Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A918E85E/5BC1267AEFF311EE977CAC31C4F9AE02/ctH2ecltIFwtRxyUqA3vYNkRJhw.mft
File:                     ctH2ecltIFwtRxyUqA3vYNkRJhw.mft (raw, json)
Hash identifier:          5bd4Pu/PEJ4MHhhyNFJ5oFC0Qd86m75btdl5q8K9MbY=
Subject key identifier:   C3:74:95:25:62:A2:5D:AA:9A:1D:A6:B9:C5:6E:99:C9:D9:C8:16:73
Authority key identifier: 72:D1:F6:79:C9:6D:20:5C:2D:47:1C:94:A8:0D:EF:60:D9:11:26:1C
Certificate issuer:       /CN=A918E85E/serialNumber=72D1F679C96D205C2D471C94A80DEF60D911261C
Certificate serial:       F4
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ctH2ecltIFwtRxyUqA3vYNkRJhw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918E85E/5BC1267AEFF311EE977CAC31C4F9AE02/ctH2ecltIFwtRxyUqA3vYNkRJhw.mft
Manifest number:          F2
Signing time:             Mon 21 Jul 2025 05:23:33 +0000
Manifest this update:     Mon 21 Jul 2025 05:23:33 +0000
Manifest next update:     Mon 28 Jul 2025 05:23:33 +0000
Files and hashes:         1: ctH2ecltIFwtRxyUqA3vYNkRJhw.crl (hash: dHwx495BlmMPVrE46j2xGvaSuZc2rkkqKwlIhPpgjt8=)
                          2: 255842A2EFF411EE853CC833C4F9AE02.roa (hash: 0a/19rU1zoR8HPG3b9KrbOC4Srzy59tAkTtlFRC+aqM=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A918E85E/5BC1267AEFF311EE977CAC31C4F9AE02/ctH2ecltIFwtRxyUqA3vYNkRJhw.crl
                          rsync://rpki.apnic.net/member_repository/A918E85E/5BC1267AEFF311EE977CAC31C4F9AE02/ctH2ecltIFwtRxyUqA3vYNkRJhw.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ctH2ecltIFwtRxyUqA3vYNkRJhw.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 28 Jul 2025 05:23:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 244 (0xf4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918E85E, serialNumber=72D1F679C96D205C2D471C94A80DEF60D911261C
        Validity
            Not Before: Jul 21 05:23:33 2025 GMT
            Not After : Jul 28 05:23:33 2025 GMT
        Subject: CN=687dced5-1410
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:98:f6:07:9f:95:f4:e1:ab:12:5e:38:e2:f8:
                    d9:5e:c6:b3:1c:74:56:fc:81:3b:52:df:3b:e4:3f:
                    a1:ed:5b:82:60:c2:9a:c6:d5:19:3f:02:7c:0c:2b:
                    a3:ed:03:ed:74:e8:6d:0b:a8:b6:38:dc:c3:ac:82:
                    6b:69:63:67:8c:ec:a7:38:c6:01:29:5e:97:d2:8c:
                    87:63:21:83:c8:04:55:73:fb:ed:8e:f1:e2:c3:a2:
                    9a:bb:00:e3:10:6a:42:ee:6f:2e:56:65:bb:43:2e:
                    79:58:13:02:a1:2c:fd:19:d2:ae:ad:77:0d:dc:ac:
                    aa:e3:55:d5:38:be:c5:92:26:c0:26:a3:92:c9:5d:
                    1a:f5:07:ed:4d:14:f4:6a:b3:25:bf:8f:de:e5:22:
                    dd:9d:9a:c0:f0:46:c9:b3:2e:a2:00:25:05:48:c2:
                    8e:ce:76:fa:8e:7c:75:d6:d6:12:28:0a:73:ae:b3:
                    ec:4d:d1:c0:b5:8c:aa:b1:08:d3:d2:9d:f3:b5:5e:
                    46:59:d0:69:ab:90:92:9c:e1:99:1a:78:46:2d:2b:
                    5b:8d:5c:0a:72:4a:63:a1:54:0a:7f:ba:3a:08:fd:
                    b0:14:74:a8:bd:a2:9d:91:6f:a5:bb:f0:e9:3a:ad:
                    ba:95:93:bb:73:c8:61:e3:08:d8:f8:de:94:50:59:
                    6f:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:74:95:25:62:A2:5D:AA:9A:1D:A6:B9:C5:6E:99:C9:D9:C8:16:73
            X509v3 Authority Key Identifier:
                keyid:72:D1:F6:79:C9:6D:20:5C:2D:47:1C:94:A8:0D:EF:60:D9:11:26:1C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918E85E/5BC1267AEFF311EE977CAC31C4F9AE02/ctH2ecltIFwtRxyUqA3vYNkRJhw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ctH2ecltIFwtRxyUqA3vYNkRJhw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918E85E/5BC1267AEFF311EE977CAC31C4F9AE02/ctH2ecltIFwtRxyUqA3vYNkRJhw.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:5d:71:98:96:09:d1:7e:25:d3:94:4e:78:89:01:9c:ef:17:
         02:e6:f9:83:dc:19:82:0c:b2:49:8f:a9:3f:11:21:c6:7a:82:
         75:76:6a:10:81:14:35:d6:51:e4:95:fb:31:68:4c:25:dd:71:
         3b:53:7c:ee:9a:30:5e:3c:6d:60:99:b6:7d:ac:df:db:ef:df:
         43:3b:99:7a:68:c9:ab:8e:b7:e7:d9:2c:d2:a6:03:c6:01:d0:
         95:fc:fa:fd:b5:85:6e:d9:8b:6e:2d:30:eb:fd:30:de:47:53:
         7f:15:26:fd:53:ae:f9:fe:45:51:ab:d1:72:30:76:3f:59:a1:
         df:c2:2b:cf:53:a1:6e:dd:4f:ed:0f:1e:18:49:b6:b5:2a:e9:
         0b:9c:45:fe:88:5d:19:9e:b4:b1:65:e4:00:c4:37:90:c3:e8:
         30:47:bc:19:d7:29:0d:b0:53:24:21:18:91:ea:68:7c:a5:c7:
         c5:d0:81:86:6b:eb:cb:a5:2f:4e:33:59:2c:fd:a2:06:af:01:
         e8:65:8a:2a:f9:f9:38:e4:bf:6a:aa:b0:74:82:9c:8c:4c:d5:
         b1:07:34:04:df:df:fd:48:6f:bd:36:e4:3a:f6:cb:17:f4:f8:
         4f:ba:02:79:83:ef:d8:83:c9:e5:9a:34:96:39:68:c7:d8:f7:
         e5:a5:4f:e4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAPQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEU4NUUxMTAvBgNVBAUTKDcyRDFGNjc5Qzk2RDIwNUMyRDQ3MUM5NEE4MERFRjYw
RDkxMTI2MUMwHhcNMjUwNzIxMDUyMzMzWhcNMjUwNzI4MDUyMzMzWjAYMRYwFAYD
VQQDEw02ODdkY2VkNS0xNDEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA05j2B5+V9OGrEl444vjZXsazHHRW/IE7Ut875D+h7VuCYMKaxtUZPwJ8DCuj
7QPtdOhtC6i2ONzDrIJraWNnjOynOMYBKV6X0oyHYyGDyARVc/vtjvHiw6KauwDj
EGpC7m8uVmW7Qy55WBMCoSz9GdKurXcN3Kyq41XVOL7FkibAJqOSyV0a9QftTRT0
arMlv4/e5SLdnZrA8EbJsy6iACUFSMKOznb6jnx11tYSKApzrrPsTdHAtYyqsQjT
0p3ztV5GWdBpq5CSnOGZGnhGLStbjVwKckpjoVQKf7o6CP2wFHSovaKdkW+lu/Dp
Oq26lZO7c8hh4wjY+N6UUFlvewIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMN0lSVi
ol2qmh2mucVumcnZyBZzMB8GA1UdIwQYMBaAFHLR9nnJbSBcLUcclKgN72DZESYc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RTg1RS81QkMxMjY3QUVG
RjMxMUVFOTc3Q0FDMzFDNEY5QUUwMi9jdEgyZWNsdElGd3RSeHlVcUEzdllOa1JK
aHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2N0SDJlY2x0SUZ3dFJ4eVVxQTN2WU5rUkpody5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
RTg1RS81QkMxMjY3QUVGRjMxMUVFOTc3Q0FDMzFDNEY5QUUwMi9jdEgyZWNsdElG
d3RSeHlVcUEzdllOa1JKaHcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAgXXGYlgnRfiXTlE54iQGc7xcC5vmD3BmCDLJJj6k/ESHGeoJ1dmoQ
gRQ11lHklfsxaEwl3XE7U3zumjBePG1gmbZ9rN/b799DO5l6aMmrjrfn2SzSpgPG
AdCV/Pr9tYVu2YtuLTDr/TDeR1N/FSb9U675/kVRq9FyMHY/WaHfwivPU6Fu3U/t
Dx4YSba1KukLnEX+iF0ZnrSxZeQAxDeQw+gwR7wZ1ykNsFMkIRiR6mh8pcfF0IGG
a+vLpS9OM1ks/aIGrwHoZYoq+fk45L9qqrB0gpyMTNWxBzQE39/9SG+9NuQ69ssX
9PhPugJ5g+/Yg8nlmjSWOWjH2PflpU/k
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:33:25 2025 by rpki-client