Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE65A/66E6FE36497A11EFAF551842C4F9AE02/KTvwacT02DHu52nVsTnjAh2zSwA.mft
File:                     KTvwacT02DHu52nVsTnjAh2zSwA.mft (raw, json)
Hash identifier:          2nkQ7llp+JkslRTMmbpjpJGLkUnqIpp2cQcSMBKJ4v0=
Subject key identifier:   42:F5:D9:65:A9:F8:BF:6E:53:0B:90:22:90:86:F3:FA:80:AB:5C:33
Authority key identifier: 29:3B:F0:69:C4:F4:D8:31:EE:E7:69:D5:B1:39:E3:02:1D:B3:4B:00
Certificate issuer:       /CN=A91CE65A/serialNumber=293BF069C4F4D831EEE769D5B139E3021DB34B00
Certificate serial:       43
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KTvwacT02DHu52nVsTnjAh2zSwA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91CE65A/66E6FE36497A11EFAF551842C4F9AE02/KTvwacT02DHu52nVsTnjAh2zSwA.mft
Manifest number:          41
Signing time:             Thu 21 Nov 2024 05:31:45 +0000
Manifest this update:     Thu 21 Nov 2024 05:31:44 +0000
Manifest next update:     Thu 28 Nov 2024 05:31:44 +0000
Files and hashes:         1: KTvwacT02DHu52nVsTnjAh2zSwA.crl (hash: mzP+tylP9yfWIjPSk0IHZ1ALfJdiRSwPlJx9rQ9hcCk=)
                          2: 77BDF1A0497B11EFAE69D243C4F9AE02.roa (hash: EAkL+z2TTbEwn03dT2Ny9vtbrcbH4dnoXpbzZjpawbU=)

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91CE65A/66E6FE36497A11EFAF551842C4F9AE02/KTvwacT02DHu52nVsTnjAh2zSwA.crl
                          rsync://rpki.apnic.net/member_repository/A91CE65A/66E6FE36497A11EFAF551842C4F9AE02/KTvwacT02DHu52nVsTnjAh2zSwA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KTvwacT02DHu52nVsTnjAh2zSwA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 28 Nov 2024 05:18:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 67 (0x43)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91CE65A/serialNumber=293BF069C4F4D831EEE769D5B139E3021DB34B00
        Validity
            Not Before: Nov 21 05:31:44 2024 GMT
            Not After : Nov 28 05:31:44 2024 GMT
        Subject: CN=673ec5c0-c0bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:7a:48:15:bf:f4:2e:85:7b:f5:d0:2c:23:fa:
                    38:3c:d6:f5:70:c0:bd:bf:65:a2:7b:07:81:54:d6:
                    7d:2f:48:3d:ee:d1:c2:43:46:d2:4a:e0:37:93:8d:
                    16:eb:82:18:72:5e:66:70:04:d5:df:80:13:db:47:
                    d2:47:df:7a:84:11:e5:eb:27:47:ce:42:55:7e:47:
                    b4:53:72:b5:81:ee:02:88:c3:e7:ae:df:8c:57:08:
                    74:ce:fc:c9:1b:c6:7b:40:06:0c:c3:1c:16:6b:fd:
                    56:8d:63:7b:7d:d6:eb:dd:ae:a5:c8:68:ad:44:b9:
                    52:19:1b:bc:5d:e4:05:25:53:9a:dc:f1:d0:e5:b1:
                    ca:4a:00:9d:c2:ca:b8:ea:61:c1:7d:c3:ef:79:53:
                    de:e5:5c:37:48:fb:c4:8c:08:0b:c8:42:45:be:bf:
                    8d:50:e4:58:53:11:1d:76:ee:66:96:85:fe:0f:08:
                    3d:c6:71:d8:79:e4:28:91:60:61:30:39:de:c8:75:
                    32:64:09:8a:3f:99:c6:55:d8:99:82:a7:c4:ca:c7:
                    b1:9f:c2:5e:ac:e7:6b:3c:ca:52:52:90:75:b8:1b:
                    b9:a5:bd:22:c8:1d:36:27:ab:e9:d7:a6:bc:db:8a:
                    b9:9b:90:c8:16:59:13:75:dd:51:19:2e:75:5a:b6:
                    d7:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:F5:D9:65:A9:F8:BF:6E:53:0B:90:22:90:86:F3:FA:80:AB:5C:33
