Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91F67BB/BDFBF1860E3E11E9836F4014C4F9AE02/zFkhdtiMQj-IWbUYtq0zT_92dAk.mft
File:                     zFkhdtiMQj-IWbUYtq0zT_92dAk.mft (raw, json)
Hash identifier:          cEGVs64dHCWH+rB5ZnikdtvJdbaQSCuBa+u+jomQ5f0=
Subject key identifier:   41:8F:6A:0C:7B:8A:8E:9D:C7:21:4F:1C:CA:F9:85:F1:A8:EB:28:0D
Authority key identifier: CC:59:21:76:D8:8C:42:3F:88:59:B5:18:B6:AD:33:4F:FF:76:74:09
Certificate issuer:       /CN=A91F67BB/serialNumber=CC592176D88C423F8859B518B6AD334FFF767409
Certificate serial:       1162
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/zFkhdtiMQj-IWbUYtq0zT_92dAk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91F67BB/BDFBF1860E3E11E9836F4014C4F9AE02/zFkhdtiMQj-IWbUYtq0zT_92dAk.mft
Manifest number:          1143
Signing time:             Fri 18 Jul 2025 17:24:31 +0000
Manifest this update:     Fri 18 Jul 2025 17:24:31 +0000
Manifest next update:     Fri 25 Jul 2025 17:24:31 +0000
Files and hashes:         1: zFkhdtiMQj-IWbUYtq0zT_92dAk.crl (hash: 5j+6BTh6jCPceamZm8UKxBR+mvfEAUaoevIL4q0NwUw=)
                          2: 23A0D39C0F1D11E991F4271EC4F9AE02.roa (hash: LI5814/1mo8RhGHDIyDmTnyAaT8jPK8eiZW8nnVoECM=)
                          3: 5488F6EA0F1A11E9B3F2A713C4F9AE02.roa (hash: KE984DbFRTO0XDJnJvkUh9nTQI9OdADddfHh/b8sXns=)
                          4: 53BDA2F60F1A11E9B3F2A713C4F9AE02.roa (hash: tG0xAoHX5Jrg4VXIV0PMgN27hGtGNiwPzNpPEMcc5ZU=)
                          5: 552292460F1A11E9B3F2A713C4F9AE02.roa (hash: NlRxG3SgenSihBb1Uz1mdp6In7PIY3SWzoat7OXr7O8=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91F67BB/BDFBF1860E3E11E9836F4014C4F9AE02/zFkhdtiMQj-IWbUYtq0zT_92dAk.crl
                          rsync://rpki.apnic.net/member_repository/A91F67BB/BDFBF1860E3E11E9836F4014C4F9AE02/zFkhdtiMQj-IWbUYtq0zT_92dAk.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/zFkhdtiMQj-IWbUYtq0zT_92dAk.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 25 Jul 2025 17:24:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4450 (0x1162)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F67BB, serialNumber=CC592176D88C423F8859B518B6AD334FFF767409
        Validity
            Not Before: Jul 18 17:24:31 2025 GMT
            Not After : Jul 25 17:24:31 2025 GMT
        Subject: CN=687a834f-e440
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:b5:c3:30:d9:f5:e9:51:b9:ff:ab:fe:3d:a1:
                    a7:8a:2d:5b:bf:7e:49:95:9a:5f:fb:ff:b9:11:e4:
                    d1:8b:84:32:1f:d3:4a:75:58:7c:65:f6:2c:d8:27:
                    3c:50:9b:77:b1:25:0e:56:3a:99:c3:68:56:c8:7f:
                    e5:14:24:a3:cc:e3:c6:e5:fc:1e:e6:6d:22:a7:5b:
                    a3:5c:69:2c:6c:32:71:d5:f8:23:b0:f9:fd:f3:8a:
                    13:65:78:43:87:4b:82:ca:e6:ed:ad:3d:b2:ed:9e:
                    45:b7:39:41:98:e4:ef:25:a0:b0:9f:45:94:9e:ad:
                    16:24:9b:ae:c3:c6:78:c7:ab:7f:26:98:37:b9:29:
                    27:01:0e:17:c6:91:c1:e1:97:dc:7c:8c:43:9a:c1:
                    ba:6c:01:67:82:df:e4:1c:3d:2a:0e:f0:79:db:e6:
                    04:cc:b3:45:a2:26:6f:8e:eb:82:bf:b1:fc:71:46:
                    73:be:9e:1e:8f:8e:e5:5e:06:82:eb:b2:e7:19:84:
                    65:f0:97:30:ba:e2:f4:8c:7d:12:fb:6f:64:15:e5:
                    f8:09:3d:61:e6:9a:51:fb:e5:60:a9:f0:69:b4:7e:
                    a0:5d:d7:ff:45:4d:48:3a:23:3a:e4:b8:7e:99:b1:
                    ad:ab:50:75:24:32:e8:af:57:03:22:c5:f7:94:6e:
                    17:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:8F:6A:0C:7B:8A:8E:9D:C7:21:4F:1C:CA:F9:85:F1:A8:EB:28:0D
            X509v3 Authority Key Identifier:
                keyid:CC:59:21:76:D8:8C:42:3F:88:59:B5:18:B6:AD:33:4F:FF:76:74:09

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91F67BB/BDFBF1860E3E11E9836F4014C4F9AE02/zFkhdtiMQj-IWbUYtq0zT_92dAk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/zFkhdtiMQj-IWbUYtq0zT_92dAk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F67BB/BDFBF1860E3E11E9836F4014C4F9AE02/zFkhdtiMQj-IWbUYtq0zT_92dAk.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:d4:04:df:35:da:17:17:b1:0c:33:28:66:ea:22:29:a5:49:
         05:cf:4e:42:83:23:40:b3:b4:53:17:8f:b9:19:7c:b0:dd:62:
         77:26:cf:5a:9d:a5:10:98:0b:b3:1f:90:4a:cf:8d:ee:5f:d9:
         98:4b:ec:c4:f9:5f:38:56:70:27:e3:06:c7:36:54:e0:53:c6:
         c5:b8:0c:bf:24:ba:6e:0c:2d:2f:0a:fc:0b:d0:03:f6:fa:f5:
         43:ae:d7:d1:bc:eb:b9:03:54:2c:7d:45:7f:1e:fe:7c:8b:d6:
         8f:db:7c:ed:d2:f2:f9:3b:56:f7:55:b5:3d:53:b6:16:d9:d9:
         ad:74:f3:e7:40:d0:c3:66:56:b0:ca:d5:93:90:34:b0:5a:8f:
         80:ab:4a:33:db:59:c7:90:09:56:96:5c:3e:c9:e0:fe:c0:56:
         11:22:d5:b1:69:c7:e4:5b:e9:bd:7a:57:cc:85:35:ac:6e:7b:
         7b:a4:3f:bd:0f:92:63:1a:33:d6:24:fc:48:6b:57:5e:5a:3a:
         d9:ea:3c:25:12:3c:fe:0d:f0:ce:5b:a7:6c:54:2f:df:88:44:
         36:87:a2:44:2b:09:7d:04:86:02:76:74:82:55:3b:fe:a5:4d:
         87:8e:bf:0e:1a:30:95:ca:67:ef:4b:52:cc:fe:d0:1d:2f:29:
         d1:62:7b:e1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICEWIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY3QkIxMTAvBgNVBAUTKENDNTkyMTc2RDg4QzQyM0Y4ODU5QjUxOEI2QUQzMzRG
RkY3Njc0MDkwHhcNMjUwNzE4MTcyNDMxWhcNMjUwNzI1MTcyNDMxWjAYMRYwFAYD
VQQDEw02ODdhODM0Zi1lNDQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAybXDMNn16VG5/6v+PaGnii1bv35JlZpf+/+5EeTRi4QyH9NKdVh8ZfYs2Cc8
UJt3sSUOVjqZw2hWyH/lFCSjzOPG5fwe5m0ip1ujXGksbDJx1fgjsPn984oTZXhD
h0uCyubtrT2y7Z5FtzlBmOTvJaCwn0WUnq0WJJuuw8Z4x6t/Jpg3uSknAQ4XxpHB
4ZfcfIxDmsG6bAFngt/kHD0qDvB52+YEzLNFoiZvjuuCv7H8cUZzvp4ej47lXgaC
67LnGYRl8JcwuuL0jH0S+29kFeX4CT1h5ppR++VgqfBptH6gXdf/RU1IOiM65Lh+
mbGtq1B1JDLor1cDIsX3lG4XMQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEGPagx7
io6dxyFPHMr5hfGo6ygNMB8GA1UdIwQYMBaAFMxZIXbYjEI/iFm1GLatM0//dnQJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjdCQi9CREZCRjE4NjBF
M0UxMUU5ODM2RjQwMTRDNEY5QUUwMi96RmtoZHRpTVFqLUlXYlVZdHEwelRfOTJk
QWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3pGa2hkdGlNUWotSVdiVVl0cTB6VF85MmRBay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
NjdCQi9CREZCRjE4NjBFM0UxMUU5ODM2RjQwMTRDNEY5QUUwMi96RmtoZHRpTVFq
LUlXYlVZdHEwelRfOTJkQWsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAQ1ATfNdoXF7EMMyhm6iIppUkFz05CgyNAs7RTF4+5GXyw3WJ3Js9a
naUQmAuzH5BKz43uX9mYS+zE+V84VnAn4wbHNlTgU8bFuAy/JLpuDC0vCvwL0AP2
+vVDrtfRvOu5A1QsfUV/Hv58i9aP23zt0vL5O1b3VbU9U7YW2dmtdPPnQNDDZlaw
ytWTkDSwWo+Aq0oz21nHkAlWllw+yeD+wFYRItWxacfkW+m9elfMhTWsbnt7pD+9
D5JjGjPWJPxIa1deWjrZ6jwlEjz+DfDOW6dsVC/fiEQ2h6JEKwl9BIYCdnSCVTv+
pU2Hjr8OGjCVymfvS1LM/tAdLynRYnvh
-----END CERTIFICATE-----
Generated at Sat Jul 19 21:25:33 2025 by rpki-client