Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A9B3C/3F3362DA86FA11EBB3C7BB29C4F9AE02/b2FOWP6Tat901zb1OS3tX9FrdYc.mft
File:                     b2FOWP6Tat901zb1OS3tX9FrdYc.mft (raw, json)
Hash identifier:          WBXUrjyD65/lq7ltGsWGCmiC765pwg2bVdZLQuzc/9I=
Subject key identifier:   36:8A:8F:B8:99:EB:61:7F:CE:A8:4A:58:E0:42:5D:7D:DE:38:95:35
Authority key identifier: 6F:61:4E:58:FE:93:6A:DF:74:D7:36:F5:39:2D:ED:5F:D1:6B:75:87
Certificate issuer:       /CN=A91A9B3C/serialNumber=6F614E58FE936ADF74D736F5392DED5FD16B7587
Certificate serial:       065F
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b2FOWP6Tat901zb1OS3tX9FrdYc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A9B3C/3F3362DA86FA11EBB3C7BB29C4F9AE02/b2FOWP6Tat901zb1OS3tX9FrdYc.mft
Manifest number:          065A
Signing time:             Sun 08 Jun 2025 22:08:56 +0000
Manifest this update:     Sun 08 Jun 2025 22:08:55 +0000
Manifest next update:     Sun 15 Jun 2025 22:08:55 +0000
Files and hashes:         1: b2FOWP6Tat901zb1OS3tX9FrdYc.crl (hash: LWTfCW3nLMCG3uWo0nuK1/wqkUGgUzTA3RwjsSzvFm0=)
                          2: 00D8BE5286FC11EB8A95642DC4F9AE02.roa (hash: k0J17sE1EdNCFMHPLLouV8rIaMP7CAywUqJdG5phE9Y=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91A9B3C/3F3362DA86FA11EBB3C7BB29C4F9AE02/b2FOWP6Tat901zb1OS3tX9FrdYc.crl
                          rsync://rpki.apnic.net/member_repository/A91A9B3C/3F3362DA86FA11EBB3C7BB29C4F9AE02/b2FOWP6Tat901zb1OS3tX9FrdYc.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b2FOWP6Tat901zb1OS3tX9FrdYc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 15 Jun 2025 22:08:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1631 (0x65f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A9B3C, serialNumber=6F614E58FE936ADF74D736F5392DED5FD16B7587
        Validity
            Not Before: Jun  8 22:08:55 2025 GMT
            Not After : Jun 15 22:08:55 2025 GMT
        Subject: CN=684609f8-166c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:4c:f4:a8:b8:a0:31:a2:ee:18:a9:1c:e5:de:
                    11:b7:7e:4b:67:4d:d7:41:5a:1b:0a:1a:34:1b:28:
                    45:96:b5:ae:8c:80:b8:77:34:61:5c:9a:0c:db:ed:
                    3a:ae:5b:b0:d9:1a:a2:61:84:8f:30:25:9d:09:97:
                    f3:21:cd:ee:e3:f6:00:21:1f:53:0e:46:49:73:9d:
                    13:cb:da:f2:89:26:42:1a:8f:1f:41:ae:92:32:f3:
                    8c:f7:7a:d3:c3:8a:d6:8a:c5:dd:52:29:c4:43:12:
                    00:25:73:3e:c8:80:3a:a4:3c:46:c0:5e:69:aa:c8:
                    15:c5:e2:5e:c3:94:17:0b:d5:62:81:6c:ef:fc:18:
                    46:08:c4:b9:50:8f:42:bc:27:17:5f:64:33:b1:2f:
                    b1:45:7c:1b:71:28:7b:9c:a2:d3:c7:b2:21:49:b8:
                    96:e0:9d:b6:b0:62:14:3c:b9:09:7d:a3:1b:32:cc:
                    2b:be:a8:71:a7:29:9e:37:cf:1f:01:7e:4b:a8:a5:
                    95:f8:7b:b2:e1:c2:59:db:47:c6:a3:ef:ba:3b:27:
                    04:5a:e9:1c:a0:f4:1a:87:c2:bb:4e:91:21:38:b0:
                    70:3e:55:6b:dc:6d:8f:35:82:bd:32:43:c9:28:ad:
                    19:ca:14:8a:f3:d8:2d:db:2d:ed:a1:a7:b8:df:28:
                    f1:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:8A:8F:B8:99:EB:61:7F:CE:A8:4A:58:E0:42:5D:7D:DE:38:95:35
            X509v3 Authority Key Identifier:
                keyid:6F:61:4E:58:FE:93:6A:DF:74:D7:36:F5:39:2D:ED:5F:D1:6B:75:87

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A9B3C/3F3362DA86FA11EBB3C7BB29C4F9AE02/b2FOWP6Tat901zb1OS3tX9FrdYc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b2FOWP6Tat901zb1OS3tX9FrdYc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A9B3C/3F3362DA86FA11EBB3C7BB29C4F9AE02/b2FOWP6Tat901zb1OS3tX9FrdYc.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         b4:45:a5:92:c1:2f:24:fa:39:74:3d:1d:1f:41:8f:7e:2e:38:
         45:42:c2:ce:17:46:fc:45:ac:17:76:4a:2e:43:3b:8e:45:0d:
         4f:c3:1f:31:71:36:4c:55:72:fb:39:83:85:10:4d:37:48:55:
         8b:e5:68:12:cd:1f:8e:c4:46:e7:ac:ff:94:65:52:6d:3b:5c:
         33:1d:e5:fe:05:fe:24:14:af:c1:73:06:6c:f8:ea:7f:dc:5d:
         86:53:d9:34:12:d2:d6:ff:e6:93:93:21:33:43:be:ba:b3:8c:
         cd:f8:6c:54:cb:01:6a:77:c8:28:08:79:a8:7d:d8:d9:b8:da:
         9b:3a:98:a5:5d:b2:b4:c7:bb:37:b6:60:d0:ab:6a:32:72:95:
         33:08:95:23:4b:c7:a5:f0:8a:3d:df:33:7a:ba:ea:39:f4:80:
         0e:9b:b2:81:7b:05:52:e4:38:02:6d:b0:a3:30:f5:f0:30:f0:
         de:94:ca:07:0d:ae:40:26:6c:8b:24:5e:8b:df:81:d5:a0:74:
         80:29:8f:23:d9:40:8c:c3:cb:94:f3:af:48:f3:85:4c:77:f7:
         e9:d0:fb:4a:49:3c:68:bc:00:7e:ab:c4:e8:3d:61:53:2b:77:
         cc:a1:84:a7:37:df:d7:f1:01:05:f2:aa:cc:4d:1b:60:1c:7e:
         fe:9a:37:7a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICBl8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTlCM0MxMTAvBgNVBAUTKDZGNjE0RTU4RkU5MzZBREY3NEQ3MzZGNTM5MkRFRDVG
RDE2Qjc1ODcwHhcNMjUwNjA4MjIwODU1WhcNMjUwNjE1MjIwODU1WjAYMRYwFAYD
VQQDEw02ODQ2MDlmOC0xNjZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8kz0qLigMaLuGKkc5d4Rt35LZ03XQVobCho0GyhFlrWujIC4dzRhXJoM2+06
rluw2RqiYYSPMCWdCZfzIc3u4/YAIR9TDkZJc50Ty9ryiSZCGo8fQa6SMvOM93rT
w4rWisXdUinEQxIAJXM+yIA6pDxGwF5pqsgVxeJew5QXC9VigWzv/BhGCMS5UI9C
vCcXX2QzsS+xRXwbcSh7nKLTx7IhSbiW4J22sGIUPLkJfaMbMswrvqhxpymeN88f
AX5LqKWV+Huy4cJZ20fGo++6OycEWukcoPQah8K7TpEhOLBwPlVr3G2PNYK9MkPJ
KK0ZyhSK89gt2y3toae43yjxXwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDaKj7iZ
62F/zqhKWOBCXX3eOJU1MB8GA1UdIwQYMBaAFG9hTlj+k2rfdNc29Tkt7V/Ra3WH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBOUIzQy8zRjMzNjJEQTg2
RkExMUVCQjNDN0JCMjlDNEY5QUUwMi9iMkZPV1A2VGF0OTAxemIxT1MzdFg5RnJk
WWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2IyRk9XUDZUYXQ5MDF6YjFPUzN0WDlGcmRZYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
OUIzQy8zRjMzNjJEQTg2RkExMUVCQjNDN0JCMjlDNEY5QUUwMi9iMkZPV1A2VGF0
OTAxemIxT1MzdFg5RnJkWWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQC0RaWSwS8k+jl0PR0fQY9+LjhFQsLOF0b8RawXdkouQzuORQ1Pwx8x
cTZMVXL7OYOFEE03SFWL5WgSzR+OxEbnrP+UZVJtO1wzHeX+Bf4kFK/BcwZs+Op/
3F2GU9k0EtLW/+aTkyEzQ766s4zN+GxUywFqd8goCHmofdjZuNqbOpilXbK0x7s3
tmDQq2oycpUzCJUjS8el8Io93zN6uuo59IAOm7KBewVS5DgCbbCjMPXwMPDelMoH
Da5AJmyLJF6L34HVoHSAKY8j2UCMw8uU869I84VMd/fp0PtKSTxovAB+q8ToPWFT
K3fMoYSnN9/X8QEF8qrMTRtgHH7+mjd6
-----END CERTIFICATE-----
Generated at Mon Jun 9 08:26:15 2025 by rpki-client