Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.mft
File:                     lC1UHf55gvbgHmvMl23Ay4QU6Dg.mft (raw, json)
Hash identifier:          jNygEicDJneI17cUy1N7NcpQeWLNgrNX1kuVhmP3ChY=
Subject key identifier:   A0:E2:82:75:F4:81:26:BB:24:B5:C0:F6:7A:E5:39:98:8A:93:E7:53
Authority key identifier: 94:2D:54:1D:FE:79:82:F6:E0:1E:6B:CC:97:6D:C0:CB:84:14:E8:38
Certificate issuer:       /CN=A917D7F2/serialNumber=942D541DFE7982F6E01E6BCC976DC0CB8414E838
Certificate serial:       349E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.mft
Manifest number:          3499
Signing time:             Sat 14 Jun 2025 14:36:21 +0000
Manifest this update:     Sat 14 Jun 2025 14:36:21 +0000
Manifest next update:     Sat 21 Jun 2025 14:36:21 +0000
Files and hashes:         1: lC1UHf55gvbgHmvMl23Ay4QU6Dg.crl (hash: gjDIO9iEr5LksYAw7pR3shWW3ghjXTwfpPIGwTLKoz0=)
                          2: 35FC192C272C11ED9E64C718C4F9AE02.roa (hash: of9zh63P1E28Fw1JXMf3Mift2nJvEjjB8iXijpwTEOw=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.crl
                          rsync://rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 21 Jun 2025 14:36:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13470 (0x349e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917D7F2, serialNumber=942D541DFE7982F6E01E6BCC976DC0CB8414E838
        Validity
            Not Before: Jun 14 14:36:21 2025 GMT
            Not After : Jun 21 14:36:21 2025 GMT
        Subject: CN=684d88e5-f516
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:e9:73:38:59:28:e9:0b:c8:8f:49:76:41:87:
                    a3:95:73:fc:00:ab:ad:0f:51:9c:ba:92:df:00:4d:
                    74:35:62:f4:f9:be:81:7e:e3:26:9f:3e:34:81:e1:
                    52:35:df:e2:da:31:eb:02:ce:af:33:db:09:29:16:
                    66:fe:8d:29:90:a3:96:a9:09:a3:4a:9e:87:dc:85:
                    0d:70:cb:57:75:22:24:12:c6:89:7b:c0:3b:1b:63:
                    cd:5a:91:fd:69:ad:7b:06:41:31:92:5c:3f:20:f1:
                    83:12:cb:41:89:91:bf:12:df:bc:5b:e8:d1:6b:8d:
                    b1:34:d1:7a:0e:19:49:90:c4:b5:d8:70:89:ed:dd:
                    5e:bd:01:52:b8:87:8f:b9:d1:2b:bb:fb:6b:0a:ce:
                    ce:29:8f:b0:5a:7c:e0:4a:46:6d:1e:fe:68:11:64:
                    f2:e8:0f:0a:27:fe:e8:a6:2f:e9:c0:d6:47:52:c2:
                    4d:4c:56:06:4c:9a:c2:b7:7f:e6:5c:f0:52:af:47:
                    4c:ae:b5:fe:cf:cc:2b:16:c6:30:31:4f:b6:b2:33:
                    15:1a:95:34:f9:6f:29:7b:a6:a4:e1:d4:1a:d1:cf:
                    eb:da:d3:03:44:f0:e8:96:88:9b:f6:79:49:90:16:
                    2b:1f:cb:ac:d8:62:5d:be:c2:35:ba:48:a0:98:ae:
                    39:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:E2:82:75:F4:81:26:BB:24:B5:C0:F6:7A:E5:39:98:8A:93:E7:53
