Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91870B9/7C8C890E071E11EDA2E3F132C4F9AE02/bycituUTNGUloqmUZBtOJ_BNU1Y.mft
File:                     bycituUTNGUloqmUZBtOJ_BNU1Y.mft (raw, json)
Hash identifier:          x6XOLBRveXIpluTWSO1tPUWrEaXoS9OP/kqSqtfDoWQ=
Subject key identifier:   1E:05:B0:D5:3A:90:9A:86:49:B9:C3:93:B6:A3:F1:81:54:70:28:3A
Authority key identifier: 6F:27:22:B6:E5:13:34:65:25:A2:A9:94:64:1B:4E:27:F0:4D:53:56
Certificate issuer:       /CN=A91870B9/serialNumber=6F2722B6E513346525A2A994641B4E27F04D5356
Certificate serial:       028F
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bycituUTNGUloqmUZBtOJ_BNU1Y.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91870B9/7C8C890E071E11EDA2E3F132C4F9AE02/bycituUTNGUloqmUZBtOJ_BNU1Y.mft
Manifest number:          028C
Signing time:             Wed 11 Jun 2025 01:29:20 +0000
Manifest this update:     Wed 11 Jun 2025 01:29:20 +0000
Manifest next update:     Wed 18 Jun 2025 01:29:20 +0000
Files and hashes:         1: bycituUTNGUloqmUZBtOJ_BNU1Y.crl (hash: A/nS8RdpRhR7yi238YaeOQNOkGJ4ZQ5mlgHpOHNBSwQ=)
                          2: A48AD700072111ED91EABE39C4F9AE02.roa (hash: LYlnmY38WC+/5pBo6/8yuliMtbU1c9X35OeWacBJJcc=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91870B9/7C8C890E071E11EDA2E3F132C4F9AE02/bycituUTNGUloqmUZBtOJ_BNU1Y.crl
                          rsync://rpki.apnic.net/member_repository/A91870B9/7C8C890E071E11EDA2E3F132C4F9AE02/bycituUTNGUloqmUZBtOJ_BNU1Y.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bycituUTNGUloqmUZBtOJ_BNU1Y.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 18 Jun 2025 01:29:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 655 (0x28f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91870B9, serialNumber=6F2722B6E513346525A2A994641B4E27F04D5356
        Validity
            Not Before: Jun 11 01:29:20 2025 GMT
            Not After : Jun 18 01:29:20 2025 GMT
        Subject: CN=6848dbf0-c1ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:da:7c:6f:66:ba:7f:f9:68:b2:be:bd:81:59:
                    89:f1:8d:1d:df:da:eb:16:8d:17:c7:a4:e5:72:0d:
                    2c:bb:67:40:df:80:32:25:7d:e6:19:70:f8:b5:87:
                    dc:7b:f6:92:a8:72:c3:2b:57:6e:6e:fa:14:70:31:
                    d6:a9:44:58:3f:bf:aa:eb:fe:89:1a:b2:3b:05:d8:
                    63:c1:ad:35:a5:01:61:ec:0e:92:53:8b:7f:bb:35:
                    c7:52:b1:3e:c5:6c:e2:97:36:b6:68:22:90:bd:c0:
                    e6:3e:23:7a:bc:f1:f6:ba:90:a9:b7:da:cb:81:c4:
                    c4:bc:0f:50:e3:52:70:ce:10:61:b0:a2:fa:88:90:
                    a1:05:6b:6f:a0:71:78:23:bc:0f:4c:29:09:25:34:
                    31:57:4c:4c:99:9c:cb:5b:a6:0b:f4:de:23:96:4e:
                    24:8e:55:96:30:1f:f5:43:88:a0:72:e7:40:70:ec:
                    44:27:81:97:6f:c5:36:7b:d1:c3:00:81:99:e2:6a:
                    f1:2e:66:04:40:95:8a:cc:5f:1a:63:9d:cf:23:8c:
                    ed:ab:e4:19:40:e9:e6:62:80:b7:74:ff:df:46:2a:
                    12:74:b4:9b:33:3c:01:97:eb:f5:94:42:83:4d:5a:
                    8e:7a:57:f4:a8:58:a4:ce:77:58:4a:df:be:1e:40:
                    a4:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:05:B0:D5:3A:90:9A:86:49:B9:C3:93:B6:A3:F1:81:54:70:28:3A
            X509v3 Authority Key Identifier:
                keyid:6F:27:22:B6:E5:13:34:65:25:A2:A9:94:64:1B:4E:27:F0:4D:53:56

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91870B9/7C8C890E071E11EDA2E3F132C4F9AE02/bycituUTNGUloqmUZBtOJ_BNU1Y.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bycituUTNGUloqmUZBtOJ_BNU1Y.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91870B9/7C8C890E071E11EDA2E3F132C4F9AE02/bycituUTNGUloqmUZBtOJ_BNU1Y.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:65:76:11:8a:8d:7f:cc:2c:9f:25:6e:b6:12:cd:2e:5b:f9:
         eb:97:28:06:22:97:c7:c6:ee:34:ac:2f:4c:bc:f7:2b:d3:a3:
         97:ac:f3:4b:02:7a:b8:d7:7d:73:c2:b3:cc:ff:66:9b:41:6b:
         54:e5:d1:21:b8:5c:4c:6c:dc:6b:04:a0:d3:51:51:29:12:ea:
         40:a4:ec:e9:bb:7d:9c:8a:05:80:06:28:0a:b1:02:cb:fc:34:
         84:06:29:a6:ec:93:27:d8:cc:fd:9c:a3:64:68:5c:d2:b4:4f:
         61:06:60:7d:11:fb:c1:66:4e:51:be:a8:d5:68:27:fa:40:bc:
         ee:03:de:cf:97:e8:1f:c0:d0:a0:d3:90:c0:98:58:c0:46:f7:
         7f:b4:85:38:73:62:63:ff:49:96:ba:c8:f6:00:9b:1a:f5:33:
         df:26:0c:e0:ae:c5:0f:65:84:93:b9:85:ad:48:55:dd:23:33:
         0c:a8:10:ad:67:00:c7:44:72:80:69:0e:b9:f2:68:10:fd:c9:
         ee:4d:33:38:b2:ce:0d:c0:83:61:fe:29:71:26:93:2b:1d:9b:
         58:ad:b8:02:97:aa:67:c0:57:f1:ca:10:5b:42:1e:5d:e2:5c:
         83:81:07:e5:0b:d1:1f:7e:57:0b:29:7f:f9:8d:56:42:17:24:
         f9:39:75:d8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAo8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODcwQjkxMTAvBgNVBAUTKDZGMjcyMkI2RTUxMzM0NjUyNUEyQTk5NDY0MUI0RTI3
RjA0RDUzNTYwHhcNMjUwNjExMDEyOTIwWhcNMjUwNjE4MDEyOTIwWjAYMRYwFAYD
VQQDEw02ODQ4ZGJmMC1jMWNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA39p8b2a6f/losr69gVmJ8Y0d39rrFo0Xx6Tlcg0su2dA34AyJX3mGXD4tYfc
e/aSqHLDK1dubvoUcDHWqURYP7+q6/6JGrI7Bdhjwa01pQFh7A6SU4t/uzXHUrE+
xWzilza2aCKQvcDmPiN6vPH2upCpt9rLgcTEvA9Q41JwzhBhsKL6iJChBWtvoHF4
I7wPTCkJJTQxV0xMmZzLW6YL9N4jlk4kjlWWMB/1Q4igcudAcOxEJ4GXb8U2e9HD
AIGZ4mrxLmYEQJWKzF8aY53PI4ztq+QZQOnmYoC3dP/fRioSdLSbMzwBl+v1lEKD
TVqOelf0qFikzndYSt++HkCkRQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFB4FsNU6
kJqGSbnDk7aj8YFUcCg6MB8GA1UdIwQYMBaAFG8nIrblEzRlJaKplGQbTifwTVNW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NzBCOS83QzhDODkwRTA3
MUUxMUVEQTJFM0YxMzJDNEY5QUUwMi9ieWNpdHVVVE5HVWxvcW1VWkJ0T0pfQk5V
MVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2J5Y2l0dVVUTkdVbG9xbVVaQnRPSl9CTlUxWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
NzBCOS83QzhDODkwRTA3MUUxMUVEQTJFM0YxMzJDNEY5QUUwMi9ieWNpdHVVVE5H
VWxvcW1VWkJ0T0pfQk5VMVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBnZXYRio1/zCyfJW62Es0uW/nrlygGIpfHxu40rC9MvPcr06OXrPNL
Anq4131zwrPM/2abQWtU5dEhuFxMbNxrBKDTUVEpEupApOzpu32cigWABigKsQLL
/DSEBimm7JMn2Mz9nKNkaFzStE9hBmB9EfvBZk5RvqjVaCf6QLzuA97Pl+gfwNCg
05DAmFjARvd/tIU4c2Jj/0mWusj2AJsa9TPfJgzgrsUPZYSTuYWtSFXdIzMMqBCt
ZwDHRHKAaQ658mgQ/cnuTTM4ss4NwINh/ilxJpMrHZtYrbgCl6pnwFfxyhBbQh5d
4lyDgQflC9EfflcLKX/5jVZCFyT5OXXY
-----END CERTIFICATE-----
Generated at Thu Jun 12 03:23:54 2025 by rpki-client