Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/IsfsPNntTFDolKEbzXDQMQzV-Fk.mft
File:                     IsfsPNntTFDolKEbzXDQMQzV-Fk.mft (raw, json)
Hash identifier:          MLal/gqsvth4UBY2vuh1kCK8Q9vxPRzGp00MmdBrYmc=
Subject key identifier:   3A:04:90:02:47:D3:44:03:87:5A:08:FD:A3:E9:94:C3:9A:46:54:03
Authority key identifier: 22:C7:EC:3C:D9:ED:4C:50:E8:94:A1:1B:CD:70:D0:31:0C:D5:F8:59
Certificate issuer:       /CN=A91EC225/serialNumber=22C7EC3CD9ED4C50E894A11BCD70D0310CD5F859
Certificate serial:       6A
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IsfsPNntTFDolKEbzXDQMQzV-Fk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/IsfsPNntTFDolKEbzXDQMQzV-Fk.mft
Manifest number:          69
Signing time:             Wed 09 Jul 2025 04:27:41 +0000
Manifest this update:     Wed 09 Jul 2025 04:27:40 +0000
Manifest next update:     Wed 16 Jul 2025 04:27:40 +0000
Files and hashes:         1: IsfsPNntTFDolKEbzXDQMQzV-Fk.crl (hash: x/w1JWPXlWCa9rD9WweGWOhLpCDdEwYa3g7U7y6ukjY=)
                          2: 25D2B94CDECD11EFA79E4065C4F9AE02.roa (hash: AoCtdlkJJmrM0z3AC3jCQKm47jbQAWLBDnBBfT5EtYM=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/IsfsPNntTFDolKEbzXDQMQzV-Fk.crl
                          rsync://rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/IsfsPNntTFDolKEbzXDQMQzV-Fk.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IsfsPNntTFDolKEbzXDQMQzV-Fk.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 16 Jul 2025 04:27:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 106 (0x6a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91EC225, serialNumber=22C7EC3CD9ED4C50E894A11BCD70D0310CD5F859
        Validity
            Not Before: Jul  9 04:27:40 2025 GMT
            Not After : Jul 16 04:27:40 2025 GMT
        Subject: CN=686defbc-2486
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:72:58:b1:7b:50:18:33:90:f7:c5:e7:65:06:
                    04:52:35:df:25:bf:3a:b6:66:f0:73:96:4e:b4:5d:
                    f5:80:b2:93:cf:be:82:57:37:c5:0e:6b:77:18:7b:
                    ba:2d:9c:07:3f:24:b8:6b:c8:83:d4:06:c9:5a:aa:
                    14:1d:53:0b:ea:d8:e2:e0:52:65:82:b5:05:8f:e4:
                    0c:de:70:b0:27:d6:29:ce:7f:4e:48:37:65:51:e8:
                    33:42:04:74:e4:d0:a4:c4:ca:0e:d4:19:0d:54:5f:
                    23:c7:72:40:15:14:0f:42:10:64:0a:1f:94:7f:73:
                    c3:ca:fc:c6:0f:96:7e:6a:95:0f:7c:3d:8b:c1:c3:
                    28:ce:44:e2:f2:12:cf:10:b2:20:2b:53:43:56:db:
                    a7:53:82:3d:2d:f1:62:2b:46:68:62:6a:a8:6c:91:
                    18:cb:31:f3:90:d0:82:96:6c:53:47:00:1e:43:2d:
                    9c:4a:84:70:5c:91:f2:28:1e:f4:fa:c1:52:e0:eb:
                    4f:82:ef:7e:dc:55:8f:31:1d:bc:9a:ca:02:dc:8b:
                    b7:ca:8d:33:c4:4c:27:c6:b3:26:c0:d8:ff:ee:f9:
                    c2:b9:e6:17:66:2b:e7:a4:e6:c2:06:85:8c:8d:86:
                    1c:28:ab:f8:5b:58:cb:84:ec:f4:6d:43:2d:16:71:
                    ce:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:04:90:02:47:D3:44:03:87:5A:08:FD:A3:E9:94:C3:9A:46:54:03
            X509v3 Authority Key Identifier:
                keyid:22:C7:EC:3C:D9:ED:4C:50:E8:94:A1:1B:CD:70:D0:31:0C:D5:F8:59

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/IsfsPNntTFDolKEbzXDQMQzV-Fk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IsfsPNntTFDolKEbzXDQMQzV-Fk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/IsfsPNntTFDolKEbzXDQMQzV-Fk.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:24:01:89:fd:b5:ec:08:95:12:4f:51:68:41:c0:22:f2:a1:
         d6:64:a6:c7:c8:11:01:eb:5a:d8:1e:52:9e:33:f7:a2:93:3b:
         06:f1:2c:42:1f:19:e5:c1:74:82:71:14:1a:9e:7a:ef:57:42:
         52:07:c6:a4:a5:6f:0a:6d:2d:b6:52:34:63:21:5d:23:c9:a8:
         57:a3:45:bb:d0:86:43:89:f3:9e:c5:4c:8e:98:59:81:92:ec:
         2d:27:10:87:89:c6:b1:0a:52:e5:d9:54:fe:45:f0:5c:45:52:
         b3:e7:84:8d:e3:43:b7:87:db:f1:1e:8a:b2:fa:ef:0a:e3:47:
         be:ff:85:a9:32:3b:26:64:26:a8:7d:bd:81:e2:4e:d0:6e:39:
         93:83:cf:6e:51:67:df:9e:7f:13:ec:15:2d:09:0b:93:ee:f3:
         be:b1:f9:fb:31:01:6c:be:98:ed:c0:a4:be:eb:39:e4:05:50:
         2a:2a:8a:21:93:6b:13:04:16:1f:5c:03:51:08:ac:d1:ab:c6:
         92:cf:4a:59:d8:5e:7d:33:c1:30:b5:1d:75:88:a1:e6:71:26:
         95:75:10:36:f6:7f:b0:53:99:82:85:76:9f:10:15:8a:61:62:
         5a:16:6d:22:90:f5:d5:fd:ed:0a:5d:61:66:a4:11:67:fe:e6:
         17:dd:a0:1a
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBajANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
QzIyNTExMC8GA1UEBRMoMjJDN0VDM0NEOUVENEM1MEU4OTRBMTFCQ0Q3MEQwMzEw
Q0Q1Rjg1OTAeFw0yNTA3MDkwNDI3NDBaFw0yNTA3MTYwNDI3NDBaMBgxFjAUBgNV
BAMTDTY4NmRlZmJjLTI0ODYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCpclixe1AYM5D3xedlBgRSNd8lvzq2ZvBzlk60XfWAspPPvoJXN8UOa3cYe7ot
nAc/JLhryIPUBslaqhQdUwvq2OLgUmWCtQWP5AzecLAn1inOf05IN2VR6DNCBHTk
0KTEyg7UGQ1UXyPHckAVFA9CEGQKH5R/c8PK/MYPln5qlQ98PYvBwyjOROLyEs8Q
siArU0NW26dTgj0t8WIrRmhiaqhskRjLMfOQ0IKWbFNHAB5DLZxKhHBckfIoHvT6
wVLg60+C737cVY8xHbyaygLci7fKjTPETCfGsybA2P/u+cK55hdmK+ek5sIGhYyN
hhwoq/hbWMuE7PRtQy0Wcc7FAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUOgSQAkfT
RAOHWgj9o+mUw5pGVAMwHwYDVR0jBBgwFoAUIsfsPNntTFDolKEbzXDQMQzV+Fkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVDMjI1L0M5NDQ3RkYwQkVG
OTExRUZCQ0Y2ODk0NEM0RjlBRTAyL0lzZnNQTm50VEZEb2xLRWJ6WERRTVF6Vi1G
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvSXNmc1BObnRURkRvbEtFYnpYRFFNUXpWLUZrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL
hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVD
MjI1L0M5NDQ3RkYwQkVGOTExRUZCQ0Y2ODk0NEM0RjlBRTAyL0lzZnNQTm50VEZE
b2xLRWJ6WERRTVF6Vi1Gay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h
cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA
MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL
BQADggEBACckAYn9tewIlRJPUWhBwCLyodZkpsfIEQHrWtgeUp4z96KTOwbxLEIf
GeXBdIJxFBqeeu9XQlIHxqSlbwptLbZSNGMhXSPJqFejRbvQhkOJ857FTI6YWYGS
7C0nEIeJxrEKUuXZVP5F8FxFUrPnhI3jQ7eH2/EeirL67wrjR77/hakyOyZkJqh9
vYHiTtBuOZODz25RZ9+efxPsFS0JC5Pu876x+fsxAWy+mO3ApL7rOeQFUCoqiiGT
axMEFh9cA1EIrNGrxpLPSlnYXn0zwTC1HXWIoeZxJpV1EDb2f7BTmYKFdp8QFYph
YloWbSKQ9dX97QpdYWakEWf+5hfdoBo=
-----END CERTIFICATE-----
Generated at Wed Jul 9 09:05:02 2025 by rpki-client