Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE65A/66E6FE36497A11EFAF551842C4F9AE02/KTvwacT02DHu52nVsTnjAh2zSwA.mft
File:                     KTvwacT02DHu52nVsTnjAh2zSwA.mft (raw, json)
Hash identifier:          ifN7x8CTLmDuolt2gH+4i8SehTinNJpmu8CqyYfrHEM=
Subject key identifier:   85:92:DF:9F:F2:E8:91:AD:61:F7:6D:BC:E8:AF:02:90:EE:A2:27:9D
Authority key identifier: 29:3B:F0:69:C4:F4:D8:31:EE:E7:69:D5:B1:39:E3:02:1D:B3:4B:00
Certificate issuer:       /CN=A91CE65A/serialNumber=293BF069C4F4D831EEE769D5B139E3021DB34B00
Certificate serial:       3A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KTvwacT02DHu52nVsTnjAh2zSwA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91CE65A/66E6FE36497A11EFAF551842C4F9AE02/KTvwacT02DHu52nVsTnjAh2zSwA.mft
Manifest number:          38
Signing time:             Sun 03 Nov 2024 05:27:44 +0000
Manifest this update:     Sun 03 Nov 2024 05:27:43 +0000
Manifest next update:     Sun 10 Nov 2024 05:27:43 +0000
Files and hashes:         1: KTvwacT02DHu52nVsTnjAh2zSwA.crl (hash: dxoWQvsdl1b+y12MhqcSW7I7UnnVJqg76jQiPu5RCJw=)
                          2: 77BDF1A0497B11EFAE69D243C4F9AE02.roa (hash: EAkL+z2TTbEwn03dT2Ny9vtbrcbH4dnoXpbzZjpawbU=)

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91CE65A/66E6FE36497A11EFAF551842C4F9AE02/KTvwacT02DHu52nVsTnjAh2zSwA.crl
                          rsync://rpki.apnic.net/member_repository/A91CE65A/66E6FE36497A11EFAF551842C4F9AE02/KTvwacT02DHu52nVsTnjAh2zSwA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KTvwacT02DHu52nVsTnjAh2zSwA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 10 Nov 2024 02:50:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 58 (0x3a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91CE65A/serialNumber=293BF069C4F4D831EEE769D5B139E3021DB34B00
        Validity
            Not Before: Nov  3 05:27:43 2024 GMT
            Not After : Nov 10 05:27:43 2024 GMT
        Subject: CN=672709d0-1967
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:52:d6:6a:b2:4a:71:e6:60:3f:63:4c:4a:0b:
                    fa:62:bd:d0:f5:07:4b:c8:3b:1a:70:c9:81:38:b6:
                    b3:87:55:56:f7:11:ec:a3:fb:4f:50:d6:a6:be:9b:
                    ad:1d:5b:9b:61:ab:6e:88:19:81:18:af:7c:e2:44:
                    a7:7c:44:a0:f7:08:9a:e1:23:4f:4b:66:3b:e9:73:
                    88:2d:5f:7d:b0:e7:18:4e:74:1b:59:bc:6e:94:c9:
                    36:e5:7b:95:9b:cf:e7:53:f5:c1:7f:a8:c9:6b:10:
                    ca:a5:9b:2f:c9:11:8b:1c:8c:c1:2d:bc:83:96:e6:
                    9c:0d:39:07:37:f7:1a:4c:7a:d5:13:eb:1f:0a:68:
                    86:d1:35:13:27:c5:80:ba:17:83:cf:80:a8:5c:73:
                    ef:22:9e:19:1d:0a:98:37:50:db:05:5b:53:63:7f:
                    e8:ea:1f:11:29:31:c4:2e:ad:44:fd:12:bc:0c:ee:
                    dc:a9:a9:3d:98:b7:8a:b2:90:48:3c:eb:b9:83:c5:
                    67:42:4a:94:da:b5:be:e8:15:a1:7d:cb:8e:d8:f8:
                    a2:a2:94:ea:40:73:ee:e1:71:de:e0:9c:d4:f5:cf:
                    75:37:47:55:9c:ce:85:a2:06:d8:bd:fd:b6:66:94:
                    e0:17:a0:0f:c3:06:82:6c:d8:0d:dd:f0:23:fa:5d:
                    66:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:92:DF:9F:F2:E8:91:AD:61:F7:6D:BC:E8:AF:02:90:EE:A2:27:9D
