Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B9EC7/E63F2F8A82A311EE9B117357C4F9AE02/MG40-oTaCQxgAbNUZLuMQmNX2Sg.mft
File:                     MG40-oTaCQxgAbNUZLuMQmNX2Sg.mft (raw, json)
Hash identifier:          t1lnuXxxXOmlTQuwKXeFAeB0tTxnth3KH35QOrCpjhc=
Subject key identifier:   AE:F9:0C:2A:1F:69:B9:31:5C:BE:3C:29:11:93:6E:57:8F:FD:6D:B5
Authority key identifier: 30:6E:34:FA:84:DA:09:0C:60:01:B3:54:64:BB:8C:42:63:57:D9:28
Certificate issuer:       /CN=A91B9EC7/serialNumber=306E34FA84DA090C6001B35464BB8C426357D928
Certificate serial:       0129
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MG40-oTaCQxgAbNUZLuMQmNX2Sg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B9EC7/E63F2F8A82A311EE9B117357C4F9AE02/MG40-oTaCQxgAbNUZLuMQmNX2Sg.mft
Manifest number:          0127
Signing time:             Fri 13 Jun 2025 03:35:17 +0000
Manifest this update:     Fri 13 Jun 2025 03:35:16 +0000
Manifest next update:     Fri 20 Jun 2025 03:35:16 +0000
Files and hashes:         1: MG40-oTaCQxgAbNUZLuMQmNX2Sg.crl (hash: kcZtuIgYKx0YPz2Wo35NUWRLMBYi/t8u7zd5cHw9vN8=)
                          2: 02FC3E3C82A511EEA1F2710DC4F9AE02.roa (hash: 6W6Gywd7YHiIdjjDyCFNskNZyB3wgY++Ir7hfO/X2TY=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91B9EC7/E63F2F8A82A311EE9B117357C4F9AE02/MG40-oTaCQxgAbNUZLuMQmNX2Sg.crl
                          rsync://rpki.apnic.net/member_repository/A91B9EC7/E63F2F8A82A311EE9B117357C4F9AE02/MG40-oTaCQxgAbNUZLuMQmNX2Sg.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MG40-oTaCQxgAbNUZLuMQmNX2Sg.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 20 Jun 2025 03:35:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 297 (0x129)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B9EC7, serialNumber=306E34FA84DA090C6001B35464BB8C426357D928
        Validity
            Not Before: Jun 13 03:35:16 2025 GMT
            Not After : Jun 20 03:35:16 2025 GMT
        Subject: CN=684b9c74-0dce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:3c:aa:bf:91:16:c5:39:ee:9d:63:40:e7:73:
                    b4:79:69:40:13:ce:64:de:b9:e4:97:62:0f:69:66:
                    e8:11:07:83:0b:fe:fc:db:fd:3b:58:57:49:5a:2b:
                    64:af:63:3f:5c:71:ec:be:a4:5a:ab:e3:7d:4f:77:
                    fa:d4:42:b3:7c:65:b5:32:85:cb:59:0b:f3:1c:3f:
                    1b:2b:77:b4:94:76:43:db:38:1c:bb:76:35:a5:10:
                    ce:1a:7d:69:ee:75:57:ea:ff:e1:c0:44:06:66:b2:
                    ae:ac:31:11:7a:8e:b9:32:f9:a2:ca:df:5d:9d:4d:
                    8c:c9:6f:21:ae:72:65:05:3f:1c:44:ef:1a:aa:e9:
                    2c:42:0e:90:ca:98:ef:6b:36:62:e6:33:41:93:0f:
                    33:d2:02:1f:a2:97:3e:30:8d:43:c5:c7:79:e1:3b:
                    eb:0c:33:fc:bd:f2:87:53:3b:45:8d:3f:55:66:cb:
                    11:c3:d7:96:c5:16:be:a3:5e:c3:bc:99:84:9e:30:
                    b1:ba:7a:cb:42:52:dc:57:01:ae:5b:45:4b:48:87:
                    ef:50:bb:a8:f9:af:dc:a2:b6:5a:e5:8d:c3:10:35:
                    72:35:06:4e:aa:75:4c:58:57:c6:43:8a:d1:29:80:
                    c6:9f:42:09:45:d3:fb:ab:d0:10:b1:10:8a:74:5b:
                    53:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:F9:0C:2A:1F:69:B9:31:5C:BE:3C:29:11:93:6E:57:8F:FD:6D:B5
            X509v3 Authority Key Identifier:
                keyid:30:6E:34:FA:84:DA:09:0C:60:01:B3:54:64:BB:8C:42:63:57:D9:28

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B9EC7/E63F2F8A82A311EE9B117357C4F9AE02/MG40-oTaCQxgAbNUZLuMQmNX2Sg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MG40-oTaCQxgAbNUZLuMQmNX2Sg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B9EC7/E63F2F8A82A311EE9B117357C4F9AE02/MG40-oTaCQxgAbNUZLuMQmNX2Sg.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:d1:42:2a:a0:e0:50:a2:05:08:33:fc:48:00:96:83:cc:7d:
         00:c9:f1:c9:3f:df:05:dc:54:29:93:6b:0e:91:47:c2:64:3d:
         1e:44:bc:6a:fd:24:68:76:54:6b:83:52:37:90:54:03:bd:31:
         a6:98:f2:00:cf:1c:2f:d9:0f:3c:7d:89:9e:26:71:eb:8a:97:
         c0:1e:0e:f5:ca:e8:8f:58:51:10:ec:83:3f:83:61:2b:ce:7e:
         da:f8:9b:4d:40:c7:30:03:c7:98:78:7e:5e:74:87:7b:89:9b:
         d9:2d:ec:52:a1:95:98:c1:03:23:a9:b0:b6:ae:23:f8:0a:06:
         ba:b5:1b:02:7e:e9:d9:de:07:78:df:5d:f6:f1:01:e0:48:6e:
         2e:ff:72:f6:60:19:91:dd:93:41:75:75:7f:c3:31:58:1d:62:
         9e:72:ac:49:ef:db:e4:9a:16:05:5b:cb:79:dc:c4:ab:79:f7:
         00:59:cd:f3:60:2b:3f:23:a5:f7:f9:f7:e8:0f:59:fc:ae:1c:
         ba:14:f2:26:9d:ef:60:33:dd:55:a2:68:4b:b7:a6:78:89:b2:
         dd:7b:fd:45:24:76:d5:0f:10:dc:43:45:af:47:4c:df:9e:f2:
         a9:60:be:91:af:f0:71:55:03:0b:29:67:20:ba:bb:d7:cb:36:
         89:dc:82:ed
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICASkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjlFQzcxMTAvBgNVBAUTKDMwNkUzNEZBODREQTA5MEM2MDAxQjM1NDY0QkI4QzQy
NjM1N0Q5MjgwHhcNMjUwNjEzMDMzNTE2WhcNMjUwNjIwMDMzNTE2WjAYMRYwFAYD
VQQDEw02ODRiOWM3NC0wZGNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxDyqv5EWxTnunWNA53O0eWlAE85k3rnkl2IPaWboEQeDC/782/07WFdJWitk
r2M/XHHsvqRaq+N9T3f61EKzfGW1MoXLWQvzHD8bK3e0lHZD2zgcu3Y1pRDOGn1p
7nVX6v/hwEQGZrKurDEReo65Mvmiyt9dnU2MyW8hrnJlBT8cRO8aquksQg6Qypjv
azZi5jNBkw8z0gIfopc+MI1Dxcd54TvrDDP8vfKHUztFjT9VZssRw9eWxRa+o17D
vJmEnjCxunrLQlLcVwGuW0VLSIfvULuo+a/corZa5Y3DEDVyNQZOqnVMWFfGQ4rR
KYDGn0IJRdP7q9AQsRCKdFtTgwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFK75DCof
abkxXL48KRGTbleP/W21MB8GA1UdIwQYMBaAFDBuNPqE2gkMYAGzVGS7jEJjV9ko
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOUVDNy9FNjNGMkY4QTgy
QTMxMUVFOUIxMTczNTdDNEY5QUUwMi9NRzQwLW9UYUNReGdBYk5VWkx1TVFtTlgy
U2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01HNDAtb1RhQ1F4Z0FiTlVaTHVNUW1OWDJTZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
OUVDNy9FNjNGMkY4QTgyQTMxMUVFOUIxMTczNTdDNEY5QUUwMi9NRzQwLW9UYUNR
eGdBYk5VWkx1TVFtTlgyU2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBJ0UIqoOBQogUIM/xIAJaDzH0AyfHJP98F3FQpk2sOkUfCZD0eRLxq
/SRodlRrg1I3kFQDvTGmmPIAzxwv2Q88fYmeJnHripfAHg71yuiPWFEQ7IM/g2Er
zn7a+JtNQMcwA8eYeH5edId7iZvZLexSoZWYwQMjqbC2riP4Cga6tRsCfunZ3gd4
31328QHgSG4u/3L2YBmR3ZNBdXV/wzFYHWKecqxJ79vkmhYFW8t53MSrefcAWc3z
YCs/I6X3+ffoD1n8rhy6FPImne9gM91VomhLt6Z4ibLde/1FJHbVDxDcQ0WvR0zf
nvKpYL6Rr/BxVQMLKWcgurvXyzaJ3ILt
-----END CERTIFICATE-----
Generated at Fri Jun 13 20:57:00 2025 by rpki-client