Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA9BD/07495890918211E891C4EC10C4F9AE02/2ktcISO6nQ-AI3ja3dSAG1Zwo-0.mft
File:                     2ktcISO6nQ-AI3ja3dSAG1Zwo-0.mft (raw, json)
Hash identifier:          x4hNZi1e/6WO88O5parzsF4r5kV1RUDqaWlFKn0lDYs=
Subject key identifier:   E3:B3:0B:28:02:00:DF:78:96:D8:67:9A:A0:E0:CB:76:13:AB:13:C6
Authority key identifier: DA:4B:5C:21:23:BA:9D:0F:80:23:78:DA:DD:D4:80:1B:56:70:A3:ED
Certificate issuer:       /CN=A91EA9BD/serialNumber=DA4B5C2123BA9D0F802378DADDD4801B5670A3ED
Certificate serial:       13DD
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2ktcISO6nQ-AI3ja3dSAG1Zwo-0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91EA9BD/07495890918211E891C4EC10C4F9AE02/2ktcISO6nQ-AI3ja3dSAG1Zwo-0.mft
Manifest number:          13C0
Signing time:             Sun 08 Jun 2025 15:24:01 +0000
Manifest this update:     Sun 08 Jun 2025 15:24:01 +0000
Manifest next update:     Sun 15 Jun 2025 15:24:00 +0000
Files and hashes:         1: 2ktcISO6nQ-AI3ja3dSAG1Zwo-0.crl (hash: skXayP3M4AWFV/CjikeD4pxgWKn+WpaYKPlTnZ3Vc4Q=)
                          2: 76C6BCF6B72811ECAEFC180DC4F9AE02.roa (hash: V/gOKs9LECUvwP7f76II+OxQFAc41Q7rou6YKiKk5l8=)
                          3: B969D2D0BA4A11EC90B53115C4F9AE02.roa (hash: kCVXgcVyC3mGVdPkmV42EUSht4RHcewllIn6s7mcD00=)
                          4: 49678FBCB72B11EC8C8E3017C4F9AE02.roa (hash: 6y2+7m6fZBqF1vnJPBAlEhf0LTJdURa/vtEhojNLyMc=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91EA9BD/07495890918211E891C4EC10C4F9AE02/2ktcISO6nQ-AI3ja3dSAG1Zwo-0.crl
                          rsync://rpki.apnic.net/member_repository/A91EA9BD/07495890918211E891C4EC10C4F9AE02/2ktcISO6nQ-AI3ja3dSAG1Zwo-0.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2ktcISO6nQ-AI3ja3dSAG1Zwo-0.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 15 Jun 2025 15:24:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5085 (0x13dd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91EA9BD, serialNumber=DA4B5C2123BA9D0F802378DADDD4801B5670A3ED
        Validity
            Not Before: Jun  8 15:24:01 2025 GMT
            Not After : Jun 15 15:24:00 2025 GMT
        Subject: CN=6845ab11-5857
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:9b:7d:78:2f:98:a3:cf:ce:5c:81:91:1c:61:
                    d6:45:7f:31:a8:65:41:e9:d4:f4:f6:1d:ba:38:d0:
                    78:f3:f6:4f:39:88:8a:70:73:57:db:da:5b:ad:f4:
                    40:7d:f8:33:6b:a9:af:ee:4f:06:1b:84:4c:5c:d1:
                    1d:11:2e:6d:eb:22:cb:26:b3:a9:63:18:10:ca:62:
                    87:4e:db:52:36:3a:92:f5:bb:d1:2b:75:1d:a3:43:
                    6c:46:ea:7d:86:74:55:40:27:17:88:05:c0:80:1b:
                    5a:8f:f5:38:ba:a3:ad:75:91:f8:bc:e7:93:4a:13:
                    5b:3d:fd:9f:0d:61:86:38:10:cd:ed:f3:63:52:08:
                    55:87:fe:9d:73:ef:0d:16:4c:bc:8a:25:b4:d3:e3:
                    de:af:5e:5a:79:7d:07:28:ed:31:56:03:cc:3a:df:
                    1b:6c:32:d0:e4:dd:a4:14:cd:b6:6e:15:80:3d:e4:
                    55:76:89:74:a4:78:99:dc:48:e8:51:11:bf:cc:ba:
                    cb:30:88:74:ae:2d:eb:e7:91:94:15:79:7d:4c:28:
                    f5:fd:05:96:c7:f4:64:d3:62:6c:14:b4:36:2f:a5:
                    0f:7f:4a:7c:52:32:76:43:69:ff:9d:f8:bd:87:f0:
                    8f:22:88:a4:a6:73:ae:58:08:e5:6b:f8:29:3a:4a:
                    54:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:B3:0B:28:02:00:DF:78:96:D8:67:9A:A0:E0:CB:76:13:AB:13:C6
            X509v3 Authority Key Identifier:
                keyid:DA:4B:5C:21:23:BA:9D:0F:80:23:78:DA:DD:D4:80:1B:56:70:A3:ED

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91EA9BD/07495890918211E891C4EC10C4F9AE02/2ktcISO6nQ-AI3ja3dSAG1Zwo-0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2ktcISO6nQ-AI3ja3dSAG1Zwo-0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA9BD/07495890918211E891C4EC10C4F9AE02/2ktcISO6nQ-AI3ja3dSAG1Zwo-0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:dd:22:57:fc:d4:49:1d:fd:d8:dd:d5:7b:f7:91:47:c6:1d:
         24:06:4e:4d:0c:4b:54:16:c9:7b:a7:5f:96:a3:bc:bb:82:50:
         8b:22:8b:94:b6:a1:c9:76:74:b3:2d:9a:a4:f2:42:92:13:9c:
         0b:5e:85:74:c8:fb:d4:2b:01:67:6e:5e:c9:a3:00:39:87:75:
         2b:9d:37:34:a6:b4:db:15:10:15:44:65:98:0d:92:13:65:72:
         0c:ac:8a:01:ad:d6:23:c6:d8:6b:64:14:7b:5c:76:88:b7:59:
         84:23:7d:b5:04:bf:df:e9:1f:5d:f2:c2:22:18:28:bd:73:df:
         e5:e8:7e:d6:c8:f7:27:a2:08:cb:d5:c8:d6:59:6a:fe:e5:1b:
         a9:9c:63:27:57:e5:4b:9c:2f:42:f1:4d:3c:90:68:d1:30:e9:
         db:86:67:ed:22:c2:0e:e6:fb:6e:2a:0c:d5:23:e5:85:87:10:
         97:c0:b5:21:38:26:2a:b4:29:8b:f6:cd:8c:ce:50:59:3e:04:
         16:be:2b:5c:69:12:a6:67:50:27:40:ba:e3:7f:c5:37:f8:89:
         6d:3b:78:a4:a3:a9:6b:ec:4e:78:c2:63:77:b8:84:1c:e5:e9:
         dd:37:c7:f7:35:1d:af:f7:18:1b:78:67:2f:f6:5a:65:02:29:
         b7:da:9f:c6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICE90wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUE5QkQxMTAvBgNVBAUTKERBNEI1QzIxMjNCQTlEMEY4MDIzNzhEQURERDQ4MDFC
NTY3MEEzRUQwHhcNMjUwNjA4MTUyNDAxWhcNMjUwNjE1MTUyNDAwWjAYMRYwFAYD
VQQDEw02ODQ1YWIxMS01ODU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4Jt9eC+Yo8/OXIGRHGHWRX8xqGVB6dT09h26ONB48/ZPOYiKcHNX29pbrfRA
ffgza6mv7k8GG4RMXNEdES5t6yLLJrOpYxgQymKHTttSNjqS9bvRK3Udo0NsRup9
hnRVQCcXiAXAgBtaj/U4uqOtdZH4vOeTShNbPf2fDWGGOBDN7fNjUghVh/6dc+8N
Fky8iiW00+Per15aeX0HKO0xVgPMOt8bbDLQ5N2kFM22bhWAPeRVdol0pHiZ3Ejo
URG/zLrLMIh0ri3r55GUFXl9TCj1/QWWx/Rk02JsFLQ2L6UPf0p8UjJ2Q2n/nfi9
h/CPIoikpnOuWAjla/gpOkpU2QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOOzCygC
AN94lthnmqDgy3YTqxPGMB8GA1UdIwQYMBaAFNpLXCEjup0PgCN42t3UgBtWcKPt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTlCRC8wNzQ5NTg5MDkx
ODIxMUU4OTFDNEVDMTBDNEY5QUUwMi8ya3RjSVNPNm5RLUFJM2phM2RTQUcxWndv
LTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLzJrdGNJU082blEtQUkzamEzZFNBRzFad28tMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
QTlCRC8wNzQ5NTg5MDkxODIxMUU4OTFDNEVDMTBDNEY5QUUwMi8ya3RjSVNPNm5R
LUFJM2phM2RTQUcxWndvLTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCU3SJX/NRJHf3Y3dV795FHxh0kBk5NDEtUFsl7p1+Wo7y7glCLIouU
tqHJdnSzLZqk8kKSE5wLXoV0yPvUKwFnbl7JowA5h3UrnTc0prTbFRAVRGWYDZIT
ZXIMrIoBrdYjxthrZBR7XHaIt1mEI321BL/f6R9d8sIiGCi9c9/l6H7WyPcnogjL
1cjWWWr+5RupnGMnV+VLnC9C8U08kGjRMOnbhmftIsIO5vtuKgzVI+WFhxCXwLUh
OCYqtCmL9s2MzlBZPgQWvitcaRKmZ1AnQLrjf8U3+IltO3iko6lr7E54wmN3uIQc
5endN8f3NR2v9xgbeGcv9lplAim32p/G
-----END CERTIFICATE-----
Generated at Tue Jun 10 11:02:43 2025 by rpki-client