Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A919960D/BD0B64C68DDA11ED873A7487C4F9AE02/QgBM9ryh-lZCT17qJPYqkrJc3s8.mft
File:                     QgBM9ryh-lZCT17qJPYqkrJc3s8.mft (raw, json)
Hash identifier:          LSGJk2+TlLNid2z4Q/TwGlc6SQQE5ydIWFipV49pwt0=
Subject key identifier:   6A:43:69:95:5D:9D:10:AD:13:29:3C:BC:58:A9:3B:44:A8:54:97:28
Authority key identifier: 42:00:4C:F6:BC:A1:FA:56:42:4F:5E:EA:24:F6:2A:92:B2:5C:DE:CF
Certificate issuer:       /CN=A919960D/serialNumber=42004CF6BCA1FA56424F5EEA24F62A92B25CDECF
Certificate serial:       01CF
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QgBM9ryh-lZCT17qJPYqkrJc3s8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A919960D/BD0B64C68DDA11ED873A7487C4F9AE02/QgBM9ryh-lZCT17qJPYqkrJc3s8.mft
Manifest number:          01CA
Signing time:             Wed 11 Jun 2025 02:25:36 +0000
Manifest this update:     Wed 11 Jun 2025 02:25:35 +0000
Manifest next update:     Wed 18 Jun 2025 02:25:35 +0000
Files and hashes:         1: QgBM9ryh-lZCT17qJPYqkrJc3s8.crl (hash: AmRYsa68gNL71PYk+GKTuKRV7RMW/FTbmDwjGareeTg=)
                          2: BE9174768DDE11ED97AFDA82C4F9AE02.roa (hash: L+V30ULZZ1KBiifHC7zDGdNJ17lrpWMv8iHx76Nc92w=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A919960D/BD0B64C68DDA11ED873A7487C4F9AE02/QgBM9ryh-lZCT17qJPYqkrJc3s8.crl
                          rsync://rpki.apnic.net/member_repository/A919960D/BD0B64C68DDA11ED873A7487C4F9AE02/QgBM9ryh-lZCT17qJPYqkrJc3s8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QgBM9ryh-lZCT17qJPYqkrJc3s8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 18 Jun 2025 02:25:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 463 (0x1cf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A919960D, serialNumber=42004CF6BCA1FA56424F5EEA24F62A92B25CDECF
        Validity
            Not Before: Jun 11 02:25:35 2025 GMT
            Not After : Jun 18 02:25:35 2025 GMT
        Subject: CN=6848e920-0042
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:e4:d0:46:a0:9e:45:11:e7:f4:26:5b:3f:fb:
                    f6:22:f9:88:8c:e9:5a:20:77:78:8b:f2:ee:d1:91:
                    d0:f3:b7:cb:71:a5:57:11:c8:10:99:4e:56:a4:17:
                    a7:e1:a8:bb:e6:dd:e5:a3:d9:30:e2:f8:3b:e0:6d:
                    96:6b:88:fb:ce:7f:38:ef:3d:5c:c0:dc:05:fd:65:
                    1e:e7:4f:b4:22:41:b0:9b:bf:1a:ae:35:e5:19:26:
                    28:e3:12:dc:bd:eb:3e:e5:92:5f:a6:fa:f1:84:37:
                    4a:78:29:1b:61:9b:f1:0b:c3:be:77:e5:4c:10:75:
                    00:fd:5b:98:ed:7b:7d:17:60:17:1d:5f:a8:4a:9c:
                    59:f1:ac:ee:aa:72:e3:f8:51:c0:f3:f4:ff:e7:48:
                    5d:30:e0:48:4a:8b:74:6f:c0:99:53:ea:7b:3e:58:
                    ec:3a:c9:a4:e3:da:8c:dd:48:2b:82:aa:d3:df:7f:
                    cc:86:f2:65:f5:c3:ee:ba:6e:ea:98:4f:a6:09:9f:
                    08:15:59:72:2a:a4:9a:36:83:84:15:c1:c4:6e:ce:
                    6c:14:45:f8:f0:b8:76:12:13:8c:3b:2e:2c:ca:55:
                    5b:3b:c6:ac:28:dd:bc:3e:02:ee:fa:b2:34:52:b7:
                    af:fd:59:94:cf:1c:8d:25:d2:7c:47:dc:35:de:a4:
