Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A919D530/5E55F656406411EFA3C5B827C4F9AE02/guQjhs0B-IaA3TAN-_-ittLn5OY.mft
File:                     guQjhs0B-IaA3TAN-_-ittLn5OY.mft (raw, json)
Hash identifier:          CGdECqSAPjLsRaxMYQ4342pDyLwBfHMYlNRqcJXJY4M=
Subject key identifier:   CB:78:5C:F7:1E:A3:92:3C:CC:21:7C:3B:A8:FF:AC:F4:49:C0:9F:9A
Authority key identifier: 82:E4:23:86:CD:01:F8:86:80:DD:30:0D:FB:FF:A2:B6:D2:E7:E4:E6
Certificate issuer:       /CN=A919D530/serialNumber=82E42386CD01F88680DD300DFBFFA2B6D2E7E4E6
Certificate serial:       3F
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/guQjhs0B-IaA3TAN-_-ittLn5OY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A919D530/5E55F656406411EFA3C5B827C4F9AE02/guQjhs0B-IaA3TAN-_-ittLn5OY.mft
Manifest number:          3D
Signing time:             Sun 03 Nov 2024 05:22:18 +0000
Manifest this update:     Sun 03 Nov 2024 05:22:17 +0000
Manifest next update:     Sun 10 Nov 2024 05:22:17 +0000
Files and hashes:         1: guQjhs0B-IaA3TAN-_-ittLn5OY.crl (hash: mrQGnMUZzXk+ZYmaynoNj7j7cJAt3/HENnkpP0Kq3ps=)
                          2: A48F17F6406411EF96445E28C4F9AE02.roa (hash: tty+LCDvang4Y0BeMpj6lCM+SIBVUZxAkloasgq2izo=)

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A919D530/5E55F656406411EFA3C5B827C4F9AE02/guQjhs0B-IaA3TAN-_-ittLn5OY.crl
                          rsync://rpki.apnic.net/member_repository/A919D530/5E55F656406411EFA3C5B827C4F9AE02/guQjhs0B-IaA3TAN-_-ittLn5OY.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/guQjhs0B-IaA3TAN-_-ittLn5OY.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 10 Nov 2024 02:50:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 63 (0x3f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A919D530/serialNumber=82E42386CD01F88680DD300DFBFFA2B6D2E7E4E6
        Validity
            Not Before: Nov  3 05:22:17 2024 GMT
            Not After : Nov 10 05:22:17 2024 GMT
        Subject: CN=67270889-2120
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:af:18:ba:e5:52:97:e4:1c:a9:db:e1:6d:ce:
                    13:5f:2b:b7:d5:68:47:d8:82:0e:1e:80:d5:50:c1:
                    4d:b4:9d:2e:fa:c6:e8:6e:07:ca:3c:fc:76:fa:8e:
                    38:22:17:bd:57:83:31:ed:64:9a:bb:5b:87:47:86:
                    91:1e:ec:4b:25:43:c6:55:be:21:af:dc:33:bf:cc:
                    c0:d2:da:61:f5:eb:15:d0:03:cd:23:7f:85:ef:fb:
                    ec:e8:f5:5c:ad:6e:2b:a8:32:0a:92:56:26:fb:94:
                    e1:98:78:69:eb:42:05:6a:08:69:f2:b5:22:f4:0e:
                    b3:0c:ca:fe:c3:5b:38:ba:20:de:d2:37:21:74:dd:
                    45:32:09:fc:29:64:e6:5c:f9:fd:57:fa:2e:ab:1c:
                    b3:87:44:b5:bd:c8:e3:ab:1b:36:59:61:12:91:c6:
                    30:1e:5e:e3:78:9b:6d:65:d5:f7:7a:00:43:9b:b0:
                    4f:c2:e7:b0:0f:37:26:5e:7c:3a:6e:92:95:63:3e:
                    61:67:bc:ac:4e:a9:40:07:83:95:80:f0:66:e5:69:
                    48:c5:ab:4b:86:d7:15:5d:ce:28:e2:c4:7c:0d:84:
                    cd:07:09:70:8f:a6:af:db:f5:98:85:a7:2e:58:88:
                    03:04:4a:09:d6:5c:7a:fc:ba:fc:03:52:7a:16:50:
                    da:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:78:5C:F7:1E:A3:92:3C:CC:21:7C:3B:A8:FF:AC:F4:49:C0:9F:9A
