Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A917E678/B897C582A19C11EB92A2DF29C4F9AE02/4kPzvoJVabsWrLN0vJjavmkLF8E.mft
File:                     4kPzvoJVabsWrLN0vJjavmkLF8E.mft (raw, json)
Hash identifier:          FfSa3lJ2Af/OwWn78Ayhjrywt8pYw76VdmvFG75ZmaA=
Subject key identifier:   07:86:62:EA:5C:B4:6B:B4:00:54:B7:68:8B:61:9B:76:AD:CD:78:A8
Authority key identifier: E2:43:F3:BE:82:55:69:BB:16:AC:B3:74:BC:98:DA:BE:69:0B:17:C1
Certificate issuer:       /CN=A917E678/serialNumber=E243F3BE825569BB16ACB374BC98DABE690B17C1
Certificate serial:       05AD
Authority info access:    rsync://rpki.apnic.net/repository/B4A1BEA61D6611E2B2CD8B7C72FD1FF2/4kPzvoJVabsWrLN0vJjavmkLF8E.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917E678/B897C582A19C11EB92A2DF29C4F9AE02/4kPzvoJVabsWrLN0vJjavmkLF8E.mft
Manifest number:          05A5
Signing time:             Thu 20 Jun 2024 17:20:20 +0000
Manifest this update:     Thu 20 Jun 2024 17:20:19 +0000
Manifest next update:     Thu 27 Jun 2024 17:20:19 +0000
Files and hashes:         1: 4kPzvoJVabsWrLN0vJjavmkLF8E.crl (hash: /tJd9g1fJKyo36I5ouU6jul4pDd2xMYtuS67UOw77yg=)
                          2: 5BE68D46CF7611ED85A2E84EC4F9AE02.roa (hash: VvhvTMMvXBeqYgZfOoMB+UXmxIfdJwDgYKrDyaLLmc4=)

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A917E678/B897C582A19C11EB92A2DF29C4F9AE02/4kPzvoJVabsWrLN0vJjavmkLF8E.crl
                          rsync://rpki.apnic.net/member_repository/A917E678/B897C582A19C11EB92A2DF29C4F9AE02/4kPzvoJVabsWrLN0vJjavmkLF8E.mft
                          rsync://rpki.apnic.net/repository/B4A1BEA61D6611E2B2CD8B7C72FD1FF2/4kPzvoJVabsWrLN0vJjavmkLF8E.cer
                          rsync://rpki.apnic.net/repository/B4A1BEA61D6611E2B2CD8B7C72FD1FF2/lqhe9LjK9dTDWhV_ThJe5JS6-Tk.crl
                          rsync://rpki.apnic.net/repository/B4A1BEA61D6611E2B2CD8B7C72FD1FF2/lqhe9LjK9dTDWhV_ThJe5JS6-Tk.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/lqhe9LjK9dTDWhV_ThJe5JS6-Tk.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 27 Jun 2024 14:50:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1453 (0x5ad)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917E678/serialNumber=E243F3BE825569BB16ACB374BC98DABE690B17C1
        Validity
            Not Before: Jun 20 17:20:19 2024 GMT
            Not After : Jun 27 17:20:19 2024 GMT
        Subject: CN=667464d4-204a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:9d:e4:c8:f9:a1:fc:31:67:f8:17:86:70:7d:
                    4b:a7:79:7e:3b:a9:35:7d:40:2f:a9:79:f0:0e:22:
                    23:87:2a:9c:16:1d:2a:5c:ad:8b:10:81:87:31:8d:
                    48:7e:68:92:f7:5c:fc:ba:f7:34:ba:2e:6b:9f:9d:
                    c6:0c:7b:98:dc:6b:98:42:1d:35:d3:1c:d0:18:4c:
                    e0:f7:4d:0c:89:a4:fe:be:8f:c5:9c:cb:cd:ac:84:
                    81:d8:21:f2:88:b4:d8:b0:1f:e3:bd:76:4a:fc:6b:
                    ee:05:5c:41:46:89:96:da:08:fb:11:60:c0:ef:c4:
                    bc:47:d3:a7:46:1d:80:c9:d6:19:8b:88:8f:71:02:
                    d1:1b:a9:40:bd:fd:9d:65:53:cf:97:16:d9:98:ec:
                    3e:99:d5:22:c2:d5:43:ff:18:0d:c8:d4:4f:fa:3a:
                    61:40:58:8c:ed:aa:3a:aa:b6:18:d3:11:a4:5e:2a:
                    90:5f:f5:4b:68:35:7c:53:70:04:c1:7f:74:46:aa:
                    c7:92:a4:5f:1d:81:dd:0a:f9:b7:99:b4:ca:3f:23:
                    d5:83:c5:c4:20:76:2a:87:02:1f:85:c0:fc:14:d4:
                    67:5d:7c:0c:e8:99:c1:2f:31:77:94:06:08:3a:de:
                    8b:31:38:2b:3c:be:e4:a8:4f:81:85:6c:67:b0:a3:
                    28:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:86:62:EA:5C:B4:6B:B4:00:54:B7:68:8B:61:9B:76:AD:CD:78:A8
            X509v3 Authority Key Identifier:
                keyid:E2:43:F3:BE:82:55:69:BB:16:AC:B3:74:BC:98:DA:BE:69:0B:17:C1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917E678/B897C582A19C11EB92A2DF29C4F9AE02/4kPzvoJVabsWrLN0vJjavmkLF8E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B4A1BEA61D6611E2B2CD8B7C72FD1FF2/4kPzvoJVabsWrLN0vJjavmkLF8E.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E678/B897C582A19C11EB92A2DF29C4F9AE02/4kPzvoJVabsWrLN0vJjavmkLF8E.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:5f:55:9a:2a:a6:8c:fd:0d:5d:fb:1d:1c:d5:86:11:9b:d8:
         cc:dd:f6:af:55:cd:35:3d:1e:4e:cf:f5:27:41:d7:1f:29:47:
         c9:3a:54:f8:34:4e:cc:cb:0f:7b:6b:c9:01:1c:0c:cc:89:be:
         86:2f:1b:f5:b0:c3:17:d2:83:94:df:08:4f:2c:ad:eb:50:a1:
         b7:4d:3a:c3:e8:37:0b:d5:9f:da:1a:00:d4:cf:b9:47:75:31:
         9c:37:a7:9f:ae:1d:0e:50:de:09:f7:28:a8:15:f9:1b:55:9d:
         60:b0:8d:b9:01:08:81:96:57:5a:d8:25:1d:b7:63:c9:7d:36:
         54:a2:ff:a4:e7:db:f7:49:7c:ea:ff:05:fb:3f:70:ab:29:d1:
         08:28:aa:ac:3f:e7:44:87:bd:69:2d:2c:43:f5:d3:7e:b1:6c:
         c2:f7:1a:7a:2a:ca:ed:73:b5:bb:fa:87:e3:f5:62:ac:ff:99:
         9e:14:3d:58:64:de:be:d3:21:ea:ab:5c:22:5d:3e:1f:d4:60:
         cc:0a:95:e6:63:00:8e:cc:60:60:a3:a8:e9:44:bd:de:d3:dd:
         06:06:b1:d7:d2:1f:c0:52:87:78:bc:08:42:9d:2e:1b:c0:ba:
         34:2c:ff:5f:f7:c5:46:c3:35:c7:3a:58:68:95:42:b0:43:84:
         7f:20:4c:35
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICBa0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0U2NzgxMTAvBgNVBAUTKEUyNDNGM0JFODI1NTY5QkIxNkFDQjM3NEJDOThEQUJF
NjkwQjE3QzEwHhcNMjQwNjIwMTcyMDE5WhcNMjQwNjI3MTcyMDE5WjAYMRYwFAYD
VQQDEw02Njc0NjRkNC0yMDRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwp3kyPmh/DFn+BeGcH1Lp3l+O6k1fUAvqXnwDiIjhyqcFh0qXK2LEIGHMY1I
fmiS91z8uvc0ui5rn53GDHuY3GuYQh010xzQGEzg900MiaT+vo/FnMvNrISB2CHy
iLTYsB/jvXZK/GvuBVxBRomW2gj7EWDA78S8R9OnRh2AydYZi4iPcQLRG6lAvf2d
ZVPPlxbZmOw+mdUiwtVD/xgNyNRP+jphQFiM7ao6qrYY0xGkXiqQX/VLaDV8U3AE
wX90RqrHkqRfHYHdCvm3mbTKPyPVg8XEIHYqhwIfhcD8FNRnXXwM6JnBLzF3lAYI
Ot6LMTgrPL7kqE+BhWxnsKMoIwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAeGYupc
tGu0AFS3aIthm3atzXioMB8GA1UdIwQYMBaAFOJD876CVWm7FqyzdLyY2r5pCxfB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTY3OC9CODk3QzU4MkEx
OUMxMUVCOTJBMkRGMjlDNEY5QUUwMi80a1B6dm9KVmFic1dyTE4wdkpqYXZta0xG
OEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I0QTFCRUE2MUQ2NjExRTJCMkNEOEI3Qzcy
RkQxRkYyLzRrUHp2b0pWYWJzV3JMTjB2Smphdm1rTEY4RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
RTY3OC9CODk3QzU4MkExOUMxMUVCOTJBMkRGMjlDNEY5QUUwMi80a1B6dm9KVmFi
c1dyTE4wdkpqYXZta0xGOEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBBX1WaKqaM/Q1d+x0c1YYRm9jM3favVc01PR5Oz/UnQdcfKUfJOlT4
NE7Myw97a8kBHAzMib6GLxv1sMMX0oOU3whPLK3rUKG3TTrD6DcL1Z/aGgDUz7lH
dTGcN6efrh0OUN4J9yioFfkbVZ1gsI25AQiBllda2CUdt2PJfTZUov+k59v3SXzq
/wX7P3CrKdEIKKqsP+dEh71pLSxD9dN+sWzC9xp6Ksrtc7W7+ofj9WKs/5meFD1Y
ZN6+0yHqq1wiXT4f1GDMCpXmYwCOzGBgo6jpRL3e090GBrHX0h/AUod4vAhCnS4b
wLo0LP9f98VGwzXHOlholUKwQ4R/IEw1
-----END CERTIFICATE-----
Generated at Thu Jun 20 21:03:35 2024 by rpki-client on console-ams.rpki-client.org