Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91D2CDA/2C7E72B85A1611EF82B6D912C4F9AE02/DlRiWWwMbnfhibUb4m4lyRU4xVw.mft
File:                     DlRiWWwMbnfhibUb4m4lyRU4xVw.mft (raw, json)
Hash identifier:          YCIdk+4llpYQyT/trbNUfInvtCqZcC84cREC22t3k6U=
Subject key identifier:   DD:9C:59:32:49:C6:2C:CA:5D:38:18:92:4B:A4:07:FA:E9:91:A5:AE
Authority key identifier: 0E:54:62:59:6C:0C:6E:77:E1:89:B5:1B:E2:6E:25:C9:15:38:C5:5C
Certificate issuer:       /CN=A91D2CDA/serialNumber=0E5462596C0C6E77E189B51BE26E25C91538C55C
Certificate serial:       33
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DlRiWWwMbnfhibUb4m4lyRU4xVw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91D2CDA/2C7E72B85A1611EF82B6D912C4F9AE02/DlRiWWwMbnfhibUb4m4lyRU4xVw.mft
Manifest number:          31
Signing time:             Sat 09 Nov 2024 05:36:41 +0000
Manifest this update:     Sat 09 Nov 2024 05:36:40 +0000
Manifest next update:     Sat 16 Nov 2024 05:36:40 +0000
Files and hashes:         1: DlRiWWwMbnfhibUb4m4lyRU4xVw.crl (hash: hY0jgAN6VF8mXlJT4hx1CI+m4Qbu21ivkw219s8y+m8=)
                          2: 609701825A1611EF9ED11513C4F9AE02.roa (hash: bgNsvlct6cf/BWMOzM4D0nnTwsIX5vRKPjJTejU5LP8=)

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91D2CDA/2C7E72B85A1611EF82B6D912C4F9AE02/DlRiWWwMbnfhibUb4m4lyRU4xVw.crl
                          rsync://rpki.apnic.net/member_repository/A91D2CDA/2C7E72B85A1611EF82B6D912C4F9AE02/DlRiWWwMbnfhibUb4m4lyRU4xVw.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DlRiWWwMbnfhibUb4m4lyRU4xVw.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 16 Nov 2024 02:50:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 51 (0x33)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D2CDA/serialNumber=0E5462596C0C6E77E189B51BE26E25C91538C55C
        Validity
            Not Before: Nov  9 05:36:40 2024 GMT
            Not After : Nov 16 05:36:40 2024 GMT
        Subject: CN=672ef4e9-e806
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:2d:bc:44:42:ed:05:03:2b:39:ed:a0:65:d3:
                    b6:ce:c4:ec:82:7b:7e:e3:49:c8:e3:79:bf:08:13:
                    57:85:17:b4:af:28:7a:08:84:3d:6f:6b:cb:62:d7:
                    98:c7:b6:42:f8:b2:80:3e:47:91:87:74:18:5b:1d:
                    50:32:2c:c0:6e:94:a9:ba:b8:63:e9:90:e8:fa:73:
                    99:70:e5:1f:92:8f:5b:46:be:18:ff:ae:49:8c:12:
                    ee:d1:25:50:87:09:af:49:c9:f9:f0:67:7a:cc:e9:
                    37:7c:c3:7b:7d:76:ac:4b:c0:68:68:8b:41:8f:18:
                    89:81:9f:a3:0a:f8:03:58:fb:18:54:ce:1a:99:18:
                    5c:c2:e3:28:ba:10:a1:e3:aa:1e:c0:f8:cc:e9:40:
                    59:e2:3b:11:de:b5:b5:c9:72:47:47:b5:f2:df:d6:
                    91:4f:d1:9e:f1:0e:a9:a7:17:84:3f:87:a0:ba:e2:
                    0c:46:7e:5f:b5:90:4e:5a:00:7c:1e:32:b5:69:ef:
                    97:b6:f9:7e:fe:99:37:41:2a:e7:3a:8a:33:90:15:
                    bb:8f:c6:25:4d:57:ab:ac:76:0c:2f:d9:aa:b5:08:
                    7c:45:ae:63:3f:7e:2d:9d:e8:05:99:e2:fd:01:9b:
                    b6:eb:49:24:18:28:52:b8:3b:c4:c0:d5:78:3f:cf:
                    14:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:9C:59:32:49:C6:2C:CA:5D:38:18:92:4B:A4:07:FA:E9:91:A5:AE