            X509v3 Authority Key Identifier:
                keyid:29:3B:F0:69:C4:F4:D8:31:EE:E7:69:D5:B1:39:E3:02:1D:B3:4B:00

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91CE65A/66E6FE36497A11EFAF551842C4F9AE02/KTvwacT02DHu52nVsTnjAh2zSwA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KTvwacT02DHu52nVsTnjAh2zSwA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE65A/66E6FE36497A11EFAF551842C4F9AE02/KTvwacT02DHu52nVsTnjAh2zSwA.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:cb:cb:76:f0:83:8f:5b:15:18:f6:7e:ce:15:58:5a:96:5d:
         6f:ce:e2:df:11:53:98:91:c0:cd:09:44:dd:9c:aa:ab:4f:8e:
         d2:14:d5:6b:16:d2:5b:97:eb:67:8b:3c:d7:77:96:b8:ce:7a:
         ac:43:b9:ba:13:6f:7b:6f:86:73:60:93:a1:d5:d4:6c:bf:e1:
         bc:09:19:dd:8d:36:eb:6d:7b:62:8b:66:37:f5:91:c0:a4:e9:
         6c:38:7b:3d:b2:88:d0:31:6a:65:d6:16:80:52:01:60:c9:e2:
         f3:87:89:81:08:84:04:9c:3c:12:f3:56:d9:b7:dc:98:1f:cd:
         4a:44:db:b6:3a:5d:24:49:f1:20:21:1a:c3:fc:3a:6d:a6:5f:
         4e:ac:7a:04:72:1b:5e:3e:58:71:07:1b:0d:59:26:ca:9e:5a:
         2b:72:62:e9:67:85:ae:6e:ea:41:92:49:d4:4c:71:aa:ba:ba:
         32:89:b5:e3:db:50:45:ec:1c:d9:c9:73:50:5c:3f:fb:45:40:
         7c:5d:8f:b5:6d:d1:f6:7d:1e:78:c4:bd:9b:91:6c:2d:3f:05:
         f8:cf:cb:af:90:96:19:36:9f:fb:ec:f8:ec:d8:6f:13:58:e1:
         6b:3c:d7:26:22:21:31:91:d4:21:23:21:ff:3b:33:6a:ca:29:
         0b:f5:78:37
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBOjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
RTY1QTExMC8GA1UEBRMoMjkzQkYwNjlDNEY0RDgzMUVFRTc2OUQ1QjEzOUUzMDIx
REIzNEIwMDAeFw0yNDExMDMwNTI3NDNaFw0yNDExMTAwNTI3NDNaMBgxFjAUBgNV
BAMTDTY3MjcwOWQwLTE5NjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDWUtZqskpx5mA/Y0xKC/pivdD1B0vIOxpwyYE4trOHVVb3Eeyj+09Q1qa+m60d
W5thq26IGYEYr3ziRKd8RKD3CJrhI09LZjvpc4gtX32w5xhOdBtZvG6UyTble5Wb
z+dT9cF/qMlrEMqlmy/JEYscjMEtvIOW5pwNOQc39xpMetUT6x8KaIbRNRMnxYC6
F4PPgKhcc+8inhkdCpg3UNsFW1Njf+jqHxEpMcQurUT9ErwM7typqT2Yt4qykEg8
67mDxWdCSpTatb7oFaF9y47Y+KKilOpAc+7hcd7gnNT1z3U3R1WczoWiBti9/bZm
lOAXoA/DBoJs2A3d8CP6XWYhAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUhZLfn/Lo
ka1h92286K8CkO6iJ50wHwYDVR0jBBgwFoAUKTvwacT02DHu52nVsTnjAh2zSwAw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNFNjVBLzY2RTZGRTM2NDk3
QTExRUZBRjU1MTg0MkM0RjlBRTAyL0tUdndhY1QwMkRIdTUyblZzVG5qQWgyelN3
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvS1R2d2FjVDAyREh1NTJuVnNUbmpBaDJ6U3dBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL
hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNF
NjVBLzY2RTZGRTM2NDk3QTExRUZBRjU1MTg0MkM0RjlBRTAyL0tUdndhY1QwMkRI
dTUyblZzVG5qQWgyelN3QS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h
cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA
MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL
BQADggEBABXLy3bwg49bFRj2fs4VWFqWXW/O4t8RU5iRwM0JRN2cqqtPjtIU1WsW
0luX62eLPNd3lrjOeqxDuboTb3tvhnNgk6HV1Gy/4bwJGd2NNutte2KLZjf1kcCk
6Ww4ez2yiNAxamXWFoBSAWDJ4vOHiYEIhAScPBLzVtm33JgfzUpE27Y6XSRJ8SAh
GsP8Om2mX06segRyG14+WHEHGw1ZJsqeWityYulnha5u6kGSSdRMcaq6ujKJtePb
UEXsHNnJc1BcP/tFQHxdj7Vt0fZ9HnjEvZuRbC0/BfjPy6+Qlhk2n/vs+OzYbxNY
4Ws81yYiITGR1CEjIf87M2rKKQv1eDc=
-----END CERTIFICATE-----
Generated at Sun Nov 3 06:59:52 2024 by rpki-client on console-ams.rpki-client.org