Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B0F3F/09373AD678C211EABD772359C4F9AE02/-Bj8mI7HAyw-LGpIpVSYq3zVZf0.mft
File:                     -Bj8mI7HAyw-LGpIpVSYq3zVZf0.mft (raw, json)
Hash identifier:          kZe4pryJ7EMz0Uv3Bmt7aFAmL7V5ec+DL5ff3AUCjCQ=
Subject key identifier:   A4:0D:B2:B1:59:75:27:7F:F6:9D:CD:C5:CE:F3:4A:4D:33:55:B3:0D
Authority key identifier: F8:18:FC:98:8E:C7:03:2C:3E:2C:6A:48:A5:54:98:AB:7C:D5:65:FD
Certificate issuer:       /CN=A91B0F3F/serialNumber=F818FC988EC7032C3E2C6A48A55498AB7CD565FD
Certificate serial:       0A38
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-Bj8mI7HAyw-LGpIpVSYq3zVZf0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B0F3F/09373AD678C211EABD772359C4F9AE02/-Bj8mI7HAyw-LGpIpVSYq3zVZf0.mft
Manifest number:          0A19
Signing time:             Thu 12 Jun 2025 19:38:45 +0000
Manifest this update:     Thu 12 Jun 2025 19:38:45 +0000
Manifest next update:     Thu 19 Jun 2025 19:38:45 +0000
Files and hashes:         1: -Bj8mI7HAyw-LGpIpVSYq3zVZf0.crl (hash: nIYYuqERPZS/fDkj6/gEK1tLEdQG3tFKna0qsyWwufE=)
                          2: 59E4B0A81B9211F0A5D50649C4F9AE02.roa (hash: 4uAphyYn6AbiifiDtaxCom6jwozyhzmoBVY1cw2irI4=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91B0F3F/09373AD678C211EABD772359C4F9AE02/-Bj8mI7HAyw-LGpIpVSYq3zVZf0.crl
                          rsync://rpki.apnic.net/member_repository/A91B0F3F/09373AD678C211EABD772359C4F9AE02/-Bj8mI7HAyw-LGpIpVSYq3zVZf0.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-Bj8mI7HAyw-LGpIpVSYq3zVZf0.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 19 Jun 2025 19:38:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2616 (0xa38)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B0F3F, serialNumber=F818FC988EC7032C3E2C6A48A55498AB7CD565FD
        Validity
            Not Before: Jun 12 19:38:45 2025 GMT
            Not After : Jun 19 19:38:45 2025 GMT
        Subject: CN=684b2cc5-4d79
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:65:42:b3:6a:e1:65:81:46:64:11:86:41:22:
                    ee:8d:f9:6b:59:79:ed:35:fb:02:9d:9f:5d:f1:ca:
                    ed:33:69:75:bf:3d:7e:bf:2c:2c:5f:33:2e:11:8f:
                    3c:0f:f2:9d:e5:7f:60:a8:f3:79:ee:ff:b8:85:a7:
                    94:e4:01:53:87:75:b0:b3:90:d1:9c:4e:98:41:4f:
                    43:40:f0:b2:dc:01:29:83:9f:0d:31:97:35:50:14:
                    3d:a5:ed:07:72:27:85:fa:54:db:0a:75:fd:f4:c0:
                    f6:11:f9:91:2a:04:11:07:82:ff:24:a4:2f:a0:f4:
                    2e:84:2b:7c:28:96:5c:27:84:86:06:01:66:54:2f:
                    34:e8:c2:75:5b:0d:26:e3:dc:3c:b5:95:67:07:89:
                    02:22:b6:24:b3:7a:bc:c8:5e:9d:ab:17:f0:e8:45:
                    e4:3e:b1:9e:03:d7:bb:a0:e5:ff:e7:7e:98:36:35:
                    0e:3d:69:72:e4:9a:c3:4f:8b:9a:42:fc:ff:0e:f7:
                    81:11:77:02:4a:a9:ad:a5:b5:af:f6:d8:ff:4c:e8:
                    85:91:9f:a3:d9:42:f7:99:8b:3b:86:02:da:12:bc:
                    bd:39:6e:36:c5:b5:de:c5:27:1b:a8:36:e3:9d:17:
                    07:a7:10:49:7d:be:30:12:65:5c:90:af:fd:89:e2:
                    f8:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:0D:B2:B1:59:75:27:7F:F6:9D:CD:C5:CE:F3:4A:4D:33:55:B3:0D
            X509v3 Authority Key Identifier:
                keyid:F8:18:FC:98:8E:C7:03:2C:3E:2C:6A:48:A5:54:98:AB:7C:D5:65:FD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B0F3F/09373AD678C211EABD772359C4F9AE02/-Bj8mI7HAyw-LGpIpVSYq3zVZf0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-Bj8mI7HAyw-LGpIpVSYq3zVZf0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B0F3F/09373AD678C211EABD772359C4F9AE02/-Bj8mI7HAyw-LGpIpVSYq3zVZf0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:5e:28:87:ed:e1:de:4b:7c:ee:15:19:79:4f:79:ac:96:d7:
         ad:31:15:d3:e6:bb:95:d9:87:b2:d6:a5:05:70:c2:63:89:2c:
         ba:4a:9c:82:4d:59:87:06:ab:9a:b9:52:be:7d:73:f9:3f:f3:
         28:0b:e2:64:d3:ac:ac:f5:0e:95:87:3f:e3:1a:11:0d:da:a2:
         aa:89:f3:60:7d:57:c2:44:08:ed:51:fb:96:80:e7:57:b1:6a:
         5b:c3:e5:c1:67:27:6e:a5:aa:60:25:5d:6a:2b:aa:35:65:38:
         7e:16:ad:b5:e9:86:df:71:f7:ce:e8:c4:08:67:b5:60:aa:b2:
         20:6b:d2:cc:2e:d2:40:d6:16:0f:6a:d9:1c:ef:4b:eb:ab:0a:
         a3:46:fd:a7:58:c1:02:23:5b:f1:b3:a9:5c:4b:75:1a:0d:97:
         2a:68:bc:39:0b:d6:21:8f:48:8e:c1:cb:e7:7b:c8:8d:68:d0:
         ed:9c:41:ac:d1:99:bc:1a:c2:61:89:8f:f1:2a:7a:d5:fb:a3:
         34:b0:ef:aa:2c:8a:f5:0b:86:c6:03:ea:1e:7e:b2:73:ce:95:
         9b:c9:8d:35:28:4f:f2:1f:0e:0d:16:f4:2f:62:c3:b1:1c:45:
         a1:8d:ed:e8:f8:82:27:4d:5c:bb:9d:99:91:7c:13:e4:0b:f5:
         e6:e3:38:12
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCjgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjBGM0YxMTAvBgNVBAUTKEY4MThGQzk4OEVDNzAzMkMzRTJDNkE0OEE1NTQ5OEFC
N0NENTY1RkQwHhcNMjUwNjEyMTkzODQ1WhcNMjUwNjE5MTkzODQ1WjAYMRYwFAYD
VQQDEw02ODRiMmNjNS00ZDc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA02VCs2rhZYFGZBGGQSLujflrWXntNfsCnZ9d8crtM2l1vz1+vywsXzMuEY88
D/Kd5X9gqPN57v+4haeU5AFTh3Wws5DRnE6YQU9DQPCy3AEpg58NMZc1UBQ9pe0H
cieF+lTbCnX99MD2EfmRKgQRB4L/JKQvoPQuhCt8KJZcJ4SGBgFmVC806MJ1Ww0m
49w8tZVnB4kCIrYks3q8yF6dqxfw6EXkPrGeA9e7oOX/536YNjUOPWly5JrDT4ua
Qvz/DveBEXcCSqmtpbWv9tj/TOiFkZ+j2UL3mYs7hgLaEry9OW42xbXexScbqDbj
nRcHpxBJfb4wEmVckK/9ieL49QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKQNsrFZ
dSd/9p3Nxc7zSk0zVbMNMB8GA1UdIwQYMBaAFPgY/JiOxwMsPixqSKVUmKt81WX9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMEYzRi8wOTM3M0FENjc4
QzIxMUVBQkQ3NzIzNTlDNEY5QUUwMi8tQmo4bUk3SEF5dy1MR3BJcFZTWXEzelZa
ZjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLy1CajhtSTdIQXl3LUxHcElwVlNZcTN6VlpmMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
MEYzRi8wOTM3M0FENjc4QzIxMUVBQkQ3NzIzNTlDNEY5QUUwMi8tQmo4bUk3SEF5
dy1MR3BJcFZTWXEzelZaZjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQB+XiiH7eHeS3zuFRl5T3msltetMRXT5ruV2Yey1qUFcMJjiSy6SpyC
TVmHBquauVK+fXP5P/MoC+Jk06ys9Q6Vhz/jGhEN2qKqifNgfVfCRAjtUfuWgOdX
sWpbw+XBZydupapgJV1qK6o1ZTh+Fq216YbfcffO6MQIZ7VgqrIga9LMLtJA1hYP
atkc70vrqwqjRv2nWMECI1vxs6lcS3UaDZcqaLw5C9Yhj0iOwcvne8iNaNDtnEGs
0Zm8GsJhiY/xKnrV+6M0sO+qLIr1C4bGA+oefrJzzpWbyY01KE/yHw4NFvQvYsOx
HEWhje3o+IInTVy7nZmRfBPkC/Xm4zgS
-----END CERTIFICATE-----
Generated at Fri Jun 13 14:05:40 2025 by rpki-client