Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.mft
File:                     OxaIpfe3JKr754IKLGPZey6o5SI.mft (raw, json)
Hash identifier:          dV+0aFcmkJqhKTPuTlVWv8qj53Kdlr/hTnW+r5NQLXA=
Subject key identifier:   A5:66:03:65:2D:2F:84:C1:8B:B2:EC:99:CC:78:B4:16:DF:10:4B:34
Authority key identifier: 3B:16:88:A5:F7:B7:24:AA:FB:E7:82:0A:2C:63:D9:7B:2E:A8:E5:22
Certificate issuer:       /CN=A91772FA/serialNumber=3B1688A5F7B724AAFBE7820A2C63D97B2EA8E522
Certificate serial:       0328
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OxaIpfe3JKr754IKLGPZey6o5SI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.mft
Manifest number:          0320
Signing time:             Mon 09 Jun 2025 00:44:05 +0000
Manifest this update:     Mon 09 Jun 2025 00:44:04 +0000
Manifest next update:     Mon 16 Jun 2025 00:44:04 +0000
Files and hashes:         1: OxaIpfe3JKr754IKLGPZey6o5SI.crl (hash: Z9vvna9eL5DjjOFx4Y8iVgWkLWdXkabC8vVGItqaE1g=)
                          2: 2D613294CD7611EC83259862C4F9AE02.roa (hash: HUqC6JNil8MpabByxXZUWUh1z061818LFUdkHBUaghY=)
                          3: EF8CB49CD78F11EC91680D49C4F9AE02.roa (hash: m1T9GaVF/kOA3y3lDclBiCBdGMqPbCm1SzZbjGctr8o=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.crl
                          rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OxaIpfe3JKr754IKLGPZey6o5SI.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 16 Jun 2025 00:44:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 808 (0x328)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91772FA, serialNumber=3B1688A5F7B724AAFBE7820A2C63D97B2EA8E522
        Validity
            Not Before: Jun  9 00:44:04 2025 GMT
            Not After : Jun 16 00:44:04 2025 GMT
        Subject: CN=68462e54-e857
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:75:ed:f5:28:d5:4c:ff:91:40:88:59:fa:68:
                    0a:8d:dc:8d:e3:61:54:2c:af:23:5d:40:c2:f1:06:
                    bd:fa:40:47:f5:6e:c0:86:4b:d3:74:f1:75:2b:43:
                    b3:9b:54:be:e2:7b:9e:4d:c4:33:4e:19:a6:61:b2:
                    ea:86:91:27:cb:24:b1:19:2b:af:37:9d:bc:de:e4:
                    7b:62:4a:60:36:da:a9:12:85:29:41:d9:c4:58:8d:
                    15:a6:85:aa:b7:b9:e4:b5:08:d5:5b:50:cb:42:fa:
                    3b:8d:d4:ba:ab:a9:1f:c8:73:ab:cc:a6:c5:36:9f:
                    44:9b:89:d8:fc:0a:72:55:e6:6c:83:36:fc:f2:af:
                    96:e5:b1:34:9d:79:87:f3:f6:55:57:d2:6f:48:cb:
                    96:73:64:72:f7:b9:db:de:20:37:39:71:a5:28:d4:
                    97:a1:80:be:03:67:05:7e:16:51:2c:6b:a4:7d:46:
                    24:7a:06:99:88:d9:77:cc:86:f0:82:ed:d8:2e:9a:
                    db:1e:ac:77:a8:55:3e:e9:2a:89:1a:b7:03:9f:6b:
                    5a:6d:1b:9a:26:12:a2:a1:cf:c0:a9:4e:71:30:01:
                    34:c3:9d:ae:97:64:e4:18:cc:b7:75:e1:31:36:20:
                    c9:7d:4d:89:ea:17:2b:82:ff:cd:f9:bf:bc:9e:79:
