Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.mft
File:                     4hHNheByVQ4z5MyGpj-8360dNTI.mft (raw, json)
Hash identifier:          l+XybVWYHlJjZsAZAIEC5fCNesrP49V8+RqQps8fl5E=
Subject key identifier:   F9:15:2F:6F:65:96:17:A4:A2:C8:CE:90:94:7B:C6:9A:53:84:A7:29
Authority key identifier: E2:11:CD:85:E0:72:55:0E:33:E4:CC:86:A6:3F:BC:DF:AD:1D:35:32
Certificate issuer:       /CN=A91F85CD/serialNumber=E211CD85E072550E33E4CC86A63FBCDFAD1D3532
Certificate serial:       0815
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4hHNheByVQ4z5MyGpj-8360dNTI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.mft
Manifest number:          080D
Signing time:             Thu 12 Jun 2025 20:35:40 +0000
Manifest this update:     Thu 12 Jun 2025 20:35:40 +0000
Manifest next update:     Thu 19 Jun 2025 20:35:40 +0000
Files and hashes:         1: 4hHNheByVQ4z5MyGpj-8360dNTI.crl (hash: gtjTV/Iw0R0b6QOY1C3hBZ3kY1udq0/r/LNDiPJv9Rw=)
                          2: 624086E2E99611EA930A5B74C4F9AE02.roa (hash: ZdmpHgIkxt7GWbnQ6LOR1kcULfHlPHaLzEsc6YKJVc0=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.crl
                          rsync://rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4hHNheByVQ4z5MyGpj-8360dNTI.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 19 Jun 2025 20:35:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2069 (0x815)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F85CD, serialNumber=E211CD85E072550E33E4CC86A63FBCDFAD1D3532
        Validity
            Not Before: Jun 12 20:35:40 2025 GMT
            Not After : Jun 19 20:35:40 2025 GMT
        Subject: CN=684b3a1c-03c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:7b:1b:db:69:56:4c:b6:b6:07:e2:2f:48:d7:
                    0b:8f:37:7b:64:77:4e:4c:96:a9:8e:6d:f9:98:b7:
                    bb:d2:14:6d:49:6b:12:8c:a0:a0:5d:5a:11:20:40:
                    46:72:4b:31:87:ca:33:70:00:20:e0:31:47:87:e9:
                    0f:9e:f9:fd:bf:8e:8e:25:8a:f1:53:76:3e:c7:49:
                    a6:83:08:bf:0f:48:06:78:cb:21:fb:4c:09:90:eb:
                    e0:24:04:cb:6e:f6:22:62:45:3a:74:b5:8f:98:e4:
                    6d:b3:ca:91:8d:95:98:86:9d:65:13:d7:f2:5a:27:
                    44:2e:69:f8:56:fb:fa:ab:43:77:82:5b:8f:3d:94:
                    1f:92:c8:d4:c0:8a:6c:05:12:0b:56:cd:6f:87:c8:
                    be:ca:6d:a6:1b:d1:40:fc:c5:f6:b4:df:82:fb:07:
                    b3:b5:ae:47:6b:27:f5:4e:1d:63:2c:7e:47:69:55:
                    11:53:42:d8:b5:17:30:c9:f5:4f:e3:ca:66:7e:8d:
                    59:05:38:04:11:f3:4d:ff:94:85:a0:aa:15:6c:bc:
                    ed:39:6a:14:51:28:64:4b:14:ab:3e:95:37:9b:85:
                    cf:28:1e:68:58:8e:a1:5a:21:39:31:5a:56:1f:7a:
                    d2:ab:7a:be:f2:14:6e:89:90:36:71:61:86:de:d3:
                    01:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:15:2F:6F:65:96:17:A4:A2:C8:CE:90:94:7B:C6:9A:53:84:A7:29