            X509v3 Authority Key Identifier:
                keyid:29:3B:F0:69:C4:F4:D8:31:EE:E7:69:D5:B1:39:E3:02:1D:B3:4B:00

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91CE65A/66E6FE36497A11EFAF551842C4F9AE02/KTvwacT02DHu52nVsTnjAh2zSwA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KTvwacT02DHu52nVsTnjAh2zSwA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE65A/66E6FE36497A11EFAF551842C4F9AE02/KTvwacT02DHu52nVsTnjAh2zSwA.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:85:58:5f:ec:1e:8c:61:f5:6a:8e:9c:43:44:3e:ba:10:f0:
         4b:fe:48:82:a4:20:d0:07:25:06:f8:f1:7d:13:aa:40:98:58:
         95:43:24:c7:5e:39:85:a4:d7:c2:48:a6:74:4c:7b:ae:ce:47:
         7b:29:c2:7e:1c:de:bb:fe:b5:25:9a:4e:c9:56:0f:ea:25:d7:
         3c:43:08:3f:e8:c7:0b:b1:64:2c:54:d1:0a:9c:d8:2e:84:f0:
         1f:82:61:b4:6f:3a:69:73:93:3a:2c:60:08:48:33:de:2c:e7:
         4d:86:d4:34:85:d1:09:49:9e:c9:a6:a7:37:f8:d0:f8:c6:59:
         aa:4b:c8:1b:be:9a:64:a9:d6:9f:c1:9c:08:e3:05:8d:66:4b:
         64:98:16:96:2a:15:b5:8b:1b:69:b9:53:f0:43:3e:04:bf:bb:
         7d:31:39:b5:89:09:7a:fe:0c:df:22:19:97:fa:ab:0f:8d:ca:
         cb:0a:10:05:3c:3b:fe:9b:36:3f:5c:01:c3:83:20:06:b7:06:
         de:40:f6:89:b6:0b:52:98:9a:1b:d7:99:ab:09:d2:78:93:6c:
         27:12:8d:02:6f:dc:78:c3:22:54:40:7a:c3:02:17:21:ab:70:
         20:1a:5a:b9:89:9c:73:fa:a4:4c:47:d7:9c:88:8b:ef:f9:de:
         b9:1e:53:a9
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBQzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
RTY1QTExMC8GA1UEBRMoMjkzQkYwNjlDNEY0RDgzMUVFRTc2OUQ1QjEzOUUzMDIx
REIzNEIwMDAeFw0yNDExMjEwNTMxNDRaFw0yNDExMjgwNTMxNDRaMBgxFjAUBgNV
BAMTDTY3M2VjNWMwLWMwYmQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDyekgVv/QuhXv10Cwj+jg81vVwwL2/ZaJ7B4FU1n0vSD3u0cJDRtJK4DeTjRbr
ghhyXmZwBNXfgBPbR9JH33qEEeXrJ0fOQlV+R7RTcrWB7gKIw+eu34xXCHTO/Mkb
xntABgzDHBZr/VaNY3t91uvdrqXIaK1EuVIZG7xd5AUlU5rc8dDlscpKAJ3Cyrjq
YcF9w+95U97lXDdI+8SMCAvIQkW+v41Q5FhTER127maWhf4PCD3Gcdh55CiRYGEw
Od7IdTJkCYo/mcZV2JmCp8TKx7Gfwl6s52s8ylJSkHW4G7mlvSLIHTYnq+nXprzb
irmbkMgWWRN13VEZLnVatte7AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUQvXZZan4
v25TC5AikIbz+oCrXDMwHwYDVR0jBBgwFoAUKTvwacT02DHu52nVsTnjAh2zSwAw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNFNjVBLzY2RTZGRTM2NDk3
QTExRUZBRjU1MTg0MkM0RjlBRTAyL0tUdndhY1QwMkRIdTUyblZzVG5qQWgyelN3
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvS1R2d2FjVDAyREh1NTJuVnNUbmpBaDJ6U3dBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL
hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNF
NjVBLzY2RTZGRTM2NDk3QTExRUZBRjU1MTg0MkM0RjlBRTAyL0tUdndhY1QwMkRI
dTUyblZzVG5qQWgyelN3QS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h
cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA
MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL
BQADggEBADqFWF/sHoxh9WqOnENEProQ8Ev+SIKkINAHJQb48X0TqkCYWJVDJMde
OYWk18JIpnRMe67OR3spwn4c3rv+tSWaTslWD+ol1zxDCD/oxwuxZCxU0Qqc2C6E
8B+CYbRvOmlzkzosYAhIM94s502G1DSF0QlJnsmmpzf40PjGWapLyBu+mmSp1p/B
nAjjBY1mS2SYFpYqFbWLG2m5U/BDPgS/u30xObWJCXr+DN8iGZf6qw+NyssKEAU8
O/6bNj9cAcODIAa3Bt5A9om2C1KYmhvXmasJ0niTbCcSjQJv3HjDIlRAesMCFyGr
cCAaWrmJnHP6pExH15yIi+/53rkeU6k=
-----END CERTIFICATE-----
Generated at Thu Nov 21 06:50:50 2024 by rpki-client on console-fra.rpki-client.org