                    c6:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:66:03:65:2D:2F:84:C1:8B:B2:EC:99:CC:78:B4:16:DF:10:4B:34
            X509v3 Authority Key Identifier:
                keyid:3B:16:88:A5:F7:B7:24:AA:FB:E7:82:0A:2C:63:D9:7B:2E:A8:E5:22

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OxaIpfe3JKr754IKLGPZey6o5SI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:91:7e:05:3f:c7:87:9a:24:1c:70:23:d2:ba:fe:23:69:76:
         71:58:9e:c6:cc:16:61:76:3a:c9:d1:25:be:46:53:57:29:a1:
         f4:55:34:72:4f:89:15:5d:42:63:3d:f4:39:55:cf:fa:43:13:
         c3:74:f3:0f:7c:e5:1c:06:7a:3a:0b:8e:94:57:f0:8f:99:e7:
         5a:e2:ff:7e:79:38:05:bf:30:db:98:5f:6b:26:e1:b0:43:b7:
         7f:33:61:0a:cb:42:06:ca:c6:87:bf:de:87:a7:92:5f:07:1f:
         5b:c5:5b:5b:28:87:e1:0c:11:42:77:9c:1b:1c:3c:88:f0:b5:
         c6:b2:79:6c:d7:68:62:a5:7c:9e:44:50:10:f5:79:c0:bb:10:
         ab:ff:c0:3d:c1:ce:8d:e3:60:51:72:b3:9a:0d:ec:2b:f9:c4:
         30:22:98:fb:d3:a1:d2:75:3e:f4:31:8c:d7:a0:dd:a0:2b:a1:
         6f:01:f2:5f:fc:fc:fd:ce:9f:b7:50:5e:a4:27:82:e9:8c:f6:
         f4:10:a7:38:ce:e6:0c:f6:06:5c:0b:84:7a:a8:b3:3b:3b:2b:
         0e:2f:a8:08:f2:47:0b:50:4a:e6:dd:62:ce:c2:92:0b:53:e5:
         f5:c9:13:f9:a3:44:b1:92:1e:94:be:72:bd:ec:a5:0e:47:74:
         c1:79:f0:9d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAygwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzcyRkExMTAvBgNVBAUTKDNCMTY4OEE1RjdCNzI0QUFGQkU3ODIwQTJDNjNEOTdC
MkVBOEU1MjIwHhcNMjUwNjA5MDA0NDA0WhcNMjUwNjE2MDA0NDA0WjAYMRYwFAYD
VQQDEw02ODQ2MmU1NC1lODU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAn3Xt9SjVTP+RQIhZ+mgKjdyN42FULK8jXUDC8Qa9+kBH9W7AhkvTdPF1K0Oz
m1S+4nueTcQzThmmYbLqhpEnyySxGSuvN5283uR7YkpgNtqpEoUpQdnEWI0VpoWq
t7nktQjVW1DLQvo7jdS6q6kfyHOrzKbFNp9Em4nY/ApyVeZsgzb88q+W5bE0nXmH
8/ZVV9JvSMuWc2Ry97nb3iA3OXGlKNSXoYC+A2cFfhZRLGukfUYkegaZiNl3zIbw
gu3YLprbHqx3qFU+6SqJGrcDn2tabRuaJhKioc/AqU5xMAE0w52ul2TkGMy3deEx
NiDJfU2J6hcrgv/N+b+8nnnGBwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKVmA2Ut
L4TBi7Lsmcx4tBbfEEs0MB8GA1UdIwQYMBaAFDsWiKX3tySq++eCCixj2XsuqOUi
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NzJGQS9ENzI0NDU2MkNE
NzMxMUVDQTBBQTgwNjFDNEY5QUUwMi9PeGFJcGZlM0pLcjc1NElLTEdQWmV5Nm81
U0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL094YUlwZmUzSktyNzU0SUtMR1BaZXk2bzVTSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
NzJGQS9ENzI0NDU2MkNENzMxMUVDQTBBQTgwNjFDNEY5QUUwMi9PeGFJcGZlM0pL
cjc1NElLTEdQWmV5Nm81U0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBOkX4FP8eHmiQccCPSuv4jaXZxWJ7GzBZhdjrJ0SW+RlNXKaH0VTRy
T4kVXUJjPfQ5Vc/6QxPDdPMPfOUcBno6C46UV/CPmeda4v9+eTgFvzDbmF9rJuGw
Q7d/M2EKy0IGysaHv96Hp5JfBx9bxVtbKIfhDBFCd5wbHDyI8LXGsnls12hipXye
RFAQ9XnAuxCr/8A9wc6N42BRcrOaDewr+cQwIpj706HSdT70MYzXoN2gK6FvAfJf
/Pz9zp+3UF6kJ4LpjPb0EKc4zuYM9gZcC4R6qLM7OysOL6gI8kcLUErm3WLOwpIL
U+X1yRP5o0Sxkh6UvnK97KUOR3TBefCd
-----END CERTIFICATE-----
Generated at Tue Jun 10 22:52:59 2025 by rpki-client