Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.mft
File:                     MnDzrNlx7t-EYXVI9y5R4ipQPPg.mft (raw, json)
Hash identifier:          078I/F4iI3fxYDr1DL8gpE6Ay0YSZDWzOh/Y1GGkvzk=
Subject key identifier:   DD:3A:4A:B4:B0:E3:E1:08:D6:E5:5A:2F:38:AC:7A:B9:D4:D6:F3:47
Authority key identifier: 32:70:F3:AC:D9:71:EE:DF:84:61:75:48:F7:2E:51:E2:2A:50:3C:F8
Certificate issuer:       /CN=A91DA023/serialNumber=3270F3ACD971EEDF84617548F72E51E22A503CF8
Certificate serial:       3486
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.mft
Manifest number:          3486
Signing time:             Tue 10 Jun 2025 15:02:33 +0000
Manifest this update:     Tue 10 Jun 2025 15:02:33 +0000
Manifest next update:     Tue 17 Jun 2025 15:02:33 +0000
Files and hashes:         1: MnDzrNlx7t-EYXVI9y5R4ipQPPg.crl (hash: OEyJQ36TwEnr8i9iy3PZX0JxyrEKv7Nkgp6T9OQ3CM4=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.crl
                          rsync://rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 17 Jun 2025 15:02:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13446 (0x3486)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91DA023, serialNumber=3270F3ACD971EEDF84617548F72E51E22A503CF8
        Validity
            Not Before: Jun 10 15:02:33 2025 GMT
            Not After : Jun 17 15:02:33 2025 GMT
        Subject: CN=68484909-763c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:df:53:64:6a:e0:8b:03:37:cf:01:58:f7:ba:
                    91:27:67:42:f3:9e:03:b9:63:01:46:f5:9c:cb:03:
                    e5:a5:fd:98:7f:5f:33:98:4e:2b:51:aa:af:f7:a7:
                    f7:34:8c:16:e8:00:2a:67:46:2e:c6:2f:16:06:87:
                    10:07:36:35:3e:7d:8f:1d:a4:31:66:7b:65:36:14:
                    0e:16:58:23:94:4a:e4:5d:1c:85:16:8c:cd:12:7c:
                    57:fe:c7:31:e2:c3:c7:93:3b:7a:e4:97:e3:0e:36:
                    66:d0:c4:26:ae:69:a8:be:3d:0e:a7:14:a2:9e:df:
                    42:6d:74:a4:db:bb:ac:c5:41:16:bb:47:23:0d:f7:
                    2f:08:04:27:4a:ef:1e:f5:bc:a6:7b:be:f3:96:12:
                    29:72:e8:33:d1:94:70:85:f9:cd:3b:96:b9:07:2e:
                    e7:3b:85:30:89:86:ab:84:58:c9:a4:34:a9:10:7c:
                    b9:f4:07:d0:ce:56:b8:b6:db:61:fd:17:32:34:5b:
                    5b:e7:8b:95:c5:cb:c9:bc:b3:02:29:bc:5e:3d:98:
                    51:15:43:84:20:60:1c:9d:69:f0:bf:e0:43:d0:88:
                    c9:33:b6:95:2c:70:7a:ef:b5:56:d1:65:55:5e:06:
                    ec:92:39:a8:56:8b:3d:d1:83:7d:df:03:1c:09:33:
                    45:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:3A:4A:B4:B0:E3:E1:08:D6:E5:5A:2F:38:AC:7A:B9:D4:D6:F3:47
            X509v3 Authority Key Identifier:
                keyid:32:70:F3:AC:D9:71:EE:DF:84:61:75:48:F7:2E:51:E2:2A:50:3C:F8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:97:0e:bd:61:e5:ee:43:c4:43:d9:a8:72:04:26:45:eb:12:
         96:87:a6:58:ed:00:8b:3c:65:d3:f6:18:8b:66:4d:db:74:20:
         8e:d0:b4:e2:26:18:c7:db:f2:5d:0d:89:23:da:05:cf:d2:e3:
         38:f0:3b:df:45:01:59:32:49:a7:16:44:36:5b:08:04:57:39:
         9e:b1:89:ed:e2:49:e1:7d:1c:04:b2:78:21:aa:1a:26:56:af:
         c6:8f:67:97:18:c2:3c:97:70:7a:bb:c1:39:c5:16:17:33:37:
         bf:d5:13:a2:67:4a:22:cc:ed:fa:c6:b7:ca:46:e2:f0:29:29:
         90:50:56:36:55:6b:c5:51:23:76:35:bc:35:f5:cf:8d:a7:50:
         4e:b9:91:aa:09:ee:b6:3e:f4:18:7e:67:06:c2:bf:6c:46:86:
         18:60:ca:fa:94:f4:d6:af:82:08:e8:ee:b4:b4:38:d8:bb:95:
         00:fe:fb:36:bc:ee:e9:6e:70:6b:7b:e5:8a:66:93:41:23:ac:
         9b:92:18:34:30:0a:d2:97:b4:1b:0b:22:c5:5d:14:1e:db:8f:
         a8:03:d5:7d:1d:fc:34:0f:63:7e:01:b2:ce:3f:d2:0a:e6:1b:
         fe:69:88:60:97:6d:fa:f2:6b:30:cb:74:60:56:4a:da:69:7b:
         f8:71:98:34
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICNIYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REEwMjMxMTAvBgNVBAUTKDMyNzBGM0FDRDk3MUVFREY4NDYxNzU0OEY3MkU1MUUy
MkE1MDNDRjgwHhcNMjUwNjEwMTUwMjMzWhcNMjUwNjE3MTUwMjMzWjAYMRYwFAYD
VQQDEw02ODQ4NDkwOS03NjNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA599TZGrgiwM3zwFY97qRJ2dC854DuWMBRvWcywPlpf2Yf18zmE4rUaqv96f3
NIwW6AAqZ0Yuxi8WBocQBzY1Pn2PHaQxZntlNhQOFlgjlErkXRyFFozNEnxX/scx
4sPHkzt65JfjDjZm0MQmrmmovj0OpxSint9CbXSk27usxUEWu0cjDfcvCAQnSu8e
9byme77zlhIpcugz0ZRwhfnNO5a5By7nO4UwiYarhFjJpDSpEHy59AfQzla4ttth
/RcyNFtb54uVxcvJvLMCKbxePZhRFUOEIGAcnWnwv+BD0IjJM7aVLHB677VW0WVV
XgbskjmoVos90YN93wMcCTNFHwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFN06SrSw
4+EI1uVaLzisernU1vNHMB8GA1UdIwQYMBaAFDJw86zZce7fhGF1SPcuUeIqUDz4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQTAyMy82RjE3MkRGMDFE
QTAxMUUyQTFDM0E2OTEwOEIwMkNEMi9NbkR6ck5seDd0LUVZWFZJOXk1UjRpcFFQ
UGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01uRHpyTmx4N3QtRVlYVkk5eTVSNGlwUVBQZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
QTAyMy82RjE3MkRGMDFEQTAxMUUyQTFDM0E2OTEwOEIwMkNEMi9NbkR6ck5seDd0
LUVZWFZJOXk1UjRpcFFQUGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCBlw69YeXuQ8RD2ahyBCZF6xKWh6ZY7QCLPGXT9hiLZk3bdCCO0LTi
JhjH2/JdDYkj2gXP0uM48DvfRQFZMkmnFkQ2WwgEVzmesYnt4knhfRwEsnghqhom
Vq/Gj2eXGMI8l3B6u8E5xRYXMze/1ROiZ0oizO36xrfKRuLwKSmQUFY2VWvFUSN2
Nbw19c+Np1BOuZGqCe62PvQYfmcGwr9sRoYYYMr6lPTWr4II6O60tDjYu5UA/vs2
vO7pbnBre+WKZpNBI6ybkhg0MArSl7QbCyLFXRQe24+oA9V9Hfw0D2N+AbLOP9IK
5hv+aYhgl2368mswy3RgVkraaXv4cZg0
-----END CERTIFICATE-----
Generated at Wed Jun 11 11:09:13 2025 by rpki-client