            X509v3 Authority Key Identifier:
                keyid:0E:54:62:59:6C:0C:6E:77:E1:89:B5:1B:E2:6E:25:C9:15:38:C5:5C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91D2CDA/2C7E72B85A1611EF82B6D912C4F9AE02/DlRiWWwMbnfhibUb4m4lyRU4xVw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DlRiWWwMbnfhibUb4m4lyRU4xVw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D2CDA/2C7E72B85A1611EF82B6D912C4F9AE02/DlRiWWwMbnfhibUb4m4lyRU4xVw.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:b2:90:60:ee:18:ef:86:7a:13:25:a6:54:19:55:c8:2c:b5:
         c3:8d:09:0f:ab:d8:90:8f:49:4e:5d:c0:d7:dc:0e:d2:f4:e3:
         5a:34:b4:62:69:0c:1e:d6:3c:3d:75:01:df:42:b0:6d:01:c0:
         f2:40:a7:11:b5:1a:ef:cf:9a:6d:a7:c0:2c:21:5e:de:87:63:
         11:91:60:d2:06:71:d7:05:5d:3d:60:8f:54:55:5c:c9:04:0e:
         a6:ed:29:57:72:b3:31:9d:9d:3a:30:0e:2a:a0:99:87:88:fd:
         b9:6f:38:9c:18:ac:fc:45:92:00:19:58:b5:a5:99:45:74:08:
         30:2a:52:99:4e:2c:9a:9a:47:95:31:aa:be:b9:f8:5e:3f:d6:
         b1:54:4b:2d:1f:6c:80:fb:5e:3c:ad:d2:64:98:e8:71:3a:ec:
         e4:77:45:93:71:32:56:2d:4f:5d:50:e4:10:ce:1b:b4:6d:e6:
         54:2e:72:a1:69:7d:e2:64:d4:ce:a1:45:d9:8e:63:45:df:81:
         b4:c0:74:ab:1c:11:e5:bd:8b:95:3e:54:5f:cb:58:32:24:3b:
         0e:cb:78:92:34:5f:00:6a:6c:18:89:d2:13:cd:13:f8:9e:d8:
         19:2a:38:56:b4:cf:ad:b9:e7:14:79:13:5f:43:44:0b:ae:89:
         11:57:12:a9
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBMzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
MkNEQTExMC8GA1UEBRMoMEU1NDYyNTk2QzBDNkU3N0UxODlCNTFCRTI2RTI1Qzkx
NTM4QzU1QzAeFw0yNDExMDkwNTM2NDBaFw0yNDExMTYwNTM2NDBaMBgxFjAUBgNV
BAMTDTY3MmVmNGU5LWU4MDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC5LbxEQu0FAys57aBl07bOxOyCe37jScjjeb8IE1eFF7SvKHoIhD1va8ti15jH
tkL4soA+R5GHdBhbHVAyLMBulKm6uGPpkOj6c5lw5R+Sj1tGvhj/rkmMEu7RJVCH
Ca9JyfnwZ3rM6Td8w3t9dqxLwGhoi0GPGImBn6MK+ANY+xhUzhqZGFzC4yi6EKHj
qh7A+MzpQFniOxHetbXJckdHtfLf1pFP0Z7xDqmnF4Q/h6C64gxGfl+1kE5aAHwe
MrVp75e2+X7+mTdBKuc6ijOQFbuPxiVNV6usdgwv2aq1CHxFrmM/fi2d6AWZ4v0B
m7brSSQYKFK4O8TA1Xg/zxQrAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU3ZxZMknG
LMpdOBiSS6QH+umRpa4wHwYDVR0jBBgwFoAUDlRiWWwMbnfhibUb4m4lyRU4xVww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQyQ0RBLzJDN0U3MkI4NUEx
NjExRUY4MkI2RDkxMkM0RjlBRTAyL0RsUmlXV3dNYm5maGliVWI0bTRseVJVNHhW
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvRGxSaVdXd01ibmZoaWJVYjRtNGx5UlU0eFZ3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL
hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQy
Q0RBLzJDN0U3MkI4NUExNjExRUY4MkI2RDkxMkM0RjlBRTAyL0RsUmlXV3dNYm5m
aGliVWI0bTRseVJVNHhWdy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h
cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA
MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL
BQADggEBAHyykGDuGO+GehMlplQZVcgstcONCQ+r2JCPSU5dwNfcDtL041o0tGJp
DB7WPD11Ad9CsG0BwPJApxG1Gu/Pmm2nwCwhXt6HYxGRYNIGcdcFXT1gj1RVXMkE
DqbtKVdyszGdnTowDiqgmYeI/blvOJwYrPxFkgAZWLWlmUV0CDAqUplOLJqaR5Ux
qr65+F4/1rFUSy0fbID7Xjyt0mSY6HE67OR3RZNxMlYtT11Q5BDOG7Rt5lQucqFp
feJk1M6hRdmOY0XfgbTAdKscEeW9i5U+VF/LWDIkOw7LeJI0XwBqbBiJ0hPNE/ie
2BkqOFa0z6255xR5E19DRAuuiRFXEqk=
-----END CERTIFICATE-----
Generated at Sat Nov 9 08:10:02 2024 by rpki-client on console-ams.rpki-client.org