Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A7E29/56F1C532879011EC86D0441EC4F9AE02/1f9FyAWBJcJy3wRtwLjgb6owT88.mft
File:                     1f9FyAWBJcJy3wRtwLjgb6owT88.mft (raw, json)
Hash identifier:          xWAeA+gEx8KwyfGRl7UzesM3mJ4cClrA3AxRfLLQXSo=
Subject key identifier:   32:D8:A5:FB:72:26:24:9C:CE:B9:57:A7:1A:43:55:DC:E8:25:F0:26
Authority key identifier: D5:FF:45:C8:05:81:25:C2:72:DF:04:6D:C0:B8:E0:6F:AA:30:4F:CF
Certificate issuer:       /CN=A91A7E29/serialNumber=D5FF45C8058125C272DF046DC0B8E06FAA304FCF
Certificate serial:       037C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1f9FyAWBJcJy3wRtwLjgb6owT88.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A7E29/56F1C532879011EC86D0441EC4F9AE02/1f9FyAWBJcJy3wRtwLjgb6owT88.mft
Manifest number:          0375
Signing time:             Sat 23 Nov 2024 00:28:01 +0000
Manifest this update:     Sat 23 Nov 2024 00:28:00 +0000
Manifest next update:     Sat 30 Nov 2024 00:28:00 +0000
Files and hashes:         1: 1f9FyAWBJcJy3wRtwLjgb6owT88.crl (hash: c8VcRLNwqHIXCaIRuNGIfPQJxuyMSEiUg20Ome/yGEY=)
                          2: 99F51284A1E911EDAD7CE929C4F9AE02.roa (hash: wDWnW7J8ezhy3VihBeAZy2ArJw25sanXXdEHkPtept4=)

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91A7E29/56F1C532879011EC86D0441EC4F9AE02/1f9FyAWBJcJy3wRtwLjgb6owT88.crl
                          rsync://rpki.apnic.net/member_repository/A91A7E29/56F1C532879011EC86D0441EC4F9AE02/1f9FyAWBJcJy3wRtwLjgb6owT88.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1f9FyAWBJcJy3wRtwLjgb6owT88.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 20:43:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 892 (0x37c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A7E29/serialNumber=D5FF45C8058125C272DF046DC0B8E06FAA304FCF
        Validity
            Not Before: Nov 23 00:28:00 2024 GMT
            Not After : Nov 30 00:28:00 2024 GMT
        Subject: CN=67412191-057d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:e0:2c:11:7e:e0:37:e0:23:0a:50:e3:23:38:
                    78:49:45:55:3e:49:db:ce:a5:8e:6d:22:3c:d2:2a:
                    95:97:0d:c4:82:a6:b0:14:7d:ed:15:42:01:17:bd:
                    0e:e9:bf:62:78:9a:18:3d:7e:6c:2d:f4:1e:ab:f4:
                    50:57:c6:0e:ad:1a:a5:fd:69:6c:a4:87:22:22:ac:
                    e3:0d:69:cc:1d:6f:33:fb:87:ca:cd:28:a0:4b:c5:
                    dd:33:9f:a9:88:02:9c:98:65:9c:e7:c7:67:14:fc:
                    ff:bd:13:4b:e3:42:38:da:e5:17:66:f3:69:c8:3c:
                    a2:6b:e5:86:99:a0:65:76:0e:a4:f5:91:f0:5b:fe:
                    33:74:ce:0f:d5:0e:13:81:5a:e9:ce:db:3b:9e:be:
                    1e:0b:32:05:24:09:41:3d:7e:e6:da:4d:69:73:56:
                    3c:cf:3e:7c:4c:1f:9e:3e:da:24:6c:4f:37:79:a8:
                    1c:fa:f3:07:dc:0a:df:05:ac:b9:be:76:15:ef:d5:
                    f2:d5:4e:f5:cd:4c:69:2c:c4:52:77:67:2f:0c:2e:
                    bc:dc:72:f0:47:c6:d0:d6:a1:13:c5:df:a8:db:02:
                    1f:54:a2:1f:46:36:66:62:b4:09:67:7c:79:21:87:
                    33:dc:de:95:ed:57:8a:7e:7b:f1:3a:cd:fa:98:7e:
                    db:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:D8:A5:FB:72:26:24:9C:CE:B9:57:A7:1A:43:55:DC:E8:25:F0:26
