Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.mft
File:                     TbA103TIQSzmgNnaCtvsBkKdiLg.mft (raw, json)
Hash identifier:          zXMFa90qKMps7RGF7yNZxKUxpJPVKn/4v1JDlkcugsU=
Subject key identifier:   93:EE:34:8F:AF:2C:81:EE:55:B6:94:A0:44:8C:4D:5C:56:3A:B6:5B
Authority key identifier: 4D:B0:35:D3:74:C8:41:2C:E6:80:D9:DA:0A:DB:EC:06:42:9D:88:B8
Certificate issuer:       /CN=A917E678/serialNumber=4DB035D374C8412CE680D9DA0ADBEC06429D88B8
Certificate serial:       189F
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TbA103TIQSzmgNnaCtvsBkKdiLg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.mft
Manifest number:          170A
Signing time:             Sun 22 Jun 2025 16:46:09 +0000
Manifest this update:     Sun 22 Jun 2025 16:46:09 +0000
Manifest next update:     Sun 29 Jun 2025 16:46:09 +0000
Files and hashes:         1: TbA103TIQSzmgNnaCtvsBkKdiLg.crl (hash: FsH5GhBoA4pBMzLMLhwcpl9sCqU+DQeCAVfHvXxhIU8=)
                          2: 1F24033CDF7111EEB534147FC4F9AE02.roa (hash: F7+/UI/IdrG7UJylIwMQeWeh8x4KccRZsFSY0IMAJig=)
                          3: B62B9156280611ED8BEBC536C4F9AE02.roa (hash: G9R6UKF81vPpeZEj71HVNBUREkX7yk3WJ1Q6tTRHYYM=)
                          4: 820BE5609CEE11EF9001717EC4F9AE02.roa (hash: kIvT/50E2laNc1gLfjO5rKE/sWwcpe4nrifpeBT23BI=)
                          5: 0D08636C75D611EB920B5162C4F9AE02.roa (hash: j6prxSOt5QlgU/NV/soMWbDX95ZjTIwaOn33GpJLHDk=)
                          6: 6D8B68F2ED9A11EF9E539B3FC4F9AE02.roa (hash: ruR/ShQIv0dCG3FeCHomTrHYuPdOIn8lj4JNUtTPIFU=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.crl
                          rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TbA103TIQSzmgNnaCtvsBkKdiLg.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 29 Jun 2025 16:46:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6303 (0x189f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917E678, serialNumber=4DB035D374C8412CE680D9DA0ADBEC06429D88B8
        Validity
            Not Before: Jun 22 16:46:09 2025 GMT
            Not After : Jun 29 16:46:09 2025 GMT
        Subject: CN=68583351-0c9f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:09:c9:8a:d8:17:fd:e8:19:87:b7:65:6e:7a:
                    aa:90:08:12:9c:15:6f:fc:99:88:6e:b8:c2:7d:dc:
                    93:2d:76:24:a3:21:ca:f6:e1:6b:aa:07:84:cc:7c:
                    eb:1e:43:f4:13:0f:a3:ed:1e:b2:e2:f7:52:e7:00:
                    77:fb:03:30:2b:ce:85:e3:c3:25:74:e1:de:50:96:
                    0b:a9:ac:e5:7d:4c:c7:c6:4b:5a:76:36:f6:01:cf:
                    50:5e:e6:66:42:1b:9d:51:94:d2:85:ef:12:4c:11:
                    3f:11:5b:4c:ae:d6:f0:fe:30:a0:23:44:49:82:6d:
                    ca:51:ae:5d:44:16:3d:db:b8:7d:3f:65:57:f4:1e:
                    f9:8f:10:e3:de:5a:04:91:84:4e:41:8d:b0:98:61:
                    87:f2:98:41:47:fc:9a:b6:1c:ad:f6:fe:22:61:a5:
                    ec:ac:50:f0:43:d6:92:79:7e:b2:d6:c5:40:9c:8b:
                    78:cf:02:4f:16:6e:1c:a4:f5:ff:63:d5:57:d3:67:
                    63:05:de:2f:cc:f2:3f:7d:0a:b5:31:99:6b:0c:0c:
                    03:7a:97:7a:30:21:c3:d7:32:02:39:a9:56:f6:91:
                    cd:62:11:1c:86:57:4f:3c:0d:d3:4a:12:44:b6:71:
                    7a:d0:33:50:ff:23:79:50:c2:79:0f:6b:b8:e2:98:
                    12:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:EE:34:8F:AF:2C:81:EE:55:B6:94:A0:44:8C:4D:5C:56:3A:B6:5B
            X509v3 Authority Key Identifier:
                keyid:4D:B0:35:D3:74:C8:41:2C:E6:80:D9:DA:0A:DB:EC:06:42:9D:88:B8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TbA103TIQSzmgNnaCtvsBkKdiLg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:84:04:ad:83:f9:0f:08:99:a4:d1:ff:c6:9e:e5:fe:6f:ba:
         94:cb:f5:46:89:17:2a:b4:6f:16:66:95:99:13:8f:42:c3:4a:
         2d:53:da:1d:8d:05:01:a5:ab:c1:6f:54:1a:1f:dc:ec:44:3b:
         7a:66:97:b9:60:0e:18:3a:2d:ed:40:b5:95:6c:5b:3c:d3:1a:
         68:e3:44:20:95:38:a7:86:2b:83:cb:29:6d:aa:57:ab:c8:b2:
         c5:a0:76:12:ef:84:4b:14:2b:bf:98:e7:6e:44:4b:fb:24:48:
         62:88:13:40:df:13:a2:a5:1c:7b:a2:93:23:0d:9a:9e:76:e3:
         6c:83:5b:79:f7:3f:a6:74:ff:d7:8f:1d:d7:e7:32:0a:57:76:
         38:b3:5e:4e:ba:e3:f9:ff:53:97:ab:9e:5a:18:ab:a2:c3:5e:
         e5:98:8b:7e:ae:08:51:eb:5b:8e:6b:84:ac:b7:ec:c5:d1:98:
         e6:8c:d3:65:0a:d2:74:d5:d3:b1:20:7f:98:08:d9:7a:af:e8:
         63:5a:bb:d3:5f:e4:15:7e:d3:13:fa:ea:41:55:65:b7:12:fc:
         29:cf:c3:f2:e5:e4:32:85:dd:5e:ab:a6:e7:6c:9b:d9:d1:ce:
         50:bd:d7:a7:20:8c:05:27:0c:09:3c:c4:cb:ab:ac:56:8b:ea:
         92:54:b2:51
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICGJ8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0U2NzgxMTAvBgNVBAUTKDREQjAzNUQzNzRDODQxMkNFNjgwRDlEQTBBREJFQzA2
NDI5RDg4QjgwHhcNMjUwNjIyMTY0NjA5WhcNMjUwNjI5MTY0NjA5WjAYMRYwFAYD
VQQDEw02ODU4MzM1MS0wYzlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtAnJitgX/egZh7dlbnqqkAgSnBVv/JmIbrjCfdyTLXYkoyHK9uFrqgeEzHzr
HkP0Ew+j7R6y4vdS5wB3+wMwK86F48MldOHeUJYLqazlfUzHxktadjb2Ac9QXuZm
QhudUZTShe8STBE/EVtMrtbw/jCgI0RJgm3KUa5dRBY927h9P2VX9B75jxDj3loE
kYROQY2wmGGH8phBR/yathyt9v4iYaXsrFDwQ9aSeX6y1sVAnIt4zwJPFm4cpPX/
Y9VX02djBd4vzPI/fQq1MZlrDAwDepd6MCHD1zICOalW9pHNYhEchldPPA3TShJE
tnF60DNQ/yN5UMJ5D2u44pgSWwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJPuNI+v
LIHuVbaUoESMTVxWOrZbMB8GA1UdIwQYMBaAFE2wNdN0yEEs5oDZ2grb7AZCnYi4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTY3OC83MjU4M0FGQTY5
NTcxMUU4QTQyQkU2ODBDNEY5QUUwMi9UYkExMDNUSVFTem1nTm5hQ3R2c0JrS2Rp
TGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RiQTEwM1RJUVN6bWdObmFDdHZzQmtLZGlMZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
RTY3OC83MjU4M0FGQTY5NTcxMUU4QTQyQkU2ODBDNEY5QUUwMi9UYkExMDNUSVFT
em1nTm5hQ3R2c0JrS2RpTGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCjhAStg/kPCJmk0f/GnuX+b7qUy/VGiRcqtG8WZpWZE49Cw0otU9od
jQUBpavBb1QaH9zsRDt6Zpe5YA4YOi3tQLWVbFs80xpo40QglTinhiuDyyltqler
yLLFoHYS74RLFCu/mOduREv7JEhiiBNA3xOipRx7opMjDZqeduNsg1t59z+mdP/X
jx3X5zIKV3Y4s15OuuP5/1OXq55aGKuiw17lmIt+rghR61uOa4Sst+zF0ZjmjNNl
CtJ01dOxIH+YCNl6r+hjWrvTX+QVftMT+upBVWW3Evwpz8Py5eQyhd1eq6bnbJvZ
0c5QvdenIIwFJwwJPMTLq6xWi+qSVLJR
-----END CERTIFICATE-----
Generated at Tue Jun 24 10:35:45 2025 by rpki-client