Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.mft
File:                     4CEd1HfFtNoX56IChgOs2OcWZrU.mft (raw, json)
Hash identifier:          ckGsnjpRHvfGlL4sH+Kvv5EwaKgqiWbqXlDbV/t9jzw=
Subject key identifier:   1C:F2:3D:1B:55:D1:8B:1C:82:8B:2B:60:E0:DD:33:CF:EF:46:F1:AE
Authority key identifier: E0:21:1D:D4:77:C5:B4:DA:17:E7:A2:02:86:03:AC:D8:E7:16:66:B5
Certificate issuer:       /CN=A91EB1BE/serialNumber=E0211DD477C5B4DA17E7A2028603ACD8E71666B5
Certificate serial:       12DB
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4CEd1HfFtNoX56IChgOs2OcWZrU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.mft
Manifest number:          12CA
Signing time:             Tue 10 Jun 2025 17:03:13 +0000
Manifest this update:     Tue 10 Jun 2025 17:03:13 +0000
Manifest next update:     Tue 17 Jun 2025 17:03:13 +0000
Files and hashes:         1: 4CEd1HfFtNoX56IChgOs2OcWZrU.crl (hash: chzkkAGfktm+/ZUg6QiYlDRaWlRUSJYAOnIxVhoIcfs=)
                          2: 31E1DE72B04B11EE9F3B384BC4F9AE02.roa (hash: SUqha04b2ntyDAUGFXYiqHZijUV69AXBCBCtIkXQ4as=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.crl
                          rsync://rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4CEd1HfFtNoX56IChgOs2OcWZrU.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 17 Jun 2025 17:03:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4827 (0x12db)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91EB1BE, serialNumber=E0211DD477C5B4DA17E7A2028603ACD8E71666B5
        Validity
            Not Before: Jun 10 17:03:13 2025 GMT
            Not After : Jun 17 17:03:13 2025 GMT
        Subject: CN=68486551-fcbc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:00:99:e3:84:18:29:f2:95:f4:f7:98:56:0f:
                    52:90:0c:eb:57:0e:16:8c:20:1e:07:76:b3:41:94:
                    43:40:d6:6c:24:2e:80:f8:a6:4a:83:a3:1c:36:94:
                    7a:bd:ab:9e:5c:93:6c:9e:61:b5:ea:42:ac:06:9a:
                    fd:a6:3e:9c:a3:53:55:1f:a7:a6:4e:e5:db:22:7a:
                    40:78:22:f8:0c:31:6e:5a:9a:b3:b4:94:45:34:e4:
                    46:a3:db:4e:94:78:71:4b:16:6e:96:d3:8c:13:2a:
                    75:02:3f:ee:86:0c:e7:de:e6:86:59:b2:12:13:dd:
                    49:49:1b:69:2e:71:37:61:b3:98:06:e6:87:e3:92:
                    5a:8f:86:09:32:50:1a:c2:87:da:4a:75:78:a3:c6:
                    23:d3:a6:09:f5:7e:2f:2c:a6:65:a2:79:7e:c9:b4:
                    5a:97:44:10:cc:b2:51:ad:68:1e:98:cf:26:03:3b:
                    66:a8:42:ac:2b:f9:77:6b:34:d3:23:20:d9:86:7c:
                    4a:f4:44:40:b5:97:6a:34:34:7c:8d:08:ae:1a:de:
                    b7:34:c2:a9:d0:7e:0d:76:11:12:d2:3b:92:87:a1:
                    40:c8:3e:eb:c3:07:c8:97:45:f8:c5:14:53:60:c1:
                    57:08:b4:a3:74:20:04:37:a7:9f:42:21:96:4e:2f:
                    09:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:F2:3D:1B:55:D1:8B:1C:82:8B:2B:60:E0:DD:33:CF:EF:46:F1:AE
