Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA9BD/07495890918211E891C4EC10C4F9AE02/2ktcISO6nQ-AI3ja3dSAG1Zwo-0.mft
File:                     2ktcISO6nQ-AI3ja3dSAG1Zwo-0.mft (raw, json)
Hash identifier:          lczIrYJurwm0PJo9smoHDxy+l3x27aJU++bUibIF2Nc=
Subject key identifier:   59:0E:BD:4C:19:A3:E2:2E:7C:10:16:C9:A5:21:E4:4F:9C:B1:0E:62
Authority key identifier: DA:4B:5C:21:23:BA:9D:0F:80:23:78:DA:DD:D4:80:1B:56:70:A3:ED
Certificate issuer:       /CN=A91EA9BD/serialNumber=DA4B5C2123BA9D0F802378DADDD4801B5670A3ED
Certificate serial:       13DE
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2ktcISO6nQ-AI3ja3dSAG1Zwo-0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91EA9BD/07495890918211E891C4EC10C4F9AE02/2ktcISO6nQ-AI3ja3dSAG1Zwo-0.mft
Manifest number:          13C1
Signing time:             Tue 10 Jun 2025 15:26:37 +0000
Manifest this update:     Tue 10 Jun 2025 15:26:36 +0000
Manifest next update:     Tue 17 Jun 2025 15:26:36 +0000
Files and hashes:         1: 2ktcISO6nQ-AI3ja3dSAG1Zwo-0.crl (hash: 4eTuR5m96ccZStjGMF7XlWMt+CnwQO5842HcyctmAHE=)
                          2: 76C6BCF6B72811ECAEFC180DC4F9AE02.roa (hash: V/gOKs9LECUvwP7f76II+OxQFAc41Q7rou6YKiKk5l8=)
                          3: B969D2D0BA4A11EC90B53115C4F9AE02.roa (hash: kCVXgcVyC3mGVdPkmV42EUSht4RHcewllIn6s7mcD00=)
                          4: 49678FBCB72B11EC8C8E3017C4F9AE02.roa (hash: 6y2+7m6fZBqF1vnJPBAlEhf0LTJdURa/vtEhojNLyMc=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91EA9BD/07495890918211E891C4EC10C4F9AE02/2ktcISO6nQ-AI3ja3dSAG1Zwo-0.crl
                          rsync://rpki.apnic.net/member_repository/A91EA9BD/07495890918211E891C4EC10C4F9AE02/2ktcISO6nQ-AI3ja3dSAG1Zwo-0.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2ktcISO6nQ-AI3ja3dSAG1Zwo-0.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 17 Jun 2025 15:26:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5086 (0x13de)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91EA9BD, serialNumber=DA4B5C2123BA9D0F802378DADDD4801B5670A3ED
        Validity
            Not Before: Jun 10 15:26:36 2025 GMT
            Not After : Jun 17 15:26:36 2025 GMT
        Subject: CN=68484eac-3495
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:67:5d:f3:41:0f:7f:ce:f7:1c:8a:8f:5e:86:
                    9a:cf:0c:22:00:8a:3a:e6:78:56:f8:8b:b6:e6:bc:
                    c8:a7:33:36:60:a3:00:93:c0:93:7f:58:37:d6:25:
                    aa:84:62:9c:16:5b:58:91:2f:c6:e1:b4:5f:6a:25:
                    1d:28:d1:e6:bf:26:6f:f6:0e:5b:35:d1:0a:d2:b6:
                    7c:0e:c3:d3:ca:5b:3f:24:20:5c:b7:b6:69:c9:89:
                    86:c2:95:92:e0:2b:e9:52:02:76:82:2c:8a:29:51:
                    0d:04:fe:c7:80:3e:40:ab:d0:d3:47:42:75:cd:ef:
                    52:12:ae:60:6a:df:e6:8d:76:72:b8:9c:78:29:77:
                    0c:d3:2d:5e:96:47:73:ce:b9:97:54:4c:18:88:d4:
                    c8:ab:8d:00:b8:b1:fb:56:b5:fe:22:f7:75:b5:ef:
                    b6:4a:8f:16:0e:f0:1e:02:7d:cf:e4:06:0f:f4:07:
                    6a:d5:d7:50:61:17:a4:b8:d4:c6:70:e1:e0:f2:5d:
                    fc:53:b4:c4:bc:6a:61:35:f3:c7:77:00:08:35:b0:
                    d9:6f:6d:0a:a2:a0:46:69:0e:d2:95:18:31:1c:18:
                    67:2e:48:bf:87:1f:38:32:6c:55:0e:2d:f0:4b:5a:
                    01:56:89:12:be:8e:77:64:32:89:80:42:aa:a8:91:
                    68:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:0E:BD:4C:19:A3:E2:2E:7C:10:16:C9:A5:21:E4:4F:9C:B1:0E:62
            X509v3 Authority Key Identifier:
                keyid:DA:4B:5C:21:23:BA:9D:0F:80:23:78:DA:DD:D4:80:1B:56:70:A3:ED

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91EA9BD/07495890918211E891C4EC10C4F9AE02/2ktcISO6nQ-AI3ja3dSAG1Zwo-0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2ktcISO6nQ-AI3ja3dSAG1Zwo-0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA9BD/07495890918211E891C4EC10C4F9AE02/2ktcISO6nQ-AI3ja3dSAG1Zwo-0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:e3:fe:8d:0e:6c:b7:33:91:72:a8:b7:e6:ac:56:11:90:66:
         87:57:be:48:f3:aa:7a:67:76:2f:60:f2:92:ef:0f:0c:b6:ce:
         48:3e:c5:9b:34:81:10:0d:a6:df:4b:b0:e2:9d:18:cd:5c:40:
         3d:73:91:f4:dc:6c:d3:c2:9f:df:93:a3:61:77:22:93:d0:1e:
         72:e6:9e:67:85:d7:3b:84:f7:a7:4f:9f:60:2c:96:81:ac:4e:
         bb:b4:b1:86:d7:ef:50:d7:ca:dc:6c:db:dc:9b:9f:ef:a3:71:
         79:70:c1:cc:f0:c4:6f:72:cf:df:bc:93:15:ae:81:fe:31:1c:
         3c:eb:8e:f3:b6:13:4a:db:e7:fd:cc:1c:38:71:71:45:9e:22:
         dd:40:98:c6:2d:b9:0a:06:30:66:f1:ee:e8:ce:6c:4d:56:cd:
         c5:b9:50:b5:b2:11:e5:3c:30:4d:bb:83:0d:b1:c4:9f:21:f9:
         ef:c2:6b:f3:45:7e:56:cc:57:ef:a8:00:4d:a1:6e:4a:34:b8:
         06:9a:2a:8c:18:07:35:1d:c7:67:3f:e4:20:b3:e9:b4:7e:6c:
         23:b7:20:d5:0e:4c:43:0c:61:62:a2:3d:e0:b3:fd:17:54:6b:
         25:67:5e:f8:12:d6:6b:bd:86:62:d3:5c:60:ea:77:1e:93:c4:
         fa:5b:43:40
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICE94wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUE5QkQxMTAvBgNVBAUTKERBNEI1QzIxMjNCQTlEMEY4MDIzNzhEQURERDQ4MDFC
NTY3MEEzRUQwHhcNMjUwNjEwMTUyNjM2WhcNMjUwNjE3MTUyNjM2WjAYMRYwFAYD
VQQDEw02ODQ4NGVhYy0zNDk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxWdd80EPf873HIqPXoaazwwiAIo65nhW+Iu25rzIpzM2YKMAk8CTf1g31iWq
hGKcFltYkS/G4bRfaiUdKNHmvyZv9g5bNdEK0rZ8DsPTyls/JCBct7ZpyYmGwpWS
4CvpUgJ2giyKKVENBP7HgD5Aq9DTR0J1ze9SEq5gat/mjXZyuJx4KXcM0y1elkdz
zrmXVEwYiNTIq40AuLH7VrX+Ivd1te+2So8WDvAeAn3P5AYP9Adq1ddQYRekuNTG
cOHg8l38U7TEvGphNfPHdwAINbDZb20KoqBGaQ7SlRgxHBhnLki/hx84MmxVDi3w
S1oBVokSvo53ZDKJgEKqqJFo2QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFkOvUwZ
o+IufBAWyaUh5E+csQ5iMB8GA1UdIwQYMBaAFNpLXCEjup0PgCN42t3UgBtWcKPt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTlCRC8wNzQ5NTg5MDkx
ODIxMUU4OTFDNEVDMTBDNEY5QUUwMi8ya3RjSVNPNm5RLUFJM2phM2RTQUcxWndv
LTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLzJrdGNJU082blEtQUkzamEzZFNBRzFad28tMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
QTlCRC8wNzQ5NTg5MDkxODIxMUU4OTFDNEVDMTBDNEY5QUUwMi8ya3RjSVNPNm5R
LUFJM2phM2RTQUcxWndvLTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBc4/6NDmy3M5FyqLfmrFYRkGaHV75I86p6Z3YvYPKS7w8Mts5IPsWb
NIEQDabfS7DinRjNXEA9c5H03GzTwp/fk6NhdyKT0B5y5p5nhdc7hPenT59gLJaB
rE67tLGG1+9Q18rcbNvcm5/vo3F5cMHM8MRvcs/fvJMVroH+MRw8647zthNK2+f9
zBw4cXFFniLdQJjGLbkKBjBm8e7ozmxNVs3FuVC1shHlPDBNu4MNscSfIfnvwmvz
RX5WzFfvqABNoW5KNLgGmiqMGAc1HcdnP+Qgs+m0fmwjtyDVDkxDDGFioj3gs/0X
VGslZ174EtZrvYZi01xg6ncek8T6W0NA
-----END CERTIFICATE-----
Generated at Wed Jun 11 14:14:44 2025 by rpki-client