            X509v3 Authority Key Identifier:
                keyid:E2:11:CD:85:E0:72:55:0E:33:E4:CC:86:A6:3F:BC:DF:AD:1D:35:32

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4hHNheByVQ4z5MyGpj-8360dNTI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:95:0c:c0:39:f1:3f:2f:a3:e5:30:37:ad:6a:53:01:39:c2:
         a9:9b:3b:07:b2:52:b8:5a:fa:98:6f:78:1f:38:25:ed:97:41:
         e7:df:ab:27:e3:8f:4e:8a:0e:25:66:7e:17:35:cb:65:48:92:
         7c:0e:23:55:59:90:2e:b8:39:52:1a:fc:fb:8f:fc:d0:b8:13:
         41:63:71:1b:81:17:86:60:8b:13:73:82:ac:47:9a:de:95:e3:
         7f:f8:a7:b1:f5:08:88:f2:a6:18:f3:54:84:87:d6:8d:98:34:
         20:31:1b:19:de:4a:87:89:85:ef:87:fe:d9:ad:43:1c:9c:44:
         a9:f0:0f:87:db:65:ef:bc:f8:13:15:dc:de:81:4f:be:91:de:
         ce:4a:96:5b:0b:09:37:67:fd:24:47:a9:d6:f6:cf:1c:c0:cc:
         a1:b4:b1:32:8f:ef:4e:75:e9:ba:7e:07:43:49:33:1a:3a:cd:
         e4:e5:81:b5:07:1c:ec:56:7d:bc:37:75:ce:98:3a:ee:c6:6d:
         bc:f6:65:b7:5b:53:80:75:dd:08:08:79:44:1f:05:03:9e:32:
         c9:9a:5b:95:e9:cb:9c:ff:44:50:20:97:9f:15:04:e6:7b:9c:
         62:33:76:09:b0:6b:d8:85:a6:92:03:75:30:70:cd:84:23:1a:
         6c:e9:2e:0b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCBUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Rjg1Q0QxMTAvBgNVBAUTKEUyMTFDRDg1RTA3MjU1MEUzM0U0Q0M4NkE2M0ZCQ0RG
QUQxRDM1MzIwHhcNMjUwNjEyMjAzNTQwWhcNMjUwNjE5MjAzNTQwWjAYMRYwFAYD
VQQDEw02ODRiM2ExYy0wM2M0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAlHsb22lWTLa2B+IvSNcLjzd7ZHdOTJapjm35mLe70hRtSWsSjKCgXVoRIEBG
cksxh8ozcAAg4DFHh+kPnvn9v46OJYrxU3Y+x0mmgwi/D0gGeMsh+0wJkOvgJATL
bvYiYkU6dLWPmORts8qRjZWYhp1lE9fyWidELmn4Vvv6q0N3gluPPZQfksjUwIps
BRILVs1vh8i+ym2mG9FA/MX2tN+C+wezta5Hayf1Th1jLH5HaVURU0LYtRcwyfVP
48pmfo1ZBTgEEfNN/5SFoKoVbLztOWoUUShkSxSrPpU3m4XPKB5oWI6hWiE5MVpW
H3rSq3q+8hRuiZA2cWGG3tMBjQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPkVL29l
lhekosjOkJR7xppThKcpMB8GA1UdIwQYMBaAFOIRzYXgclUOM+TMhqY/vN+tHTUy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGODVDRC84QTUwNTU4OERE
MTkxMUVBOTREMjYwMTFDNEY5QUUwMi80aEhOaGVCeVZRNHo1TXlHcGotODM2MGRO
VEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRoSE5oZUJ5VlE0ejVNeUdwai04MzYwZE5USS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
ODVDRC84QTUwNTU4OEREMTkxMUVBOTREMjYwMTFDNEY5QUUwMi80aEhOaGVCeVZR
NHo1TXlHcGotODM2MGROVEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCFlQzAOfE/L6PlMDetalMBOcKpmzsHslK4WvqYb3gfOCXtl0Hn36sn
449Oig4lZn4XNctlSJJ8DiNVWZAuuDlSGvz7j/zQuBNBY3EbgReGYIsTc4KsR5re
leN/+Kex9QiI8qYY81SEh9aNmDQgMRsZ3kqHiYXvh/7ZrUMcnESp8A+H22XvvPgT
FdzegU++kd7OSpZbCwk3Z/0kR6nW9s8cwMyhtLEyj+9Odem6fgdDSTMaOs3k5YG1
BxzsVn28N3XOmDruxm289mW3W1OAdd0ICHlEHwUDnjLJmluV6cuc/0RQIJefFQTm
e5xiM3YJsGvYhaaSA3UwcM2EIxps6S4L
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:42:20 2025 by rpki-client