Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A917D9B8/C8B1D44E07A111EF84F3D26AC4F9AE02/VngmFidUtGDLWGbawxSIDHA1Rh0.mft
File:                     VngmFidUtGDLWGbawxSIDHA1Rh0.mft (raw, json)
Hash identifier:          fkZltzz2yqh4pHlcmGL2IjQYSehSbDjYLeec/ckG6ZE=
Subject key identifier:   EE:49:2A:63:0F:7E:60:6A:13:79:17:FB:2E:30:94:52:16:6E:C6:C1
Authority key identifier: 56:78:26:16:27:54:B4:60:CB:58:66:DA:C3:14:88:0C:70:35:46:1D
Certificate issuer:       /CN=A917D9B8/serialNumber=567826162754B460CB5866DAC314880C7035461D
Certificate serial:       D5
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VngmFidUtGDLWGbawxSIDHA1Rh0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917D9B8/C8B1D44E07A111EF84F3D26AC4F9AE02/VngmFidUtGDLWGbawxSIDHA1Rh0.mft
Manifest number:          D2
Signing time:             Mon 09 Jun 2025 04:40:19 +0000
Manifest this update:     Mon 09 Jun 2025 04:40:19 +0000
Manifest next update:     Mon 16 Jun 2025 04:40:19 +0000
Files and hashes:         1: VngmFidUtGDLWGbawxSIDHA1Rh0.crl (hash: Y5/mJQ1HeXV1opx0BRrbyaGRL3jTeqfTdp+ASaC+KHA=)
                          2: DFDEC4D007A411EFAB20A473C4F9AE02.roa (hash: hQsClVPo6k6KSQkrPXRux2ZE6YMvDs1XKFlnN0n+rhg=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A917D9B8/C8B1D44E07A111EF84F3D26AC4F9AE02/VngmFidUtGDLWGbawxSIDHA1Rh0.crl
                          rsync://rpki.apnic.net/member_repository/A917D9B8/C8B1D44E07A111EF84F3D26AC4F9AE02/VngmFidUtGDLWGbawxSIDHA1Rh0.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VngmFidUtGDLWGbawxSIDHA1Rh0.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 16 Jun 2025 04:40:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 213 (0xd5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917D9B8, serialNumber=567826162754B460CB5866DAC314880C7035461D
        Validity
            Not Before: Jun  9 04:40:19 2025 GMT
            Not After : Jun 16 04:40:19 2025 GMT
        Subject: CN=684665b3-16e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:ce:79:07:0f:b2:bf:f5:ed:de:a2:87:26:3c:
                    bf:24:ca:50:09:52:db:6c:c1:c3:af:97:f2:f2:0b:
                    bc:a6:97:24:2c:b3:8b:1d:8e:58:86:c9:0f:b5:c3:
                    e0:35:23:e1:29:df:bc:3e:0b:61:a0:18:0d:b6:f3:
                    d9:6b:d5:81:19:d6:42:a9:09:ce:3f:a1:dc:81:c5:
                    31:14:44:f2:c2:d6:30:02:71:d7:b6:5c:e3:03:09:
                    9b:0b:a4:de:11:01:3b:b4:2b:42:f2:58:37:da:60:
                    ef:23:b5:40:d9:a8:f1:5d:23:4d:35:0f:f9:ec:01:
                    3e:e9:e2:96:a7:0f:74:5c:8b:01:fd:c5:27:fa:41:
                    90:ee:38:5b:82:14:3d:90:47:be:bb:4e:2c:94:2f:
                    60:57:1c:68:67:21:ab:47:8a:7b:bd:83:f3:0f:0a:
                    d5:a0:75:5a:96:62:71:db:72:f4:a9:3e:e4:49:0d:
                    65:a8:ed:da:07:2d:50:a6:3b:e8:16:54:c1:00:6e:
                    70:31:dc:89:96:f0:8f:5f:51:08:eb:5b:3a:b2:2f:
                    4e:12:9f:d8:87:65:2a:a1:c8:43:70:16:c2:b8:6c:
                    94:fe:d6:07:08:e7:56:e6:05:27:5f:1e:02:c8:99:
                    9b:8a:3e:71:57:a3:39:04:bc:ac:6d:ea:96:8d:9d:
                    48:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:49:2A:63:0F:7E:60:6A:13:79:17:FB:2E:30:94:52:16:6E:C6:C1
            X509v3 Authority Key Identifier:
                keyid:56:78:26:16:27:54:B4:60:CB:58:66:DA:C3:14:88:0C:70:35:46:1D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917D9B8/C8B1D44E07A111EF84F3D26AC4F9AE02/VngmFidUtGDLWGbawxSIDHA1Rh0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VngmFidUtGDLWGbawxSIDHA1Rh0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917D9B8/C8B1D44E07A111EF84F3D26AC4F9AE02/VngmFidUtGDLWGbawxSIDHA1Rh0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:aa:f8:b1:c0:1a:b1:62:43:ae:05:c0:c7:00:72:f0:67:0d:
         c3:8f:78:bb:49:e0:19:c4:03:74:57:ad:57:bf:c6:95:ff:e7:
         b6:e1:c2:f9:65:8f:94:91:c4:e7:bc:8c:2f:40:07:3b:cb:77:
         61:32:65:83:61:cb:9a:b0:d1:82:20:6c:08:e3:13:1d:16:55:
         b7:f9:85:ed:52:cc:9b:dd:ab:f7:b2:70:1a:20:60:ae:f8:13:
         d4:80:73:ff:ec:a6:38:75:f2:1d:90:fd:7d:f7:46:83:f3:f0:
         68:43:d3:97:0b:ac:30:c3:f7:a6:6b:14:7e:e1:9a:ee:90:5d:
         71:b9:6c:4a:d8:17:9f:21:38:ea:63:40:c0:59:21:93:90:60:
         e4:78:27:6a:e1:7b:f9:9a:79:5c:9b:30:ff:ac:23:36:e2:69:
         17:cb:fa:83:f4:bd:f5:f2:a5:59:47:ec:a9:cd:88:f7:5e:4c:
         35:7e:27:13:e8:82:3d:a5:a5:6f:ca:72:3c:9f:75:00:6e:14:
         bf:96:45:13:7e:45:e1:15:69:9f:50:76:2c:e8:16:84:cb:4c:
         2d:e7:ce:b1:04:52:03:6c:87:81:62:63:4d:86:87:dc:b3:a4:
         57:b7:80:0f:f7:00:3d:7b:d3:d9:a2:0f:85:86:a8:28:cb:e1:
         72:17:7e:84
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICANUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0Q5QjgxMTAvBgNVBAUTKDU2NzgyNjE2Mjc1NEI0NjBDQjU4NjZEQUMzMTQ4ODBD
NzAzNTQ2MUQwHhcNMjUwNjA5MDQ0MDE5WhcNMjUwNjE2MDQ0MDE5WjAYMRYwFAYD
VQQDEw02ODQ2NjViMy0xNmU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnc55Bw+yv/Xt3qKHJjy/JMpQCVLbbMHDr5fy8gu8ppckLLOLHY5YhskPtcPg
NSPhKd+8PgthoBgNtvPZa9WBGdZCqQnOP6HcgcUxFETywtYwAnHXtlzjAwmbC6Te
EQE7tCtC8lg32mDvI7VA2ajxXSNNNQ/57AE+6eKWpw90XIsB/cUn+kGQ7jhbghQ9
kEe+u04slC9gVxxoZyGrR4p7vYPzDwrVoHValmJx23L0qT7kSQ1lqO3aBy1Qpjvo
FlTBAG5wMdyJlvCPX1EI61s6si9OEp/Yh2UqochDcBbCuGyU/tYHCOdW5gUnXx4C
yJmbij5xV6M5BLysbeqWjZ1IOQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFO5JKmMP
fmBqE3kX+y4wlFIWbsbBMB8GA1UdIwQYMBaAFFZ4JhYnVLRgy1hm2sMUiAxwNUYd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RDlCOC9DOEIxRDQ0RTA3
QTExMUVGODRGM0QyNkFDNEY5QUUwMi9WbmdtRmlkVXRHRExXR2Jhd3hTSURIQTFS
aDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZuZ21GaWRVdEdETFdHYmF3eFNJREhBMVJoMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
RDlCOC9DOEIxRDQ0RTA3QTExMUVGODRGM0QyNkFDNEY5QUUwMi9WbmdtRmlkVXRH
RExXR2Jhd3hTSURIQTFSaDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAGqvixwBqxYkOuBcDHAHLwZw3Dj3i7SeAZxAN0V61Xv8aV/+e24cL5
ZY+UkcTnvIwvQAc7y3dhMmWDYcuasNGCIGwI4xMdFlW3+YXtUsyb3av3snAaIGCu
+BPUgHP/7KY4dfIdkP1990aD8/BoQ9OXC6www/emaxR+4ZrukF1xuWxK2BefITjq
Y0DAWSGTkGDkeCdq4Xv5mnlcmzD/rCM24mkXy/qD9L318qVZR+ypzYj3Xkw1ficT
6II9paVvynI8n3UAbhS/lkUTfkXhFWmfUHYs6BaEy0wt586xBFIDbIeBYmNNhofc
s6RXt4AP9wA9e9PZog+Fhqgoy+FyF36E
-----END CERTIFICATE-----
Generated at Tue Jun 10 00:53:07 2025 by rpki-client