Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.mft
File:                     IHitW73x1MW5cLvik02aNV2zHOg.mft (raw, json)
Hash identifier:          L70pVJzOB4sl9tIlCyzWcz5/Z4yCVDPf8i/QUMrE3EA=
Subject key identifier:   45:30:0B:44:B4:6A:2E:C2:7A:C1:C6:E3:CC:2B:BC:15:69:41:06:5B
Authority key identifier: 20:78:AD:5B:BD:F1:D4:C5:B9:70:BB:E2:93:4D:9A:35:5D:B3:1C:E8
Certificate issuer:       /CN=A91E4DFA/serialNumber=2078AD5BBDF1D4C5B970BBE2934D9A355DB31CE8
Certificate serial:       04F5
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IHitW73x1MW5cLvik02aNV2zHOg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.mft
Manifest number:          04EB
Signing time:             Fri 30 May 2025 23:57:19 +0000
Manifest this update:     Fri 30 May 2025 23:57:18 +0000
Manifest next update:     Fri 06 Jun 2025 23:57:18 +0000
Files and hashes:         1: IHitW73x1MW5cLvik02aNV2zHOg.crl (hash: /jQ8ic86lF3Ut2x7GZ5V5dyyG+f23lkA272GdxKUuZw=)
                          2: 5EAA75CC28E511F0BE4DF317C4F9AE02.roa (hash: aZ97R0qET0w8nFTTAAMLi629/SQxZPM4icyK4OVkGiY=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.crl
                          rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IHitW73x1MW5cLvik02aNV2zHOg.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 06 Jun 2025 23:57:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1269 (0x4f5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E4DFA, serialNumber=2078AD5BBDF1D4C5B970BBE2934D9A355DB31CE8
        Validity
            Not Before: May 30 23:57:18 2025 GMT
            Not After : Jun  6 23:57:18 2025 GMT
        Subject: CN=683a45df-82fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:29:9f:07:e0:c8:c9:1c:b8:34:ce:d9:95:9e:
                    3a:35:99:8f:00:a9:53:20:98:94:e0:7f:3f:0d:40:
                    a9:88:be:51:72:b1:54:1e:19:fc:f3:6f:28:89:d4:
                    b8:f1:db:bc:66:7a:9d:fc:1e:8f:20:ae:d0:6b:45:
                    02:82:73:55:05:0a:b0:75:52:2d:93:da:e5:5e:10:
                    a4:38:77:a3:22:55:f1:e8:c6:e7:08:40:bc:3e:89:
                    9f:34:5e:05:84:a6:ec:3c:0a:8c:30:51:98:da:fa:
                    44:1a:22:75:89:a1:9e:29:91:be:fc:4d:2b:cd:48:
                    9c:c3:7c:16:1f:59:19:05:f9:df:2f:71:a1:a2:7d:
                    6a:ca:02:9e:8e:ea:f8:9b:7a:e3:f7:16:7c:e5:0b:
                    40:b6:c2:9c:b7:e4:07:01:0b:a3:d8:47:96:85:bf:
                    65:74:38:f3:c4:1d:5e:b1:6c:ae:b1:35:5c:19:87:
                    1a:4c:2d:39:d3:18:7b:6b:7b:a6:46:e0:70:9b:2b:
                    ed:cf:1c:72:82:ff:76:5d:f0:08:09:6f:9f:6d:90:
                    be:d8:6b:f8:f7:f5:31:c6:88:44:49:f7:a6:d6:70:
                    96:23:a0:bf:dd:11:f4:09:48:a9:80:6e:28:15:75:
                    53:d0:19:24:4a:3a:cc:c9:62:ec:7e:60:f8:31:81:
                    6a:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:30:0B:44:B4:6A:2E:C2:7A:C1:C6:E3:CC:2B:BC:15:69:41:06:5B
