Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B65AC/CB74F8BEE1E011EEAF6E1E68C4F9AE02/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.mft
File:                     oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.mft (raw, json)
Hash identifier:          AKhMVjwyAkX1k4fjZQLggkub3+VdsujPyOKQy8bC2S8=
Subject key identifier:   D2:44:2D:4C:A4:6A:33:34:2C:E5:78:30:21:87:E5:C9:26:14:AB:0F
Authority key identifier: A1:0F:57:83:C8:F9:A6:D9:4D:29:B4:AA:90:C5:6E:01:6B:B5:14:56
Certificate issuer:       /CN=A91B65AC/serialNumber=A10F5783C8F9A6D94D29B4AA90C56E016BB51456
Certificate serial:       0107
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B65AC/CB74F8BEE1E011EEAF6E1E68C4F9AE02/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.mft
Manifest number:          0103
Signing time:             Wed 23 Jul 2025 05:23:47 +0000
Manifest this update:     Wed 23 Jul 2025 05:23:46 +0000
Manifest next update:     Wed 30 Jul 2025 05:23:46 +0000
Files and hashes:         1: oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.crl (hash: Zx8gRMyVxqDzsokUWZwjlu9So3f6/dPANktmG/mcpwQ=)
                          2: 48005D9EE5AE11EE9ECE4023C4F9AE02.roa (hash: MrPqjHlMCM5b67h4IqKRm22f4PuZXIPWzDsfWbxNY08=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91B65AC/CB74F8BEE1E011EEAF6E1E68C4F9AE02/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.crl
                          rsync://rpki.apnic.net/member_repository/A91B65AC/CB74F8BEE1E011EEAF6E1E68C4F9AE02/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 30 Jul 2025 05:23:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 263 (0x107)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B65AC, serialNumber=A10F5783C8F9A6D94D29B4AA90C56E016BB51456
        Validity
            Not Before: Jul 23 05:23:46 2025 GMT
            Not After : Jul 30 05:23:46 2025 GMT
        Subject: CN=688071e2-53ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:38:ec:8e:ce:cf:7f:32:44:5a:4e:6f:ac:97:
                    83:69:1f:09:9e:cf:ad:89:0f:85:c2:86:eb:60:9c:
                    88:38:c5:87:8a:81:ee:b6:79:76:fc:75:4f:0b:65:
                    3d:cd:24:1a:7d:d9:01:9c:1d:93:ad:46:e8:23:27:
                    b8:16:65:8d:66:47:dd:07:8c:fc:da:ce:1c:0b:7e:
                    10:22:89:30:a4:42:c8:a9:14:c8:c6:55:da:27:93:
                    b9:1b:8b:93:ec:d4:f5:41:85:27:12:ff:12:42:a7:
                    27:0c:de:6f:68:19:48:79:8e:d1:9c:34:9d:57:c2:
                    d8:df:0b:87:fb:ff:32:c7:85:88:11:49:94:b6:90:
                    a9:13:ba:90:7a:cd:be:53:60:4c:1c:6d:9b:d1:82:
                    66:46:73:40:28:59:fc:31:d8:42:65:51:97:d7:96:
                    71:6d:a2:8e:ee:09:9a:ab:66:76:1a:f9:bc:e0:e5:
                    6c:e5:54:71:34:f8:52:a3:b7:fd:69:b6:51:78:96:
                    11:42:cc:46:5a:8a:33:c1:b8:5a:d1:1a:e5:f8:69:
                    f8:40:e4:72:26:51:c2:40:cb:07:41:90:a7:85:5a:
                    c5:cd:40:48:c6:30:c1:32:ce:60:4f:dd:89:5d:b1:
                    0b:c0:0a:96:e0:a5:8d:60:d9:80:a9:2d:7b:b0:a0:
                    d7:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:44:2D:4C:A4:6A:33:34:2C:E5:78:30:21:87:E5:C9:26:14:AB:0F
            X509v3 Authority Key Identifier:
                keyid:A1:0F:57:83:C8:F9:A6:D9:4D:29:B4:AA:90:C5:6E:01:6B:B5:14:56

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B65AC/CB74F8BEE1E011EEAF6E1E68C4F9AE02/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B65AC/CB74F8BEE1E011EEAF6E1E68C4F9AE02/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:83:dd:2a:da:76:4e:89:1a:e2:f1:60:86:14:d6:00:96:9b:
         91:85:af:30:3a:d7:cd:75:d0:ef:8f:1a:85:7f:46:96:5b:19:
         e7:de:52:2d:a4:93:8b:c8:25:68:39:df:91:98:f0:e6:5d:10:
         6e:3a:4e:dc:5e:4f:31:1c:1b:64:cc:f5:de:b8:b6:61:f9:ac:
         80:74:92:ab:8c:a9:25:7d:5f:d6:bc:1b:9d:7d:7f:ec:41:9a:
         1f:a7:d3:1d:50:26:f0:56:86:02:e5:d9:36:72:38:dd:26:73:
         1a:d2:e5:29:0d:38:f3:5f:00:cf:43:2b:e6:99:fd:7d:35:cb:
         0a:e8:30:76:f5:33:39:a5:4c:6d:99:3e:d2:e4:c4:60:ed:e2:
         03:21:d1:fe:15:11:de:0c:d0:1e:48:35:f1:d4:8d:2c:68:01:
         19:1e:b7:e4:46:76:23:c7:71:ae:63:c2:b8:40:db:94:69:1c:
         4f:e0:d0:c5:db:5c:72:58:06:32:7d:02:a3:b1:f1:4c:71:0b:
         60:c9:f4:08:59:89:76:fb:62:5a:d6:64:ec:82:82:12:cb:dc:
         36:78:93:b7:a9:f4:ab:bf:e4:3f:cb:91:2e:7c:a5:2b:3e:dd:
         b9:88:dd:17:64:cc:90:34:70:9a:64:9a:4f:f1:ff:3f:5a:21:
         f1:65:9b:cc
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAQcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjY1QUMxMTAvBgNVBAUTKEExMEY1NzgzQzhGOUE2RDk0RDI5QjRBQTkwQzU2RTAx
NkJCNTE0NTYwHhcNMjUwNzIzMDUyMzQ2WhcNMjUwNzMwMDUyMzQ2WjAYMRYwFAYD
VQQDEw02ODgwNzFlMi01M2VlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwDjsjs7PfzJEWk5vrJeDaR8Jns+tiQ+FwobrYJyIOMWHioHutnl2/HVPC2U9
zSQafdkBnB2TrUboIye4FmWNZkfdB4z82s4cC34QIokwpELIqRTIxlXaJ5O5G4uT
7NT1QYUnEv8SQqcnDN5vaBlIeY7RnDSdV8LY3wuH+/8yx4WIEUmUtpCpE7qQes2+
U2BMHG2b0YJmRnNAKFn8MdhCZVGX15ZxbaKO7gmaq2Z2Gvm84OVs5VRxNPhSo7f9
abZReJYRQsxGWoozwbha0Rrl+Gn4QORyJlHCQMsHQZCnhVrFzUBIxjDBMs5gT92J
XbELwAqW4KWNYNmAqS17sKDXqwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNJELUyk
ajM0LOV4MCGH5ckmFKsPMB8GA1UdIwQYMBaAFKEPV4PI+abZTSm0qpDFbgFrtRRW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNjVBQy9DQjc0RjhCRUUx
RTAxMUVFQUY2RTFFNjhDNEY5QUUwMi9vUTlYZzhqNXB0bE5LYlNxa01WdUFXdTFG
RlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL29ROVhnOGo1cHRsTktiU3FrTVZ1QVd1MUZGWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
NjVBQy9DQjc0RjhCRUUxRTAxMUVFQUY2RTFFNjhDNEY5QUUwMi9vUTlYZzhqNXB0
bE5LYlNxa01WdUFXdTFGRlkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAYg90q2nZOiRri8WCGFNYAlpuRha8wOtfNddDvjxqFf0aWWxnn3lIt
pJOLyCVoOd+RmPDmXRBuOk7cXk8xHBtkzPXeuLZh+ayAdJKrjKklfV/WvBudfX/s
QZofp9MdUCbwVoYC5dk2cjjdJnMa0uUpDTjzXwDPQyvmmf19NcsK6DB29TM5pUxt
mT7S5MRg7eIDIdH+FRHeDNAeSDXx1I0saAEZHrfkRnYjx3GuY8K4QNuUaRxP4NDF
21xyWAYyfQKjsfFMcQtgyfQIWYl2+2Ja1mTsgoISy9w2eJO3qfSrv+Q/y5EufKUr
Pt25iN0XZMyQNHCaZJpP8f8/WiHxZZvM
-----END CERTIFICATE-----
Generated at Thu Jul 24 12:15:03 2025 by rpki-client