Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/IsfsPNntTFDolKEbzXDQMQzV-Fk.mft
File:                     IsfsPNntTFDolKEbzXDQMQzV-Fk.mft (raw, json)
Hash identifier:          d1peVj/dZDj3tItU5YoTwERuj2b/0MjNqyCTAd9Bppc=
Subject key identifier:   DE:C2:CB:1D:84:15:BA:D4:63:1E:18:9E:69:04:43:53:52:A7:ED:B9
Authority key identifier: 22:C7:EC:3C:D9:ED:4C:50:E8:94:A1:1B:CD:70:D0:31:0C:D5:F8:59
Certificate issuer:       /CN=A91EC225/serialNumber=22C7EC3CD9ED4C50E894A11BCD70D0310CD5F859
Certificate serial:       75
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IsfsPNntTFDolKEbzXDQMQzV-Fk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/IsfsPNntTFDolKEbzXDQMQzV-Fk.mft
Manifest number:          74
Signing time:             Wed 30 Jul 2025 17:49:28 +0000
Manifest this update:     Wed 30 Jul 2025 17:49:28 +0000
Manifest next update:     Wed 06 Aug 2025 17:49:28 +0000
Files and hashes:         1: IsfsPNntTFDolKEbzXDQMQzV-Fk.crl (hash: +2Yo/+1+OHMIjPKRDc66TAuG7yC1+8Ey98FCKlFYEpU=)
                          2: 25D2B94CDECD11EFA79E4065C4F9AE02.roa (hash: AoCtdlkJJmrM0z3AC3jCQKm47jbQAWLBDnBBfT5EtYM=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/IsfsPNntTFDolKEbzXDQMQzV-Fk.crl
                          rsync://rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/IsfsPNntTFDolKEbzXDQMQzV-Fk.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IsfsPNntTFDolKEbzXDQMQzV-Fk.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 06 Aug 2025 17:49:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 117 (0x75)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91EC225, serialNumber=22C7EC3CD9ED4C50E894A11BCD70D0310CD5F859
        Validity
            Not Before: Jul 30 17:49:28 2025 GMT
            Not After : Aug  6 17:49:28 2025 GMT
        Subject: CN=688a5b28-801f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:c9:ad:0b:1c:19:fa:c8:c2:9b:77:e3:d8:79:
                    dd:7a:fe:bd:b3:9f:bb:21:13:60:4f:1b:d7:67:c0:
                    70:93:78:60:76:fb:e2:95:06:91:72:b0:f9:b1:c6:
                    9f:da:b1:5c:2b:e1:3e:09:8f:a8:16:bd:66:02:40:
                    3e:04:fd:bb:d0:4e:be:c1:b1:6e:3a:95:30:78:17:
                    e6:ac:71:a7:45:a6:79:cd:e0:a4:f3:dd:26:e1:d8:
                    4b:87:31:44:2c:9b:32:f2:68:6f:8f:2b:5b:5e:32:
                    89:d1:9b:b2:44:89:70:65:c1:60:ba:5d:5e:8d:93:
                    61:41:ae:1f:95:bf:7d:98:4f:fa:a6:a4:52:2e:3f:
                    c3:84:3f:07:d1:fd:9c:70:2e:0c:a6:59:51:8b:28:
                    13:3b:db:15:76:1c:66:33:f1:58:93:88:4c:d0:5b:
                    ab:e6:2e:4a:ca:a3:18:58:be:3b:6a:fa:02:62:60:
                    23:82:ee:3f:d4:bb:dc:14:22:c4:40:de:81:7e:45:
                    42:51:39:bf:cd:4f:81:06:6f:f6:2e:25:97:25:7c:
                    92:eb:02:d3:8e:05:54:f5:dd:43:45:02:96:1f:61:
                    0d:39:a9:4c:1c:80:1f:15:0a:47:1b:92:06:eb:53:
                    ad:e1:2c:ed:a1:21:4a:cf:05:cc:6d:5f:35:e5:86:
                    8c:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:C2:CB:1D:84:15:BA:D4:63:1E:18:9E:69:04:43:53:52:A7:ED:B9
            X509v3 Authority Key Identifier:
                keyid:22:C7:EC:3C:D9:ED:4C:50:E8:94:A1:1B:CD:70:D0:31:0C:D5:F8:59

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/IsfsPNntTFDolKEbzXDQMQzV-Fk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IsfsPNntTFDolKEbzXDQMQzV-Fk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/IsfsPNntTFDolKEbzXDQMQzV-Fk.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:72:a0:85:2b:4a:92:f4:8c:ae:f6:bb:b0:71:3f:c6:59:9c:
         f8:2f:76:eb:20:91:9a:56:25:40:95:b8:6c:38:dd:f2:81:e7:
         34:65:0d:3c:54:9f:4b:47:28:f3:92:34:76:f0:08:63:50:fa:
         85:e6:1c:31:98:86:fb:4e:f8:31:1e:9e:41:15:49:19:49:d3:
         ee:c9:d2:d0:40:cc:a9:85:8a:57:1c:bc:44:aa:c7:82:29:44:
         22:c7:c4:f4:b1:ba:0b:98:4b:00:95:a1:27:4e:cb:be:a6:4a:
         42:4a:d3:51:3c:81:71:d6:a9:24:4b:c7:2b:8d:ff:64:db:f8:
         63:c9:4d:31:48:ad:87:fd:cd:24:51:8d:07:75:1f:b3:8c:53:
         60:f4:2d:39:e7:d1:1a:ea:cd:c0:d0:a0:f6:fb:b3:17:bc:09:
         7b:73:18:af:31:7d:29:8d:c8:60:96:29:39:58:b3:d8:7b:15:
         fb:84:b2:dd:19:1e:89:13:79:52:d5:5a:e2:bf:97:e4:9f:f1:
         71:c0:be:99:55:f7:e7:06:7a:8c:ba:4a:61:0e:0e:24:83:bf:
         87:ae:74:3d:11:7e:16:a9:f1:40:b9:86:fd:9f:90:3a:90:ba:
         49:58:ec:3a:95:a2:d1:55:37:c0:15:82:cf:34:6c:1e:3a:7d:
         d5:eb:47:8e
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBdTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
QzIyNTExMC8GA1UEBRMoMjJDN0VDM0NEOUVENEM1MEU4OTRBMTFCQ0Q3MEQwMzEw
Q0Q1Rjg1OTAeFw0yNTA3MzAxNzQ5MjhaFw0yNTA4MDYxNzQ5MjhaMBgxFjAUBgNV
BAMTDTY4OGE1YjI4LTgwMWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC7ya0LHBn6yMKbd+PYed16/r2zn7shE2BPG9dnwHCTeGB2++KVBpFysPmxxp/a
sVwr4T4Jj6gWvWYCQD4E/bvQTr7BsW46lTB4F+ascadFpnnN4KTz3Sbh2EuHMUQs
mzLyaG+PK1teMonRm7JEiXBlwWC6XV6Nk2FBrh+Vv32YT/qmpFIuP8OEPwfR/Zxw
LgymWVGLKBM72xV2HGYz8ViTiEzQW6vmLkrKoxhYvjtq+gJiYCOC7j/Uu9wUIsRA
3oF+RUJROb/NT4EGb/YuJZclfJLrAtOOBVT13UNFApYfYQ05qUwcgB8VCkcbkgbr
U63hLO2hIUrPBcxtXzXlhoyjAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU3sLLHYQV
utRjHhieaQRDU1Kn7bkwHwYDVR0jBBgwFoAUIsfsPNntTFDolKEbzXDQMQzV+Fkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVDMjI1L0M5NDQ3RkYwQkVG
OTExRUZCQ0Y2ODk0NEM0RjlBRTAyL0lzZnNQTm50VEZEb2xLRWJ6WERRTVF6Vi1G
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvSXNmc1BObnRURkRvbEtFYnpYRFFNUXpWLUZrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL
hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVD
MjI1L0M5NDQ3RkYwQkVGOTExRUZCQ0Y2ODk0NEM0RjlBRTAyL0lzZnNQTm50VEZE
b2xLRWJ6WERRTVF6Vi1Gay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h
cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA
MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL
BQADggEBAD5yoIUrSpL0jK72u7BxP8ZZnPgvdusgkZpWJUCVuGw43fKB5zRlDTxU
n0tHKPOSNHbwCGNQ+oXmHDGYhvtO+DEenkEVSRlJ0+7J0tBAzKmFilccvESqx4Ip
RCLHxPSxuguYSwCVoSdOy76mSkJK01E8gXHWqSRLxyuN/2Tb+GPJTTFIrYf9zSRR
jQd1H7OMU2D0LTnn0RrqzcDQoPb7sxe8CXtzGK8xfSmNyGCWKTlYs9h7FfuEst0Z
HokTeVLVWuK/l+Sf8XHAvplV9+cGeoy6SmEODiSDv4eudD0Rfhap8UC5hv2fkDqQ
uklY7DqVotFVN8AVgs80bB46fdXrR44=
-----END CERTIFICATE-----
Generated at Thu Jul 31 04:01:01 2025 by rpki-client