Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.mft
File:                     lC1UHf55gvbgHmvMl23Ay4QU6Dg.mft (raw, json)
Hash identifier:          EMlqGgJG+9L1lpi1wH5VJ6uAME+g5lUc3zgJP5yY5Ro=
Subject key identifier:   BA:30:1F:54:DB:19:94:CE:B7:57:CA:EE:82:35:A9:E5:B0:EF:21:EC
Authority key identifier: 94:2D:54:1D:FE:79:82:F6:E0:1E:6B:CC:97:6D:C0:CB:84:14:E8:38
Certificate issuer:       /CN=A917D7F2/serialNumber=942D541DFE7982F6E01E6BCC976DC0CB8414E838
Certificate serial:       349C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.mft
Manifest number:          3497
Signing time:             Tue 10 Jun 2025 14:36:18 +0000
Manifest this update:     Tue 10 Jun 2025 14:36:18 +0000
Manifest next update:     Tue 17 Jun 2025 14:36:18 +0000
Files and hashes:         1: lC1UHf55gvbgHmvMl23Ay4QU6Dg.crl (hash: sYiMTdMzZ69apcbCeL9FevhupbKgyIryl7S3UB5JtnU=)
                          2: 35FC192C272C11ED9E64C718C4F9AE02.roa (hash: of9zh63P1E28Fw1JXMf3Mift2nJvEjjB8iXijpwTEOw=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.crl
                          rsync://rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 17 Jun 2025 14:36:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13468 (0x349c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917D7F2, serialNumber=942D541DFE7982F6E01E6BCC976DC0CB8414E838
        Validity
            Not Before: Jun 10 14:36:18 2025 GMT
            Not After : Jun 17 14:36:18 2025 GMT
        Subject: CN=684842e2-f626
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:fa:08:d8:f2:00:ed:b7:e8:a9:52:50:fd:10:
                    7e:bb:4f:ca:e1:c9:40:69:e4:10:f7:bd:d8:03:a8:
                    9b:1d:77:f6:d0:79:c8:cb:ea:4c:cf:fa:54:68:c6:
                    4f:d7:9a:a7:a2:a5:1d:92:57:09:07:f2:e3:f5:58:
                    08:d5:81:69:1f:fe:85:3b:61:db:1e:1b:f1:fc:62:
                    f7:9b:a3:68:9d:f9:75:da:e2:ab:f2:b4:cb:43:e9:
                    e7:7c:22:4b:f7:fd:5e:4d:64:31:ee:e8:76:86:a5:
                    28:2b:fc:f3:f6:92:84:c2:4f:fc:da:0f:c7:27:d8:
                    68:c6:b8:b0:e0:7b:e8:e2:b0:1f:43:1c:64:8c:8d:
                    ed:16:67:10:ee:98:4a:34:51:55:62:08:af:83:ef:
                    ad:a8:95:00:09:56:a5:de:b9:1a:11:5e:8d:94:1c:
                    6f:4c:c9:c0:f5:91:98:32:f6:b3:b2:9e:c0:0b:4f:
                    c8:77:7d:ee:8a:04:41:c5:e3:1b:b8:00:9e:82:d2:
                    77:75:a1:66:73:19:16:19:a7:f4:22:9a:25:2e:8d:
                    dc:bf:d9:99:2e:46:76:00:2d:17:56:81:a6:cf:eb:
                    81:a0:e3:d1:9d:e7:2c:86:3d:c6:f1:33:63:68:84:
                    26:1b:e4:50:fe:57:87:ad:01:c3:93:28:aa:0e:1d:
                    9f:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:30:1F:54:DB:19:94:CE:B7:57:CA:EE:82:35:A9:E5:B0:EF:21:EC