            X509v3 Authority Key Identifier:
                keyid:20:78:AD:5B:BD:F1:D4:C5:B9:70:BB:E2:93:4D:9A:35:5D:B3:1C:E8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IHitW73x1MW5cLvik02aNV2zHOg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:71:45:db:96:b9:83:73:93:6b:73:93:52:49:45:23:e3:f6:
         85:69:cf:c4:4e:ec:1d:e2:18:1b:d2:0b:d6:20:3a:ad:3f:a4:
         6b:50:99:4c:94:7a:46:f6:09:31:86:20:84:45:7e:e6:db:a9:
         42:59:cc:4c:89:0a:55:36:7a:d8:64:c1:9c:64:cc:85:05:ed:
         d3:a8:9e:69:07:82:31:6c:fb:0f:72:2e:93:d1:fb:00:a1:62:
         d7:79:44:2f:cb:cb:b6:d2:f5:4e:d9:5a:92:90:70:8e:02:74:
         ef:12:41:48:8f:95:a7:c1:2a:da:c6:99:44:85:da:c1:eb:87:
         24:40:8b:ca:60:7c:df:6f:ee:3a:71:f7:e1:86:ea:50:69:ed:
         5d:f8:b5:e3:c7:ee:8f:1b:0f:81:0d:de:43:38:6c:91:2d:d7:
         9a:c8:70:19:69:b6:94:6c:68:d9:d0:d0:08:9f:b9:80:15:12:
         9b:f7:4e:2d:85:5e:7b:7b:aa:fa:31:0b:dd:c3:6e:71:71:8f:
         2c:60:16:f5:37:c2:c0:9e:86:72:81:f8:4c:1d:e5:a2:43:7d:
         fc:8f:b7:c3:22:08:1f:c4:92:f8:60:eb:31:ae:22:0f:36:94:
         37:43:bb:3a:0f:4b:ad:b0:9d:13:67:3d:52:73:41:93:d9:24:
         8d:dc:be:1e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICBPUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTRERkExMTAvBgNVBAUTKDIwNzhBRDVCQkRGMUQ0QzVCOTcwQkJFMjkzNEQ5QTM1
NURCMzFDRTgwHhcNMjUwNTMwMjM1NzE4WhcNMjUwNjA2MjM1NzE4WjAYMRYwFAYD
VQQDEw02ODNhNDVkZi04MmZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsimfB+DIyRy4NM7ZlZ46NZmPAKlTIJiU4H8/DUCpiL5RcrFUHhn8828oidS4
8du8Znqd/B6PIK7Qa0UCgnNVBQqwdVItk9rlXhCkOHejIlXx6MbnCEC8PomfNF4F
hKbsPAqMMFGY2vpEGiJ1iaGeKZG+/E0rzUicw3wWH1kZBfnfL3Ghon1qygKejur4
m3rj9xZ85QtAtsKct+QHAQuj2EeWhb9ldDjzxB1esWyusTVcGYcaTC050xh7a3um
RuBwmyvtzxxygv92XfAICW+fbZC+2Gv49/UxxohESfem1nCWI6C/3RH0CUipgG4o
FXVT0BkkSjrMyWLsfmD4MYFqPwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEUwC0S0
ai7CesHG48wrvBVpQQZbMB8GA1UdIwQYMBaAFCB4rVu98dTFuXC74pNNmjVdsxzo
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNERGQS84NDU5ODRDRTFB
ODUxMUVDQTc2QUVBM0FDNEY5QUUwMi9JSGl0VzczeDFNVzVjTHZpazAyYU5WMnpI
T2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0lIaXRXNzN4MU1XNWNMdmlrMDJhTlYyekhPZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
NERGQS84NDU5ODRDRTFBODUxMUVDQTc2QUVBM0FDNEY5QUUwMi9JSGl0VzczeDFN
VzVjTHZpazAyYU5WMnpIT2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBxcUXblrmDc5Nrc5NSSUUj4/aFac/ETuwd4hgb0gvWIDqtP6RrUJlM
lHpG9gkxhiCERX7m26lCWcxMiQpVNnrYZMGcZMyFBe3TqJ5pB4IxbPsPci6T0fsA
oWLXeUQvy8u20vVO2VqSkHCOAnTvEkFIj5WnwSraxplEhdrB64ckQIvKYHzfb+46
cffhhupQae1d+LXjx+6PGw+BDd5DOGyRLdeayHAZabaUbGjZ0NAIn7mAFRKb904t
hV57e6r6MQvdw25xcY8sYBb1N8LAnoZygfhMHeWiQ338j7fDIggfxJL4YOsxriIP
NpQ3Q7s6D0utsJ0TZz1Sc0GT2SSN3L4e
-----END CERTIFICATE-----
Generated at Sat May 31 16:35:04 2025 by rpki-client