Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.mft
File:                     4hHNheByVQ4z5MyGpj-8360dNTI.mft (raw, json)
Hash identifier:          0h2pmIKvZN3g8hMVTNdQ3WH4wW64L2y/Ep2XZNVbY1c=
Subject key identifier:   62:05:6B:0F:14:E5:33:63:E0:14:DA:90:DF:04:23:C7:E0:F5:66:64
Authority key identifier: E2:11:CD:85:E0:72:55:0E:33:E4:CC:86:A6:3F:BC:DF:AD:1D:35:32
Certificate issuer:       /CN=A91F85CD/serialNumber=E211CD85E072550E33E4CC86A63FBCDFAD1D3532
Certificate serial:       0814
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4hHNheByVQ4z5MyGpj-8360dNTI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.mft
Manifest number:          080C
Signing time:             Tue 10 Jun 2025 20:45:57 +0000
Manifest this update:     Tue 10 Jun 2025 20:45:56 +0000
Manifest next update:     Tue 17 Jun 2025 20:45:56 +0000
Files and hashes:         1: 4hHNheByVQ4z5MyGpj-8360dNTI.crl (hash: y/+TJlkk+iIBPREVjJbWPyAcN4iAgq4g8AZBNd4vmbk=)
                          2: 624086E2E99611EA930A5B74C4F9AE02.roa (hash: ZdmpHgIkxt7GWbnQ6LOR1kcULfHlPHaLzEsc6YKJVc0=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.crl
                          rsync://rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4hHNheByVQ4z5MyGpj-8360dNTI.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 17 Jun 2025 20:45:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2068 (0x814)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F85CD, serialNumber=E211CD85E072550E33E4CC86A63FBCDFAD1D3532
        Validity
            Not Before: Jun 10 20:45:56 2025 GMT
            Not After : Jun 17 20:45:56 2025 GMT
        Subject: CN=68489984-850e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:50:5b:19:0b:df:5c:49:62:40:0e:db:c1:d6:
                    ce:d4:7e:42:62:2a:94:e3:42:1d:15:df:a8:60:c3:
                    ad:49:1d:06:45:96:bc:0d:7e:75:bb:ea:09:40:83:
                    b4:76:b3:ca:ac:e6:d1:32:ce:63:d3:4e:f5:07:b2:
                    2c:76:a7:3f:15:08:74:f7:fa:79:62:55:a3:c4:bf:
                    a8:1a:c6:50:6f:d7:c6:20:79:b9:ef:54:c9:9f:99:
                    16:e5:68:9d:48:ea:5d:9f:c5:ed:f8:4b:b2:23:2f:
                    db:e0:aa:b1:99:1f:eb:7b:74:d1:a5:37:82:7e:43:
                    82:bd:b7:99:cd:7e:ca:73:e8:19:44:85:47:b7:18:
                    f1:dd:0c:39:be:3d:78:bb:a9:86:b7:c0:51:ea:9d:
                    09:4c:e9:95:90:c9:00:62:05:da:a7:23:08:1f:56:
                    a9:3f:95:c2:83:c0:75:ce:d1:09:3e:2b:3d:b0:cc:
                    93:0a:95:4e:ca:ba:d8:6d:2c:a4:52:03:00:46:0e:
                    fb:5c:bb:83:05:4a:40:e8:0e:48:da:6d:3f:7b:dc:
                    52:6b:0c:d8:7b:d1:e3:e6:2f:22:04:bf:07:cc:89:
                    a2:19:84:8c:e8:03:fa:45:56:8e:1e:84:58:1c:4a:
                    4a:e1:b6:d3:56:f9:e9:dc:53:21:15:74:88:bc:7d:
                    bc:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:05:6B:0F:14:E5:33:63:E0:14:DA:90:DF:04:23:C7:E0:F5:66:64
