Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C4F06/76E1C47E1D9511E2BE595E7D08B02CD2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.mft
File:                     Oq-A6pfpm5UlszvBM1uwlcLSeKc.mft (raw, json)
Hash identifier:          f6rxzjF6RgykwuEAyIJPkAciwrm7zsD/M8t6NI9muyc=
Subject key identifier:   D2:5F:BE:7E:40:BC:EC:92:E2:D4:17:4F:02:A9:32:A0:EA:9D:C4:7E
Authority key identifier: 3A:AF:80:EA:97:E9:9B:95:25:B3:3B:C1:33:5B:B0:95:C2:D2:78:A7
Certificate issuer:       /CN=A91C4F06/serialNumber=3AAF80EA97E99B9525B33BC1335BB095C2D278A7
Certificate serial:       3565
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C4F06/76E1C47E1D9511E2BE595E7D08B02CD2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.mft
Manifest number:          3506
Signing time:             Tue 10 Jun 2025 14:48:02 +0000
Manifest this update:     Tue 10 Jun 2025 14:48:02 +0000
Manifest next update:     Tue 17 Jun 2025 14:48:02 +0000
Files and hashes:         1: Oq-A6pfpm5UlszvBM1uwlcLSeKc.crl (hash: jQm71BaGcgnXSs86ISQj7JjWykMrDz240p8oAFSR0sQ=)
                          2: 1600DBF659C311E9A04B846FC4F9AE02.roa (hash: K9GG+06i99foR/2RXGf0/I8Kvx2roZu5heq1VZdQ+OI=)
                          3: 5A318E06F6A111EBB6318B7EC4F9AE02.roa (hash: VKqO6rf4s4pSFyfrGnTR87o9xy4m/ObtM6kQrJ3USOc=)
                          4: 6F1612BE562511EB9470B150C4F9AE02.roa (hash: JsgxM7O87UBNAKRhO7z2ipB7o5ZRGqkbp9Qr0swNUZI=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91C4F06/76E1C47E1D9511E2BE595E7D08B02CD2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.crl
                          rsync://rpki.apnic.net/member_repository/A91C4F06/76E1C47E1D9511E2BE595E7D08B02CD2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 17 Jun 2025 14:48:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13669 (0x3565)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C4F06, serialNumber=3AAF80EA97E99B9525B33BC1335BB095C2D278A7
        Validity
            Not Before: Jun 10 14:48:02 2025 GMT
            Not After : Jun 17 14:48:02 2025 GMT
        Subject: CN=684845a2-3103
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:77:e8:8c:d1:2d:63:01:de:62:96:bf:2c:93:
                    58:12:c2:ca:78:3f:2b:59:71:2d:ab:0b:f6:81:5d:
                    0b:08:74:12:18:7f:05:b5:85:91:83:b0:23:1f:c0:
                    5c:ea:95:b5:6a:3d:8f:71:d6:cc:b6:d7:9e:d7:ac:
                    46:cc:31:77:6b:f3:00:0a:40:24:a7:64:3d:a5:b2:
                    76:28:76:c3:78:b8:d6:8d:bb:90:04:05:b6:dd:28:
                    fd:44:67:0b:6f:ca:97:3b:ca:ec:fe:ab:95:15:5f:
                    83:57:88:48:4f:f1:6a:79:82:8d:ef:75:88:59:ab:
                    3a:e6:dc:d6:a9:17:ef:f4:46:e2:fa:2e:dd:92:66:
                    c0:71:2e:98:be:0c:2b:b3:00:ad:e6:dc:6b:85:fc:
                    90:c3:6d:30:01:8f:e9:a7:53:9c:42:d8:ae:f0:d0:
                    4a:b8:d6:1c:75:3a:cf:53:83:88:68:b1:01:7d:d8:
                    93:97:49:a9:5b:11:b4:83:f4:fd:0e:a7:bb:6e:66:
                    88:9e:fa:0c:10:80:ec:3e:88:8e:f5:fd:00:86:10:
                    aa:44:99:3f:40:a9:28:60:5f:3d:5b:09:38:57:98:
                    67:3d:7a:65:84:10:62:fa:6a:ee:8c:ff:50:c0:2f:
                    3e:68:23:89:1c:97:28:e1:b2:84:e9:b8:30:85:05:
                    00:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:5F:BE:7E:40:BC:EC:92:E2:D4:17:4F:02:A9:32:A0:EA:9D:C4:7E
            X509v3 Authority Key Identifier:
                keyid:3A:AF:80:EA:97:E9:9B:95:25:B3:3B:C1:33:5B:B0:95:C2:D2:78:A7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C4F06/76E1C47E1D9511E2BE595E7D08B02CD2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C4F06/76E1C47E1D9511E2BE595E7D08B02CD2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:6e:1f:95:79:b9:87:f3:c2:ea:05:af:63:75:9a:eb:1b:1d:
         29:aa:ea:a4:c4:65:a7:ff:16:97:3b:2b:fb:41:ba:51:fc:d9:
         a4:be:f9:cb:02:d4:ba:55:92:6f:90:7c:73:31:f4:91:2b:9e:
         c6:59:3c:45:9a:32:08:16:d1:c7:49:93:29:80:82:0b:65:65:
         01:1f:0d:ac:fa:f0:22:93:a7:a9:cd:70:ff:45:cb:c9:81:d6:
         d9:82:7b:47:81:af:a2:f6:86:f3:d5:c4:9e:66:73:89:f0:2f:
         92:14:5d:a4:9c:50:65:ce:3a:a0:22:d0:e5:8b:dd:4f:e9:ac:
         f4:f6:6a:52:57:dd:fa:b9:14:2a:4c:f1:8c:0d:0a:06:71:a6:
         1f:3e:e3:08:e6:76:e4:c7:65:48:50:2a:80:7a:92:fa:15:e2:
         24:5f:a1:a8:42:cf:ec:3c:2d:83:28:13:1f:29:52:e4:6a:58:
         29:a8:24:66:da:4e:a5:a9:9f:39:89:98:37:24:15:5f:b5:7a:
         7a:84:d7:97:c0:9f:f4:27:d4:70:17:0b:12:9e:eb:91:ba:72:
         c7:b1:d8:ab:ac:ed:cf:20:57:2c:2d:d1:f5:a8:c3:64:7f:37:
         2b:4a:ab:77:d2:c6:a8:26:64:d8:17:4d:30:46:8b:a3:7d:bf:
         98:2b:a0:0f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICNWUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzRGMDYxMTAvBgNVBAUTKDNBQUY4MEVBOTdFOTlCOTUyNUIzM0JDMTMzNUJCMDk1
QzJEMjc4QTcwHhcNMjUwNjEwMTQ0ODAyWhcNMjUwNjE3MTQ0ODAyWjAYMRYwFAYD
VQQDEw02ODQ4NDVhMi0zMTAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyHfojNEtYwHeYpa/LJNYEsLKeD8rWXEtqwv2gV0LCHQSGH8FtYWRg7AjH8Bc
6pW1aj2PcdbMttee16xGzDF3a/MACkAkp2Q9pbJ2KHbDeLjWjbuQBAW23Sj9RGcL
b8qXO8rs/quVFV+DV4hIT/FqeYKN73WIWas65tzWqRfv9Ebi+i7dkmbAcS6Yvgwr
swCt5txrhfyQw20wAY/pp1OcQtiu8NBKuNYcdTrPU4OIaLEBfdiTl0mpWxG0g/T9
Dqe7bmaInvoMEIDsPoiO9f0AhhCqRJk/QKkoYF89Wwk4V5hnPXplhBBi+mrujP9Q
wC8+aCOJHJco4bKE6bgwhQUAiwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNJfvn5A
vOyS4tQXTwKpMqDqncR+MB8GA1UdIwQYMBaAFDqvgOqX6ZuVJbM7wTNbsJXC0nin
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNEYwNi83NkUxQzQ3RTFE
OTUxMUUyQkU1OTVFN0QwOEIwMkNEMi9PcS1BNnBmcG01VWxzenZCTTF1d2xjTFNl
S2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09xLUE2cGZwbTVVbHN6dkJNMXV3bGNMU2VLYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
NEYwNi83NkUxQzQ3RTFEOTUxMUUyQkU1OTVFN0QwOEIwMkNEMi9PcS1BNnBmcG01
VWxzenZCTTF1d2xjTFNlS2MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCnbh+VebmH88LqBa9jdZrrGx0pquqkxGWn/xaXOyv7QbpR/NmkvvnL
AtS6VZJvkHxzMfSRK57GWTxFmjIIFtHHSZMpgIILZWUBHw2s+vAik6epzXD/RcvJ
gdbZgntHga+i9obz1cSeZnOJ8C+SFF2knFBlzjqgItDli91P6az09mpSV936uRQq
TPGMDQoGcaYfPuMI5nbkx2VIUCqAepL6FeIkX6GoQs/sPC2DKBMfKVLkalgpqCRm
2k6lqZ85iZg3JBVftXp6hNeXwJ/0J9RwFwsSnuuRunLHsdirrO3PIFcsLdH1qMNk
fzcrSqt30saoJmTYF00wRoujfb+YK6AP
-----END CERTIFICATE-----
Generated at Wed Jun 11 07:46:07 2025 by rpki-client