Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.mft
File:                     OxaIpfe3JKr754IKLGPZey6o5SI.mft (raw, json)
Hash identifier:          Uhfy1bNHSMV30BrnSLBQBnllbb8V7+BLERpOoYAmAV0=
Subject key identifier:   1E:E4:5A:BB:41:79:7C:A0:26:6A:8B:E1:68:D0:7E:95:9B:59:92:86
Authority key identifier: 3B:16:88:A5:F7:B7:24:AA:FB:E7:82:0A:2C:63:D9:7B:2E:A8:E5:22
Certificate issuer:       /CN=A91772FA/serialNumber=3B1688A5F7B724AAFBE7820A2C63D97B2EA8E522
Certificate serial:       0329
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OxaIpfe3JKr754IKLGPZey6o5SI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.mft
Manifest number:          0321
Signing time:             Wed 11 Jun 2025 01:03:41 +0000
Manifest this update:     Wed 11 Jun 2025 01:03:40 +0000
Manifest next update:     Wed 18 Jun 2025 01:03:40 +0000
Files and hashes:         1: OxaIpfe3JKr754IKLGPZey6o5SI.crl (hash: 4HJjIHGU8ynR4WFtCNEWNE1wCmA8FCMsh5yUPfwzL7w=)
                          2: 2D613294CD7611EC83259862C4F9AE02.roa (hash: HUqC6JNil8MpabByxXZUWUh1z061818LFUdkHBUaghY=)
                          3: EF8CB49CD78F11EC91680D49C4F9AE02.roa (hash: m1T9GaVF/kOA3y3lDclBiCBdGMqPbCm1SzZbjGctr8o=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.crl
                          rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OxaIpfe3JKr754IKLGPZey6o5SI.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 17 Jun 2025 23:46:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 809 (0x329)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91772FA, serialNumber=3B1688A5F7B724AAFBE7820A2C63D97B2EA8E522
        Validity
            Not Before: Jun 11 01:03:40 2025 GMT
            Not After : Jun 18 01:03:40 2025 GMT
        Subject: CN=6848d5ed-7621
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:7c:db:90:1b:0d:86:43:de:ef:10:32:9e:6d:
                    26:19:ce:d0:a4:37:5f:34:a0:c9:4c:a1:b9:31:a3:
                    7e:09:d2:2c:56:79:25:fa:67:42:b6:57:a4:ae:fc:
                    53:81:d2:35:e5:14:c4:7d:c5:d9:1b:4e:ea:02:db:
                    a3:42:ab:a3:75:da:81:91:36:2c:66:a1:06:d5:78:
                    c8:6c:4a:74:66:3e:73:c2:39:9c:b2:1c:5e:a6:f6:
                    9b:2d:44:d8:a0:a2:df:d3:41:28:46:9a:b4:7a:60:
                    87:08:e8:7f:c1:27:6e:29:63:5b:87:61:2a:a5:d1:
                    ca:a7:32:e1:58:a0:34:bc:5a:63:06:12:49:02:63:
                    cc:f3:89:a3:14:28:81:2a:36:ad:86:30:63:e9:dd:
                    33:64:b8:bb:cf:a7:14:3e:1e:50:1b:3b:12:92:18:
                    8b:f3:0d:4b:a6:37:e2:45:d9:78:97:98:fb:ae:71:
                    20:a3:55:d0:c0:ce:17:26:19:f8:41:ed:65:9e:6f:
                    da:16:6f:d6:69:4a:8a:ce:d5:03:54:33:97:90:56:
                    89:05:5e:88:1b:52:ce:1e:89:aa:7f:f9:87:7c:e8:
                    86:1f:98:29:59:5c:e6:ef:b4:ef:a5:26:b0:ee:5b:
                    90:07:66:10:11:36:97:13:b4:ca:ff:ef:cd:be:1e:
                    11:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:E4:5A:BB:41:79:7C:A0:26:6A:8B:E1:68:D0:7E:95:9B:59:92:86
            X509v3 Authority Key Identifier:
                keyid:3B:16:88:A5:F7:B7:24:AA:FB:E7:82:0A:2C:63:D9:7B:2E:A8:E5:22

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OxaIpfe3JKr754IKLGPZey6o5SI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:1e:d1:fd:66:11:8c:69:a4:8c:4f:32:f2:65:a0:c8:2a:da:
         9d:a3:83:a8:79:8f:e9:6c:08:05:5b:b2:3a:91:00:93:c9:b5:
         88:66:0c:a3:3c:e0:d5:bc:81:82:14:c5:b6:73:1f:c2:e7:ff:
         1b:43:15:68:e9:09:c6:4d:bc:1b:c6:23:dc:05:40:b0:81:69:
         27:de:3d:e6:13:86:07:63:45:04:7c:b4:1a:7f:c5:29:fd:30:
         3c:b9:d0:56:bb:e8:c2:52:ae:82:3b:51:91:18:3c:d1:d5:d6:
         f3:a6:c4:42:94:b0:43:bd:ce:1a:81:17:b0:7b:61:4e:77:68:
         24:ce:f0:4a:0a:96:30:35:72:c1:0f:0f:0d:a7:8d:31:11:f1:
         eb:2b:54:b2:35:b5:5f:25:3a:8d:e4:0d:a3:fe:50:e7:48:10:
         cb:c6:d2:de:5c:3c:a4:e3:a3:45:34:fb:0c:1b:3c:5f:0f:5f:
         a0:d7:4d:40:86:0f:48:08:d5:ab:88:12:68:af:3f:e5:fe:f4:
         eb:32:29:d8:33:e0:1c:e4:d3:5d:99:8d:11:91:e3:f8:79:e4:
         46:6b:96:78:b1:3a:98:c8:80:58:0f:fa:43:16:49:63:df:da:
         4c:5f:62:3f:5c:19:54:80:2a:af:3a:19:ba:e1:a8:00:d5:e2:
         97:c6:6e:ba
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAykwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzcyRkExMTAvBgNVBAUTKDNCMTY4OEE1RjdCNzI0QUFGQkU3ODIwQTJDNjNEOTdC
MkVBOEU1MjIwHhcNMjUwNjExMDEwMzQwWhcNMjUwNjE4MDEwMzQwWjAYMRYwFAYD
VQQDEw02ODQ4ZDVlZC03NjIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzXzbkBsNhkPe7xAynm0mGc7QpDdfNKDJTKG5MaN+CdIsVnkl+mdCtlekrvxT
gdI15RTEfcXZG07qAtujQqujddqBkTYsZqEG1XjIbEp0Zj5zwjmcshxepvabLUTY
oKLf00EoRpq0emCHCOh/wSduKWNbh2EqpdHKpzLhWKA0vFpjBhJJAmPM84mjFCiB
KjathjBj6d0zZLi7z6cUPh5QGzsSkhiL8w1LpjfiRdl4l5j7rnEgo1XQwM4XJhn4
Qe1lnm/aFm/WaUqKztUDVDOXkFaJBV6IG1LOHomqf/mHfOiGH5gpWVzm77TvpSaw
7luQB2YQETaXE7TK/+/Nvh4RdQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFB7kWrtB
eXygJmqL4WjQfpWbWZKGMB8GA1UdIwQYMBaAFDsWiKX3tySq++eCCixj2XsuqOUi
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NzJGQS9ENzI0NDU2MkNE
NzMxMUVDQTBBQTgwNjFDNEY5QUUwMi9PeGFJcGZlM0pLcjc1NElLTEdQWmV5Nm81
U0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL094YUlwZmUzSktyNzU0SUtMR1BaZXk2bzVTSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
NzJGQS9ENzI0NDU2MkNENzMxMUVDQTBBQTgwNjFDNEY5QUUwMi9PeGFJcGZlM0pL
cjc1NElLTEdQWmV5Nm81U0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAhHtH9ZhGMaaSMTzLyZaDIKtqdo4OoeY/pbAgFW7I6kQCTybWIZgyj
PODVvIGCFMW2cx/C5/8bQxVo6QnGTbwbxiPcBUCwgWkn3j3mE4YHY0UEfLQaf8Up
/TA8udBWu+jCUq6CO1GRGDzR1dbzpsRClLBDvc4agRewe2FOd2gkzvBKCpYwNXLB
Dw8Np40xEfHrK1SyNbVfJTqN5A2j/lDnSBDLxtLeXDyk46NFNPsMGzxfD1+g101A
hg9ICNWriBJorz/l/vTrMinYM+Ac5NNdmY0RkeP4eeRGa5Z4sTqYyIBYD/pDFklj
39pMX2I/XBlUgCqvOhm64agA1eKXxm66
-----END CERTIFICATE-----
Generated at Wed Jun 11 03:36:04 2025 by rpki-client