Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.mft
File:                     lC1UHf55gvbgHmvMl23Ay4QU6Dg.mft (raw, json)
Hash identifier:          KFgh8RinCe46lldJKIvWxwTJerqODDKRtO3AbrGbjK8=
Subject key identifier:   FC:59:94:65:8B:8D:9B:62:7A:5B:92:14:88:24:FA:71:80:FD:DE:EA
Authority key identifier: 94:2D:54:1D:FE:79:82:F6:E0:1E:6B:CC:97:6D:C0:CB:84:14:E8:38
Certificate issuer:       /CN=A917D7F2/serialNumber=942D541DFE7982F6E01E6BCC976DC0CB8414E838
Certificate serial:       349B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.mft
Manifest number:          3496
Signing time:             Sun 08 Jun 2025 14:36:12 +0000
Manifest this update:     Sun 08 Jun 2025 14:36:12 +0000
Manifest next update:     Sun 15 Jun 2025 14:36:12 +0000
Files and hashes:         1: lC1UHf55gvbgHmvMl23Ay4QU6Dg.crl (hash: 3PeUUy5DImmycyrE0nzLsfsog04AbhplBuH99zbgeaY=)
                          2: 35FC192C272C11ED9E64C718C4F9AE02.roa (hash: of9zh63P1E28Fw1JXMf3Mift2nJvEjjB8iXijpwTEOw=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.crl
                          rsync://rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 15 Jun 2025 14:36:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13467 (0x349b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917D7F2, serialNumber=942D541DFE7982F6E01E6BCC976DC0CB8414E838
        Validity
            Not Before: Jun  8 14:36:12 2025 GMT
            Not After : Jun 15 14:36:12 2025 GMT
        Subject: CN=68459fdc-5cff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:b7:44:5a:94:9c:92:10:17:65:20:9e:fb:2a:
                    c4:26:34:e3:be:e5:de:60:4a:e3:81:6a:ac:59:bc:
                    38:b2:32:5a:78:04:8a:0f:b9:50:52:82:b0:22:85:
                    07:08:c1:42:00:07:b8:35:47:33:e8:1e:99:45:cf:
                    2f:24:f8:37:49:6c:a5:aa:bb:0b:4c:ea:f9:99:88:
                    2d:b9:02:9d:4d:82:18:55:83:f2:bd:40:54:a0:f5:
                    0c:9e:9f:82:b1:d4:75:ce:01:79:3b:2a:c7:88:34:
                    eb:8d:51:a9:ce:24:9a:d3:db:ca:9e:ee:ab:70:f6:
                    68:76:2a:de:22:27:cd:fa:2e:ce:2b:f0:1a:20:d6:
                    23:b7:8d:39:d0:57:d3:3f:44:e4:70:e0:a3:52:34:
                    a4:ca:5d:71:24:b6:2e:97:ce:a5:e2:61:e0:d3:57:
                    9e:3a:e5:35:f2:d2:cd:0c:c7:e3:a8:98:65:af:f4:
                    ed:82:fa:98:6c:22:f8:07:42:37:74:7d:cf:1d:b7:
                    16:80:8f:77:d4:f8:2e:c5:43:aa:37:7e:f6:84:01:
                    de:2e:a9:75:0c:fe:2b:20:79:a1:6a:8c:72:cb:1b:
                    d7:da:80:ac:ee:7d:f5:cc:2f:8d:6e:ba:d1:3c:7c:
                    ba:85:d0:c3:0d:57:d3:c9:ef:38:9d:3e:5c:46:3f:
                    19:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:59:94:65:8B:8D:9B:62:7A:5B:92:14:88:24:FA:71:80:FD:DE:EA
