Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.mft
File:                     4CEd1HfFtNoX56IChgOs2OcWZrU.mft (raw, json)
Hash identifier:          Wps+PKNggrylrysMDxyZlb5vxd7k2h4GghdomrBzNYU=
Subject key identifier:   98:F5:AC:8C:39:E1:DF:04:0D:04:34:25:F3:7C:CD:49:5B:CC:5F:F6
Authority key identifier: E0:21:1D:D4:77:C5:B4:DA:17:E7:A2:02:86:03:AC:D8:E7:16:66:B5
Certificate issuer:       /CN=A91EB1BE/serialNumber=E0211DD477C5B4DA17E7A2028603ACD8E71666B5
Certificate serial:       12DD
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4CEd1HfFtNoX56IChgOs2OcWZrU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.mft
Manifest number:          12CC
Signing time:             Sat 14 Jun 2025 17:00:45 +0000
Manifest this update:     Sat 14 Jun 2025 17:00:45 +0000
Manifest next update:     Sat 21 Jun 2025 17:00:45 +0000
Files and hashes:         1: 4CEd1HfFtNoX56IChgOs2OcWZrU.crl (hash: 7l6GZravK/bjGAkB2RYnvdCbYn3yU7ITi2AREdNZMLc=)
                          2: 31E1DE72B04B11EE9F3B384BC4F9AE02.roa (hash: SUqha04b2ntyDAUGFXYiqHZijUV69AXBCBCtIkXQ4as=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.crl
                          rsync://rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4CEd1HfFtNoX56IChgOs2OcWZrU.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 21 Jun 2025 17:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4829 (0x12dd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91EB1BE, serialNumber=E0211DD477C5B4DA17E7A2028603ACD8E71666B5
        Validity
            Not Before: Jun 14 17:00:45 2025 GMT
            Not After : Jun 21 17:00:45 2025 GMT
        Subject: CN=684daabd-8975
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:1c:01:f0:15:85:f1:bc:50:87:07:31:a6:82:
                    2e:85:87:60:4a:62:a8:fc:3d:44:95:e0:53:98:cf:
                    90:b7:94:5e:73:94:51:d8:ff:e5:70:fd:93:e0:eb:
                    6a:26:85:1b:d1:e0:18:22:a1:b5:74:be:54:70:7f:
                    33:09:30:14:2d:08:fc:30:f2:19:0e:4d:9b:02:e7:
                    c9:87:1f:87:b4:40:98:53:78:32:cc:7b:16:88:51:
                    e8:09:ab:03:d7:df:b4:bf:34:b0:81:7a:dc:e4:57:
                    2f:f6:92:a7:26:82:3a:9d:4a:cd:d2:8e:fe:fe:40:
                    ed:45:79:ef:5e:6b:4b:6a:18:e5:69:d8:7b:74:d5:
                    d8:04:16:31:aa:a9:bd:7e:73:53:c3:fe:25:4d:8e:
                    2f:2f:5e:ba:82:7d:f2:91:bf:8e:27:4f:a0:4a:38:
                    68:75:dd:25:d9:b5:eb:81:56:7e:5a:70:5a:f1:54:
                    aa:4f:9f:07:b8:7f:77:23:cb:54:80:50:9d:e1:3e:
                    1b:29:52:e7:cf:35:63:8d:f9:21:62:36:44:0a:61:
                    36:07:cb:6b:34:0b:34:9a:45:d3:79:c6:4e:9a:06:
                    68:bd:6f:e6:d2:c4:25:7b:45:1b:ef:ca:e5:fc:2d:
                    58:34:7f:08:5f:50:f2:e4:c6:cb:39:4f:c5:6c:8e:
                    08:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:F5:AC:8C:39:E1:DF:04:0D:04:34:25:F3:7C:CD:49:5B:CC:5F:F6
