Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91DA590/9510E86AC07B11EC987B847FC4F9AE02/IAAAWsWhdEBL07_CmUMyPpYGJbk.mft
File:                     IAAAWsWhdEBL07_CmUMyPpYGJbk.mft (raw, json)
Hash identifier:          VcuDwjN/mDui3vArlppzK6mCiqnjbalOpKPi2fafOSc=
Subject key identifier:   69:01:4E:20:B0:B1:D5:D0:79:F7:3E:21:FF:C0:2C:3D:DB:8A:80:74
Authority key identifier: 20:00:00:5A:C5:A1:74:40:4B:D3:BF:C2:99:43:32:3E:96:06:25:B9
Certificate issuer:       /CN=A91DA590/serialNumber=2000005AC5A174404BD3BFC29943323E960625B9
Certificate serial:       02E8
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IAAAWsWhdEBL07_CmUMyPpYGJbk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91DA590/9510E86AC07B11EC987B847FC4F9AE02/IAAAWsWhdEBL07_CmUMyPpYGJbk.mft
Manifest number:          02E1
Signing time:             Sat 23 Nov 2024 00:53:48 +0000
Manifest this update:     Sat 23 Nov 2024 00:53:47 +0000
Manifest next update:     Sat 30 Nov 2024 00:53:47 +0000
Files and hashes:         1: IAAAWsWhdEBL07_CmUMyPpYGJbk.crl (hash: +HM3xvyAr1ZgIn3w8O9Yf+mVBz8cSyJo+//d/in7fT0=)
                          2: 09E46A74C07F11ECB0707F18C4F9AE02.roa (hash: fKQvUorpCo1+t6j4CpNdFsIqffZ/KOuD0j+HaDJA0Es=)

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91DA590/9510E86AC07B11EC987B847FC4F9AE02/IAAAWsWhdEBL07_CmUMyPpYGJbk.crl
                          rsync://rpki.apnic.net/member_repository/A91DA590/9510E86AC07B11EC987B847FC4F9AE02/IAAAWsWhdEBL07_CmUMyPpYGJbk.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IAAAWsWhdEBL07_CmUMyPpYGJbk.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 20:43:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 744 (0x2e8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91DA590/serialNumber=2000005AC5A174404BD3BFC29943323E960625B9
        Validity
            Not Before: Nov 23 00:53:47 2024 GMT
            Not After : Nov 30 00:53:47 2024 GMT
        Subject: CN=6741279b-3f87
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:34:3c:3b:d5:dc:4d:2b:5e:1b:18:37:86:9f:
                    e6:e2:76:d9:2c:3e:5a:d5:54:fe:fc:9a:25:23:25:
                    0b:3a:66:72:bb:3d:a3:e6:8a:e4:9c:99:77:64:80:
                    61:ad:66:b4:b2:67:3b:4f:6d:52:68:40:0c:34:05:
                    82:e3:d5:5b:22:f4:42:3d:80:09:c7:be:a2:32:e6:
                    14:7b:38:26:d2:73:1e:26:c0:9f:95:91:c2:0a:a9:
                    10:66:ae:47:f0:e8:59:b9:20:92:5a:52:94:d5:35:
                    23:a4:42:e5:1b:61:12:3b:0d:6f:cc:1b:01:c9:c5:
                    ec:ae:38:30:48:85:34:73:5d:1c:ea:91:32:b0:a6:
                    93:12:20:b6:0f:11:25:a2:b7:47:ab:c3:26:88:c4:
                    05:45:9f:53:87:53:2d:23:c9:a9:5b:a8:9e:d7:65:
                    55:de:2d:98:17:b0:74:69:85:5a:c5:43:b7:de:57:
                    53:00:b8:70:31:61:ac:f6:0a:2d:7c:b4:77:cc:48:
                    bf:ac:91:20:7e:b5:ab:1a:80:d4:1d:d6:e5:b2:28:
                    87:6c:39:56:6a:62:4b:bd:33:c6:48:42:0e:37:a7:
                    8b:f9:a6:12:fc:05:d4:20:77:55:4d:14:35:b4:7c:
                    4c:bf:ad:1c:c1:48:b0:ab:7a:97:02:64:bb:71:1f:
                    65:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:01:4E:20:B0:B1:D5:D0:79:F7:3E:21:FF:C0:2C:3D:DB:8A:80:74
            X509v3 Authority Key Identifier:
                keyid:20:00:00:5A:C5:A1:74:40:4B:D3:BF:C2:99:43:32:3E:96:06:25:B9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91DA590/9510E86AC07B11EC987B847FC4F9AE02/IAAAWsWhdEBL07_CmUMyPpYGJbk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IAAAWsWhdEBL07_CmUMyPpYGJbk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DA590/9510E86AC07B11EC987B847FC4F9AE02/IAAAWsWhdEBL07_CmUMyPpYGJbk.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:ab:c4:eb:1f:3a:28:ed:71:59:2b:31:02:40:34:54:50:c1:
         22:64:44:ed:c4:4a:e0:00:0f:41:f5:2f:b2:fa:44:55:99:29:
         14:94:e2:88:65:3b:b1:99:10:0f:ac:52:ea:ad:a3:22:56:aa:
         f9:60:34:48:b3:a8:49:ba:9b:50:3a:01:82:05:e5:a0:3c:89:
         26:dc:dc:2f:a9:bb:b3:c0:17:e7:15:f2:93:4c:ab:18:98:ca:
         da:ec:3b:37:ef:23:a3:a6:8a:36:a0:5f:ca:8b:0a:de:89:2b:
         14:40:d3:5d:b9:aa:d5:f4:82:e3:19:77:0f:d6:d5:8e:e1:e3:
         b7:25:41:f0:0b:1a:1f:9f:72:a4:0e:a2:18:0a:2d:ce:8f:1c:
         03:46:c0:a1:c2:be:b1:24:45:b9:a0:b3:53:11:94:ac:b0:81:
         4c:b8:a2:ea:00:29:52:ee:8d:ad:db:5e:b9:c1:f0:dc:0a:5f:
         8c:27:95:47:46:25:70:59:0a:d0:c3:d8:9e:4b:f9:21:d2:df:
         8f:b0:bf:fb:64:48:79:90:21:13:22:4b:7a:ce:c6:3b:47:8e:
         95:c7:f4:a9:97:07:eb:ed:c0:5d:ea:47:f5:39:7b:1e:46:08:
         8b:15:1f:d5:d3:c9:47:5f:0a:b7:81:dc:2d:3d:f8:70:35:23:
         63:28:f6:2c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAugwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REE1OTAxMTAvBgNVBAUTKDIwMDAwMDVBQzVBMTc0NDA0QkQzQkZDMjk5NDMzMjNF
OTYwNjI1QjkwHhcNMjQxMTIzMDA1MzQ3WhcNMjQxMTMwMDA1MzQ3WjAYMRYwFAYD
VQQDEw02NzQxMjc5Yi0zZjg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArTQ8O9XcTSteGxg3hp/m4nbZLD5a1VT+/JolIyULOmZyuz2j5orknJl3ZIBh
rWa0smc7T21SaEAMNAWC49VbIvRCPYAJx76iMuYUezgm0nMeJsCflZHCCqkQZq5H
8OhZuSCSWlKU1TUjpELlG2ESOw1vzBsBycXsrjgwSIU0c10c6pEysKaTEiC2DxEl
ordHq8MmiMQFRZ9Th1MtI8mpW6ie12VV3i2YF7B0aYVaxUO33ldTALhwMWGs9got
fLR3zEi/rJEgfrWrGoDUHdblsiiHbDlWamJLvTPGSEION6eL+aYS/AXUIHdVTRQ1
tHxMv60cwUiwq3qXAmS7cR9l3wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGkBTiCw
sdXQefc+If/ALD3bioB0MB8GA1UdIwQYMBaAFCAAAFrFoXRAS9O/wplDMj6WBiW5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQTU5MC85NTEwRTg2QUMw
N0IxMUVDOTg3Qjg0N0ZDNEY5QUUwMi9JQUFBV3NXaGRFQkwwN19DbVVNeVBwWUdK
YmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0lBQUFXc1doZEVCTDA3X0NtVU15UHBZR0piay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
QTU5MC85NTEwRTg2QUMwN0IxMUVDOTg3Qjg0N0ZDNEY5QUUwMi9JQUFBV3NXaGRF
QkwwN19DbVVNeVBwWUdKYmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCnq8TrHzoo7XFZKzECQDRUUMEiZETtxErgAA9B9S+y+kRVmSkUlOKI
ZTuxmRAPrFLqraMiVqr5YDRIs6hJuptQOgGCBeWgPIkm3NwvqbuzwBfnFfKTTKsY
mMra7Ds37yOjpoo2oF/KiwreiSsUQNNduarV9ILjGXcP1tWO4eO3JUHwCxofn3Kk
DqIYCi3OjxwDRsChwr6xJEW5oLNTEZSssIFMuKLqAClS7o2t2165wfDcCl+MJ5VH
RiVwWQrQw9ieS/kh0t+PsL/7ZEh5kCETIkt6zsY7R46Vx/Splwfr7cBd6kf1OXse
RgiLFR/V08lHXwq3gdwtPfhwNSNjKPYs
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:33:47 2024 by rpki-client on console-fra.rpki-client.org