                    54:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:43:69:95:5D:9D:10:AD:13:29:3C:BC:58:A9:3B:44:A8:54:97:28
            X509v3 Authority Key Identifier:
                keyid:42:00:4C:F6:BC:A1:FA:56:42:4F:5E:EA:24:F6:2A:92:B2:5C:DE:CF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A919960D/BD0B64C68DDA11ED873A7487C4F9AE02/QgBM9ryh-lZCT17qJPYqkrJc3s8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QgBM9ryh-lZCT17qJPYqkrJc3s8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919960D/BD0B64C68DDA11ED873A7487C4F9AE02/QgBM9ryh-lZCT17qJPYqkrJc3s8.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:7e:7b:11:33:17:67:2c:6a:02:6a:30:35:8a:ca:59:c3:98:
         ca:b6:c4:55:07:d0:cf:38:9d:9e:e4:e4:a9:7b:f7:57:67:d3:
         75:68:00:88:e9:64:92:43:45:1d:6b:16:ae:5c:91:c6:da:a6:
         b1:ae:1c:e2:c5:6f:6f:34:bc:30:f7:c1:42:31:4d:61:42:8f:
         e9:9c:f4:a5:7f:82:29:76:08:99:51:89:45:a6:68:33:19:45:
         7c:8f:eb:56:f4:15:8a:7d:ff:10:86:ea:21:a1:9a:2c:63:13:
         f4:58:0f:6a:90:56:aa:91:66:4e:25:dd:6d:c6:b2:43:3d:2f:
         e5:31:fd:80:a5:9f:fb:ab:68:e4:a1:66:23:78:f2:1d:85:a8:
         25:42:4c:92:c3:c3:c1:23:61:91:d4:49:46:1e:e5:cb:bb:f4:
         a0:8b:e9:ce:a7:bd:b1:e3:00:cf:c2:93:17:7a:ff:82:0e:8f:
         58:17:1b:5a:31:e2:f9:10:45:d4:ab:12:c3:4b:60:22:a4:14:
         4d:6b:e4:f2:24:2d:98:d3:73:25:b0:1d:85:3b:4a:19:4f:3b:
         cc:90:79:46:4f:ba:b0:44:73:11:fa:68:b7:0c:13:46:39:70:
         a7:c8:84:49:7c:87:5b:ed:6e:07:03:6f:f2:a2:7d:7a:fa:88:
         7a:1e:f7:46
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAc8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTk2MEQxMTAvBgNVBAUTKDQyMDA0Q0Y2QkNBMUZBNTY0MjRGNUVFQTI0RjYyQTky
QjI1Q0RFQ0YwHhcNMjUwNjExMDIyNTM1WhcNMjUwNjE4MDIyNTM1WjAYMRYwFAYD
VQQDEw02ODQ4ZTkyMC0wMDQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAueTQRqCeRRHn9CZbP/v2IvmIjOlaIHd4i/Lu0ZHQ87fLcaVXEcgQmU5WpBen
4ai75t3lo9kw4vg74G2Wa4j7zn847z1cwNwF/WUe50+0IkGwm78arjXlGSYo4xLc
ves+5ZJfpvrxhDdKeCkbYZvxC8O+d+VMEHUA/VuY7Xt9F2AXHV+oSpxZ8azuqnLj
+FHA8/T/50hdMOBISot0b8CZU+p7PljsOsmk49qM3UgrgqrT33/MhvJl9cPuum7q
mE+mCZ8IFVlyKqSaNoOEFcHEbs5sFEX48Lh2EhOMOy4sylVbO8asKN28PgLu+rI0
Urev/VmUzxyNJdJ8R9w13qRU6wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGpDaZVd
nRCtEyk8vFipO0SoVJcoMB8GA1UdIwQYMBaAFEIATPa8ofpWQk9e6iT2KpKyXN7P
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5OTYwRC9CRDBCNjRDNjhE
REExMUVEODczQTc0ODdDNEY5QUUwMi9RZ0JNOXJ5aC1sWkNUMTdxSlBZcWtySmMz
czguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FnQk05cnloLWxaQ1QxN3FKUFlxa3JKYzNzOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
OTYwRC9CRDBCNjRDNjhEREExMUVEODczQTc0ODdDNEY5QUUwMi9RZ0JNOXJ5aC1s
WkNUMTdxSlBZcWtySmMzczgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAqfnsRMxdnLGoCajA1ispZw5jKtsRVB9DPOJ2e5OSpe/dXZ9N1aACI
6WSSQ0UdaxauXJHG2qaxrhzixW9vNLww98FCMU1hQo/pnPSlf4IpdgiZUYlFpmgz
GUV8j+tW9BWKff8QhuohoZosYxP0WA9qkFaqkWZOJd1txrJDPS/lMf2ApZ/7q2jk
oWYjePIdhaglQkySw8PBI2GR1ElGHuXLu/Sgi+nOp72x4wDPwpMXev+CDo9YFxta
MeL5EEXUqxLDS2AipBRNa+TyJC2Y03MlsB2FO0oZTzvMkHlGT7qwRHMR+mi3DBNG
OXCnyIRJfIdb7W4HA2/yon16+oh6HvdG
-----END CERTIFICATE-----
Generated at Thu Jun 12 03:21:53 2025 by rpki-client