            X509v3 Authority Key Identifier:
                keyid:D5:FF:45:C8:05:81:25:C2:72:DF:04:6D:C0:B8:E0:6F:AA:30:4F:CF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A7E29/56F1C532879011EC86D0441EC4F9AE02/1f9FyAWBJcJy3wRtwLjgb6owT88.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1f9FyAWBJcJy3wRtwLjgb6owT88.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A7E29/56F1C532879011EC86D0441EC4F9AE02/1f9FyAWBJcJy3wRtwLjgb6owT88.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         c3:66:8a:7c:ef:df:9d:be:7e:a1:bb:0f:bc:30:00:b8:6a:a2:
         d2:93:31:25:1e:22:64:ab:32:a4:78:e5:7b:bd:13:65:45:d3:
         3c:d5:77:46:9f:3d:0a:8f:99:0c:5f:e4:16:dc:91:0b:fc:0d:
         86:4c:0c:59:04:22:65:c0:45:23:a8:5b:43:56:e8:41:93:15:
         82:88:7e:e4:c3:7a:38:f8:41:08:36:0f:7e:c7:82:60:c0:65:
         3c:ca:5e:7d:96:d8:2e:be:8e:54:3a:d0:47:eb:2b:6e:93:ef:
         23:f7:c6:4c:bf:b2:12:03:a6:be:66:47:4c:96:4c:69:fa:05:
         33:0e:cc:3c:d5:50:62:21:2f:ec:48:6d:0e:37:4d:e4:6f:44:
         9f:06:0b:74:cb:57:53:35:e0:14:bc:ec:00:19:db:56:42:b2:
         e1:f1:47:fb:c0:dc:d3:95:89:a1:15:e8:0d:65:28:65:48:99:
         c4:d7:9b:8e:5e:a4:f7:e9:7f:ed:88:0d:20:cf:91:de:1d:ed:
         ae:47:3b:a8:f2:3b:1b:7e:e1:1c:20:cd:c8:71:e2:2e:56:0a:
         b5:ff:94:72:d4:49:2f:9d:96:1a:8a:02:39:d1:34:d5:ca:fc:
         a7:e4:6e:c3:3a:93:49:95:48:e2:e3:a8:9c:92:4a:9a:74:0b:
         bf:6a:12:02
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICA3wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTdFMjkxMTAvBgNVBAUTKEQ1RkY0NUM4MDU4MTI1QzI3MkRGMDQ2REMwQjhFMDZG
QUEzMDRGQ0YwHhcNMjQxMTIzMDAyODAwWhcNMjQxMTMwMDAyODAwWjAYMRYwFAYD
VQQDEw02NzQxMjE5MS0wNTdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0OAsEX7gN+AjClDjIzh4SUVVPknbzqWObSI80iqVlw3EgqawFH3tFUIBF70O
6b9ieJoYPX5sLfQeq/RQV8YOrRql/WlspIciIqzjDWnMHW8z+4fKzSigS8XdM5+p
iAKcmGWc58dnFPz/vRNL40I42uUXZvNpyDyia+WGmaBldg6k9ZHwW/4zdM4P1Q4T
gVrpzts7nr4eCzIFJAlBPX7m2k1pc1Y8zz58TB+ePtokbE83eagc+vMH3ArfBay5
vnYV79Xy1U71zUxpLMRSd2cvDC683HLwR8bQ1qETxd+o2wIfVKIfRjZmYrQJZ3x5
IYcz3N6V7VeKfnvxOs36mH7bvQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDLYpfty
JiSczrlXpxpDVdzoJfAmMB8GA1UdIwQYMBaAFNX/RcgFgSXCct8EbcC44G+qME/P
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBN0UyOS81NkYxQzUzMjg3
OTAxMUVDODZEMDQ0MUVDNEY5QUUwMi8xZjlGeUFXQkpjSnkzd1J0d0xqZ2I2b3dU
ODguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFmOUZ5QVdCSmNKeTN3UnR3TGpnYjZvd1Q4OC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
N0UyOS81NkYxQzUzMjg3OTAxMUVDODZEMDQ0MUVDNEY5QUUwMi8xZjlGeUFXQkpj
Snkzd1J0d0xqZ2I2b3dUODgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQDDZop879+dvn6huw+8MAC4aqLSkzElHiJkqzKkeOV7vRNlRdM81XdG
nz0Kj5kMX+QW3JEL/A2GTAxZBCJlwEUjqFtDVuhBkxWCiH7kw3o4+EEINg9+x4Jg
wGU8yl59ltguvo5UOtBH6ytuk+8j98ZMv7ISA6a+ZkdMlkxp+gUzDsw81VBiIS/s
SG0ON03kb0SfBgt0y1dTNeAUvOwAGdtWQrLh8Uf7wNzTlYmhFegNZShlSJnE15uO
XqT36X/tiA0gz5HeHe2uRzuo8jsbfuEcIM3IceIuVgq1/5Ry1EkvnZYaigI50TTV
yvyn5G7DOpNJlUji46ickkqadAu/ahIC
-----END CERTIFICATE-----
Generated at Sat Nov 23 01:27:27 2024 by rpki-client on console-ams.rpki-client.org