Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C4F06/76E1C47E1D9511E2BE595E7D08B02CD2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.mft
File:                     Oq-A6pfpm5UlszvBM1uwlcLSeKc.mft (raw, json)
Hash identifier:          2G3+6c7iqiX2G3KV/ur1A3x5RPCt25s9e9Ep5vFp4Lg=
Subject key identifier:   40:7A:27:1B:39:3D:62:C5:29:B8:8B:40:0B:D6:58:96:D4:D4:20:03
Authority key identifier: 3A:AF:80:EA:97:E9:9B:95:25:B3:3B:C1:33:5B:B0:95:C2:D2:78:A7
Certificate issuer:       /CN=A91C4F06/serialNumber=3AAF80EA97E99B9525B33BC1335BB095C2D278A7
Certificate serial:       3566
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C4F06/76E1C47E1D9511E2BE595E7D08B02CD2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.mft
Manifest number:          3507
Signing time:             Thu 12 Jun 2025 14:46:55 +0000
Manifest this update:     Thu 12 Jun 2025 14:46:54 +0000
Manifest next update:     Thu 19 Jun 2025 14:46:54 +0000
Files and hashes:         1: Oq-A6pfpm5UlszvBM1uwlcLSeKc.crl (hash: BMZlOmHztgHOQygOjYop682xYMubpzueJC9qBmHm0p4=)
                          2: 1600DBF659C311E9A04B846FC4F9AE02.roa (hash: K9GG+06i99foR/2RXGf0/I8Kvx2roZu5heq1VZdQ+OI=)
                          3: 5A318E06F6A111EBB6318B7EC4F9AE02.roa (hash: VKqO6rf4s4pSFyfrGnTR87o9xy4m/ObtM6kQrJ3USOc=)
                          4: 6F1612BE562511EB9470B150C4F9AE02.roa (hash: JsgxM7O87UBNAKRhO7z2ipB7o5ZRGqkbp9Qr0swNUZI=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91C4F06/76E1C47E1D9511E2BE595E7D08B02CD2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.crl
                          rsync://rpki.apnic.net/member_repository/A91C4F06/76E1C47E1D9511E2BE595E7D08B02CD2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 19 Jun 2025 14:46:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13670 (0x3566)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C4F06, serialNumber=3AAF80EA97E99B9525B33BC1335BB095C2D278A7
        Validity
            Not Before: Jun 12 14:46:54 2025 GMT
            Not After : Jun 19 14:46:54 2025 GMT
        Subject: CN=684ae85f-f47d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:e6:d5:3c:47:6d:71:2f:f7:5d:52:bf:24:51:
                    db:96:fb:67:76:cf:a0:2f:4d:63:13:a0:18:f6:76:
                    ac:c7:f0:f5:03:f4:b5:93:64:0b:ff:11:68:4d:de:
                    45:7a:0e:06:bb:d8:7a:fa:e3:1f:b8:94:e0:a4:14:
                    7a:8b:f2:7b:2d:19:06:c7:5a:09:dc:83:cf:6c:12:
                    a3:e5:d6:47:03:3f:b7:9f:76:53:20:f8:df:c3:27:
                    bf:3d:36:9b:50:fa:7c:eb:8d:d9:ff:f8:5d:42:a0:
                    b8:6e:31:c5:27:91:d0:c6:dd:6f:4d:3e:88:04:bf:
                    f8:33:79:7b:9d:67:ef:db:4c:be:aa:27:f4:26:37:
                    40:99:53:b0:4c:7a:39:90:b9:a1:dc:4a:1f:07:e6:
                    d8:e0:7f:d0:5a:c0:75:1c:4e:1c:68:6d:b1:2c:5f:
                    76:8a:78:d6:5f:3a:75:07:db:e6:f9:29:cf:1c:93:
                    49:5e:f4:be:44:0b:f0:64:84:60:2b:c4:e1:c0:ec:
                    0f:62:77:f1:fa:8a:96:b1:7c:b3:22:88:5e:d3:a2:
                    6e:58:b9:6e:4a:f3:97:f9:09:52:6b:f5:03:12:d7:
                    3c:b0:4d:87:60:45:37:47:6d:2d:8b:8f:8d:d6:16:
                    71:dc:df:53:50:83:9d:0f:43:1e:49:cb:17:f0:14:
                    76:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:7A:27:1B:39:3D:62:C5:29:B8:8B:40:0B:D6:58:96:D4:D4:20:03
            X509v3 Authority Key Identifier:
                keyid:3A:AF:80:EA:97:E9:9B:95:25:B3:3B:C1:33:5B:B0:95:C2:D2:78:A7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C4F06/76E1C47E1D9511E2BE595E7D08B02CD2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C4F06/76E1C47E1D9511E2BE595E7D08B02CD2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:65:e5:59:16:b6:6c:51:12:1a:ad:d0:5e:99:51:ec:58:88:
         22:81:35:dc:90:07:ed:aa:96:b5:48:ec:71:58:a0:3a:00:ae:
         8f:1c:16:f7:ca:64:27:33:80:d6:81:ce:70:9c:02:78:de:59:
         41:da:77:36:99:ca:9f:99:e5:c6:3e:fc:c3:41:3c:77:51:3c:
         bc:32:cc:9c:aa:ef:44:65:63:f4:2a:5c:cf:22:78:26:8a:f5:
         5c:1b:e8:e9:9a:15:ea:10:c3:33:a2:fe:ae:99:b3:b8:f5:36:
         2e:3c:80:c4:6d:aa:45:c2:1b:ff:50:a0:bf:df:a1:a5:32:5b:
         61:9e:0f:1f:b1:bc:84:d7:1e:df:0e:01:bc:9d:02:11:db:66:
         e7:42:d5:17:35:61:62:5d:2f:f8:86:b6:d3:72:88:ff:9a:2f:
         ce:08:63:d2:d4:b7:23:02:a4:69:79:3f:a3:b7:81:e8:49:03:
         0a:a5:92:9b:5c:83:d6:ec:ba:f6:89:d0:fa:f7:37:60:42:a5:
         cc:80:63:28:ba:cb:aa:7b:7f:cb:66:9a:40:1a:f6:a7:b2:cf:
         1d:96:c1:f5:d2:bf:1c:18:5c:a5:22:fc:35:dc:22:54:30:54:
         8b:7e:05:65:9b:a9:8a:54:17:6a:5f:bc:24:cf:42:75:93:a5:
         3d:c1:5b:e0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICNWYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzRGMDYxMTAvBgNVBAUTKDNBQUY4MEVBOTdFOTlCOTUyNUIzM0JDMTMzNUJCMDk1
QzJEMjc4QTcwHhcNMjUwNjEyMTQ0NjU0WhcNMjUwNjE5MTQ0NjU0WjAYMRYwFAYD
VQQDEw02ODRhZTg1Zi1mNDdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwubVPEdtcS/3XVK/JFHblvtnds+gL01jE6AY9nasx/D1A/S1k2QL/xFoTd5F
eg4Gu9h6+uMfuJTgpBR6i/J7LRkGx1oJ3IPPbBKj5dZHAz+3n3ZTIPjfwye/PTab
UPp8643Z//hdQqC4bjHFJ5HQxt1vTT6IBL/4M3l7nWfv20y+qif0JjdAmVOwTHo5
kLmh3EofB+bY4H/QWsB1HE4caG2xLF92injWXzp1B9vm+SnPHJNJXvS+RAvwZIRg
K8ThwOwPYnfx+oqWsXyzIohe06JuWLluSvOX+QlSa/UDEtc8sE2HYEU3R20ti4+N
1hZx3N9TUIOdD0MeScsX8BR2aQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEB6Jxs5
PWLFKbiLQAvWWJbU1CADMB8GA1UdIwQYMBaAFDqvgOqX6ZuVJbM7wTNbsJXC0nin
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNEYwNi83NkUxQzQ3RTFE
OTUxMUUyQkU1OTVFN0QwOEIwMkNEMi9PcS1BNnBmcG01VWxzenZCTTF1d2xjTFNl
S2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09xLUE2cGZwbTVVbHN6dkJNMXV3bGNMU2VLYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
NEYwNi83NkUxQzQ3RTFEOTUxMUUyQkU1OTVFN0QwOEIwMkNEMi9PcS1BNnBmcG01
VWxzenZCTTF1d2xjTFNlS2MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQA4ZeVZFrZsURIardBemVHsWIgigTXckAftqpa1SOxxWKA6AK6PHBb3
ymQnM4DWgc5wnAJ43llB2nc2mcqfmeXGPvzDQTx3UTy8Msycqu9EZWP0KlzPIngm
ivVcG+jpmhXqEMMzov6umbO49TYuPIDEbapFwhv/UKC/36GlMlthng8fsbyE1x7f
DgG8nQIR22bnQtUXNWFiXS/4hrbTcoj/mi/OCGPS1LcjAqRpeT+jt4HoSQMKpZKb
XIPW7Lr2idD69zdgQqXMgGMousuqe3/LZppAGvanss8dlsH10r8cGFylIvw13CJU
MFSLfgVlm6mKVBdqX7wkz0J1k6U9wVvg
-----END CERTIFICATE-----
Generated at Thu Jun 12 16:37:27 2025 by rpki-client