Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A918497E/C320C226B5D811EE8DA66D85C4F9AE02/jUv3mkGe7A-lM-X8pQ_zcqM8s5A.mft
File:                     jUv3mkGe7A-lM-X8pQ_zcqM8s5A.mft (raw, json)
Hash identifier:          KOIKj2no80dKjZETaKxt6kWurGQQLb9Hss0ga7RVyy4=
Subject key identifier:   58:72:D2:72:40:E8:41:18:5B:D6:B4:5A:95:42:57:7C:D3:D8:D9:40
Authority key identifier: 8D:4B:F7:9A:41:9E:EC:0F:A5:33:E5:FC:A5:0F:F3:72:A3:3C:B3:90
Certificate issuer:       /CN=A918497E/serialNumber=8D4BF79A419EEC0FA533E5FCA50FF372A33CB390
Certificate serial:       0120
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jUv3mkGe7A-lM-X8pQ_zcqM8s5A.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918497E/C320C226B5D811EE8DA66D85C4F9AE02/jUv3mkGe7A-lM-X8pQ_zcqM8s5A.mft
Manifest number:          011E
Signing time:             Mon 21 Jul 2025 04:54:56 +0000
Manifest this update:     Mon 21 Jul 2025 04:54:55 +0000
Manifest next update:     Mon 28 Jul 2025 04:54:55 +0000
Files and hashes:         1: jUv3mkGe7A-lM-X8pQ_zcqM8s5A.crl (hash: y2grZVde6djkLLhZltFTGTs/Dyr5mujDh6PYuz92eUQ=)
                          2: D8FEAF6C637611EFB2D9FD47C4F9AE02.roa (hash: Dufn2bl2x79yMqHJgaUJAzhvDE7hxEwAGg5UyaJazhM=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A918497E/C320C226B5D811EE8DA66D85C4F9AE02/jUv3mkGe7A-lM-X8pQ_zcqM8s5A.crl
                          rsync://rpki.apnic.net/member_repository/A918497E/C320C226B5D811EE8DA66D85C4F9AE02/jUv3mkGe7A-lM-X8pQ_zcqM8s5A.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jUv3mkGe7A-lM-X8pQ_zcqM8s5A.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 28 Jul 2025 04:54:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 288 (0x120)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918497E, serialNumber=8D4BF79A419EEC0FA533E5FCA50FF372A33CB390
        Validity
            Not Before: Jul 21 04:54:55 2025 GMT
            Not After : Jul 28 04:54:55 2025 GMT
        Subject: CN=687dc820-e2fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:f0:9f:a4:9a:16:ac:8c:a6:a7:17:c7:e7:ec:
                    e4:79:ac:3d:c2:02:cc:46:f8:67:5a:6a:ec:6a:f8:
                    88:11:fb:96:7f:b7:45:5f:72:a1:8d:ed:04:ac:5f:
                    a9:90:ca:07:1c:e2:d8:cd:61:30:f7:92:a9:34:95:
                    e3:f2:17:3d:5a:30:74:9f:a1:54:55:b6:28:24:92:
                    9e:d7:5d:ec:12:5d:a2:6a:00:84:d0:30:19:59:fc:
                    de:35:3a:ea:5c:4c:73:7e:19:7e:04:2b:16:4d:ed:
                    d5:c1:91:c4:95:db:b3:85:a0:85:4c:c8:2a:23:5b:
                    90:5a:57:52:30:de:23:34:25:f1:d1:67:12:7a:e0:
                    a4:a0:bc:22:a6:62:85:46:88:7d:6c:d6:c9:c0:60:
                    6c:f6:8b:bc:80:2f:88:b9:dc:a7:56:5f:2c:41:50:
                    27:1f:02:c6:ca:5e:ef:68:21:87:de:dd:c7:7a:62:
                    dd:ca:66:71:9d:ad:61:84:a8:c7:0f:c0:a9:3e:68:
                    d7:da:46:37:44:91:4f:73:d4:eb:99:9a:33:a9:34:
                    93:eb:6c:b0:03:d6:19:60:b9:c8:8b:6b:64:13:20:
                    1c:41:06:5d:ea:c0:90:e9:1a:ae:61:30:da:d9:ed:
                    9b:54:5c:ba:4c:e1:cc:2d:f8:d2:f2:ba:1b:82:fa:
                    d2:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:72:D2:72:40:E8:41:18:5B:D6:B4:5A:95:42:57:7C:D3:D8:D9:40
            X509v3 Authority Key Identifier:
                keyid:8D:4B:F7:9A:41:9E:EC:0F:A5:33:E5:FC:A5:0F:F3:72:A3:3C:B3:90

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918497E/C320C226B5D811EE8DA66D85C4F9AE02/jUv3mkGe7A-lM-X8pQ_zcqM8s5A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jUv3mkGe7A-lM-X8pQ_zcqM8s5A.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918497E/C320C226B5D811EE8DA66D85C4F9AE02/jUv3mkGe7A-lM-X8pQ_zcqM8s5A.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:98:74:dd:9c:ee:8a:85:f8:3c:f8:ac:e7:62:15:9f:e7:f3:
         0c:7d:8d:5f:a7:62:44:0f:2a:7b:7b:d9:24:72:c0:e0:b2:30:
         5f:5f:01:ed:f8:5b:f3:41:8b:f0:f4:00:22:8d:e1:87:36:0c:
         ec:e4:44:97:9d:bc:12:3d:71:1c:a8:28:0f:3d:b1:39:9b:0c:
         86:48:66:4c:f5:92:06:1d:f7:17:41:6e:cd:32:fc:f8:7e:22:
         c9:57:4a:5f:b3:db:91:04:56:c9:58:20:ff:00:f5:0e:90:7f:
         a4:f0:e0:52:42:46:63:86:44:b4:d0:de:93:cc:54:fe:05:35:
         a2:91:09:8b:cd:75:9e:b5:5a:4d:88:3f:47:e1:d4:46:5f:43:
         50:b0:88:de:ef:df:d5:94:0a:c2:22:e7:71:75:5a:52:93:01:
         f6:39:c4:2b:8e:a0:59:e6:b3:89:ab:8a:7f:a8:76:a4:96:2d:
         40:e4:cf:be:48:f6:9d:87:fb:d7:a7:d5:bd:56:ca:cc:90:fc:
         ea:2f:94:db:cc:4c:31:b1:c0:11:e6:d8:b6:07:f0:91:c6:1b:
         78:e5:8a:6b:4d:45:6b:70:ce:92:74:53:9b:19:a8:fd:18:a0:
         65:af:61:a4:51:19:eb:aa:81:8f:c6:d8:1b:30:0d:80:cf:a7:
         c8:20:b3:96
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICASAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODQ5N0UxMTAvBgNVBAUTKDhENEJGNzlBNDE5RUVDMEZBNTMzRTVGQ0E1MEZGMzcy
QTMzQ0IzOTAwHhcNMjUwNzIxMDQ1NDU1WhcNMjUwNzI4MDQ1NDU1WjAYMRYwFAYD
VQQDEw02ODdkYzgyMC1lMmZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuPCfpJoWrIympxfH5+zkeaw9wgLMRvhnWmrsaviIEfuWf7dFX3Khje0ErF+p
kMoHHOLYzWEw95KpNJXj8hc9WjB0n6FUVbYoJJKe113sEl2iagCE0DAZWfzeNTrq
XExzfhl+BCsWTe3VwZHElduzhaCFTMgqI1uQWldSMN4jNCXx0WcSeuCkoLwipmKF
Roh9bNbJwGBs9ou8gC+IudynVl8sQVAnHwLGyl7vaCGH3t3HemLdymZxna1hhKjH
D8CpPmjX2kY3RJFPc9TrmZozqTST62ywA9YZYLnIi2tkEyAcQQZd6sCQ6RquYTDa
2e2bVFy6TOHMLfjS8robgvrSEwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFhy0nJA
6EEYW9a0WpVCV3zT2NlAMB8GA1UdIwQYMBaAFI1L95pBnuwPpTPl/KUP83KjPLOQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NDk3RS9DMzIwQzIyNkI1
RDgxMUVFOERBNjZEODVDNEY5QUUwMi9qVXYzbWtHZTdBLWxNLVg4cFFfemNxTThz
NUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2pVdjNta0dlN0EtbE0tWDhwUV96Y3FNOHM1QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
NDk3RS9DMzIwQzIyNkI1RDgxMUVFOERBNjZEODVDNEY5QUUwMi9qVXYzbWtHZTdB
LWxNLVg4cFFfemNxTThzNUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCVmHTdnO6Khfg8+KznYhWf5/MMfY1fp2JEDyp7e9kkcsDgsjBfXwHt
+FvzQYvw9AAijeGHNgzs5ESXnbwSPXEcqCgPPbE5mwyGSGZM9ZIGHfcXQW7NMvz4
fiLJV0pfs9uRBFbJWCD/APUOkH+k8OBSQkZjhkS00N6TzFT+BTWikQmLzXWetVpN
iD9H4dRGX0NQsIje79/VlArCIudxdVpSkwH2OcQrjqBZ5rOJq4p/qHakli1A5M++
SPadh/vXp9W9VsrMkPzqL5TbzEwxscAR5ti2B/CRxht45YprTUVrcM6SdFObGaj9
GKBlr2GkURnrqoGPxtgbMA2Az6fIILOW
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:52:04 2025 by rpki-client