Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B65AC/CB74F8BEE1E011EEAF6E1E68C4F9AE02/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.mft
File:                     oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.mft (raw, json)
Hash identifier:          cJuPiYbgPL/9uziZNWACv6D4DcPaPvpIu31g4E04DmQ=
Subject key identifier:   8A:90:29:74:F5:C5:AE:AC:9B:0F:A9:2F:C0:0F:81:17:0D:99:91:C4
Authority key identifier: A1:0F:57:83:C8:F9:A6:D9:4D:29:B4:AA:90:C5:6E:01:6B:B5:14:56
Certificate issuer:       /CN=A91B65AC/serialNumber=A10F5783C8F9A6D94D29B4AA90C56E016BB51456
Certificate serial:       0106
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B65AC/CB74F8BEE1E011EEAF6E1E68C4F9AE02/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.mft
Manifest number:          0102
Signing time:             Mon 21 Jul 2025 05:16:36 +0000
Manifest this update:     Mon 21 Jul 2025 05:16:35 +0000
Manifest next update:     Mon 28 Jul 2025 05:16:35 +0000
Files and hashes:         1: oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.crl (hash: 4akPUX6/1LFTIQH84xtQj0dEIbH/cxT4SRJrWcPS+TA=)
                          2: 48005D9EE5AE11EE9ECE4023C4F9AE02.roa (hash: MrPqjHlMCM5b67h4IqKRm22f4PuZXIPWzDsfWbxNY08=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91B65AC/CB74F8BEE1E011EEAF6E1E68C4F9AE02/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.crl
                          rsync://rpki.apnic.net/member_repository/A91B65AC/CB74F8BEE1E011EEAF6E1E68C4F9AE02/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 28 Jul 2025 05:16:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 262 (0x106)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B65AC, serialNumber=A10F5783C8F9A6D94D29B4AA90C56E016BB51456
        Validity
            Not Before: Jul 21 05:16:35 2025 GMT
            Not After : Jul 28 05:16:35 2025 GMT
        Subject: CN=687dcd34-c92c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:e7:3c:16:73:5c:97:a7:3f:cf:20:02:a6:4d:
                    37:8c:77:89:e7:e8:6e:06:a0:e9:f6:a6:08:45:f2:
                    0f:e1:ce:e8:de:73:f1:7d:d3:69:1a:73:d0:4e:3b:
                    cd:43:05:41:b7:d6:a7:52:70:aa:7b:b0:11:16:c2:
                    9e:04:45:ff:2f:3a:00:a6:67:da:9a:4e:2c:67:96:
                    7a:1c:ec:c1:af:6a:6f:a4:1e:e1:3c:14:5f:fb:62:
                    60:4c:bd:e2:4e:bd:c8:25:b0:34:14:2e:54:23:4e:
                    65:bc:a5:e0:04:22:f4:ee:8b:3e:30:ab:bb:06:4f:
                    90:34:91:02:62:94:b7:be:33:8d:a0:7d:f7:8d:91:
                    19:23:fb:6a:2b:68:3f:42:6a:7d:f9:4e:65:d8:c5:
                    f6:74:f7:09:66:87:15:02:98:2d:31:ed:41:d6:d6:
                    f9:e0:e3:b9:07:33:32:93:83:d4:d1:1a:99:e2:72:
                    d6:cc:52:a2:78:f9:17:4b:a0:de:7f:d5:da:3f:bf:
                    51:8b:16:96:66:47:25:d9:a3:ba:20:bf:10:99:ae:
                    dc:3a:0b:2d:1b:cb:32:dd:f2:0a:7c:20:bf:4b:81:
                    41:84:ff:40:e1:81:f8:0d:9e:5c:85:b4:5b:55:be:
                    f2:12:c1:e6:d0:7d:84:e6:39:21:19:23:6e:3f:15:
                    9c:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:90:29:74:F5:C5:AE:AC:9B:0F:A9:2F:C0:0F:81:17:0D:99:91:C4
            X509v3 Authority Key Identifier:
                keyid:A1:0F:57:83:C8:F9:A6:D9:4D:29:B4:AA:90:C5:6E:01:6B:B5:14:56

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B65AC/CB74F8BEE1E011EEAF6E1E68C4F9AE02/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B65AC/CB74F8BEE1E011EEAF6E1E68C4F9AE02/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:5d:e4:05:57:c8:c4:fe:d0:d6:66:a7:f6:5b:e0:e9:1d:10:
         d2:3c:ab:3d:49:bd:d3:59:73:b9:07:b3:09:62:f2:9d:a8:b1:
         94:b9:d5:4d:87:dd:f8:de:6d:35:ef:70:10:f9:38:ec:92:07:
         eb:e4:8a:bc:c8:d3:26:35:c3:78:f4:34:fd:89:d8:f8:89:02:
         17:9a:d2:e8:b7:98:60:cb:e7:e9:03:32:b7:b4:c5:4a:36:07:
         03:3f:fc:4b:74:6a:1f:68:74:d8:57:0a:06:0c:51:fd:11:75:
         53:c9:40:52:4b:02:3a:b3:a4:e9:a6:ae:09:85:9e:8a:d7:7b:
         a8:cf:52:78:d3:85:e2:be:cb:9c:57:d6:82:8d:06:0d:43:40:
         d1:5e:b3:11:db:22:ef:28:eb:32:1d:d5:8e:b3:f6:46:bf:7e:
         37:27:60:df:0b:5c:eb:c8:01:37:ea:ba:76:ec:38:ca:a0:cd:
         35:d2:bf:a5:c8:bd:ec:8e:32:9d:ca:17:5c:86:ee:b0:ae:7e:
         4c:a6:e3:db:2e:21:de:6a:2b:39:2c:35:c0:45:65:8a:fc:84:
         2d:69:da:c1:ab:ab:d9:9e:6b:56:6b:f5:6b:09:7f:6e:cb:1d:
         24:85:71:01:21:ec:6a:93:4a:b8:59:a7:2f:fa:47:50:94:fe:
         61:b4:b6:20
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAQYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjY1QUMxMTAvBgNVBAUTKEExMEY1NzgzQzhGOUE2RDk0RDI5QjRBQTkwQzU2RTAx
NkJCNTE0NTYwHhcNMjUwNzIxMDUxNjM1WhcNMjUwNzI4MDUxNjM1WjAYMRYwFAYD
VQQDEw02ODdkY2QzNC1jOTJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsec8FnNcl6c/zyACpk03jHeJ5+huBqDp9qYIRfIP4c7o3nPxfdNpGnPQTjvN
QwVBt9anUnCqe7ARFsKeBEX/LzoApmfamk4sZ5Z6HOzBr2pvpB7hPBRf+2JgTL3i
Tr3IJbA0FC5UI05lvKXgBCL07os+MKu7Bk+QNJECYpS3vjONoH33jZEZI/tqK2g/
Qmp9+U5l2MX2dPcJZocVApgtMe1B1tb54OO5BzMyk4PU0RqZ4nLWzFKiePkXS6De
f9XaP79RixaWZkcl2aO6IL8Qma7cOgstG8sy3fIKfCC/S4FBhP9A4YH4DZ5chbRb
Vb7yEsHm0H2E5jkhGSNuPxWcrQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIqQKXT1
xa6smw+pL8APgRcNmZHEMB8GA1UdIwQYMBaAFKEPV4PI+abZTSm0qpDFbgFrtRRW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNjVBQy9DQjc0RjhCRUUx
RTAxMUVFQUY2RTFFNjhDNEY5QUUwMi9vUTlYZzhqNXB0bE5LYlNxa01WdUFXdTFG
RlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL29ROVhnOGo1cHRsTktiU3FrTVZ1QVd1MUZGWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
NjVBQy9DQjc0RjhCRUUxRTAxMUVFQUY2RTFFNjhDNEY5QUUwMi9vUTlYZzhqNXB0
bE5LYlNxa01WdUFXdTFGRlkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBPXeQFV8jE/tDWZqf2W+DpHRDSPKs9Sb3TWXO5B7MJYvKdqLGUudVN
h9343m0173AQ+Tjskgfr5Iq8yNMmNcN49DT9idj4iQIXmtLot5hgy+fpAzK3tMVK
NgcDP/xLdGofaHTYVwoGDFH9EXVTyUBSSwI6s6Tppq4JhZ6K13uoz1J404Xivsuc
V9aCjQYNQ0DRXrMR2yLvKOsyHdWOs/ZGv343J2DfC1zryAE36rp27DjKoM010r+l
yL3sjjKdyhdchu6wrn5MpuPbLiHeais5LDXARWWK/IQtadrBq6vZnmtWa/VrCX9u
yx0khXEBIexqk0q4Wacv+kdQlP5htLYg
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:23:02 2025 by rpki-client