetwBExSb6IKuqo6I8.crl
                          rsync://rpki.apnic.net/member_repository/A9173C63/4D11319CD85C11ED8181A22FC4F9AE02/kIoYD5SUlgetwBExSb6IKuqo6I8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kIoYD5SUlgetwBExSb6IKuqo6I8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 18 Jun 2025 02:52:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 427 (0x1ab)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9173C63, serialNumber=908A180F94949607ADC0113149BE882AEAA8E88F
        Validity
            Not Before: Jun 11 02:52:39 2025 GMT
            Not After : Jun 18 02:52:39 2025 GMT
        Subject: CN=6848ef77-8037
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:b5:6f:ac:d1:61:14:af:3c:e7:fc:81:9d:e9:
                    ab:21:2f:15:51:6d:78:2c:9e:6c:40:25:d3:b4:b1:
                    a2:2a:3e:23:35:c9:4c:f3:a3:a0:4c:9b:7a:b6:e0:
                    e4:d2:e5:3c:60:d9:8d:31:e0:72:4c:85:5b:3b:a2:
                    bd:55:a3:fc:a0:dc:96:d9:b0:d1:e8:2f:88:1e:1d:
                    85:9e:a9:8d:72:ec:a5:3c:88:aa:2c:77:fb:49:f5:
                    97:28:07:d6:da:ae:72:ca:de:c9:a9:ca:24:3d:9a:
                    fe:20:95:96:7d:de:3b:b3:e2:c3:8a:4d:6c:21:c8:
                    00:ac:8d:99:c8:98:37:f5:be:b6:60:99:f9:3f:5b:
                    c5:a1:44:0a:4a:c0:61:9f:dd:26:37:eb:bd:36:d6:
                    ee:1b:a9:53:e3:fa:35:91:49:06:d9:76:6e:10:7a:
                    a2:ad:22:a1:87:2a:ea:6a:79:e3:74:04:6c:2b:60:
                    16:8d:9e:50:c4:d7:05:2c:13:21:cf:0c:3e:8d:5d:
                    93:64:e9:b2:9a:c7:5c:6f:33:23:2b:bd:ca:33:bf:
                    c4:7e:27:39:d2:96:16:01:e3:e2:0d:32:e8:20:70:
                    94:a2:0a:31:03:d9:f7:8c:74:af:2d:9a:ab:74:52:
                    a4:04:2c:a8:ec:b2:1e:46:1c:59:30:fb:29:dc:05:
                    db:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:BA:3B:7E:51:50:09:54:94:AC:35:6C:8F:6C:7E:3A:90:F2:9C:45
            X509v3 Authority Key Identifier:
                keyid:90:8A:18:0F:94:94:96:07:AD:C0:11:31:49:BE:88:2A:EA:A8:E8:8F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9173C63/4D11319CD85C11ED8181A22FC4F9AE02/kIoYD5SUlgetwBExSb6IKuqo6I8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kIoYD5SUlgetwBExSb6IKuqo6I8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9173C63/4D11319CD85C11ED8181A22FC4F9AE02/kIoYD5SUlgetwBExSb6IKuqo6I8.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:ab:a7:bc:a0:ee:fd:82:31:dc:d9:b8:71:97:8a:78:83:b5:
         b7:57:00:55:a9:cc:d2:22:11:a3:5a:f9:f9:91:b4:33:56:5d:
         e8:67:8c:d2:34:bb:fd:13:27:a5:02:41:a7:cb:20:bf:57:63:
         92:85:fc:66:66:43:82:3e:3c:72:53:e4:fe:f7:d9:02:ec:3d:
         4a:b3:5c:fd:cf:69:1d:1b:ce:72:bb:26:e6:0e:42:54:47:5c:
         01:1e:85:ce:2e:3b:be:60:a1:0a:77:92:a1:b4:9b:45:82:7a:
         e5:74:b0:45:91:80:bf:1f:09:6b:64:95:e3:2c:b9:34:9c:03:
         c6:5b:6e:43:bd:f0:31:6d:66:2c:fa:e9:03:d1:c2:57:8b:d2:
         09:fe:1b:b0:4c:2a:31:64:31:72:e7:e0:f7:4b:d3:89:01:51:
         dd:45:9a:e2:f0:ad:3e:ef:af:07:5e:56:07:5f:d5:80:0d:36:
         c2:42:2e:77:9a:87:e4:92:0c:c9:c0:6c:ff:f1:4f:40:6a:6d:
         12:6c:fa:35:20:51:9c:d0:09:0c:e1:1c:7e:74:90:61:1c:17:
         da:8f:c6:8c:23:f3:be:b2:01:ac:62:50:f2:7c:31:3d:6e:97:
         35:1d:77:d8:8f:ac:ff:7a:81:37:64:35:6e:0a:b4:2e:55:8d:
         66:f4:2e:88
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAaswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzNDNjMxMTAvBgNVBAUTKDkwOEExODBGOTQ5NDk2MDdBREMwMTEzMTQ5QkU4ODJB
RUFBOEU4OEYwHhcNMjUwNjExMDI1MjM5WhcNMjUwNjE4MDI1MjM5WjAYMRYwFAYD
VQQDEw02ODQ4ZWY3Ny04MDM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoLVvrNFhFK885/yBnemrIS8VUW14LJ5sQCXTtLGiKj4jNclM86OgTJt6tuDk
0uU8YNmNMeByTIVbO6K9VaP8oNyW2bDR6C+IHh2FnqmNcuylPIiqLHf7SfWXKAfW
2q5yyt7JqcokPZr+IJWWfd47s+LDik1sIcgArI2ZyJg39b62YJn5P1vFoUQKSsBh
n90mN+u9NtbuG6lT4/o1kUkG2XZuEHqirSKhhyrqannjdARsK2AWjZ5QxNcFLBMh
zww+jV2TZOmymsdcbzMjK73KM7/Efic50pYWAePiDTLoIHCUogoxA9n3jHSvLZqr
dFKkBCyo7LIeRhxZMPsp3AXbcwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIW6O35R
UAlUlKw1bI9sfjqQ8pxFMB8GA1UdIwQYMBaAFJCKGA+UlJYHrcARMUm+iCrqqOiP
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3M0M2My80RDExMzE5Q0Q4
NUMxMUVEODE4MUEyMkZDNEY5QUUwMi9rSW9ZRDVTVWxnZXR3QkV4U2I2SUt1cW82
STguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tJb1lENVNVbGdldHdCRXhTYjZJS3VxbzZJOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
M0M2My80RDExMzE5Q0Q4NUMxMUVEODE4MUEyMkZDNEY5QUUwMi9rSW9ZRDVTVWxn
ZXR3QkV4U2I2SUt1cW82STgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQA6q6e8oO79gjHc2bhxl4p4g7W3VwBVqczSIhGjWvn5kbQzVl3oZ4zS
NLv9EyelAkGnyyC/V2OShfxmZkOCPjxyU+T+99kC7D1Ks1z9z2kdG85yuybmDkJU
R1wBHoXOLju+YKEKd5KhtJtFgnrldLBFkYC/HwlrZJXjLLk0nAPGW25DvfAxbWYs
+ukD0cJXi9IJ/huwTCoxZDFy5+D3S9OJAVHdRZri8K0+768HXlYHX9WADTbCQi53
mofkkgzJwGz/8U9Aam0SbPo1IFGc0AkM4Rx+dJBhHBfaj8aMI/O+sgGsYlDyfDE9
bpc1HXfYj6z/eoE3ZDVuCrQuVY1m9C6I
-----END CERTIFICATE-----
Generated at Wed Jun 11 07:32:28 2025 by rpki-client