            X509v3 Authority Key Identifier:
                keyid:94:2D:54:1D:FE:79:82:F6:E0:1E:6B:CC:97:6D:C0:CB:84:14:E8:38

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:fc:48:41:ac:83:72:5c:98:ce:71:e6:d2:6d:ce:37:ac:24:
         c2:52:5e:97:9b:51:5d:95:ba:6d:8f:57:d0:3b:63:0b:30:91:
         b2:16:69:c1:88:2d:45:43:30:b4:11:1e:64:b5:25:fe:39:4c:
         cf:3f:fc:ea:d8:02:98:eb:77:37:fa:c9:40:e4:81:08:30:97:
         25:d2:69:2a:37:b8:0a:44:03:16:1b:7c:94:28:b0:da:1b:62:
         42:4c:65:86:a4:1d:ea:d6:d0:b4:70:a4:fe:06:72:6d:da:35:
         10:90:7b:50:9e:a2:42:e1:c4:67:d9:ce:45:da:b1:b3:75:c5:
         21:1c:d6:54:b3:a0:9b:10:44:2e:16:96:8f:a1:77:d4:5c:ae:
         f4:b1:6a:a8:8b:5c:a0:ce:bc:d1:d6:56:3e:d3:77:8a:32:23:
         89:48:c8:07:ba:b7:3d:e7:82:75:90:8b:ec:14:51:46:13:28:
         fe:24:2b:37:0f:98:32:ae:77:24:61:e8:3b:7e:83:ba:b9:57:
         d5:06:87:39:73:e2:42:eb:4f:6a:f1:0e:86:15:57:8e:c9:54:
         7a:dc:95:da:95:45:87:0b:ef:94:e1:07:a9:dc:95:ff:02:3b:
         6a:c5:aa:d7:d7:79:47:64:5c:6b:aa:03:06:1f:2e:3c:66:df:
         33:d7:d5:98
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICNJ4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0Q3RjIxMTAvBgNVBAUTKDk0MkQ1NDFERkU3OTgyRjZFMDFFNkJDQzk3NkRDMENC
ODQxNEU4MzgwHhcNMjUwNjE0MTQzNjIxWhcNMjUwNjIxMTQzNjIxWjAYMRYwFAYD
VQQDEw02ODRkODhlNS1mNTE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsulzOFko6QvIj0l2QYejlXP8AKutD1GcupLfAE10NWL0+b6BfuMmnz40geFS
Nd/i2jHrAs6vM9sJKRZm/o0pkKOWqQmjSp6H3IUNcMtXdSIkEsaJe8A7G2PNWpH9
aa17BkExklw/IPGDEstBiZG/Et+8W+jRa42xNNF6DhlJkMS12HCJ7d1evQFSuIeP
udEru/trCs7OKY+wWnzgSkZtHv5oEWTy6A8KJ/7opi/pwNZHUsJNTFYGTJrCt3/m
XPBSr0dMrrX+z8wrFsYwMU+2sjMVGpU0+W8pe6ak4dQa0c/r2tMDRPDoloib9nlJ
kBYrH8us2GJdvsI1ukigmK45OwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKDignX0
gSa7JLXA9nrlOZiKk+dTMB8GA1UdIwQYMBaAFJQtVB3+eYL24B5rzJdtwMuEFOg4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RDdGMi9GMDI4OTAzQzFE
OEMxMUUyQjE5RDVGRUEwOEIwMkNEMi9sQzFVSGY1NWd2YmdIbXZNbDIzQXk0UVU2
RGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2xDMVVIZjU1Z3ZiZ0htdk1sMjNBeTRRVTZEZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
RDdGMi9GMDI4OTAzQzFEOEMxMUUyQjE5RDVGRUEwOEIwMkNEMi9sQzFVSGY1NWd2
YmdIbXZNbDIzQXk0UVU2RGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQA0/EhBrINyXJjOcebSbc43rCTCUl6Xm1Fdlbptj1fQO2MLMJGyFmnB
iC1FQzC0ER5ktSX+OUzPP/zq2AKY63c3+slA5IEIMJcl0mkqN7gKRAMWG3yUKLDa
G2JCTGWGpB3q1tC0cKT+BnJt2jUQkHtQnqJC4cRn2c5F2rGzdcUhHNZUs6CbEEQu
FpaPoXfUXK70sWqoi1ygzrzR1lY+03eKMiOJSMgHurc954J1kIvsFFFGEyj+JCs3
D5gyrnckYeg7foO6uVfVBoc5c+JC609q8Q6GFVeOyVR63JXalUWHC++U4Qep3JX/
AjtqxarX13lHZFxrqgMGHy48Zt8z19WY
-----END CERTIFICATE-----
Generated at Sat Jun 14 23:58:25 2025 by rpki-client