Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A918E85E/5BC1267AEFF311EE977CAC31C4F9AE02/ctH2ecltIFwtRxyUqA3vYNkRJhw.mft
File:                     ctH2ecltIFwtRxyUqA3vYNkRJhw.mft (raw, json)
Hash identifier:          3kaKIl/q8rthndRTYuLwsGZMC8lK+VvNhn2GSNNu6Mc=
Subject key identifier:   E3:B2:D0:33:30:57:02:61:B4:FE:DF:F2:11:0D:64:F5:49:8F:A6:15
Authority key identifier: 72:D1:F6:79:C9:6D:20:5C:2D:47:1C:94:A8:0D:EF:60:D9:11:26:1C
Certificate issuer:       /CN=A918E85E/serialNumber=72D1F679C96D205C2D471C94A80DEF60D911261C
Certificate serial:       F6
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ctH2ecltIFwtRxyUqA3vYNkRJhw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918E85E/5BC1267AEFF311EE977CAC31C4F9AE02/ctH2ecltIFwtRxyUqA3vYNkRJhw.mft
Manifest number:          F4
Signing time:             Fri 25 Jul 2025 05:29:42 +0000
Manifest this update:     Fri 25 Jul 2025 05:29:41 +0000
Manifest next update:     Fri 01 Aug 2025 05:29:41 +0000
Files and hashes:         1: ctH2ecltIFwtRxyUqA3vYNkRJhw.crl (hash: dGDPwgw+TGT9fR25GBn8L2A1tBr8jPMKae+0voA0zHk=)
                          2: 255842A2EFF411EE853CC833C4F9AE02.roa (hash: 0a/19rU1zoR8HPG3b9KrbOC4Srzy59tAkTtlFRC+aqM=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A918E85E/5BC1267AEFF311EE977CAC31C4F9AE02/ctH2ecltIFwtRxyUqA3vYNkRJhw.crl
                          rsync://rpki.apnic.net/member_repository/A918E85E/5BC1267AEFF311EE977CAC31C4F9AE02/ctH2ecltIFwtRxyUqA3vYNkRJhw.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ctH2ecltIFwtRxyUqA3vYNkRJhw.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 01 Aug 2025 05:29:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 246 (0xf6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918E85E, serialNumber=72D1F679C96D205C2D471C94A80DEF60D911261C
        Validity
            Not Before: Jul 25 05:29:41 2025 GMT
            Not After : Aug  1 05:29:41 2025 GMT
        Subject: CN=68831645-3122
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:eb:3b:bb:56:84:09:8b:e5:85:76:75:99:6e:
                    72:ff:7d:94:a8:24:ac:20:2d:61:f4:33:7d:9c:6e:
                    33:db:ea:e7:5d:62:c1:9a:54:47:d2:97:7f:80:f8:
                    89:48:fd:df:a0:8f:fa:e7:8c:36:3d:ce:28:d6:1b:
                    d5:e6:cc:85:42:3a:9c:ea:18:0b:3e:d9:5d:21:3f:
                    a8:f2:86:af:4a:79:cd:3e:0a:dd:2d:e9:26:88:af:
                    78:2f:be:83:a3:95:66:c3:b6:e3:b1:ca:e3:46:1b:
                    f0:22:0e:d1:f2:00:ad:85:16:33:6e:ad:93:c4:c8:
                    2f:42:8e:b9:94:4f:8a:bc:24:29:65:1d:63:e0:f3:
                    92:62:1f:ac:0c:a4:ed:df:be:2b:a8:fb:71:0d:91:
                    a4:18:64:f4:13:8e:ff:df:b6:88:5d:7e:84:b3:51:
                    99:41:b5:48:28:91:47:cc:a6:21:7f:04:ad:c4:70:
                    06:1e:77:d9:7d:76:0c:ae:5b:c3:42:e1:65:09:ae:
                    9c:50:23:63:56:33:d3:4b:fa:ef:c6:59:46:b2:eb:
                    2b:65:1a:96:e2:4e:ed:a5:d8:d0:87:f7:e6:65:06:
                    79:a4:83:66:e4:6f:40:43:6d:e5:da:02:d7:42:3b:
                    21:30:40:0e:4e:3a:59:4a:95:62:d2:39:ac:95:a9:
                    78:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:B2:D0:33:30:57:02:61:B4:FE:DF:F2:11:0D:64:F5:49:8F:A6:15
            X509v3 Authority Key Identifier:
                keyid:72:D1:F6:79:C9:6D:20:5C:2D:47:1C:94:A8:0D:EF:60:D9:11:26:1C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918E85E/5BC1267AEFF311EE977CAC31C4F9AE02/ctH2ecltIFwtRxyUqA3vYNkRJhw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ctH2ecltIFwtRxyUqA3vYNkRJhw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918E85E/5BC1267AEFF311EE977CAC31C4F9AE02/ctH2ecltIFwtRxyUqA3vYNkRJhw.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:88:17:56:a4:f4:17:4b:a9:fb:91:03:9a:3c:da:82:f1:55:
         d8:60:07:35:a5:fd:9b:f7:a9:8f:62:93:7a:09:c4:8d:4e:04:
         6c:06:9d:33:a7:6c:42:4d:fc:6c:b8:70:84:fe:c5:6c:19:fc:
         50:bc:70:c1:9c:7d:88:28:95:18:dc:86:63:9c:5c:e2:43:e1:
         74:50:e7:72:07:38:d5:30:5b:cf:79:7c:0a:bf:24:98:f2:12:
         eb:d3:62:e7:cd:47:4b:fa:80:a5:3e:18:65:1b:d7:87:43:7d:
         4d:ec:f3:04:1d:47:29:61:9d:ed:24:be:ab:90:25:d9:d9:b7:
         dd:17:47:f9:9a:e3:d6:de:dc:fe:f4:8d:05:6c:70:78:b7:00:
         9a:1d:92:57:9b:47:d9:14:c5:bc:f8:4f:64:62:c2:08:66:ce:
         22:7f:e2:6c:d1:7b:1c:ad:e4:6c:08:f4:56:14:fb:66:1c:9c:
         fb:aa:77:9a:8d:13:d8:fa:e8:9c:6c:b5:0b:30:c6:09:80:2c:
         cf:38:c1:c8:00:e5:1c:93:45:12:a8:9a:7f:5c:91:b9:ac:4c:
         72:97:b0:81:90:7e:85:30:b6:41:ac:49:0f:9f:b0:9c:b7:49:
         61:0a:2d:b0:b2:17:ff:fc:2d:0f:e5:05:6a:db:aa:f9:3e:7f:
         cc:11:06:9d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAPYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEU4NUUxMTAvBgNVBAUTKDcyRDFGNjc5Qzk2RDIwNUMyRDQ3MUM5NEE4MERFRjYw
RDkxMTI2MUMwHhcNMjUwNzI1MDUyOTQxWhcNMjUwODAxMDUyOTQxWjAYMRYwFAYD
VQQDEw02ODgzMTY0NS0zMTIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq+s7u1aECYvlhXZ1mW5y/32UqCSsIC1h9DN9nG4z2+rnXWLBmlRH0pd/gPiJ
SP3foI/654w2Pc4o1hvV5syFQjqc6hgLPtldIT+o8oavSnnNPgrdLekmiK94L76D
o5Vmw7bjscrjRhvwIg7R8gCthRYzbq2TxMgvQo65lE+KvCQpZR1j4POSYh+sDKTt
374rqPtxDZGkGGT0E47/37aIXX6Es1GZQbVIKJFHzKYhfwStxHAGHnfZfXYMrlvD
QuFlCa6cUCNjVjPTS/rvxllGsusrZRqW4k7tpdjQh/fmZQZ5pINm5G9AQ23l2gLX
QjshMEAOTjpZSpVi0jmslal43wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOOy0DMw
VwJhtP7f8hENZPVJj6YVMB8GA1UdIwQYMBaAFHLR9nnJbSBcLUcclKgN72DZESYc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RTg1RS81QkMxMjY3QUVG
RjMxMUVFOTc3Q0FDMzFDNEY5QUUwMi9jdEgyZWNsdElGd3RSeHlVcUEzdllOa1JK
aHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2N0SDJlY2x0SUZ3dFJ4eVVxQTN2WU5rUkpody5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
RTg1RS81QkMxMjY3QUVGRjMxMUVFOTc3Q0FDMzFDNEY5QUUwMi9jdEgyZWNsdElG
d3RSeHlVcUEzdllOa1JKaHcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQATiBdWpPQXS6n7kQOaPNqC8VXYYAc1pf2b96mPYpN6CcSNTgRsBp0z
p2xCTfxsuHCE/sVsGfxQvHDBnH2IKJUY3IZjnFziQ+F0UOdyBzjVMFvPeXwKvySY
8hLr02LnzUdL+oClPhhlG9eHQ31N7PMEHUcpYZ3tJL6rkCXZ2bfdF0f5muPW3tz+
9I0FbHB4twCaHZJXm0fZFMW8+E9kYsIIZs4if+Js0XscreRsCPRWFPtmHJz7qnea
jRPY+uicbLULMMYJgCzPOMHIAOUck0USqJp/XJG5rExyl7CBkH6FMLZBrEkPn7Cc
t0lhCi2wshf//C0P5QVq26r5Pn/MEQad
-----END CERTIFICATE-----
Generated at Fri Jul 25 13:32:29 2025 by rpki-client