            X509v3 Authority Key Identifier:
                keyid:94:2D:54:1D:FE:79:82:F6:E0:1E:6B:CC:97:6D:C0:CB:84:14:E8:38

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:83:6e:7e:06:d8:3e:54:36:7e:bd:d0:f9:cd:e8:dc:53:3a:
         9d:e1:51:73:6d:1d:8e:a9:cc:df:1a:eb:43:bc:ba:e5:47:79:
         cd:4d:aa:f3:7d:79:0a:20:60:66:6d:d0:fa:93:61:03:02:8a:
         cd:d2:bc:ea:8f:59:1d:54:d1:e4:cf:9c:ba:5f:65:2a:17:26:
         ed:46:da:e4:77:52:05:ec:ee:e5:9f:46:45:9e:56:07:98:e5:
         11:d8:2c:2a:c6:14:a0:ca:25:a6:99:bd:6b:27:f7:cd:23:9b:
         d3:f2:ad:32:90:69:aa:a3:94:ba:8c:22:2e:a9:53:9f:b6:ee:
         71:45:ae:78:97:8c:4d:6b:10:83:98:5d:87:2d:03:db:1c:2f:
         0a:1e:f9:e0:c7:1e:52:67:ef:77:8a:a8:cf:42:b8:76:a0:8e:
         34:a4:9b:47:18:4d:4c:76:fc:6c:e8:a3:39:be:01:d3:df:4d:
         22:85:66:a4:79:0b:d2:cb:46:21:bf:c5:98:34:0e:12:bf:24:
         77:c8:33:69:1a:7d:05:1c:1c:9e:65:83:77:52:c4:ca:55:5e:
         1d:f9:ed:2f:49:69:1f:03:f7:4e:a4:cc:5c:b2:a2:89:4d:eb:
         29:99:0f:a1:71:2b:5e:d2:88:7f:5a:76:28:6c:03:84:13:c9:
         0d:5c:2d:e5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICNJswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0Q3RjIxMTAvBgNVBAUTKDk0MkQ1NDFERkU3OTgyRjZFMDFFNkJDQzk3NkRDMENC
ODQxNEU4MzgwHhcNMjUwNjA4MTQzNjEyWhcNMjUwNjE1MTQzNjEyWjAYMRYwFAYD
VQQDEw02ODQ1OWZkYy01Y2ZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1rdEWpSckhAXZSCe+yrEJjTjvuXeYErjgWqsWbw4sjJaeASKD7lQUoKwIoUH
CMFCAAe4NUcz6B6ZRc8vJPg3SWylqrsLTOr5mYgtuQKdTYIYVYPyvUBUoPUMnp+C
sdR1zgF5OyrHiDTrjVGpziSa09vKnu6rcPZodireIifN+i7OK/AaINYjt4050FfT
P0TkcOCjUjSkyl1xJLYul86l4mHg01eeOuU18tLNDMfjqJhlr/TtgvqYbCL4B0I3
dH3PHbcWgI931PguxUOqN372hAHeLql1DP4rIHmhaoxyyxvX2oCs7n31zC+NbrrR
PHy6hdDDDVfTye84nT5cRj8ZZwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPxZlGWL
jZtieluSFIgk+nGA/d7qMB8GA1UdIwQYMBaAFJQtVB3+eYL24B5rzJdtwMuEFOg4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RDdGMi9GMDI4OTAzQzFE
OEMxMUUyQjE5RDVGRUEwOEIwMkNEMi9sQzFVSGY1NWd2YmdIbXZNbDIzQXk0UVU2
RGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2xDMVVIZjU1Z3ZiZ0htdk1sMjNBeTRRVTZEZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
RDdGMi9GMDI4OTAzQzFEOEMxMUUyQjE5RDVGRUEwOEIwMkNEMi9sQzFVSGY1NWd2
YmdIbXZNbDIzQXk0UVU2RGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBog25+Btg+VDZ+vdD5zejcUzqd4VFzbR2OqczfGutDvLrlR3nNTarz
fXkKIGBmbdD6k2EDAorN0rzqj1kdVNHkz5y6X2UqFybtRtrkd1IF7O7ln0ZFnlYH
mOUR2CwqxhSgyiWmmb1rJ/fNI5vT8q0ykGmqo5S6jCIuqVOftu5xRa54l4xNaxCD
mF2HLQPbHC8KHvngxx5SZ+93iqjPQrh2oI40pJtHGE1Mdvxs6KM5vgHT300ihWak
eQvSy0Yhv8WYNA4SvyR3yDNpGn0FHByeZYN3UsTKVV4d+e0vSWkfA/dOpMxcsqKJ
TespmQ+hcSte0oh/WnYobAOEE8kNXC3l
-----END CERTIFICATE-----
Generated at Tue Jun 10 03:33:18 2025 by rpki-client