Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.mft
File:                     SC5abgiWomapGkBmwG9LTtmEZJ0.mft (raw, json)
Hash identifier:          ER/vE5ptX38UF/p1h8locerfMdPsADjQT8Evfh85XBQ=
Subject key identifier:   ED:E7:80:58:DD:10:49:DB:9E:59:C3:EC:B7:3B:A9:62:DD:F0:A5:29
Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
Certificate issuer:       /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Certificate serial:       0425
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.mft
Manifest number:          0377
Signing time:             Sun 19 Jan 2025 00:52:09 +0000
Manifest this update:     Sun 19 Jan 2025 00:52:08 +0000
Manifest next update:     Sun 26 Jan 2025 00:52:08 +0000
Files and hashes:         1: SC5abgiWomapGkBmwG9LTtmEZJ0.crl (hash: Lnx56s3CgZMLlH3P5ILOvh85huKH9QPlBVo+Cadd/vE=)
                          2: 235C33AA841511EEB8881E26C4F9AE02.roa (hash: +YRAKRYqk613xfLgB0zdZc+SXbgEgwFsbZ4MAXHqfD4=)
                          3: 91F6CB78CC8411EFB64BE274C4F9AE02.roa (hash: Lyqkbw8kpDEXFRP3wM9V8TcwvtVc37CFnp2p01EAY4g=)
                          4: FC458FFABD2F11EFACAEDF48C4F9AE02.roa (hash: JhXAK3rvu+eA5A55zrWLUy9P2VWJ9TdInDYIPpvwJmg=)
                          5: 70970B107C9811EEA876DA2DC4F9AE02.roa (hash: aHmcIpJIE1GcUyI4Yny/qSd6Or3byAxj4bJ8cE5T4kk=)
                          6: D97AC950ABDD11EDAE837666C4F9AE02.roa (hash: tdnv3yegEbxd1X05RwDaloSoRTHWIFMLf521OQY7jzA=)
                          7: 15E5E344239111EF96EC1C11C4F9AE02.roa (hash: aqom3HQAn6x60ccWSgWXEn4twflM44rVgDlrpW0nn+w=)
                          8: C3313A96BAD411EF9CCFB21AC4F9AE02.roa (hash: XAirON1mrEIlBmChxPF/WavQ8dKSGTCdZU+wu/cewoI=)
                          9: 9C90219CCC8411EF89000275C4F9AE02.roa (hash: f0t4bT6LECkW34FDqKpLn7Rf4i6T46vK93+WgwossiY=)
                          10: 16BF6942E73D11EE8DEA7557C4F9AE02.roa (hash: IJUkoyKq6F6dwcgwQnnfA3U1Ii0VDMRhYlZnBweQndE=)
                          11: 86EB79708F1011EE9F013A61C4F9AE02.roa (hash: sDLFf0VgNj5OaQd/cLxcgFs+ZmQp2L2QZD8I3VKQq+4=)
                          12: 423DBDA2BD3011EFBEFB5F49C4F9AE02.roa (hash: CYb1AUfDdwBmZIiw43Uzz4pNurCcroPrczZ8tZZSS/s=)
                          13: FC852C3E239011EFB136C710C4F9AE02.roa (hash: rfdSLa0My4R23E7UhQOzv75R7oc+8cQio+I5/2T2ScI=)
                          14: B6E083D46E2F11EEB9C12A34C4F9AE02.roa (hash: VWNAPC6UIfMVQch4vSc+1QxFpjuFdCFpkSLGoYnJWLQ=)
                          15: D3A8EA649F0911EE98065E23C4F9AE02.roa (hash: jy6vuCkSSKn5jRqSlZSZkzcBPcsjCkh7JsvXNhpfjoE=)

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl
                          rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 25 Jan 2025 17:16:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1061 (0x425)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
        Validity
            Not Before: Jan 19 00:52:08 2025 GMT
            Not After : Jan 26 00:52:08 2025 GMT
        Subject: CN=678c4cb8-952f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:84:de:5e:5b:5f:41:ef:df:99:4c:af:aa:3f:
                    75:c6:cb:45:f8:9c:46:ae:42:1c:e3:fe:81:f5:62:
                    89:f1:a5:88:70:6f:ee:d6:96:c1:5c:a7:f9:55:56:
                    b8:1c:be:de:93:dc:72:44:b3:c5:6f:dc:32:20:d3:
                    ad:af:0b:3c:52:a4:ba:32:51:2f:cf:2a:93:fc:52:
                    f3:df:09:7b:8a:ce:d9:01:5f:ee:36:26:b9:60:e1:
                    75:e7:04:b9:59:2f:f8:26:5a:09:f3:d8:5c:e5:fe:
                    9f:41:4d:d4:ce:7b:3c:c7:12:f2:15:97:71:e0:58:
                    39:af:b7:22:0d:47:73:37:c9:be:ec:7a:28:ea:c3:
                    17:2e:14:d2:2c:20:18:fb:2b:ec:e7:26:c4:7e:56:
                    91:8a:68:0f:35:4d:29:ee:d3:c5:e8:c9:0b:76:32:
                    82:7f:c7:c4:35:3a:4c:81:ec:9b:14:9f:c5:76:81:
                    7c:36:59:88:b6:53:94:0a:25:93:56:23:11:b6:d0:
                    ac:ac:54:40:95:2c:32:8c:5d:98:63:13:25:03:33:
                    7c:1a:2d:7d:31:f2:51:9f:04:d4:3c:ad:2b:34:a7:
                    2f:73:56:85:9a:b7:30:fc:68:6e:68:d2:20:98:f5:
                    ff:7d:5c:f3:4a:4f:9d:62:21:97:59:74:84:3d:0c:
                    d7:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:E7:80:58:DD:10:49:DB:9E:59:C3:EC:B7:3B:A9:62:DD:F0:A5:29
            X509v3 Authority Key Identifier:
                keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:7d:9b:5c:8d:49:0f:34:80:19:23:88:0e:cb:af:75:f8:95:
         a9:6d:f2:f5:da:c0:ee:db:a8:70:45:02:88:09:2c:2c:17:b3:
         9f:aa:e9:99:54:ff:5d:1e:7c:e9:d7:6d:79:14:44:02:9c:c0:
         8a:cb:96:44:04:30:3b:3b:72:b9:62:db:02:e5:6b:f1:16:98:
         ef:44:fe:45:b3:32:d1:34:65:49:0b:08:1f:7a:be:15:b4:ce:
         17:ed:dd:8f:b9:fa:50:56:a7:94:59:1e:32:f8:79:04:a3:a4:
         83:ec:28:c3:9f:e6:4e:f0:2a:7e:7b:92:84:b7:77:40:3d:ae:
         74:07:a6:4c:72:41:2f:9f:df:04:c6:20:b9:aa:9f:e8:60:5d:
         db:7c:9c:76:56:dd:4f:6a:18:9c:aa:ed:6f:12:71:dd:b9:e0:
         93:19:12:41:ab:be:8d:69:77:5f:c6:cd:0c:e5:06:f2:43:6e:
         08:55:a8:1c:40:87:ae:4b:17:95:d1:1a:0b:eb:f7:c8:fb:a8:
         f5:49:b5:6d:77:50:e6:5c:d7:a6:3b:0a:aa:b1:11:cc:4f:9b:
         18:5a:d7:d3:3f:9c:8c:2a:b8:10:12:5e:09:c4:4c:12:11:9d:
         96:2f:6f:e2:27:6c:d9:28:65:a5:50:ba:3b:e7:f6:2a:56:cd:
         3e:b1:52:ab
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICBCUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF
RDk4NDY0OUQwHhcNMjUwMTE5MDA1MjA4WhcNMjUwMTI2MDA1MjA4WjAYMRYwFAYD
VQQDEw02NzhjNGNiOC05NTJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuoTeXltfQe/fmUyvqj91xstF+JxGrkIc4/6B9WKJ8aWIcG/u1pbBXKf5VVa4
HL7ek9xyRLPFb9wyINOtrws8UqS6MlEvzyqT/FLz3wl7is7ZAV/uNia5YOF15wS5
WS/4JloJ89hc5f6fQU3Uzns8xxLyFZdx4Fg5r7ciDUdzN8m+7Hoo6sMXLhTSLCAY
+yvs5ybEflaRimgPNU0p7tPF6MkLdjKCf8fENTpMgeybFJ/FdoF8NlmItlOUCiWT
ViMRttCsrFRAlSwyjF2YYxMlAzN8Gi19MfJRnwTUPK0rNKcvc1aFmrcw/GhuaNIg
mPX/fVzzSk+dYiGXWXSEPQzXfwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFO3ngFjd
EEnbnlnD7Lc7qWLd8KUpMB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE
NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
RkM3NS8zQUE1REVFMERENTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29t
YXBHa0Jtd0c5TFR0bUVaSjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCKfZtcjUkPNIAZI4gOy691+JWpbfL12sDu26hwRQKICSwsF7OfqumZ
VP9dHnzp1215FEQCnMCKy5ZEBDA7O3K5YtsC5WvxFpjvRP5FszLRNGVJCwgfer4V
tM4X7d2PufpQVqeUWR4y+HkEo6SD7CjDn+ZO8Cp+e5KEt3dAPa50B6ZMckEvn98E
xiC5qp/oYF3bfJx2Vt1Pahicqu1vEnHdueCTGRJBq76NaXdfxs0M5QbyQ24IVagc
QIeuSxeV0RoL6/fI+6j1SbVtd1DmXNemOwqqsRHMT5sYWtfTP5yMKrgQEl4JxEwS
EZ2WL2/iJ2zZKGWlULo75/YqVs0+sVKr
-----END CERTIFICATE-----
Generated at Sun Jan 19 02:05:54 2025 by rpki-client on console-fra.rpki-client.org