Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.mft
File:                     lC1UHf55gvbgHmvMl23Ay4QU6Dg.mft (raw, json)
Hash identifier:          XX11ZEuKoXhWqfE4ji9RDqTcTU4aviT3jyMUAEPLVn8=
Subject key identifier:   4C:0A:6F:E7:EC:C3:F7:F6:33:97:1C:8F:55:97:E5:4C:10:6F:D5:F0
Authority key identifier: 94:2D:54:1D:FE:79:82:F6:E0:1E:6B:CC:97:6D:C0:CB:84:14:E8:38
Certificate issuer:       /CN=A917D7F2/serialNumber=942D541DFE7982F6E01E6BCC976DC0CB8414E838
Certificate serial:       349D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.mft
Manifest number:          3498
Signing time:             Thu 12 Jun 2025 14:35:34 +0000
Manifest this update:     Thu 12 Jun 2025 14:35:34 +0000
Manifest next update:     Thu 19 Jun 2025 14:35:34 +0000
Files and hashes:         1: lC1UHf55gvbgHmvMl23Ay4QU6Dg.crl (hash: 8PxbfnCEsbOo5TFZx98eD5tzx/7BwiR5Aol1EdFpaTY=)
                          2: 35FC192C272C11ED9E64C718C4F9AE02.roa (hash: of9zh63P1E28Fw1JXMf3Mift2nJvEjjB8iXijpwTEOw=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.crl
                          rsync://rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 19 Jun 2025 14:35:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13469 (0x349d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917D7F2, serialNumber=942D541DFE7982F6E01E6BCC976DC0CB8414E838
        Validity
            Not Before: Jun 12 14:35:34 2025 GMT
            Not After : Jun 19 14:35:34 2025 GMT
        Subject: CN=684ae5b6-3609
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:7a:19:e3:a2:5b:e5:19:3b:ea:2a:29:48:41:
                    4b:90:0c:b5:55:37:cb:53:08:26:8d:03:1e:6b:61:
                    31:1e:7e:c6:57:e3:bb:2d:a1:53:68:85:c9:9d:23:
                    db:2a:b8:65:19:5b:60:bb:7f:c7:5e:c1:32:2c:60:
                    fd:8e:e4:96:77:bf:2e:77:80:7b:77:79:b7:51:01:
                    fe:b4:3d:fb:46:3a:19:1b:97:32:03:41:41:05:f0:
                    7a:62:d1:11:36:3d:5d:b5:54:c5:04:cf:43:1b:51:
                    c2:3f:ca:b9:10:a7:f6:11:aa:21:c4:53:ac:a9:4c:
                    67:6e:b1:a8:81:77:09:98:2e:38:2d:95:da:7d:19:
                    74:35:99:1c:31:9c:0c:35:0e:09:3a:1e:86:e4:44:
                    d7:37:41:b6:80:94:bd:f2:07:de:47:14:7a:0c:b8:
                    4d:4c:06:8f:b8:ed:66:6d:7f:7b:47:d0:0c:7d:cd:
                    f3:f7:69:bd:be:e4:a2:a3:3d:ba:15:ab:ab:3c:c7:
                    4e:80:dd:9a:45:c8:4e:85:90:89:bc:5c:8f:83:25:
                    8f:54:b5:69:d6:8d:4c:ee:bb:ba:0f:dc:4e:0e:9d:
                    bf:60:8b:20:e3:c5:7c:23:4a:28:a1:32:26:c1:13:
                    5f:a1:32:03:d9:ca:6d:76:82:74:f1:7d:a4:38:48:
                    b6:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:0A:6F:E7:EC:C3:F7:F6:33:97:1C:8F:55:97:E5:4C:10:6F:D5:F0