            X509v3 Authority Key Identifier:
                keyid:82:E4:23:86:CD:01:F8:86:80:DD:30:0D:FB:FF:A2:B6:D2:E7:E4:E6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A919D530/5E55F656406411EFA3C5B827C4F9AE02/guQjhs0B-IaA3TAN-_-ittLn5OY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/guQjhs0B-IaA3TAN-_-ittLn5OY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919D530/5E55F656406411EFA3C5B827C4F9AE02/guQjhs0B-IaA3TAN-_-ittLn5OY.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         b0:ac:34:9c:62:4a:97:44:19:eb:b2:33:27:35:15:e4:5f:52:
         cc:d5:dd:2d:91:47:49:fd:ae:79:6f:4e:70:2a:62:95:9d:67:
         2d:fc:94:dc:c8:61:99:d8:8d:7d:f6:b0:df:e2:18:37:15:67:
         27:d4:95:41:5b:75:22:bf:a8:d9:4c:3a:62:95:a1:54:c2:18:
         1a:80:79:db:71:60:c7:d6:b1:01:62:78:c1:e2:09:90:21:28:
         08:46:5b:99:c8:99:14:27:9d:9a:a5:28:1b:32:7e:0a:00:e9:
         a6:46:cd:cc:97:92:4c:4a:6d:8e:b7:0f:7e:88:b3:5f:8f:5d:
         6a:4d:a0:17:b4:ae:44:dc:33:75:e2:44:2e:7e:7b:86:44:ce:
         5d:d0:a1:96:06:07:25:bf:30:2f:8a:fa:07:28:7d:fe:68:93:
         1f:19:cb:cd:78:35:55:33:46:ef:08:66:a7:d5:60:6c:0a:cb:
         03:85:17:1b:a8:99:dc:45:5e:68:38:05:04:ef:41:6c:b8:17:
         3a:da:81:9e:d0:dc:c3:71:16:9c:96:a6:3e:da:c6:8a:ab:9a:
         ce:35:c3:d2:d7:49:12:a0:33:10:35:ca:69:6f:67:34:35:67:
         59:4b:03:70:97:1d:4c:35:d3:5e:7d:f1:d4:6e:3f:f1:b0:1c:
         7d:a9:c7:12
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBPzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
RDUzMDExMC8GA1UEBRMoODJFNDIzODZDRDAxRjg4NjgwREQzMDBERkJGRkEyQjZE
MkU3RTRFNjAeFw0yNDExMDMwNTIyMTdaFw0yNDExMTAwNTIyMTdaMBgxFjAUBgNV
BAMTDTY3MjcwODg5LTIxMjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCsrxi65VKX5Byp2+FtzhNfK7fVaEfYgg4egNVQwU20nS76xuhuB8o8/Hb6jjgi
F71XgzHtZJq7W4dHhpEe7EslQ8ZVviGv3DO/zMDS2mH16xXQA80jf4Xv++zo9Vyt
biuoMgqSVib7lOGYeGnrQgVqCGnytSL0DrMMyv7DWzi6IN7SNyF03UUyCfwpZOZc
+f1X+i6rHLOHRLW9yOOrGzZZYRKRxjAeXuN4m21l1fd6AEObsE/C57APNyZefDpu
kpVjPmFnvKxOqUAHg5WA8GblaUjFq0uG1xVdzijixHwNhM0HCXCPpq/b9ZiFpy5Y
iAMESgnWXHr8uvwDUnoWUNoZAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUy3hc9x6j
kjzMIXw7qP+s9EnAn5owHwYDVR0jBBgwFoAUguQjhs0B+IaA3TAN+/+ittLn5OYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTlENTMwLzVFNTVGNjU2NDA2
NDExRUZBM0M1QjgyN0M0RjlBRTAyL2d1UWpoczBCLUlhQTNUQU4tXy1pdHRMbjVP
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZ3VRamhzMEItSWFBM1RBTi1fLWl0dExuNU9ZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL
hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTlE
NTMwLzVFNTVGNjU2NDA2NDExRUZBM0M1QjgyN0M0RjlBRTAyL2d1UWpoczBCLUlh
QTNUQU4tXy1pdHRMbjVPWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h
cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA
MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL
BQADggEBALCsNJxiSpdEGeuyMyc1FeRfUszV3S2RR0n9rnlvTnAqYpWdZy38lNzI
YZnYjX32sN/iGDcVZyfUlUFbdSK/qNlMOmKVoVTCGBqAedtxYMfWsQFieMHiCZAh
KAhGW5nImRQnnZqlKBsyfgoA6aZGzcyXkkxKbY63D36Is1+PXWpNoBe0rkTcM3Xi
RC5+e4ZEzl3QoZYGByW/MC+K+gcoff5okx8Zy814NVUzRu8IZqfVYGwKywOFFxuo
mdxFXmg4BQTvQWy4FzragZ7Q3MNxFpyWpj7axoqrms41w9LXSRKgMxA1ymlvZzQ1
Z1lLA3CXHUw101598dRuP/GwHH2pxxI=
-----END CERTIFICATE-----
Generated at Sun Nov 3 06:07:43 2024 by rpki-client on console-fra.rpki-client.org