Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.mft
File:                     MnDzrNlx7t-EYXVI9y5R4ipQPPg.mft (raw, json)
Hash identifier:          YK519ItPXz9pZoiPQWZdeiEpVDS3c/ffzYTnrsLndKA=
Subject key identifier:   B4:89:3C:5F:15:70:E0:AB:90:4D:F5:0E:D2:7D:55:1B:67:6A:E1:4F
Authority key identifier: 32:70:F3:AC:D9:71:EE:DF:84:61:75:48:F7:2E:51:E2:2A:50:3C:F8
Certificate issuer:       /CN=A91DA023/serialNumber=3270F3ACD971EEDF84617548F72E51E22A503CF8
Certificate serial:       3485
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.mft
Manifest number:          3485
Signing time:             Sun 08 Jun 2025 15:02:50 +0000
Manifest this update:     Sun 08 Jun 2025 15:02:49 +0000
Manifest next update:     Sun 15 Jun 2025 15:02:49 +0000
Files and hashes:         1: MnDzrNlx7t-EYXVI9y5R4ipQPPg.crl (hash: vI+sGyl4FVGeaWgIMC2yyqfiP7Yq4i/3E1qdmb81Z8U=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.crl
                          rsync://rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 15 Jun 2025 15:02:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13445 (0x3485)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91DA023, serialNumber=3270F3ACD971EEDF84617548F72E51E22A503CF8
        Validity
            Not Before: Jun  8 15:02:49 2025 GMT
            Not After : Jun 15 15:02:49 2025 GMT
        Subject: CN=6845a61a-83c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:85:bf:9e:cc:81:a3:30:56:c6:45:d4:0e:5b:
                    66:98:28:1f:22:0e:66:26:aa:20:8e:0d:46:aa:93:
                    35:85:5c:cc:07:55:f0:64:43:32:76:51:68:fd:f8:
                    0e:3d:39:ff:48:1f:8c:46:0b:39:8b:43:ce:92:88:
                    0c:ff:d8:03:1b:b6:d3:c0:53:35:54:16:8f:1b:f8:
                    da:a5:f0:24:ca:75:c0:6a:37:a5:98:f5:03:63:91:
                    aa:db:d7:40:b0:52:ee:4f:6c:ba:13:12:cb:20:d2:
                    05:95:35:38:22:55:73:2d:f6:66:01:6a:59:4a:8b:
                    3f:c3:e3:be:66:54:b3:22:58:0c:fa:25:99:6f:d8:
                    c2:8a:1c:ee:9b:96:d8:c4:da:0a:5f:34:eb:2f:82:
                    05:d7:71:73:9a:ba:5d:cb:f8:31:3c:fe:72:61:38:
                    08:fe:b0:16:12:1c:ac:8a:f2:d5:c0:60:fd:f0:11:
                    7f:e7:e2:2c:31:a9:04:58:40:b3:f8:7d:5b:86:d9:
                    1a:1a:1d:c7:26:e9:be:9f:b1:e9:af:5d:90:93:0c:
                    80:59:0a:42:37:08:0a:c9:89:7b:53:ab:13:82:a7:
                    90:e2:f1:51:be:52:5d:5a:b6:f4:43:a0:70:b5:cf:
                    37:a9:c9:8e:56:3e:36:ef:97:fa:e4:b3:8c:2f:85:
                    5d:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:89:3C:5F:15:70:E0:AB:90:4D:F5:0E:D2:7D:55:1B:67:6A:E1:4F
            X509v3 Authority Key Identifier:
                keyid:32:70:F3:AC:D9:71:EE:DF:84:61:75:48:F7:2E:51:E2:2A:50:3C:F8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:e9:07:6c:2f:a1:ca:13:e3:17:13:f5:d9:3d:2f:f1:ae:09:
         13:7d:ef:3a:31:99:04:e0:14:80:70:4e:33:0a:ca:e3:3a:3e:
         99:67:45:ee:0e:12:f2:f7:e8:90:2f:20:f4:e6:11:ae:b1:75:
         85:f0:7b:33:42:fd:e8:05:27:cd:e5:64:23:35:35:1e:e6:eb:
         69:6e:0e:34:f3:d8:49:ae:43:57:6d:ac:5a:17:45:b4:ed:70:
         cf:9e:5f:d0:1d:64:ff:c8:df:62:5a:6f:e8:3d:c2:13:fa:30:
         2a:9a:9d:55:54:6a:e6:3d:fb:de:ad:6e:19:e1:60:14:71:1b:
         c8:4b:4e:0e:5d:e7:31:53:bd:5b:07:92:c8:b7:e0:0e:c6:b2:
         4d:3a:fc:4a:ea:85:b0:4e:af:6e:43:7c:80:43:3b:7a:74:c3:
         e9:8e:a1:50:0e:53:0e:29:51:45:53:49:a6:86:06:e4:19:2d:
         d1:db:38:7b:e7:d9:35:b8:b1:87:b2:a5:e3:50:42:23:0c:53:
         54:a3:cb:51:43:75:89:c9:32:ed:01:55:52:a6:65:0f:e6:33:
         b2:47:a7:38:e7:54:fe:11:16:6c:62:24:20:b6:35:88:f0:43:
         7d:a4:a9:87:89:43:2e:8b:85:d1:af:b4:84:f1:32:56:76:1c:
         84:dc:9f:83
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICNIUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REEwMjMxMTAvBgNVBAUTKDMyNzBGM0FDRDk3MUVFREY4NDYxNzU0OEY3MkU1MUUy
MkE1MDNDRjgwHhcNMjUwNjA4MTUwMjQ5WhcNMjUwNjE1MTUwMjQ5WjAYMRYwFAYD
VQQDEw02ODQ1YTYxYS04M2M1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuYW/nsyBozBWxkXUDltmmCgfIg5mJqogjg1GqpM1hVzMB1XwZEMydlFo/fgO
PTn/SB+MRgs5i0POkogM/9gDG7bTwFM1VBaPG/japfAkynXAajelmPUDY5Gq29dA
sFLuT2y6ExLLINIFlTU4IlVzLfZmAWpZSos/w+O+ZlSzIlgM+iWZb9jCihzum5bY
xNoKXzTrL4IF13Fzmrpdy/gxPP5yYTgI/rAWEhysivLVwGD98BF/5+IsMakEWECz
+H1bhtkaGh3HJum+n7Hpr12QkwyAWQpCNwgKyYl7U6sTgqeQ4vFRvlJdWrb0Q6Bw
tc83qcmOVj4275f65LOML4VdFQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLSJPF8V
cOCrkE31DtJ9VRtnauFPMB8GA1UdIwQYMBaAFDJw86zZce7fhGF1SPcuUeIqUDz4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQTAyMy82RjE3MkRGMDFE
QTAxMUUyQTFDM0E2OTEwOEIwMkNEMi9NbkR6ck5seDd0LUVZWFZJOXk1UjRpcFFQ
UGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01uRHpyTmx4N3QtRVlYVkk5eTVSNGlwUVBQZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
QTAyMy82RjE3MkRGMDFEQTAxMUUyQTFDM0E2OTEwOEIwMkNEMi9NbkR6ck5seDd0
LUVZWFZJOXk1UjRpcFFQUGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCC6QdsL6HKE+MXE/XZPS/xrgkTfe86MZkE4BSAcE4zCsrjOj6ZZ0Xu
DhLy9+iQLyD05hGusXWF8HszQv3oBSfN5WQjNTUe5utpbg4089hJrkNXbaxaF0W0
7XDPnl/QHWT/yN9iWm/oPcIT+jAqmp1VVGrmPfverW4Z4WAUcRvIS04OXecxU71b
B5LIt+AOxrJNOvxK6oWwTq9uQ3yAQzt6dMPpjqFQDlMOKVFFU0mmhgbkGS3R2zh7
59k1uLGHsqXjUEIjDFNUo8tRQ3WJyTLtAVVSpmUP5jOyR6c451T+ERZsYiQgtjWI
8EN9pKmHiUMui4XRr7SE8TJWdhyE3J+D
-----END CERTIFICATE-----
Generated at Mon Jun 9 08:23:54 2025 by rpki-client