            X509v3 Authority Key Identifier:
                keyid:94:2D:54:1D:FE:79:82:F6:E0:1E:6B:CC:97:6D:C0:CB:84:14:E8:38

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:1e:db:13:f6:69:9c:05:64:ce:d8:f4:b6:76:ec:fb:52:c9:
         16:0a:36:2f:9c:2f:3d:cb:43:69:2d:11:13:5c:d5:12:13:25:
         ee:e7:c5:0e:fe:c0:3d:7d:0a:9d:ca:78:02:33:8a:5e:8b:55:
         61:f2:c3:71:d8:75:59:ec:e0:46:5f:c8:7e:8f:39:f6:54:fc:
         d6:d2:91:a1:ab:95:5c:ed:d9:2a:07:00:42:3d:8e:63:18:21:
         52:4d:ef:df:78:f9:b6:e6:d9:5d:68:63:ca:07:8b:01:67:0c:
         12:5f:cc:c4:41:6f:41:dc:33:cb:3b:b4:3f:2a:2e:de:6d:4a:
         bb:67:1e:ab:72:00:ff:93:ea:6a:0e:0a:28:26:c2:f8:ca:50:
         1c:f4:c0:be:95:b4:54:17:e5:8f:cb:2a:7a:c9:6d:05:69:ba:
         f6:d1:e8:90:07:ec:14:85:fe:ea:a5:27:03:2f:fd:52:85:2e:
         06:84:14:c2:83:72:65:3a:70:f6:ee:ee:28:4a:95:64:84:f1:
         c0:c4:60:ca:2a:7d:2a:7c:c9:56:b4:18:5f:b6:9d:49:c0:69:
         94:13:51:cf:77:ab:cc:ac:7f:46:39:d5:a9:8d:f7:b7:06:8e:
         d2:f8:76:c5:e3:89:17:1e:59:58:70:7c:76:3f:c5:bc:df:26:
         7a:18:ca:df
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICNJ0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0Q3RjIxMTAvBgNVBAUTKDk0MkQ1NDFERkU3OTgyRjZFMDFFNkJDQzk3NkRDMENC
ODQxNEU4MzgwHhcNMjUwNjEyMTQzNTM0WhcNMjUwNjE5MTQzNTM0WjAYMRYwFAYD
VQQDEw02ODRhZTViNi0zNjA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA73oZ46Jb5Rk76iopSEFLkAy1VTfLUwgmjQMea2ExHn7GV+O7LaFTaIXJnSPb
KrhlGVtgu3/HXsEyLGD9juSWd78ud4B7d3m3UQH+tD37RjoZG5cyA0FBBfB6YtER
Nj1dtVTFBM9DG1HCP8q5EKf2EaohxFOsqUxnbrGogXcJmC44LZXafRl0NZkcMZwM
NQ4JOh6G5ETXN0G2gJS98gfeRxR6DLhNTAaPuO1mbX97R9AMfc3z92m9vuSioz26
FaurPMdOgN2aRchOhZCJvFyPgyWPVLVp1o1M7ru6D9xODp2/YIsg48V8I0oooTIm
wRNfoTID2cptdoJ08X2kOEi2GwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEwKb+fs
w/f2M5ccj1WX5UwQb9XwMB8GA1UdIwQYMBaAFJQtVB3+eYL24B5rzJdtwMuEFOg4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RDdGMi9GMDI4OTAzQzFE
OEMxMUUyQjE5RDVGRUEwOEIwMkNEMi9sQzFVSGY1NWd2YmdIbXZNbDIzQXk0UVU2
RGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2xDMVVIZjU1Z3ZiZ0htdk1sMjNBeTRRVTZEZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
RDdGMi9GMDI4OTAzQzFEOEMxMUUyQjE5RDVGRUEwOEIwMkNEMi9sQzFVSGY1NWd2
YmdIbXZNbDIzQXk0UVU2RGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBYHtsT9mmcBWTO2PS2duz7UskWCjYvnC89y0NpLRETXNUSEyXu58UO
/sA9fQqdyngCM4pei1Vh8sNx2HVZ7OBGX8h+jzn2VPzW0pGhq5Vc7dkqBwBCPY5j
GCFSTe/fePm25tldaGPKB4sBZwwSX8zEQW9B3DPLO7Q/Ki7ebUq7Zx6rcgD/k+pq
DgooJsL4ylAc9MC+lbRUF+WPyyp6yW0Fabr20eiQB+wUhf7qpScDL/1ShS4GhBTC
g3JlOnD27u4oSpVkhPHAxGDKKn0qfMlWtBhftp1JwGmUE1HPd6vMrH9GOdWpjfe3
Bo7S+HbF44kXHllYcHx2P8W83yZ6GMrf
-----END CERTIFICATE-----
Generated at Fri Jun 13 20:13:52 2025 by rpki-client