            X509v3 Authority Key Identifier:
                keyid:E0:21:1D:D4:77:C5:B4:DA:17:E7:A2:02:86:03:AC:D8:E7:16:66:B5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4CEd1HfFtNoX56IChgOs2OcWZrU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:ce:1e:2d:fb:76:28:97:04:de:1f:4e:c4:fd:38:6d:eb:a5:
         c9:f8:e6:82:0b:29:1b:01:ee:fc:01:1c:de:cc:ba:76:c7:d1:
         62:f8:c2:f7:d3:d8:87:08:f9:14:43:e2:ac:74:e0:99:df:6b:
         75:93:89:ad:a3:c5:4e:9a:4d:26:a6:db:19:df:8e:bb:2f:50:
         33:07:d8:e2:a7:b3:95:30:91:04:ab:fa:4d:0f:ea:f6:7c:ce:
         48:7b:a6:7f:1d:f2:20:56:6d:15:5c:78:47:cf:52:37:58:0f:
         46:81:48:8f:4b:29:2f:61:ea:29:d7:ca:c8:a7:51:bc:16:9d:
         c9:4f:76:58:a0:3e:9a:79:2c:5f:9a:57:f6:d2:ad:4f:c6:e4:
         46:8e:79:28:49:7e:45:bb:22:52:f5:9e:19:6a:9e:63:4d:77:
         94:d7:44:3a:4f:6c:17:24:5b:44:be:14:cb:1a:f2:08:13:1e:
         ee:3c:47:46:ac:2e:08:9a:e0:81:62:35:ed:95:01:21:55:eb:
         f4:93:9a:0a:e3:40:8d:21:c8:ad:4d:a7:30:5e:95:82:da:9b:
         5e:fd:83:42:fd:f6:ca:93:f9:75:cf:40:01:42:0f:c6:88:57:
         e9:62:4e:cc:67:b3:15:37:12:58:63:b6:03:83:13:8a:68:85:
         3c:3a:f2:25
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICEt0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUIxQkUxMTAvBgNVBAUTKEUwMjExREQ0NzdDNUI0REExN0U3QTIwMjg2MDNBQ0Q4
RTcxNjY2QjUwHhcNMjUwNjE0MTcwMDQ1WhcNMjUwNjIxMTcwMDQ1WjAYMRYwFAYD
VQQDEw02ODRkYWFiZC04OTc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArRwB8BWF8bxQhwcxpoIuhYdgSmKo/D1EleBTmM+Qt5Rec5RR2P/lcP2T4Otq
JoUb0eAYIqG1dL5UcH8zCTAULQj8MPIZDk2bAufJhx+HtECYU3gyzHsWiFHoCasD
19+0vzSwgXrc5Fcv9pKnJoI6nUrN0o7+/kDtRXnvXmtLahjladh7dNXYBBYxqqm9
fnNTw/4lTY4vL166gn3ykb+OJ0+gSjhodd0l2bXrgVZ+WnBa8VSqT58HuH93I8tU
gFCd4T4bKVLnzzVjjfkhYjZECmE2B8trNAs0mkXTecZOmgZovW/m0sQle0Ub78rl
/C1YNH8IX1Dy5MbLOU/FbI4ILQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJj1rIw5
4d8EDQQ0JfN8zUlbzF/2MB8GA1UdIwQYMBaAFOAhHdR3xbTaF+eiAoYDrNjnFma1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQjFCRS81QTU3Nzg2Q0Mw
QzgxMUU4QUU4MDUzMzRDNEY5QUUwMi80Q0VkMUhmRnROb1g1NklDaGdPczJPY1da
clUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRDRWQxSGZGdE5vWDU2SUNoZ09zMk9jV1pyVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
QjFCRS81QTU3Nzg2Q0MwQzgxMUU4QUU4MDUzMzRDNEY5QUUwMi80Q0VkMUhmRnRO
b1g1NklDaGdPczJPY1daclUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAdzh4t+3YolwTeH07E/Tht66XJ+OaCCykbAe78ARzezLp2x9Fi+ML3
09iHCPkUQ+KsdOCZ32t1k4mto8VOmk0mptsZ3467L1AzB9jip7OVMJEEq/pND+r2
fM5Ie6Z/HfIgVm0VXHhHz1I3WA9GgUiPSykvYeop18rIp1G8Fp3JT3ZYoD6aeSxf
mlf20q1PxuRGjnkoSX5FuyJS9Z4Zap5jTXeU10Q6T2wXJFtEvhTLGvIIEx7uPEdG
rC4ImuCBYjXtlQEhVev0k5oK40CNIcitTacwXpWC2pte/YNC/fbKk/l1z0ABQg/G
iFfpYk7MZ7MVNxJYY7YDgxOKaIU8OvIl
-----END CERTIFICATE-----
Generated at Sun Jun 15 11:24:16 2025 by rpki-client