            X509v3 Authority Key Identifier:
                keyid:94:2D:54:1D:FE:79:82:F6:E0:1E:6B:CC:97:6D:C0:CB:84:14:E8:38

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:dc:ca:4c:4e:e5:3d:a3:67:bf:fd:e2:7a:61:9e:83:7e:2a:
         c5:ad:49:8f:07:a8:b4:95:e7:2e:5f:64:cc:a4:e9:7a:ef:56:
         47:8d:e7:b9:5b:f1:88:d4:4d:a8:c9:11:38:34:a2:4e:83:a7:
         70:b9:39:88:02:95:8f:48:2c:1f:6d:2f:a9:61:78:c6:8e:2e:
         50:b4:26:22:17:01:eb:1f:23:9c:d2:3b:11:50:99:3a:b2:76:
         fc:9e:be:9a:79:ed:b7:89:3c:cc:91:fe:46:75:32:78:38:f8:
         ad:b9:7e:18:b1:3c:ae:ad:3f:df:5c:91:3c:0f:0b:3a:13:ef:
         48:4b:0e:8b:24:30:5e:95:e2:3b:05:2a:78:85:43:66:3d:35:
         57:32:be:e1:0b:ae:38:4b:21:18:be:fe:74:0e:55:26:fc:0a:
         25:16:14:52:5f:f7:13:f6:0f:3c:2c:29:8b:a4:f9:90:ac:f1:
         03:d7:1f:9b:48:6e:0e:f8:9c:1e:d0:56:0e:f3:39:29:27:57:
         3c:85:53:81:ea:79:e0:f4:18:b2:ee:98:07:1e:04:db:bd:15:
         5b:e9:c0:63:b5:35:9c:04:1a:57:16:bb:7b:ea:d3:3d:1e:95:
         21:03:5c:63:44:7d:1c:89:84:73:44:42:3d:a6:a5:49:1e:75:
         05:d2:1d:f3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICNJwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0Q3RjIxMTAvBgNVBAUTKDk0MkQ1NDFERkU3OTgyRjZFMDFFNkJDQzk3NkRDMENC
ODQxNEU4MzgwHhcNMjUwNjEwMTQzNjE4WhcNMjUwNjE3MTQzNjE4WjAYMRYwFAYD
VQQDEw02ODQ4NDJlMi1mNjI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyfoI2PIA7bfoqVJQ/RB+u0/K4clAaeQQ973YA6ibHXf20HnIy+pMz/pUaMZP
15qnoqUdklcJB/Lj9VgI1YFpH/6FO2HbHhvx/GL3m6Nonfl12uKr8rTLQ+nnfCJL
9/1eTWQx7uh2hqUoK/zz9pKEwk/82g/HJ9hoxriw4Hvo4rAfQxxkjI3tFmcQ7phK
NFFVYgivg++tqJUACVal3rkaEV6NlBxvTMnA9ZGYMvazsp7AC0/Id33uigRBxeMb
uACegtJ3daFmcxkWGaf0IpolLo3cv9mZLkZ2AC0XVoGmz+uBoOPRnecshj3G8TNj
aIQmG+RQ/leHrQHDkyiqDh2fmwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLowH1Tb
GZTOt1fK7oI1qeWw7yHsMB8GA1UdIwQYMBaAFJQtVB3+eYL24B5rzJdtwMuEFOg4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RDdGMi9GMDI4OTAzQzFE
OEMxMUUyQjE5RDVGRUEwOEIwMkNEMi9sQzFVSGY1NWd2YmdIbXZNbDIzQXk0UVU2
RGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2xDMVVIZjU1Z3ZiZ0htdk1sMjNBeTRRVTZEZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
RDdGMi9GMDI4OTAzQzFEOEMxMUUyQjE5RDVGRUEwOEIwMkNEMi9sQzFVSGY1NWd2
YmdIbXZNbDIzQXk0UVU2RGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAN3MpMTuU9o2e//eJ6YZ6DfirFrUmPB6i0lecuX2TMpOl671ZHjee5
W/GI1E2oyRE4NKJOg6dwuTmIApWPSCwfbS+pYXjGji5QtCYiFwHrHyOc0jsRUJk6
snb8nr6aee23iTzMkf5GdTJ4OPituX4YsTyurT/fXJE8Dws6E+9ISw6LJDBeleI7
BSp4hUNmPTVXMr7hC644SyEYvv50DlUm/AolFhRSX/cT9g88LCmLpPmQrPED1x+b
SG4O+Jwe0FYO8zkpJ1c8hVOB6nng9Biy7pgHHgTbvRVb6cBjtTWcBBpXFrt76tM9
HpUhA1xjRH0ciYRzREI9pqVJHnUF0h3z
-----END CERTIFICATE-----
Generated at Wed Jun 11 03:20:48 2025 by rpki-client