Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91D3D50/15464FD6050111EAAD97252CC4F9AE02/9R3GadtZYYTQv5SqHkHl3hWejaU.mft
File:                     9R3GadtZYYTQv5SqHkHl3hWejaU.mft (raw, json)
Hash identifier:          XbOzMzWKIQsd9F+O/hXAoIzStlD1UxHqdfjU4Ojjj6k=
Subject key identifier:   04:93:4D:25:07:F8:3D:B9:C0:DF:6E:F1:47:8A:31:30:11:59:5E:B8
Authority key identifier: F5:1D:C6:69:DB:59:61:84:D0:BF:94:AA:1E:41:E5:DE:15:9E:8D:A5
Certificate issuer:       /CN=A91D3D50/serialNumber=F51DC669DB596184D0BF94AA1E41E5DE159E8DA5
Certificate serial:       0C5C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9R3GadtZYYTQv5SqHkHl3hWejaU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91D3D50/15464FD6050111EAAD97252CC4F9AE02/9R3GadtZYYTQv5SqHkHl3hWejaU.mft
Manifest number:          0C52
Signing time:             Thu 12 Jun 2025 18:15:13 +0000
Manifest this update:     Thu 12 Jun 2025 18:15:12 +0000
Manifest next update:     Thu 19 Jun 2025 18:15:12 +0000
Files and hashes:         1: 9R3GadtZYYTQv5SqHkHl3hWejaU.crl (hash: HaBUmMfCldi4lr04kos5pwn3WCwi4cXOBm9uZvTZ/AI=)
                          2: 2DE1069C050311EA93648E33C4F9AE02.roa (hash: lPRimtAIP991qjg2zYQ9MB+u2MSznOVIg7X2f5y/SnM=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91D3D50/15464FD6050111EAAD97252CC4F9AE02/9R3GadtZYYTQv5SqHkHl3hWejaU.crl
                          rsync://rpki.apnic.net/member_repository/A91D3D50/15464FD6050111EAAD97252CC4F9AE02/9R3GadtZYYTQv5SqHkHl3hWejaU.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9R3GadtZYYTQv5SqHkHl3hWejaU.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 19 Jun 2025 18:15:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3164 (0xc5c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D3D50, serialNumber=F51DC669DB596184D0BF94AA1E41E5DE159E8DA5
        Validity
            Not Before: Jun 12 18:15:12 2025 GMT
            Not After : Jun 19 18:15:12 2025 GMT
        Subject: CN=684b1931-ed6f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:ac:a3:55:c1:e7:63:9e:69:c8:93:30:8e:5a:
                    50:47:d3:f0:ee:10:50:ff:f6:28:8d:c7:99:c1:4a:
                    e2:17:46:9f:cb:88:66:c6:49:22:26:a4:5c:1e:ef:
                    bd:14:65:bd:ed:f8:12:b1:0b:3b:f4:ac:1f:85:9d:
                    aa:fa:43:24:cd:2d:46:99:8d:ce:7e:38:e5:5c:f0:
                    91:7c:bb:df:6c:f2:6b:bf:0f:df:94:15:7d:8d:09:
                    5e:7c:f3:9a:97:11:16:2b:29:d5:f0:87:91:d3:af:
                    d1:d5:33:35:93:fb:13:a6:0a:31:61:9c:ec:ec:8f:
                    1b:50:18:6f:bb:6f:0b:74:63:be:a3:09:0d:bc:ec:
                    fd:f0:2f:55:9e:3b:e0:7c:6b:c2:ed:01:37:6e:4b:
                    fe:b4:6e:8b:ad:68:e5:20:92:9d:01:d6:2b:58:19:
                    3a:92:57:78:29:04:b2:24:b5:2e:f7:d0:ec:53:bf:
                    c8:df:d5:5b:64:02:81:4f:7d:cc:bb:bf:e7:f7:99:
                    f7:0d:74:78:b1:44:e8:8b:91:32:dc:fc:16:29:5d:
                    14:25:9d:9a:38:d0:1d:b9:35:98:ee:39:f0:da:9c:
                    aa:71:74:32:f3:f2:26:5f:9e:82:4f:b0:dd:b9:fa:
                    5b:21:08:6c:5d:a4:c8:19:79:02:e9:bf:41:8e:4c:
                    ac:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:93:4D:25:07:F8:3D:B9:C0:DF:6E:F1:47:8A:31:30:11:59:5E:B8
            X509v3 Authority Key Identifier:
                keyid:F5:1D:C6:69:DB:59:61:84:D0:BF:94:AA:1E:41:E5:DE:15:9E:8D:A5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91D3D50/15464FD6050111EAAD97252CC4F9AE02/9R3GadtZYYTQv5SqHkHl3hWejaU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9R3GadtZYYTQv5SqHkHl3hWejaU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D3D50/15464FD6050111EAAD97252CC4F9AE02/9R3GadtZYYTQv5SqHkHl3hWejaU.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         b7:34:14:51:7f:b8:e0:57:65:bf:f4:fd:60:f2:c1:94:ff:fc:
         d5:26:49:86:7f:88:5f:14:96:fb:bf:04:f8:e2:47:5d:88:a9:
         f5:b6:a6:5c:fe:28:5f:44:68:4e:dc:18:03:c9:42:92:e6:cc:
         96:cc:a0:d5:6f:b1:11:4a:7e:a9:5f:50:da:d3:20:48:f6:ab:
         95:6f:18:64:5b:e2:8d:2b:c6:48:53:2b:5d:6d:0a:84:7c:9b:
         01:96:6e:aa:7c:b4:66:c0:fa:3a:d4:67:08:0b:1e:ae:7d:9f:
         3c:dc:0d:54:bb:50:b6:10:8f:24:f5:b2:b2:73:31:1e:30:76:
         92:2b:8c:64:50:6a:4b:62:36:24:38:c0:51:d6:65:61:4c:e5:
         f5:fb:5b:ed:4c:9b:e6:72:70:31:a2:3b:4f:97:a6:e4:b3:03:
         31:44:7c:f1:8d:a8:9c:33:31:c7:8b:0b:1f:9b:ea:e5:37:63:
         2a:90:0e:9f:81:da:69:c9:6e:bb:2f:b9:9d:71:4e:e8:25:d4:
         3b:38:0e:5f:9b:36:72:75:b5:90:62:47:c0:e5:21:5b:65:5e:
         42:6b:67:0c:b5:4a:5c:1a:44:88:70:9b:4e:c4:1a:5c:aa:90:
         4a:a5:1f:a1:45:24:6a:35:a2:81:d8:ae:8c:be:17:95:f6:4a:
         7d:5e:e2:05
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICDFwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDNENTAxMTAvBgNVBAUTKEY1MURDNjY5REI1OTYxODREMEJGOTRBQTFFNDFFNURF
MTU5RThEQTUwHhcNMjUwNjEyMTgxNTEyWhcNMjUwNjE5MTgxNTEyWjAYMRYwFAYD
VQQDEw02ODRiMTkzMS1lZDZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoKyjVcHnY55pyJMwjlpQR9Pw7hBQ//YojceZwUriF0afy4hmxkkiJqRcHu+9
FGW97fgSsQs79KwfhZ2q+kMkzS1GmY3OfjjlXPCRfLvfbPJrvw/flBV9jQlefPOa
lxEWKynV8IeR06/R1TM1k/sTpgoxYZzs7I8bUBhvu28LdGO+owkNvOz98C9Vnjvg
fGvC7QE3bkv+tG6LrWjlIJKdAdYrWBk6kld4KQSyJLUu99DsU7/I39VbZAKBT33M
u7/n95n3DXR4sUToi5Ey3PwWKV0UJZ2aONAduTWY7jnw2pyqcXQy8/ImX56CT7Dd
ufpbIQhsXaTIGXkC6b9BjkysrwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFASTTSUH
+D25wN9u8UeKMTARWV64MB8GA1UdIwQYMBaAFPUdxmnbWWGE0L+Uqh5B5d4Vno2l
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEM0Q1MC8xNTQ2NEZENjA1
MDExMUVBQUQ5NzI1MkNDNEY5QUUwMi85UjNHYWR0WllZVFF2NVNxSGtIbDNoV2Vq
YVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzlSM0dhZHRaWVlUUXY1U3FIa0hsM2hXZWphVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
M0Q1MC8xNTQ2NEZENjA1MDExMUVBQUQ5NzI1MkNDNEY5QUUwMi85UjNHYWR0WllZ
VFF2NVNxSGtIbDNoV2VqYVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQC3NBRRf7jgV2W/9P1g8sGU//zVJkmGf4hfFJb7vwT44kddiKn1tqZc
/ihfRGhO3BgDyUKS5syWzKDVb7ERSn6pX1Da0yBI9quVbxhkW+KNK8ZIUytdbQqE
fJsBlm6qfLRmwPo61GcICx6ufZ883A1Uu1C2EI8k9bKyczEeMHaSK4xkUGpLYjYk
OMBR1mVhTOX1+1vtTJvmcnAxojtPl6bkswMxRHzxjaicMzHHiwsfm+rlN2MqkA6f
gdppyW67L7mdcU7oJdQ7OA5fmzZydbWQYkfA5SFbZV5Ca2cMtUpcGkSIcJtOxBpc
qpBKpR+hRSRqNaKB2K6MvheV9kp9XuIF
-----END CERTIFICATE-----
Generated at Fri Jun 13 17:14:10 2025 by rpki-client