Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91D7454/79C61E7C08EB11E9AF8BCD23C4F9AE02/MxG_l-IbcmqcAFa75KhbH38pXzU.mft
File:                     MxG_l-IbcmqcAFa75KhbH38pXzU.mft (raw, json)
Hash identifier:          GNxN0FBU8ZuJeHEXuS8ll4yNPlQ79p2qCZJXKRq4qZs=
Subject key identifier:   54:66:40:B6:75:00:78:66:5A:9C:B0:B1:C7:69:C3:3E:7C:01:16:B4
Authority key identifier: 33:11:BF:97:E2:1B:72:6A:9C:00:56:BB:E4:A8:5B:1F:7F:29:5F:35
Certificate issuer:       /CN=A91D7454/serialNumber=3311BF97E21B726A9C0056BBE4A85B1F7F295F35
Certificate serial:       115C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MxG_l-IbcmqcAFa75KhbH38pXzU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91D7454/79C61E7C08EB11E9AF8BCD23C4F9AE02/MxG_l-IbcmqcAFa75KhbH38pXzU.mft
Manifest number:          1150
Signing time:             Thu 12 Jun 2025 17:10:41 +0000
Manifest this update:     Thu 12 Jun 2025 17:10:40 +0000
Manifest next update:     Thu 19 Jun 2025 17:10:40 +0000
Files and hashes:         1: MxG_l-IbcmqcAFa75KhbH38pXzU.crl (hash: ua+wCFSnr7FvzKCqvGnLAk/5VZ2i29V6APXZSNPVF4k=)
                          2: 51273D9A08EE11E99E30172AC4F9AE02.roa (hash: w5Wibqq/9uZKFdplDNzWfbo2U0mV8bZOoGj0UNzkyfo=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91D7454/79C61E7C08EB11E9AF8BCD23C4F9AE02/MxG_l-IbcmqcAFa75KhbH38pXzU.crl
                          rsync://rpki.apnic.net/member_repository/A91D7454/79C61E7C08EB11E9AF8BCD23C4F9AE02/MxG_l-IbcmqcAFa75KhbH38pXzU.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MxG_l-IbcmqcAFa75KhbH38pXzU.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 19 Jun 2025 17:10:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4444 (0x115c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D7454, serialNumber=3311BF97E21B726A9C0056BBE4A85B1F7F295F35
        Validity
            Not Before: Jun 12 17:10:40 2025 GMT
            Not After : Jun 19 17:10:40 2025 GMT
        Subject: CN=684b0a11-3940
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:21:df:c4:b9:1a:cf:92:2e:be:c0:b5:60:5a:
                    cb:00:88:95:a3:8e:07:ea:2a:e7:7d:b5:34:d6:b8:
                    a8:00:af:b2:5a:86:54:6c:22:1a:46:8d:1f:1d:50:
                    47:b3:ce:43:1c:d7:f2:66:80:bc:9a:a2:61:26:3a:
                    9a:3a:5f:8b:b6:9c:c5:f7:f0:1e:55:91:9e:65:5e:
                    09:00:3c:45:39:b0:17:b9:37:8e:87:2a:39:56:a3:
                    ed:92:ba:69:95:65:f6:63:63:d6:0d:29:5b:5b:21:
                    9a:c3:44:8b:0a:87:2e:f4:87:f8:4d:89:0d:45:6c:
                    96:70:9c:f9:cb:b6:0e:f9:0f:b7:b4:23:d7:fc:c2:
                    52:47:e9:18:0a:9e:e9:89:e3:c1:db:0a:fc:c3:e8:
                    a0:6f:e5:0c:fd:7a:7a:4c:f5:23:df:eb:1e:c4:12:
                    63:61:1d:65:22:ba:2b:d0:18:36:ab:7f:a7:11:fb:
                    fe:20:e3:e8:36:cc:f4:8f:d2:b6:70:de:2a:89:9f:
                    59:ed:fd:3c:9d:11:54:df:03:6f:03:f6:0e:b6:7c:
                    67:48:a7:0a:9b:81:66:b1:13:eb:89:3c:b3:77:da:
                    04:71:31:1a:1f:91:aa:38:fb:27:fb:9a:cb:03:d3:
                    96:cf:9c:39:8c:f1:86:9d:e5:58:69:44:21:f2:2c:
                    90:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:66:40:B6:75:00:78:66:5A:9C:B0:B1:C7:69:C3:3E:7C:01:16:B4
            X509v3 Authority Key Identifier:
                keyid:33:11:BF:97:E2:1B:72:6A:9C:00:56:BB:E4:A8:5B:1F:7F:29:5F:35

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91D7454/79C61E7C08EB11E9AF8BCD23C4F9AE02/MxG_l-IbcmqcAFa75KhbH38pXzU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MxG_l-IbcmqcAFa75KhbH38pXzU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D7454/79C61E7C08EB11E9AF8BCD23C4F9AE02/MxG_l-IbcmqcAFa75KhbH38pXzU.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:e5:1c:29:e6:50:18:18:19:69:8c:dd:52:1c:dc:bd:1b:4b:
         52:1d:97:b8:91:05:33:80:35:86:2c:cd:52:d9:e8:6f:17:67:
         aa:06:c3:a0:6a:9a:76:cc:7f:7e:de:93:7c:8f:5b:da:19:93:
         af:d9:47:9a:64:86:aa:45:b7:08:75:2c:60:81:75:bf:63:77:
         9c:42:c7:d9:ff:3f:a9:c3:0e:24:8d:26:a4:05:bc:16:e5:a7:
         11:f4:d2:f1:58:f8:87:94:49:5a:7c:ac:eb:05:1c:50:57:09:
         b5:a1:77:9c:40:58:99:29:25:d9:77:21:e7:61:fe:e6:96:22:
         e3:d0:95:3d:6a:14:ec:36:6c:3b:1b:88:45:52:d6:48:b1:28:
         bb:5d:53:d9:3a:1d:8e:04:df:b4:74:28:a3:58:b0:9a:3f:42:
         42:da:4f:fc:df:a4:04:83:4e:53:79:52:9c:fe:8c:30:bc:a9:
         c0:f5:b5:2b:20:bb:41:04:ef:77:e6:7d:42:3d:9e:9e:95:21:
         43:64:53:9a:fe:1a:6e:39:fa:05:17:19:e9:16:32:6b:0e:2f:
         55:5e:5a:b4:f1:5f:d1:6a:9a:02:1f:31:80:00:c9:3d:49:73:
         28:8c:2d:fb:7a:59:73:67:22:27:19:15:e9:99:eb:81:48:d1:
         79:95:f4:27
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICEVwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDc0NTQxMTAvBgNVBAUTKDMzMTFCRjk3RTIxQjcyNkE5QzAwNTZCQkU0QTg1QjFG
N0YyOTVGMzUwHhcNMjUwNjEyMTcxMDQwWhcNMjUwNjE5MTcxMDQwWjAYMRYwFAYD
VQQDEw02ODRiMGExMS0zOTQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnyHfxLkaz5IuvsC1YFrLAIiVo44H6irnfbU01rioAK+yWoZUbCIaRo0fHVBH
s85DHNfyZoC8mqJhJjqaOl+LtpzF9/AeVZGeZV4JADxFObAXuTeOhyo5VqPtkrpp
lWX2Y2PWDSlbWyGaw0SLCocu9If4TYkNRWyWcJz5y7YO+Q+3tCPX/MJSR+kYCp7p
iePB2wr8w+igb+UM/Xp6TPUj3+sexBJjYR1lIror0Bg2q3+nEfv+IOPoNsz0j9K2
cN4qiZ9Z7f08nRFU3wNvA/YOtnxnSKcKm4FmsRPriTyzd9oEcTEaH5GqOPsn+5rL
A9OWz5w5jPGGneVYaUQh8iyQ8wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFRmQLZ1
AHhmWpywscdpwz58ARa0MB8GA1UdIwQYMBaAFDMRv5fiG3JqnABWu+SoWx9/KV81
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENzQ1NC83OUM2MUU3QzA4
RUIxMUU5QUY4QkNEMjNDNEY5QUUwMi9NeEdfbC1JYmNtcWNBRmE3NUtoYkgzOHBY
elUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL014R19sLUliY21xY0FGYTc1S2hiSDM4cFh6VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
NzQ1NC83OUM2MUU3QzA4RUIxMUU5QUY4QkNEMjNDNEY5QUUwMi9NeEdfbC1JYmNt
cWNBRmE3NUtoYkgzOHBYelUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCJ5Rwp5lAYGBlpjN1SHNy9G0tSHZe4kQUzgDWGLM1S2ehvF2eqBsOg
app2zH9+3pN8j1vaGZOv2UeaZIaqRbcIdSxggXW/Y3ecQsfZ/z+pww4kjSakBbwW
5acR9NLxWPiHlElafKzrBRxQVwm1oXecQFiZKSXZdyHnYf7mliLj0JU9ahTsNmw7
G4hFUtZIsSi7XVPZOh2OBN+0dCijWLCaP0JC2k/836QEg05TeVKc/owwvKnA9bUr
ILtBBO935n1CPZ6elSFDZFOa/hpuOfoFFxnpFjJrDi9VXlq08V/RapoCHzGAAMk9
SXMojC37ellzZyInGRXpmeuBSNF5lfQn
-----END CERTIFICATE-----
Generated at Fri Jun 13 07:53:51 2025 by rpki-client