            X509v3 Authority Key Identifier:
                keyid:E0:21:1D:D4:77:C5:B4:DA:17:E7:A2:02:86:03:AC:D8:E7:16:66:B5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4CEd1HfFtNoX56IChgOs2OcWZrU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:56:21:47:55:e7:63:d5:b0:72:20:2e:d0:5f:1e:59:a7:4b:
         7c:6f:fc:64:98:82:74:95:dd:da:13:09:6d:ec:b1:3c:46:05:
         0b:18:d4:85:97:11:e5:32:41:3d:bf:2c:d6:d2:ba:7f:8d:d0:
         1b:13:98:87:9f:d4:41:48:3c:44:d4:52:39:90:57:42:c9:e4:
         91:6e:dd:bc:60:a3:c6:ff:0a:e0:f0:2b:c1:c1:64:6c:f9:1a:
         84:55:9f:f5:f2:8e:a9:66:d6:73:25:af:04:d0:97:44:8d:76:
         e1:f7:41:47:59:69:6f:fd:6a:9c:e3:e2:cb:5d:6d:a5:c3:10:
         26:a7:a7:d0:a3:28:db:4f:52:0a:73:fd:51:27:af:c6:1b:7f:
         6c:e5:71:04:e4:ae:84:29:f2:de:d9:d5:57:2e:36:a8:03:d8:
         46:95:86:9c:e8:fe:9b:db:90:d1:c7:35:fb:23:2d:c9:2e:13:
         8f:67:82:b8:56:57:56:2a:d2:df:c2:aa:51:3f:8e:79:2e:65:
         be:67:d0:13:5a:ee:b7:80:cf:2a:9d:62:3c:f3:30:64:f5:ed:
         3d:27:02:ce:ab:0e:69:40:1d:0b:55:fa:50:fa:6e:a1:bb:6e:
         9a:6c:4f:07:5e:e9:26:1c:ac:9c:cf:d4:7a:73:c2:9b:27:f8:
         46:5a:e8:26
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICEtswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUIxQkUxMTAvBgNVBAUTKEUwMjExREQ0NzdDNUI0REExN0U3QTIwMjg2MDNBQ0Q4
RTcxNjY2QjUwHhcNMjUwNjEwMTcwMzEzWhcNMjUwNjE3MTcwMzEzWjAYMRYwFAYD
VQQDEw02ODQ4NjU1MS1mY2JjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvgCZ44QYKfKV9PeYVg9SkAzrVw4WjCAeB3azQZRDQNZsJC6A+KZKg6McNpR6
vaueXJNsnmG16kKsBpr9pj6co1NVH6emTuXbInpAeCL4DDFuWpqztJRFNORGo9tO
lHhxSxZultOMEyp1Aj/uhgzn3uaGWbISE91JSRtpLnE3YbOYBuaH45Jaj4YJMlAa
wofaSnV4o8Yj06YJ9X4vLKZlonl+ybRal0QQzLJRrWgemM8mAztmqEKsK/l3azTT
IyDZhnxK9ERAtZdqNDR8jQiuGt63NMKp0H4NdhES0juSh6FAyD7rwwfIl0X4xRRT
YMFXCLSjdCAEN6efQiGWTi8JjQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBzyPRtV
0YscgosrYODdM8/vRvGuMB8GA1UdIwQYMBaAFOAhHdR3xbTaF+eiAoYDrNjnFma1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQjFCRS81QTU3Nzg2Q0Mw
QzgxMUU4QUU4MDUzMzRDNEY5QUUwMi80Q0VkMUhmRnROb1g1NklDaGdPczJPY1da
clUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRDRWQxSGZGdE5vWDU2SUNoZ09zMk9jV1pyVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
QjFCRS81QTU3Nzg2Q0MwQzgxMUU4QUU4MDUzMzRDNEY5QUUwMi80Q0VkMUhmRnRO
b1g1NklDaGdPczJPY1daclUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAiViFHVedj1bByIC7QXx5Zp0t8b/xkmIJ0ld3aEwlt7LE8RgULGNSF
lxHlMkE9vyzW0rp/jdAbE5iHn9RBSDxE1FI5kFdCyeSRbt28YKPG/wrg8CvBwWRs
+RqEVZ/18o6pZtZzJa8E0JdEjXbh90FHWWlv/Wqc4+LLXW2lwxAmp6fQoyjbT1IK
c/1RJ6/GG39s5XEE5K6EKfLe2dVXLjaoA9hGlYac6P6b25DRxzX7Iy3JLhOPZ4K4
VldWKtLfwqpRP455LmW+Z9ATWu63gM8qnWI88zBk9e09JwLOqw5pQB0LVfpQ+m6h
u26abE8HXukmHKycz9R6c8KbJ/hGWugm
-----END CERTIFICATE-----
Generated at Wed Jun 11 03:48:08 2025 by rpki-client