            X509v3 Authority Key Identifier:
                keyid:E2:11:CD:85:E0:72:55:0E:33:E4:CC:86:A6:3F:BC:DF:AD:1D:35:32

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4hHNheByVQ4z5MyGpj-8360dNTI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:6f:f3:6e:cb:b7:29:54:f5:33:ad:20:46:c5:92:a9:f9:d3:
         a5:60:aa:61:be:a8:e3:9b:ad:36:ed:5b:9a:87:fe:53:fc:9d:
         07:1b:37:61:0e:77:dc:01:d5:7a:cc:c7:57:49:1f:c0:24:e9:
         97:bd:03:06:f6:d5:25:e2:96:b8:4e:03:35:d7:86:4f:9d:5b:
         4e:30:0d:3a:c4:21:86:27:07:0c:68:d1:9a:19:60:16:23:28:
         67:ae:a0:82:f3:b4:a4:b0:19:84:21:79:15:f0:9e:11:93:6f:
         b1:1b:2f:45:9c:6a:30:81:11:f5:8f:18:79:89:c5:dd:72:bd:
         52:31:54:98:5c:75:ad:6b:18:fe:de:2a:06:0c:8e:92:1d:99:
         90:6b:61:43:28:3e:12:e8:84:f5:6e:c8:95:42:eb:17:24:b2:
         68:01:ec:d4:17:48:fa:6f:98:81:92:f0:f7:e0:5e:07:2e:70:
         37:52:42:c0:92:a5:85:aa:f2:6e:6d:3f:b8:a0:cc:6c:6b:16:
         6e:8f:e7:84:0c:c1:83:a6:03:ac:4c:0c:16:4d:10:83:e3:92:
         92:2d:21:f3:74:0e:18:89:ac:89:8d:4a:f6:95:6a:b4:77:31:
         35:9f:5b:63:f4:d7:95:26:f0:7c:18:33:d8:f0:19:91:b2:39:
         50:cc:db:f5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCBQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Rjg1Q0QxMTAvBgNVBAUTKEUyMTFDRDg1RTA3MjU1MEUzM0U0Q0M4NkE2M0ZCQ0RG
QUQxRDM1MzIwHhcNMjUwNjEwMjA0NTU2WhcNMjUwNjE3MjA0NTU2WjAYMRYwFAYD
VQQDEw02ODQ4OTk4NC04NTBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtFBbGQvfXEliQA7bwdbO1H5CYiqU40IdFd+oYMOtSR0GRZa8DX51u+oJQIO0
drPKrObRMs5j0071B7Isdqc/FQh09/p5YlWjxL+oGsZQb9fGIHm571TJn5kW5Wid
SOpdn8Xt+EuyIy/b4KqxmR/re3TRpTeCfkOCvbeZzX7Kc+gZRIVHtxjx3Qw5vj14
u6mGt8BR6p0JTOmVkMkAYgXapyMIH1apP5XCg8B1ztEJPis9sMyTCpVOyrrYbSyk
UgMARg77XLuDBUpA6A5I2m0/e9xSawzYe9Hj5i8iBL8HzImiGYSM6AP6RVaOHoRY
HEpK4bbTVvnp3FMhFXSIvH288wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGIFaw8U
5TNj4BTakN8EI8fg9WZkMB8GA1UdIwQYMBaAFOIRzYXgclUOM+TMhqY/vN+tHTUy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGODVDRC84QTUwNTU4OERE
MTkxMUVBOTREMjYwMTFDNEY5QUUwMi80aEhOaGVCeVZRNHo1TXlHcGotODM2MGRO
VEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRoSE5oZUJ5VlE0ejVNeUdwai04MzYwZE5USS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
ODVDRC84QTUwNTU4OEREMTkxMUVBOTREMjYwMTFDNEY5QUUwMi80aEhOaGVCeVZR
NHo1TXlHcGotODM2MGROVEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCab/Nuy7cpVPUzrSBGxZKp+dOlYKphvqjjm6027Vuah/5T/J0HGzdh
DnfcAdV6zMdXSR/AJOmXvQMG9tUl4pa4TgM114ZPnVtOMA06xCGGJwcMaNGaGWAW
IyhnrqCC87SksBmEIXkV8J4Rk2+xGy9FnGowgRH1jxh5icXdcr1SMVSYXHWtaxj+
3ioGDI6SHZmQa2FDKD4S6IT1bsiVQusXJLJoAezUF0j6b5iBkvD34F4HLnA3UkLA
kqWFqvJubT+4oMxsaxZuj+eEDMGDpgOsTAwWTRCD45KSLSHzdA4YiayJjUr2lWq0
dzE1n1tj9NeVJvB8GDPY8BmRsjlQzNv1
-----END CERTIFICATE-----
Generated at Thu Jun 12 20:40:06 2025 by rpki-client