Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91D9D8B/5F11E02A7F7511ED8AFBE673C4F9AE02/oZOMkSrC9KlYuT2vj0snIBWw2Ng.mft
File:                     oZOMkSrC9KlYuT2vj0snIBWw2Ng.mft (raw, json)
Hash identifier:          VSsdAX2HSCJxDqiUIMYZ4piKajXCZLHbG55HlUxKJVc=
Subject key identifier:   EE:2B:ED:3D:07:18:93:58:C2:C2:B0:57:45:F4:9C:1B:F5:F8:2A:AF
Authority key identifier: A1:93:8C:91:2A:C2:F4:A9:58:B9:3D:AF:8F:4B:27:20:15:B0:D8:D8
Certificate issuer:       /CN=A91D9D8B/serialNumber=A1938C912AC2F4A958B93DAF8F4B272015B0D8D8
Certificate serial:       01D5
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oZOMkSrC9KlYuT2vj0snIBWw2Ng.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91D9D8B/5F11E02A7F7511ED8AFBE673C4F9AE02/oZOMkSrC9KlYuT2vj0snIBWw2Ng.mft
Manifest number:          01D0
Signing time:             Mon 09 Jun 2025 02:01:03 +0000
Manifest this update:     Mon 09 Jun 2025 02:01:01 +0000
Manifest next update:     Mon 16 Jun 2025 02:01:01 +0000
Files and hashes:         1: oZOMkSrC9KlYuT2vj0snIBWw2Ng.crl (hash: qj+tM/W9EyPXNoqh3GrY94HInvfPDwzhhgD7K+vKJKA=)
                          2: 95C4C7AA7F7911ED9C1EAE19C4F9AE02.roa (hash: KfdVVRr1UwfhsTtUMM0Ph6w9qtVR9qcrLdXdVzGndCs=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91D9D8B/5F11E02A7F7511ED8AFBE673C4F9AE02/oZOMkSrC9KlYuT2vj0snIBWw2Ng.crl
                          rsync://rpki.apnic.net/member_repository/A91D9D8B/5F11E02A7F7511ED8AFBE673C4F9AE02/oZOMkSrC9KlYuT2vj0snIBWw2Ng.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oZOMkSrC9KlYuT2vj0snIBWw2Ng.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 16 Jun 2025 02:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 469 (0x1d5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D9D8B, serialNumber=A1938C912AC2F4A958B93DAF8F4B272015B0D8D8
        Validity
            Not Before: Jun  9 02:01:01 2025 GMT
            Not After : Jun 16 02:01:01 2025 GMT
        Subject: CN=6846405f-7737
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:58:2c:63:16:3d:62:c8:e2:57:a5:77:ef:e5:
                    76:c0:43:e7:95:0b:50:55:04:97:f1:61:61:70:64:
                    14:6d:0f:ae:c3:ce:76:e5:f8:58:0e:cd:d0:2f:ff:
                    47:d7:bc:52:96:14:cf:1f:e4:df:44:3d:2d:96:d4:
                    92:a7:35:ee:c9:5f:4c:36:ba:1a:65:d5:ec:80:1e:
                    86:83:78:08:0c:b8:f0:dc:0c:d0:a5:44:85:cf:b0:
                    1b:c8:a1:0c:84:02:16:46:af:b8:f4:3e:df:d1:3e:
                    7d:48:16:c7:e1:49:78:6e:8d:0f:56:a0:70:6c:8b:
                    e9:f1:8b:91:33:22:35:fb:e5:12:72:c2:26:a5:a8:
                    f5:22:85:2c:74:fa:7b:48:c0:cc:76:ea:8d:c3:00:
                    f5:09:c1:6b:d9:1e:9d:1e:7a:64:b4:f3:45:fd:b1:
                    50:22:7e:f9:94:eb:d8:d4:ab:57:0d:b4:2e:eb:35:
                    bb:62:1c:8d:47:89:8a:c6:85:87:f5:15:b0:0a:8b:
                    74:b7:36:f0:9e:e2:4a:a3:bd:37:3c:e3:06:10:8b:
                    5b:74:14:fd:16:af:93:15:70:5a:da:43:88:05:33:
                    22:9a:7c:87:7c:10:fb:c6:2f:1c:25:af:6e:65:f3:
                    5a:f5:2c:52:5b:1d:0f:bc:1d:16:68:a1:6b:51:fc:
                    b4:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:2B:ED:3D:07:18:93:58:C2:C2:B0:57:45:F4:9C:1B:F5:F8:2A:AF
            X509v3 Authority Key Identifier:
                keyid:A1:93:8C:91:2A:C2:F4:A9:58:B9:3D:AF:8F:4B:27:20:15:B0:D8:D8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91D9D8B/5F11E02A7F7511ED8AFBE673C4F9AE02/oZOMkSrC9KlYuT2vj0snIBWw2Ng.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oZOMkSrC9KlYuT2vj0snIBWw2Ng.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D9D8B/5F11E02A7F7511ED8AFBE673C4F9AE02/oZOMkSrC9KlYuT2vj0snIBWw2Ng.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:c4:70:39:43:35:3a:9d:0e:e6:c2:f5:31:a0:b6:a2:ca:4a:
         a1:68:4c:22:ce:ce:10:88:b2:cc:55:7c:1d:bd:e4:d1:8f:5e:
         88:c0:1e:e3:4c:61:0e:79:a6:e5:e9:90:81:82:31:c8:17:55:
         74:96:50:33:af:39:dc:cb:2b:14:b4:e9:89:d6:c8:8b:0d:56:
         49:6e:03:11:2e:a6:99:06:94:b9:0c:59:94:ed:75:05:00:f6:
         44:3d:7f:d8:be:85:04:66:4a:df:65:d8:d3:1a:ca:96:73:29:
         c4:1f:a1:b6:87:be:fe:cb:af:ae:da:74:0c:49:9d:34:2d:19:
         14:b7:f9:e5:97:ac:be:ee:70:f2:c4:f2:79:02:2d:89:22:9c:
         7c:50:f8:96:90:32:22:9a:42:f1:ac:e9:94:fa:85:fd:e9:ba:
         eb:e7:e8:92:85:e4:4b:ee:b0:ad:0a:6e:f9:35:24:b9:25:70:
         3a:83:2b:b0:8a:2b:63:62:e1:cd:15:67:5e:73:35:0b:6e:de:
         6d:1b:83:ba:30:c4:a3:e0:52:09:b5:f9:cf:b2:79:ed:34:8c:
         af:fd:9b:2a:32:f0:59:43:d4:f2:47:89:7f:54:90:9c:c1:02:
         db:0f:a4:1f:7e:dc:c7:74:2b:4c:9c:9e:df:69:87:33:08:ec:
         03:39:e6:83
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAdUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDlEOEIxMTAvBgNVBAUTKEExOTM4QzkxMkFDMkY0QTk1OEI5M0RBRjhGNEIyNzIw
MTVCMEQ4RDgwHhcNMjUwNjA5MDIwMTAxWhcNMjUwNjE2MDIwMTAxWjAYMRYwFAYD
VQQDEw02ODQ2NDA1Zi03NzM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApVgsYxY9YsjiV6V37+V2wEPnlQtQVQSX8WFhcGQUbQ+uw8525fhYDs3QL/9H
17xSlhTPH+TfRD0tltSSpzXuyV9MNroaZdXsgB6Gg3gIDLjw3AzQpUSFz7AbyKEM
hAIWRq+49D7f0T59SBbH4Ul4bo0PVqBwbIvp8YuRMyI1++UScsImpaj1IoUsdPp7
SMDMduqNwwD1CcFr2R6dHnpktPNF/bFQIn75lOvY1KtXDbQu6zW7YhyNR4mKxoWH
9RWwCot0tzbwnuJKo703POMGEItbdBT9Fq+TFXBa2kOIBTMimnyHfBD7xi8cJa9u
ZfNa9SxSWx0PvB0WaKFrUfy0jwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFO4r7T0H
GJNYwsKwV0X0nBv1+CqvMB8GA1UdIwQYMBaAFKGTjJEqwvSpWLk9r49LJyAVsNjY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOUQ4Qi81RjExRTAyQTdG
NzUxMUVEOEFGQkU2NzNDNEY5QUUwMi9vWk9Na1NyQzlLbFl1VDJ2ajBzbklCV3cy
TmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29aT01rU3JDOUtsWXVUMnZqMHNuSUJXdzJOZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
OUQ4Qi81RjExRTAyQTdGNzUxMUVEOEFGQkU2NzNDNEY5QUUwMi9vWk9Na1NyQzlL
bFl1VDJ2ajBzbklCV3cyTmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQALxHA5QzU6nQ7mwvUxoLaiykqhaEwizs4QiLLMVXwdveTRj16IwB7j
TGEOeabl6ZCBgjHIF1V0llAzrzncyysUtOmJ1siLDVZJbgMRLqaZBpS5DFmU7XUF
APZEPX/YvoUEZkrfZdjTGsqWcynEH6G2h77+y6+u2nQMSZ00LRkUt/nll6y+7nDy
xPJ5Ai2JIpx8UPiWkDIimkLxrOmU+oX96brr5+iSheRL7rCtCm75NSS5JXA6gyuw
iitjYuHNFWdeczULbt5tG4O6MMSj4FIJtfnPsnntNIyv/ZsqMvBZQ9TyR4l/VJCc
wQLbD6QfftzHdCtMnJ7faYczCOwDOeaD
-----END CERTIFICATE-----
Generated at Mon Jun 9 19:12:24 2025 by rpki-client