Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9189B41/69B7698E605911EF9C223760C4F9AE02/punLpSnAWpYkymA1SKPjFJF1jys.mft
File:                     punLpSnAWpYkymA1SKPjFJF1jys.mft (raw, json)
Hash identifier:          T4c+j1usbZX+Pg3d5VfNxhGisrzk9J7lvt8KscvG2Ck=
Subject key identifier:   51:66:6F:26:56:E0:D3:19:1F:6B:4F:94:44:84:92:D8:3A:3B:81:FC
Authority key identifier: A6:E9:CB:A5:29:C0:5A:96:24:CA:60:35:48:A3:E3:14:91:75:8F:2B
Certificate issuer:       /CN=A9189B41/serialNumber=A6E9CBA529C05A9624CA603548A3E31491758F2B
Certificate serial:       98
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/punLpSnAWpYkymA1SKPjFJF1jys.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9189B41/69B7698E605911EF9C223760C4F9AE02/punLpSnAWpYkymA1SKPjFJF1jys.mft
Manifest number:          97
Signing time:             Wed 11 Jun 2025 05:45:34 +0000
Manifest this update:     Wed 11 Jun 2025 05:45:33 +0000
Manifest next update:     Wed 18 Jun 2025 05:45:33 +0000
Files and hashes:         1: punLpSnAWpYkymA1SKPjFJF1jys.crl (hash: dLgAxyzcf47U0YowZnjL2mdiUqSlcmVFQnFZm7U+myE=)
                          2: 17AF252C605A11EFB7F45361C4F9AE02.roa (hash: hIohGLAEr9r6SYuLg+aGzwQmujzK2d8ao66pEwxDxz4=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9189B41/69B7698E605911EF9C223760C4F9AE02/punLpSnAWpYkymA1SKPjFJF1jys.crl
                          rsync://rpki.apnic.net/member_repository/A9189B41/69B7698E605911EF9C223760C4F9AE02/punLpSnAWpYkymA1SKPjFJF1jys.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/punLpSnAWpYkymA1SKPjFJF1jys.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 18 Jun 2025 05:45:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 152 (0x98)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9189B41, serialNumber=A6E9CBA529C05A9624CA603548A3E31491758F2B
        Validity
            Not Before: Jun 11 05:45:33 2025 GMT
            Not After : Jun 18 05:45:33 2025 GMT
        Subject: CN=684917fe-0ffc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:ab:b3:9d:c2:72:14:67:eb:f2:4e:ba:67:7b:
                    16:99:61:ee:76:3a:1e:81:eb:c6:50:b3:91:8f:15:
                    9c:76:42:9b:71:5b:f5:65:d9:d1:e0:d6:73:d0:cd:
                    60:09:df:61:22:cd:f0:ed:65:01:9c:eb:77:14:5d:
                    ec:6f:46:fb:b3:a4:a4:da:e8:f2:25:c8:32:46:ff:
                    93:a4:51:bf:16:45:8b:61:20:1d:29:e7:38:52:c4:
                    e4:a8:52:1b:fc:32:03:c0:91:2f:e9:a2:2a:db:0b:
                    cd:9e:06:cc:f0:4c:85:31:4d:42:7d:b0:45:39:7a:
                    cd:f2:7b:fd:05:e9:b3:a4:58:dc:3e:b5:85:36:c1:
                    36:34:a2:a8:ef:49:b8:f9:80:5d:a6:0c:d9:ea:9a:
                    f1:3d:80:df:e5:0f:88:5a:f5:85:52:df:66:4e:cb:
                    a8:a8:1c:4e:23:5f:70:ad:1c:36:00:4d:7d:73:cc:
                    1a:59:92:f5:01:31:b1:18:24:b8:29:52:1a:63:24:
                    50:55:50:04:fd:1f:4e:e7:f6:c7:31:be:a1:98:34:
                    55:12:9b:18:fb:03:56:76:c8:c9:f7:d4:c9:ea:ba:
                    83:ae:e7:58:89:fe:6a:86:21:10:58:69:e7:62:2e:
                    28:81:98:d1:20:98:ef:e0:a4:f8:79:57:cb:b3:72:
