Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.mft
File:                     OxaIpfe3JKr754IKLGPZey6o5SI.mft (raw, json)
Hash identifier:          6PF5v4ZKkQFutUOz/62F52AZ3b+8ZtyDPJF/ESD1lyM=
Subject key identifier:   2D:23:37:C8:D0:55:4C:81:0C:AC:F3:86:DC:72:27:DA:B8:EB:23:60
Authority key identifier: 3B:16:88:A5:F7:B7:24:AA:FB:E7:82:0A:2C:63:D9:7B:2E:A8:E5:22
Certificate issuer:       /CN=A91772FA/serialNumber=3B1688A5F7B724AAFBE7820A2C63D97B2EA8E522
Certificate serial:       032A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OxaIpfe3JKr754IKLGPZey6o5SI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.mft
Manifest number:          0322
Signing time:             Fri 13 Jun 2025 00:41:09 +0000
Manifest this update:     Fri 13 Jun 2025 00:41:08 +0000
Manifest next update:     Fri 20 Jun 2025 00:41:08 +0000
Files and hashes:         1: OxaIpfe3JKr754IKLGPZey6o5SI.crl (hash: bEAIUI6sZBe6yq0sDjaAC82dKCD6AX0wIEtSfGSZXz0=)
                          2: 2D613294CD7611EC83259862C4F9AE02.roa (hash: HUqC6JNil8MpabByxXZUWUh1z061818LFUdkHBUaghY=)
                          3: EF8CB49CD78F11EC91680D49C4F9AE02.roa (hash: m1T9GaVF/kOA3y3lDclBiCBdGMqPbCm1SzZbjGctr8o=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.crl
                          rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OxaIpfe3JKr754IKLGPZey6o5SI.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 20 Jun 2025 00:41:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 810 (0x32a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91772FA, serialNumber=3B1688A5F7B724AAFBE7820A2C63D97B2EA8E522
        Validity
            Not Before: Jun 13 00:41:08 2025 GMT
            Not After : Jun 20 00:41:08 2025 GMT
        Subject: CN=684b73a4-ad34
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:93:07:91:33:b8:d5:d2:1e:06:5e:e4:db:b7:
                    03:51:27:ec:bf:4d:f9:8b:24:4d:f6:83:87:da:fc:
                    6f:f2:7c:02:13:38:bf:49:41:2b:b0:50:0d:1d:5a:
                    9b:b1:df:73:5e:83:64:5f:60:43:6b:7d:cd:13:37:
                    d4:13:15:e5:05:c5:11:03:03:1c:18:7d:3b:2b:6c:
                    a5:33:31:69:3b:ec:7d:06:13:47:1e:f5:61:98:13:
                    5f:f4:66:fd:22:bf:e9:a4:f3:dc:a7:6a:24:2b:76:
                    ff:81:36:e3:a4:69:00:9f:33:8f:f6:de:75:65:9c:
                    13:b9:35:d5:52:16:6e:3f:cb:4f:7f:86:ed:69:20:
                    34:16:ad:66:ac:2c:fa:d1:82:fe:1e:d4:6e:ad:55:
                    08:7d:47:c1:66:c3:81:26:ba:d2:ef:3f:5a:e0:dd:
                    f5:45:5c:87:e0:cf:c0:90:8a:d2:41:a3:10:71:62:
                    4d:9a:73:55:9c:5c:57:5c:a9:0b:82:a3:fc:0e:09:
                    42:75:c4:8d:1b:20:0a:78:ba:fb:ba:a1:99:42:90:
                    1c:8f:b4:d6:7a:87:56:14:10:90:0e:8e:c1:62:93:
                    94:72:db:c7:3b:80:61:55:9d:76:9d:82:4c:6f:48:
                    f4:54:e8:9f:bd:a9:af:f3:c9:10:4d:dd:6e:7e:61:
                    f9:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:23:37:C8:D0:55:4C:81:0C:AC:F3:86:DC:72:27:DA:B8:EB:23:60
            X509v3 Authority Key Identifier:
                keyid:3B:16:88:A5:F7:B7:24:AA:FB:E7:82:0A:2C:63:D9:7B:2E:A8:E5:22

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OxaIpfe3JKr754IKLGPZey6o5SI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:ed:d9:38:54:4c:77:8c:b2:97:65:f0:3b:6b:cb:fb:cc:35:
         b0:02:34:51:77:c1:32:9d:07:48:ef:97:59:51:31:dc:84:c4:
         ba:c1:44:54:46:e3:97:f3:83:b8:c4:f1:f1:a5:9a:54:4e:ce:
         7c:9f:25:2f:44:b0:a2:58:e9:76:51:23:53:c7:00:14:f4:76:
         38:93:69:1f:f3:fb:0a:90:41:4c:d3:fb:20:18:d0:e9:f5:3a:
         38:24:f4:2f:3e:c0:d3:75:21:e7:4f:a5:8f:e1:42:d3:0b:e7:
         6a:b6:28:46:c0:7b:b9:71:14:a2:fe:44:5a:0f:bd:4b:1a:36:
         69:d5:d5:61:fc:39:23:64:2c:a3:1c:8e:8c:8d:88:62:96:e8:
         18:06:be:d6:45:9f:94:57:51:a6:37:0c:78:06:a5:5e:23:fa:
         eb:bf:db:5d:e8:61:0f:9c:d2:e7:90:c1:2d:81:b3:d0:9f:b9:
         3c:e4:22:dc:62:f8:09:2c:97:dc:d9:80:f4:5f:31:76:b2:45:
         60:81:fc:36:2f:03:19:3e:30:95:be:0c:63:1b:42:9d:27:fd:
         c1:e1:46:be:06:a7:16:75:1c:8a:3e:61:f4:24:9b:00:4c:12:
         f5:01:8a:a5:18:de:08:b2:e0:ef:5e:06:b7:23:d0:db:10:94:
         5c:56:09:70
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAyowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzcyRkExMTAvBgNVBAUTKDNCMTY4OEE1RjdCNzI0QUFGQkU3ODIwQTJDNjNEOTdC
MkVBOEU1MjIwHhcNMjUwNjEzMDA0MTA4WhcNMjUwNjIwMDA0MTA4WjAYMRYwFAYD
VQQDEw02ODRiNzNhNC1hZDM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuZMHkTO41dIeBl7k27cDUSfsv035iyRN9oOH2vxv8nwCEzi/SUErsFANHVqb
sd9zXoNkX2BDa33NEzfUExXlBcURAwMcGH07K2ylMzFpO+x9BhNHHvVhmBNf9Gb9
Ir/ppPPcp2okK3b/gTbjpGkAnzOP9t51ZZwTuTXVUhZuP8tPf4btaSA0Fq1mrCz6
0YL+HtRurVUIfUfBZsOBJrrS7z9a4N31RVyH4M/AkIrSQaMQcWJNmnNVnFxXXKkL
gqP8DglCdcSNGyAKeLr7uqGZQpAcj7TWeodWFBCQDo7BYpOUctvHO4BhVZ12nYJM
b0j0VOifvamv88kQTd1ufmH5nwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFC0jN8jQ
VUyBDKzzhtxyJ9q46yNgMB8GA1UdIwQYMBaAFDsWiKX3tySq++eCCixj2XsuqOUi
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NzJGQS9ENzI0NDU2MkNE
NzMxMUVDQTBBQTgwNjFDNEY5QUUwMi9PeGFJcGZlM0pLcjc1NElLTEdQWmV5Nm81
U0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL094YUlwZmUzSktyNzU0SUtMR1BaZXk2bzVTSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
NzJGQS9ENzI0NDU2MkNENzMxMUVDQTBBQTgwNjFDNEY5QUUwMi9PeGFJcGZlM0pL
cjc1NElLTEdQWmV5Nm81U0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCY7dk4VEx3jLKXZfA7a8v7zDWwAjRRd8EynQdI75dZUTHchMS6wURU
RuOX84O4xPHxpZpUTs58nyUvRLCiWOl2USNTxwAU9HY4k2kf8/sKkEFM0/sgGNDp
9To4JPQvPsDTdSHnT6WP4ULTC+dqtihGwHu5cRSi/kRaD71LGjZp1dVh/DkjZCyj
HI6MjYhilugYBr7WRZ+UV1GmNwx4BqVeI/rrv9td6GEPnNLnkMEtgbPQn7k85CLc
YvgJLJfc2YD0XzF2skVggfw2LwMZPjCVvgxjG0KdJ/3B4Ua+BqcWdRyKPmH0JJsA
TBL1AYqlGN4IsuDvXga3I9DbEJRcVglw
-----END CERTIFICATE-----
Generated at Fri Jun 13 21:07:08 2025 by rpki-client