                    54:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:66:6F:26:56:E0:D3:19:1F:6B:4F:94:44:84:92:D8:3A:3B:81:FC
            X509v3 Authority Key Identifier:
                keyid:A6:E9:CB:A5:29:C0:5A:96:24:CA:60:35:48:A3:E3:14:91:75:8F:2B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9189B41/69B7698E605911EF9C223760C4F9AE02/punLpSnAWpYkymA1SKPjFJF1jys.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/punLpSnAWpYkymA1SKPjFJF1jys.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9189B41/69B7698E605911EF9C223760C4F9AE02/punLpSnAWpYkymA1SKPjFJF1jys.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:59:af:f4:50:1b:96:d8:4d:f4:78:ff:2c:f6:14:be:46:ad:
         17:b6:df:90:27:d9:04:a3:d5:e8:d5:a3:bb:06:8d:ff:84:f8:
         01:c4:a3:45:c6:e2:d4:2f:26:18:79:34:c0:5b:b2:17:a6:75:
         02:d8:26:dc:a8:b8:78:89:2f:3d:e8:5b:a9:d3:c1:7b:3b:92:
         30:4f:d0:26:57:fb:7e:ae:f2:ae:44:47:39:f8:03:f2:43:fd:
         42:84:d5:d0:2c:aa:b7:12:ae:88:60:0c:5d:09:05:a4:a0:5d:
         47:06:7b:44:a0:45:8e:d7:17:a6:00:a8:ef:9d:23:74:14:f9:
         79:42:3a:0d:0d:29:30:3d:a8:30:86:53:08:b0:9f:3e:04:56:
         2d:37:67:27:7a:a6:59:26:e3:af:46:9d:f1:a5:79:f2:e2:87:
         c7:ba:a6:52:ab:a2:3c:80:40:71:61:75:b0:20:38:b0:2d:2c:
         c2:ed:15:d9:7b:a8:62:b7:70:ac:06:d0:67:bf:45:37:e8:83:
         b3:01:3b:88:ca:09:42:4a:af:ea:f3:9d:e8:9e:a6:ac:e6:c6:
         c5:8f:5a:44:e4:1c:e9:1e:d5:85:d0:ee:3f:b0:ad:58:b9:1b:
         b2:79:57:79:e4:ba:eb:b1:46:b4:8d:8d:d8:5a:2e:8d:4c:d3:
         4e:4d:f9:b5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAJgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODlCNDExMTAvBgNVBAUTKEE2RTlDQkE1MjlDMDVBOTYyNENBNjAzNTQ4QTNFMzE0
OTE3NThGMkIwHhcNMjUwNjExMDU0NTMzWhcNMjUwNjE4MDU0NTMzWjAYMRYwFAYD
VQQDEw02ODQ5MTdmZS0wZmZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqKuzncJyFGfr8k66Z3sWmWHudjoegevGULORjxWcdkKbcVv1ZdnR4NZz0M1g
Cd9hIs3w7WUBnOt3FF3sb0b7s6Sk2ujyJcgyRv+TpFG/FkWLYSAdKec4UsTkqFIb
/DIDwJEv6aIq2wvNngbM8EyFMU1CfbBFOXrN8nv9BemzpFjcPrWFNsE2NKKo70m4
+YBdpgzZ6prxPYDf5Q+IWvWFUt9mTsuoqBxOI19wrRw2AE19c8waWZL1ATGxGCS4
KVIaYyRQVVAE/R9O5/bHMb6hmDRVEpsY+wNWdsjJ99TJ6rqDrudYif5qhiEQWGnn
Yi4ogZjRIJjv4KT4eVfLs3JUiwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFFmbyZW
4NMZH2tPlESEktg6O4H8MB8GA1UdIwQYMBaAFKbpy6UpwFqWJMpgNUij4xSRdY8r
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4OUI0MS82OUI3Njk4RTYw
NTkxMUVGOUMyMjM3NjBDNEY5QUUwMi9wdW5McFNuQVdwWWt5bUExU0tQakZKRjFq
eXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3B1bkxwU25BV3BZa3ltQTFTS1BqRkpGMWp5cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
OUI0MS82OUI3Njk4RTYwNTkxMUVGOUMyMjM3NjBDNEY5QUUwMi9wdW5McFNuQVdw
WWt5bUExU0tQakZKRjFqeXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCYWa/0UBuW2E30eP8s9hS+Rq0Xtt+QJ9kEo9Xo1aO7Bo3/hPgBxKNF
xuLULyYYeTTAW7IXpnUC2CbcqLh4iS896Fup08F7O5IwT9AmV/t+rvKuREc5+APy
Q/1ChNXQLKq3Eq6IYAxdCQWkoF1HBntEoEWO1xemAKjvnSN0FPl5QjoNDSkwPagw
hlMIsJ8+BFYtN2cneqZZJuOvRp3xpXny4ofHuqZSq6I8gEBxYXWwIDiwLSzC7RXZ
e6hit3CsBtBnv0U36IOzATuIyglCSq/q853onqas5sbFj1pE5BzpHtWF0O4/sK1Y
uRuyeVd55LrrsUa0jY3YWi6NTNNOTfm1
-----END CERTIFICATE-----
Generated at Thu Jun 12 15:22:22 2025 by rpki-client